<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Before Your Code Runs on krash.dev</title><link>https://krash.dev/series/before-your-code-runs/</link><description>Recent content in Before Your Code Runs on krash.dev</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sun, 12 Jul 2026 05:32:59 +0530</lastBuildDate><atom:link href="https://krash.dev/series/before-your-code-runs/rss.xml" rel="self" type="application/rss+xml"/><item><title>Before Your Code Runs: Node.js</title><link>https://krash.dev/posts/before-your-code-runs/nodejs/</link><pubDate>Sun, 29 Mar 2026 00:00:00 +0000</pubDate><guid>https://krash.dev/posts/before-your-code-runs/nodejs/</guid><description>&lt;blockquote&gt;&lt;p&gt;This post is part of the &lt;strong&gt;&lt;a href="https://krash.dev/before-your-code-runs/"&gt;Before Your Code Runs&lt;/a&gt;
&lt;/strong&gt; series, cataloguing the hidden, implicit code execution surfaces in programming language runtimes and toolchains.&lt;/p&gt;
&lt;/blockquote&gt;&lt;p&gt;Node.js and npm sit underneath a huge chunk of the modern web. It&amp;rsquo;s the runtime that made JavaScript a &amp;ldquo;real&amp;rdquo; backend language, and npm is the largest package registry in the world. That&amp;rsquo;s a lot of trust in a lot of code.&lt;/p&gt;
&lt;p&gt;Here&amp;rsquo;s roughly what happens when Node starts:&lt;/p&gt;</description></item><item><title>Before Your Code Runs: Python</title><link>https://krash.dev/posts/before-your-code-runs/python/</link><pubDate>Sun, 29 Mar 2026 00:00:00 +0000</pubDate><guid>https://krash.dev/posts/before-your-code-runs/python/</guid><description>&lt;blockquote&gt;&lt;p&gt;This post is part of the &lt;strong&gt;&lt;a href="https://krash.dev/before-your-code-runs/"&gt;Before Your Code Runs&lt;/a&gt;
&lt;/strong&gt; series, cataloguing the hidden, implicit code execution surfaces in programming language runtimes and toolchains.&lt;/p&gt;
&lt;/blockquote&gt;&lt;p&gt;Python is probably the most beloved language in the world right now. It&amp;rsquo;s everywhere: data science, web backends, DevOps glue, AI/ML pipelines, you name it. And because it&amp;rsquo;s everywhere, attackers love it too. The thing is, most Python developers think execution starts when you type &lt;code&gt;python app.py&lt;/code&gt;. It doesn&amp;rsquo;t. Not even close.&lt;/p&gt;</description></item></channel></rss>