97% of the code in a modern web application comes from NPM, and JavaScript has a rich culture of code reuse. But using someone else's code means leaving yourself potentially vulnerable to attackers. Or does it? By using patterns from Object Capabilities, along with code isolation enforced by SES, you can use other people's code much more safely.
