Greetings friends! Welcome to this week’s “Old Man Yells At Clouds” segment, as I rant about dependencies and maintenance. 🤣 (Jokes aside, this stuff is important, but I’ll keep the ranting to a minimum.)

Don’t forget to check out last week’s In Depth about Content Security Policies. It's the longest and most compressive In Depth I’ve written yet, and I’m super proud of it.

Just a reminder: I can hack your site to help you improve your security, check out my Laravel Security Audits and Penetration tests.

Keep Dependencies Updated

A common pattern I see in the development communities is to use dependency packages for everything, big and small. While this is a great way to avoid reinventing the wheel in your own code, each dependency you introduce into your application adds an extra security risk. This is known as a supply-chain attack.

Here are some examples: