node-sec-roadmap
node-sec-roadmap copied to clipboard
google
Some thoughts on how Node.js might respond to a changing security environment
Seeing an `unhandledRejection` in the output of a Node.js process is a code smell that a bug and a potential security vulnerability are within the codebase. It can trigger a...
there are so good documentations. I would like to translate this docs to Japanesea for Japanese Noders. We think gitlocalize is very helpful for this type docs. https://gitlocalize.com/ If you...
First of all, A+ on this. Love it. Some feedback. * In https://github.com/google/node-sec-roadmap/blob/master/chapter-1/threat-CRY.md, it would make sense to at least briefly cover the possibility of attacks based on the intersection...
In ["Keep your dependency close"](https://nodesecroadmap.fyi/chapter-4/close_dependencies.html), this guide is missing the most adopted practice to solve most but not all of the threat listed: using a private NPM registry (artifactory, npm...