DEV Community 👩‍💻👨‍💻

Brian Clark 💡
Brian Clark 💡

Posted on

📌 Live - Diving into an NPM Package Vulnerability

Hey there and thanks for checking out this post. I'm building the habit of sharing what I have planned for upcoming livestreams. I have one scheduled for today, Friday, September 16th, 2022. If you're interested in joining our welcoming community as we learn together drop by the stream starting at 12:30pm ET (time zone conversions).

Stream Plans

Here's an outline of what you can expect on the stream today:

  1. Celebrating community wins
  2. Wordle and Words on Stream game together
  3. Diving into a vulnerability in a widely used npm package - csurf

Wins of the Week

If you've not joined us for the livestream before you might be wondering what this is all about. It's the beginning segment of the show where we take time to reflect on the past week and look to find the positive things that happened for which we're grateful.

The idea behind this is that I personally have had a tendency to dwell on the negative things. This exercise has helped me to break out of that habit (not all the time but more often now than before). My hope is that it'll help folks dealing with the same thing.

Wordle and Words on Stream

We do this as a transition segment where I hide the chat and turn off the text-to-speech feature of my chatbot (something we built on stream) so folks don't spoil the game. Viewers seem to have fun laughing at my frustrations as I try to solve the puzzle.

Technical Topic

After we're warmed up from the previous two segments we dive into a technical topic for the day. This can vary from stream to stream but for this particular one we're going to dive into and understand this recently disclosed vulnerability in the npm package csurf.

How to Join

If any or all of that interests you and you'd like to see what this community is all about you can join us over on Twitch. Hope to see you there 🙂👍

✌ Clarkio

Top comments (0)

Visualizing Promises and Async/Await 🤯

async await

☝️ Check out this all-time classic DEV post