I never thought I’ll make it to Bootcamp

Oh well… so I thought…but I am here now 😃.

My experience at Bootcamp so far has been a wonderful one, we had to meet up at the vintage hub on the first day of boot camp, it was quite an interactive and interesting session we had with Habeeb the Learning Facilitator.

I stepped into the room and I recognized one of my friends from the interview phase, apparently after the interview he took me to Maryland mall for lunch, I have to say I was scared at first why a guy would be taking another guy for lunch on the first day, but then I thought to myself maybe he’s just as kind as I am 😀

We were very happy to see each other that day, after that, we continued the session, and later met with Hasstrup my LFA who turned out to be a very nice guy.

Hasstrup went through my user interface, and code and gave me feedback, on what to change, I went home and reflected on the feedback given to me and begun reflecting the changes where necessary.

I came to epic towers on Wednesday and today Thursday, and I’ve met really kind-hearted people, people always willing help, and also ask questions kindly, I am yet to see an arrogant boot camper, so far its been an awesome experience, I can't wait for week 2.

Taking Front End Security Serious

“Javascript is Awesome, but sometimes the things that make it awesome also make it vulnerable”

-Guy Podjarny, Ceo and co-founder at Snyk

I decided to do a little bit of research to have an idea of what I’ll be facing during the boot camp. I stumbled upon a video on YouTube that spoke on:
“Writing Secure Node Code — Understanding and Avoiding the Most Common Node.js Security Mistakes” I decided to see what it was all about.

Going through the video I realized just how vulnerable our production code can get due to outdated/vulnerable dependencies from npm. 70–80% of the time we always use one dependency or the other, and these dependencies come with other dependents and I am sure anybody who has gone through their package-lock.json file or npm js would know better.

To cut the long story short this was how I discovered Snyk

A developer-first solution that automates finding & fixing vulnerabilities in your dependencies

All I had to do was incorporate it into my GitHub just like I did with Travis-CI and Coveralls though much an easier journey, and it would raise a pull request to fix up my vulnerable packages if any.

It’s a really good service, because it always notifies you on time when your code depends on a vulnerable package and not just notifying you, it fixes the vulnerability for you, thereby keeping the hackers away.