Trust issues: trouble in package paradise

This last year has seen attacks like the compromising of event-stream package in the JavaScript ecosystem. It clearly demonstrated that attackers injecting malicious code into libraries we use is not just a theoretical problem, but something that happens in practice We'll talk about how the new version of Hoplon helps mitigate this problem using public key cryptography and a simple trust model - all of that without the need for a trusted third party or abandoning the common package ecosystem.