We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
"Don't Get Owned by Your Dependencies" by Shravan Narayan (Strange Loop 2022)
Learn how to master dependencies by isolating library functionality, achieving performance and feature parity, and enforcing security through incremental code changes and targeted checks.
- Don’t rely solely on library assumptions, sandbox libraries for dependency injection.
- Use WebAssembly (RLBox) to isolate library functionality, automating sanity checking and error reporting.
- Performance parity and feature parity between unsandboxed and sandboxed applications crucial.
- Focus on incrementally changing code to decouple libraries, simplifying library integration.
- Implement ABI interfaces for seamless interaction with other parts of the application.
- Avoid performance slowdowns, optimizing and pruning code as necessary.
- Gradual, automated verification can occur during code modifications to enforce security.
- Native code components create security challenges; handle through targeted security checks and bug fixes.
- Consider RLBox to leverage WebAssembly, as in-process sandboxing improves memory handling and reduces resource overhead.