Want to create an interactive transcript for this episode?
Podcast: JavaScript Jabber
Episode: JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne
Description: SponsorsTriplebyteSentry use the code “devchat” for $100 creditClubhouseCacheFlyPanelAaron FrostAJ O’NealChris FerdinandiJoe EamesAimee KnightCharles Max WoodJoined by special guests: Hillel Wayne and Richard FeldmanEpisode SummaryIn this episode of JavaScript Jabber, Hillel Wayne kicks off the podcast by giving a short background about his work, explains the concepts of formal methods and the popular npm package - event-stream, in brief. The panelists then dive into the recent event-stream attack and discuss it at length, focusing on different package managers and their vulnerabilities, as well as the security issues associated with them. They debate on whether paying open source developers for their work, thereb...