Web Security for Frontend Devs · Part 9 — Secrets, Data Leakage & Supply-Chain
There are no secrets in the browser: env vars, source maps, and third-party scripts leak. Plus npm supply-chain threats — lockfiles, audit, SRI, typosquatting — and practical defenses, with exercises.