Two Voice Devs

Episode 109 - Verify and Verify Again

Listen Later

Making sure our #VoiceFirst applications are written securely and use secure components is important. And when one of those components has a security bug, it is important that we update it as soon as we can. Mark highlights a recent security vulnerability in the node-forge module, which is used by the alexa-verifier-middleware module. Mark and Allen then discuss what the verifier does and how we can be careful when it comes to using libraries.

Some references:

  • alexa-verifier-middleware: https://www.npmjs.com/package/alexa-verifier-middleware
  • Alexa verification: https://developer.amazon.com/en-US/docs/alexa/custom-skills/host-a-custom-skill-as-a-web-service.html#manually-verify-request-sent-by-alexa
  • Issues with node-forge: https://github.com/advisories/GHSA-x4jg-mjrx-434g
    • ...more
    View all episodesView all episodes
    Download on the App Store
    Two Voice DevsBy Mark and Allen
    • 1
    • 1
    • 1
    • 1
    • 1

    1

    1 ratings

    More shows like Two Voice Devs

    View all
    Dwarkesh Podcast by Dwarkesh Patel

    Dwarkesh Podcast

    354 Listeners

    The Daily AI Show by The Daily AI Show Crew - Brian, Beth, Jyunmi, Andy, Karl, and Eran

    The Daily AI Show

    3 Listeners