Baldur Bjarnason

... works as a web developer in Hveragerði, Iceland, and writes about the web, digital publishing, and web/product development

These are his notes

“Third-party libraries and security issues - Go Make Things”

The dependency-of-a-dependency issue is a much bigger one than you’d expect. It’s incredibly easy for a exploitable package (sometimes even intentionally so) to sneak into your project that way.