DEV Community

Cover image for Ng-News 24/39: Live Hacking, Nx Powerpack
ng-news for This is Angular

Posted on • Edited on

2

Ng-News 24/39: Live Hacking, Nx Powerpack

Martina Kraus showed live-hacking techniques in a video with Manfred Steyer, exposing security risks. Nx introduced Powerpack with new features, causing debate over the removal of free private APIs for cloud storage.

Live-Hacking

Recently, Martina Kraus joined Manfred Steyer for a video stream, where she demonstrated live-hacking techniques—a rare occurrence in talks or videos.

Martina, a well-known figure in the Angular community and an OWASP member, showed how easily one can access tokens stored in local storage, settings to secure cookies, and highlighted other potential security threats that developers might overlook. For those unfamiliar, OWASP is an organization known for its top ten lists of common security issues.

Nx Powerpack

Nx, a popular alternative to the Angular CLI, introduced a new commercial product called Powerpack. Powerpack includes features like Codeowners, which limits access at the folder or project level, conformance checks for rules, and self-hosted cache storage.

The cache storage feature sparked some controversy on social media, as it’s one of Nx’s key features, allowing reusable builds across teams or CI pipelines. While Nx Cloud previously provided this feature as a paid service, some private APIs allowed developers to create their own free cloud storage—however, these APIs have now been removed, and Powerpack is required for self-hosted cache storage.

Introducing Nx Powerpack | Nx Blog

Latest news from the Nx & Nx Cloud core team

favicon nx.dev

Image of Datadog

Create and maintain end-to-end frontend tests

Learn best practices on creating frontend tests, testing on-premise apps, integrating tests into your CI/CD pipeline, and using Datadog’s testing tunnel.

Download The Guide

Top comments (3)

Collapse
 
ikatsuba profile image
Igor Katsuba

Why do you think it was a private API if the Nx docs said it is a public API?
Image description
nx.dev/concepts/turbo-and-nx#nx-an...

Collapse
 
ng_news profile image
ng-news

Do you happen to have the source code for a custom task runner that you can share? I’m particularly interested in how you handled the import statements. Specifically, did you import dependencies from their index.js, or did you need to do deep imports?

Collapse
 
ng_news profile image
ng-news

I was not aware of that. Will have to double check with the source that says the opposite. Thank you so far, will get back to you.

Image of Datadog

The Essential Toolkit for Front-end Developers

Take a user-centric approach to front-end monitoring that evolves alongside increasingly complex frameworks and single-page applications.

Get The Kit

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay