If you’re a JavaScript developer, you should check out Lavamoat! It’s a “set of tools for securing JavaScript projects against a category of attacks called software supply chain attacks.” Essentially it provides the developer with autogenerated policy, and compartmentalizes objects - stripping them of the ambient authority to access disk, network, environment, and other resources. It seems awesome! There’s a good talk about it here.