Coding Interview Questions: Various

  1. The first line of security should be to know what you are installing, and that it is up to date with documentation and community adoption: Check who published the package, how many versions there are, and the number of downloads weekly. If either of the later two numbers are low, this is a signal that the package might be malware and you should inspect the code or think twice.
  2. Run commands like npm audit or yarn audit which check for known security issues with dependencies, and provide a ranked list of vulnerabilities.
  3. Make sure your packages stay up to date: running npm outdated or yarn outdated will provide a list of outdated packages needing updates.
  4. Leverage Github’s feature of providing security alerts for outdated/vulnerable packages, available for several development stacks including npm and yarn.
  5. Again: know your documentation well for package managers and dependencies being used, and keep informed as to the latest updates and security discussions in the community.
console.log("first");     
setTimeout(function() {
console.log("second");
}, 0);
console.log("third");
// Output:
// first
// third
// second
console.log("first");setImmediate(function() {console.log("second");}, 0);console.log("third");// Output:     
// first
// third
// second

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Fares

Michael Fares

10 Followers

I am a Frontend Web Developer, Educator, Lifelong autodidact, 3rd Culture Kid, and Citizen of the World.