Introduction
Threat Environment
Zero Day
Buffer Overflow
Weak Crypto
Poor Developer Experience
Denial of Service
Exfiltration of Data
Low Quality Code
Malicious Third-Party Code
Query Injection
Remote Code Execution
Shell Injection during Production
Unintended Require
Recap
Dynamism when you need it
Dynamic Bundling
Production Source Lists
What about eval?
Synthetic Modules
Bounded Eval
Knowing your dependencies
Keeping your dependencies close
Oversight
When all else fails
Library support for safe coding practices
Query languages
Child processes
Structured strings
Appendix: Experiments
Contributors
License
Errata
Published with GitBook
Contributors
Github
Printable
Ali Ijaz Sheikh
Franziska Hinkelmann
Jen Tong
John J. Barton
Justin Beckwith
Mark S. Miller
Mike Samuel
Myles Borins
Special thanks for feedback and criticism:
Matteo Collina
Rich Trott
results matching "
"
No results matching "
"