What the Dev?
What the Dev? is a podcast by the SD Times editorial team. We cover the biggest and newest topics in software and technology.
What the Dev?
328: What you should know about Shai-Hulud and its impact on npm (with Chainguard's Dan Lorenc)
In this episode, Jenna interviews Dan Lorenc, CEO of Chainguard, about the Shai-Hulud worm that has made its way through the npm ecosystem.
They discuss:
- What Shai-Hulud is and why it's so bad
- Security measures GitHub plans to implement in npm
- Best practices to follow to mitigate risk