top | item 42823427

(no title)

I code but my day job is closer to CISO. I've been working with react for years and one of the biggest pain points is the near immediate security debt you take on through the complex ecosystem that is node packages. That debt keeps growing over time, until some critical vuln forces you to deal with it - but, by that time you're in dependency hell and it's no simple task that LLMs can help you fix.

So when I read posts like these, my thoughts are 1) it's great that react is more accessible then ever but 2) there's a world of cyber security pain just around the corner.

discuss

No comments yet.