Explore the potential risks and vulnerabilities associated with open source dependencies in this 24-minute LASCON conference talk. Delve into the aftermath of the 2016 left-pad incident, where the removal of a small code package caused widespread disruptions for major tech companies. Examine the complex web of dependencies in modern software development and learn how to mitigate risks associated with relying on third-party code. Gain insights into the structure of open source projects, their widespread use, and the potential consequences of malicious modifications. Discover strategies to protect your applications from unexpected changes in dependencies and understand the broader implications for internet businesses. Leave with practical knowledge on evaluating open source projects, safeguarding against uncontrolled changes, and comprehending the intricacies of dependency structures in the ever-evolving landscape of software development.
Overview
Syllabus
2016 - Could a few links of code f@#k it all up!
Taught by
LASCON