Development PracticesDevelopment Practices
Conference45min
BEGINNER

Possessed by Packages: Is Your JavaScript Haunted?

Is your app behaving strangely? Random network calls? Unexpected behavior? It might not be a bug, it might be possessed. In this spooky session, we’ll explore how malicious packages sneak into your codebase like ghosts through an open portal. You’ll learn how typo-squatting, dependency confusion, and supply chain attacks haunt the JavaScript ecosystem, and how to perform a proper exorcism. We’ll go beyond npm audit and explore tools and habits to stop the haunt before it begins. Leave this talk with a toolkit that wards off evil; digital and otherwise.

Chris DeMars
Chris DeMarsTuxCare

talkDetail.whenAndWhere

Wednesday, April 1, 13:30-14:15
Zaal 12
talks.roomOccupancytalks.noOccupancyInfo
talks.description
Is your app behaving strangely? Random network calls? Unexpected behavior? It might not be a bug, it might be possessed. In this spooky session, we’ll explore how malicious packages sneak into your codebase like ghosts through an open portal. You’ll learn how typo-squatting, dependency confusion, and supply chain attacks haunt the JavaScript ecosystem, and how to perform a proper exorcism. We’ll go beyond npm audit and explore tools and habits to stop the haunt before it begins. Leave this talk with a toolkit that wards off evil; digital and otherwise.
attacks
malicious
packages
security
talks.speakers
Chris DeMars

Chris DeMars

TuxCare

United States of America

Chris DeMars is a Senior Developer Advocate. He has over 20 years of technical experience and speaks globally on various frontend topics and has received accolades for his community contributions, including the prestigious Microsoft MVP and Progress Champion awards to name a few. Chris is passionate about enhancing web development and helping developers achieve their goals. In his free time, he enjoys rating Detroit-style pizza, searching for Bigfoot, and investigating UFO's.

talkDetail.rateThisTalk

talkDetail.poortalkDetail.excellent

talkDetail.ratingNotYetAvailable

talkDetail.ratingAvailableWhenStarted

talkDetail.signInRequired

talkDetail.signInToRateDescription

occupancy.title

occupancy.votingNotYetAvailable

occupancy.votingAvailableBeforeStart

talkDetail.signInRequired

occupancy.signInToVoteDescription

comments.title

comments.speakerNotEnabledComments