What's the JavaScript Supply Chain?

The JavaScript community is incredibly creative and generative. Part of that comes from the permissionless nature of NPM where anyone can publish a package. There's also an increase in people hijacking packages because maintainers are reusing passwords. We're seeing nearly weekly attacks against the open source software supply chain, mainly coming from hijacked packages.

Transcript

Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app