Forem

npm

Node Package Manager

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Axios Compromise: What Actually Happened
randomchaos profile
RC

Axios Compromise: What Actually Happened

#cybersecurity #supplychainattack #npm #dependencysecurity
Comments
4 min read
Malicious axios Update Exploits Dependency Trust Model
randomchaos profile
RC

Malicious axios Update Exploits Dependency Trust Model

#cybersecurity #npm #dependencysecurity #supplychainattack
Comments
3 min read
The Hidden Cost of AI Coding Agents: Every Tool Is Fetching the Same Data
depscope profile

The Hidden Cost of AI Coding Agents: Every Tool Is Fetching the Same Data

#ai #api #npm #python
Comments
6 min read
I built Inklin because I wanted a better terminal styling experience for Node.js
sapirrior profile

I built Inklin because I wanted a better terminal styling experience for Node.js

#javascript #npm #node
2
Comments
2 min read
Bun replaced 4 tools in my stack — here's what actually held up and what didn't
Cover image for Bun replaced 4 tools in my stack — here's what actually held up and what didn't
svssdeva profile

Bun replaced 4 tools in my stack — here's what actually held up and what didn't

#bunjs #npm #webdev #programming
Comments
2 min read
Did Your Fix Actually Work? Comparing Profiling Reports Before and After
iwtxokhtd83 profile

Did Your Fix Actually Work? Comparing Profiling Reports Before and After

#javascript #npm #node #eventloop
1
Comments
4 min read
How Commit Scores npm Packages: The Methodology Behind getcommit.dev/audit
piiiico profile
Pico

How Commit Scores npm Packages: The Methodology Behind getcommit.dev/audit

#javascript #npm #security #opensource
Comments
9 min read
MCPwn Is Live. We Scanned the Supply Chains of 14 MCP Servers.
piiiico profile
Pico

MCPwn Is Live. We Scanned the Supply Chains of 14 MCP Servers.

#security #mcp #supplychain #npm
Comments 2
5 min read
I audited every npm package with >10M weekly downloads. Here is the risk map.
piiiico profile
Pico

I audited every npm package with >10M weekly downloads. Here is the risk map.

#security #npm #javascript #devops
Comments
4 min read
Your package.json only shows 20 dependencies. Your lock file has 487. I built a scanner for the other 467.
piiiico profile
Pico

Your package.json only shows 20 dependencies. Your lock file has 487. I built a scanner for the other 467.

#npm #security #node #javascript
Comments
2 min read
esbuild has 190M weekly downloads and one maintainer — I audited 25 top npm packages
piiiico profile
Pico

esbuild has 190M weekly downloads and one maintainer — I audited 25 top npm packages

#npm #security #javascript #devops
Comments
3 min read
I stopped waiting for backend APIs - localmockdb made frontend development easier
Cover image for I stopped waiting for backend APIs - localmockdb made frontend development easier
shrikant9907 profile

I stopped waiting for backend APIs - localmockdb made frontend development easier

#npm #localstorage #mockdb #restapi
Comments
4 min read
I audited 25 top npm packages with a zero-install CLI. Here's who passes.
piiiico profile
Pico

I audited 25 top npm packages with a zero-install CLI. Here's who passes.

#npm #javascript #security #opensource
Comments
3 min read
thusdev-fetch atteint 256 téléchargements npm en 2 jours !
amthus profile

thusdev-fetch atteint 256 téléchargements npm en 2 jours !

#node #javascript #opensource #npm
3
Comments
1 min read
My AI told me to pip install a package that doesn't exist. Turns out someone already weaponized that.
xihegoddess profile

My AI told me to pip install a package that doesn't exist. Turns out someone already weaponized that.

#ai #npm #security #testing
Comments
2 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.