LavaMoat: js Supplychain Security at Runtime

This talk discusses js supplychain security risks, intro to js langsec, compartment spec, and more. When we build on open source, we invite many code authors into our app. This is dangerous but we can do it safely! LavaMoat enables fearless collaboration through runtime supplychain security protections! Sandbox your dependencies in browser and node!