DEV Community

npm

Node Package Manager

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
42 @tanstack/* Packages Were Compromised on npm: What Happened, How It Works, and What You Must Do Right Now
devcodehub99 profile

42 @tanstack/* Packages Were Compromised on npm: What Happened, How It Works, and What You Must Do Right Now

#javascript #security #npm #webdev
Comments
10 min read
The TanStack npm Attack Shows Why pnpm 11 Matters
audreyhal profile

The TanStack npm Attack Shows Why pnpm 11 Matters

#cicd #javascript #npm #security
2
Comments
3 min read
LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages
firfircelik profile

LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages

#security #npm #ai #programming
Comments
3 min read
Mini Shai-Hulud: A persistent supply-chain worm
dwayne_mcdaniel profile

Mini Shai-Hulud: A persistent supply-chain worm

#security #supplychain #npm #securityresearch
1
Comments 1
3 min read
The Worm in the Registry
vektor_memory_43f51a32376 profile

The Worm in the Registry

#ai #cybersecurity #npm #github
2
Comments
10 min read
Docker Caching Strategies That Actually Work with npm ci
sohanaakbar7 profile

Docker Caching Strategies That Actually Work with npm ci

#docker #npm #node #caching
Comments
2 min read
Deep Dive: TanStack npm supply-chain compromise
shrutikapoor08 profile

Deep Dive: TanStack npm supply-chain compromise

#githubactions #javascript #npm #security
1
Comments
3 min read
Building a CLI Tool with Node.js (From Zero to npm)
armorbreak profile

Building a CLI Tool with Node.js (From Zero to npm)

#cli #node #npm #tutorial
Comments
4 min read
I Built My Own Config Format for Node.js That Separates Server and Client Secrets
kanishq9 profile

I Built My Own Config Format for Node.js That Separates Server and Client Secrets

#node #npm #security #opensource
1
Comments 2
5 min read
Scanning npm Packages for Malware Before You Install, Without Running Them
pavelespitia profile

Scanning npm Packages for Malware Before You Install, Without Running Them

#security #javascript #npm #devops
Comments 2
6 min read
Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen
jtorchia profile

Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen

#spanish #espanol #npm #node
Comments
10 min read
Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks
jtorchia profile

Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks

#english #npm #node #devops
Comments
9 min read
Stop Shipping Broken Env Configs — I Built a Fix
rohan_mirjankar profile

Stop Shipping Broken Env Configs — I Built a Fix

#npm #javascript #node #webdev
Comments
2 min read
Why I Stopped Writing 15 * 60 * 1000 in Every Project
chabdulwahhab310 profile

Why I Stopped Writing 15 * 60 * 1000 in Every Project

#node #javascript #npm #webdev
3
Comments 5
5 min read
AGENTS.md moved AI performance up a model tier. Package trust needs the same.
piiiico profile
Pico

AGENTS.md moved AI performance up a model tier. Package trust needs the same.

#npm #security #javascript #supplychain
Comments
2 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.