Hey folks, hope all is well in your neck of the woods. Posting a brief update on the Hive.Loans development build as I've had a few folks sending me messages on discord wondering the status of things or asking if they are missing out on the beta. As it sits nobody has been given beta passes as some function bugs came to my attention a few days back, and rather than risk peoples accounts it was decided to hold off on things. The good news is it's getting closer to being ready to test, the bad news is I've missed the month end target that I'd hoped to hit to get people in and checking things out..
Zero Vulnerabilities Found by NPM.. A Small Win!
( after fighting with the thing for way too long, FINALLY got the npm audit to zero vulnerabilities... WOOT! feelsgoodman )
The first time I ran the
npm audit command on the Hive.Loans codebase a staggering ~7000 vulnerabilities were found, 13 of which were severe. In part some of these were caused by packages used by the site having dependencies that hadn't been updated in a long long time, so part of the process in getting the site production ready was patching known vulnerabilities and updating dependencies of dependencies.. A pain in the ass for sure, but necessary for me to sleep at night.
While trying to keep the module dependencies as low as possible, it's almost a necessary evil with the complexity of the site and the functions it offers.. To code all of it myself by hand would likely take years, and if well vetted libraries exist (such as hive-js) to help things move forward faster, I believe it would be foolish to not use them, provided they are safe and not a vector for attack.
HIVE Futures / Contract For Differences Implemented
Behind Schedule.. But Security > Rushing
Going to push some more hours here today after a quick nap, didn't sleep worth a damn last night but need to get things done. If all goes well this week maybe by the weekend we can get some people in to break things, although not making any promises. Will try and keep everyone updated.