Martina Kraus showed live-hacking techniques in a video with Manfred Steyer, exposing security risks. Nx introduced Powerpack with new features, causing debate over the removal of free private APIs for cloud storage.
Live-Hacking
Recently, Martina Kraus joined Manfred Steyer for a video stream, where she demonstrated live-hacking techniques—a rare occurrence in talks or videos.
Martina, a well-known figure in the Angular community and an OWASP member, showed how easily one can access tokens stored in local storage, settings to secure cookies, and highlighted other potential security threats that developers might overlook. For those unfamiliar, OWASP is an organization known for its top ten lists of common security issues.
Nx Powerpack
Nx, a popular alternative to the Angular CLI, introduced a new commercial product called Powerpack. Powerpack includes features like Codeowners, which limits access at the folder or project level, conformance checks for rules, and self-hosted cache storage.
The cache storage feature sparked some controversy on social media, as it’s one of Nx’s key features, allowing reusable builds across teams or CI pipelines. While Nx Cloud previously provided this feature as a paid service, some private APIs allowed developers to create their own free cloud storage—however, these APIs have now been removed, and Powerpack is required for self-hosted cache storage.
nx.dev
Top comments (3)
Why do you think it was a private API if the Nx docs said it is a public API?
nx.dev/concepts/turbo-and-nx#nx-an...
Do you happen to have the source code for a custom task runner that you can share? I’m particularly interested in how you handled the import statements. Specifically, did you import dependencies from their index.js, or did you need to do deep imports?
I was not aware of that. Will have to double check with the source that says the opposite. Thank you so far, will get back to you.