dependency risk

4 videos across 4 channels

Dependency risk covers how third-party packages can introduce security and stability problems into projects, from supply-chain attacks on widely used libraries to the importance of locking exact versions with files like package-lock.json. Readers learn practical defenses—enforcing minimum release ages across npm ecosystems, verifying versions after incidents, rotating credentials, and scanning code paths with tools such as Ward for Laravel—to reduce exposure. Real-world examples, including a notorious postinstall attack on Axios, illustrate how quickly compromised dependencies can propagate and how disciplined checks and remediation protect teams.

the WORST hack of 2026 thumbnail
NetworkChuck

the WORST hack of 2026

The video explains a high-profile supply chain attack on the Axios npm package, where an attacker hijacked a maintainer’

00:11:00
Ward: New Security Scanner for Laravel (written in Go) thumbnail
Laravel Daily

Ward: New Security Scanner for Laravel (written in Go)

The video reviews Word, a Go-based security scanner for Laravel projects, showing how it scans code paths, detects issue

00:07:13

Related Topics

Laravel 85OpenClaw 52SPA 35Go 18Node.js 15