Diffing Hex packages
The tech industry is extremely dependent on open source packages. But every dependency you rely on is also a vulnerability. Multiple high profile packages across platforms have been hijacked and modified with malicious code.
This talk is about the value of auditing dependency updates and the tooling to make it less of a chore, including the introduction of a web-based diffing app and other tooling that helps you create an effortless auditing process.
THIS TALK IN THREE WORDS
Security
Dependencies
Hex
OBJECTIVES
Spread awareness about dependency management, and the importance of auditing code. Johanna will also discuss how tooling can make this less of a chore. Security should be easy.
TARGET AUDIENCE
Anyone who works with software.