Forem

npm

Node Package Manager

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages
Cover image for LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages
firfircelik profile

LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages

#security #npm #ai #programming
Comments
3 min read
The Worm in the Registry
Cover image for The Worm in the Registry
vektor_memory_43f51a32376 profile

The Worm in the Registry

#ai #cybersecurity #npm #github
2
Comments
10 min read
Deep Dive: TanStack npm supply-chain compromise
Cover image for Deep Dive: TanStack npm supply-chain compromise
shrutikapoor08 profile

Deep Dive: TanStack npm supply-chain compromise

#githubactions #javascript #npm #security
1
Comments
3 min read
Building a CLI Tool with Node.js (From Zero to npm)
armorbreak profile

Building a CLI Tool with Node.js (From Zero to npm)

#cli #node #npm #tutorial
Comments
4 min read
I Built My Own Config Format for Node.js That Separates Server and Client Secrets
kanishq9 profile

I Built My Own Config Format for Node.js That Separates Server and Client Secrets

#node #npm #security #opensource
1
Comments 2
5 min read
Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen
Cover image for Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen
jtorchia profile

Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen

#spanish #espanol #npm #node
Comments
10 min read
Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks
Cover image for Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks
jtorchia profile

Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks

#english #npm #node #devops
Comments
9 min read
Stop Shipping Broken Env Configs — I Built a Fix
rohan_mirjankar profile

Stop Shipping Broken Env Configs — I Built a Fix

#npm #javascript #node #webdev
Comments
2 min read
Why I Stopped Writing 15 * 60 * 1000 in Every Project
Cover image for Why I Stopped Writing 15 * 60 * 1000 in Every Project
chabdulwahhab310 profile

Why I Stopped Writing 15 * 60 * 1000 in Every Project

#node #javascript #npm #webdev
3
Comments 5
5 min read
Add Trust Scoring to Your CI Pipeline in 5 Minutes
piiiico profile
Pico

Add Trust Scoring to Your CI Pipeline in 5 Minutes

#npm #security #javascript #supplychain
Comments
3 min read
Add Real Business Trust Signals to Claude Desktop in 60 Seconds
piiiico profile
Pico

Add Real Business Trust Signals to Claude Desktop in 60 Seconds

#npm #security #javascript #supplychain
Comments
2 min read
AGENTS.md moved AI performance up a model tier. Package trust needs the same.
piiiico profile
Pico

AGENTS.md moved AI performance up a model tier. Package trust needs the same.

#npm #security #javascript #supplychain
Comments
2 min read
Mini Shai-Hulud: un gusano de cadena de suministro que explotó TanStack y el ecosistema npm.
Cover image for Mini Shai-Hulud: un gusano de cadena de suministro que explotó TanStack y el ecosistema npm.
bush1dom4koto profile

Mini Shai-Hulud: un gusano de cadena de suministro que explotó TanStack y el ecosistema npm.

#cybersecurity #supplychain #npm #ciberseguridad
2
Comments
5 min read
Why you keep attacking npm?
fromchiapasdev profile

Why you keep attacking npm?

#discuss #node #javascript #npm
2
Comments
1 min read
The NPM Audit Trap: A Thursday Morning Tragedy
proco profile

The NPM Audit Trap: A Thursday Morning Tragedy

#webdev #node #npm
Comments
2 min read
👋 Sign in for the ability to sort posts by relevant, latest, or top.