Address
:
[go:
up one dir
,
main page
]
Include Form
Remove Scripts
Accept Cookies
Show Images
Show Referer
Rotate13
Base64
Strip Meta
Strip Title
Session Cookies
Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
DEV Community
Close
npm
Follow
Hide
Node Package Manager
Posts
Left menu
ð
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Malicious npm Packages With Valid SLSA Provenance: Inside the TanStack Attack
Oli Guei
Oli Guei
Oli Guei
Follow
Jun 3
Malicious npm Packages With Valid SLSA Provenance: Inside the TanStack Attack
#
npm
#
security
#
agents
#
mcp
1
 reaction
Comments
2
 comments
5 min read
42 @tanstack/* Packages Were Compromised on npm: What Happened, How It Works, and What You Must Do Right Now
VIKAS
VIKAS
VIKAS
Follow
May 13
42 @tanstack/* Packages Were Compromised on npm: What Happened, How It Works, and What You Must Do Right Now
#
javascript
#
security
#
npm
#
webdev
Comments
Add Comment
10 min read
The TanStack npm Attack Shows Why pnpm 11 Matters
Chioma Halim
Chioma Halim
Chioma Halim
Follow
May 13
The TanStack npm Attack Shows Why pnpm 11 Matters
#
cicd
#
javascript
#
npm
#
security
2
 reactions
Comments
Add Comment
3 min read
LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages
Firat Celik
Firat Celik
Firat Celik
Follow
May 13
LibKill: Scan Your Machine for Compromised npm, pip, and Bun Packages
#
security
#
npm
#
ai
#
programming
Comments
Add Comment
3 min read
Mini Shai-Hulud: A persistent supply-chain worm
Dwayne McDaniel
Dwayne McDaniel
Dwayne McDaniel
Follow
for
GitGuardian
May 26
Mini Shai-Hulud: A persistent supply-chain worm
#
security
#
supplychain
#
npm
#
securityresearch
1
 reaction
Comments
1
 comment
3 min read
How I Built the Two Missing Payload CMS v3 Plugins â Reviews, JSON-LD & Real Production Bugs
Camille Guerineau Loch Ness
Camille Guerineau Loch Ness
Camille Guerineau Loch Ness
Follow
Jun 16
How I Built the Two Missing Payload CMS v3 Plugins â Reviews, JSON-LD & Real Production Bugs
#
npm
#
nextjs
#
opensource
#
payload
Comments
Add Comment
5 min read
Deep Dive: TanStack npm supply-chain compromise
Shruti Kapoor
Shruti Kapoor
Shruti Kapoor
Follow
May 15
Deep Dive: TanStack npm supply-chain compromise
#
githubactions
#
javascript
#
npm
#
security
1
 reaction
Comments
Add Comment
3 min read
Building a CLI Tool with Node.js (From Zero to npm)
Alex Chen
Alex Chen
Alex Chen
Follow
May 15
Building a CLI Tool with Node.js (From Zero to npm)
#
cli
#
node
#
npm
#
tutorial
Comments
Add Comment
4 min read
I Built My Own Config Format for Node.js That Separates Server and Client Secrets
KANISHQ R PUROHIT
KANISHQ R PUROHIT
KANISHQ R PUROHIT
Follow
May 11
I Built My Own Config Format for Node.js That Separates Server and Client Secrets
#
node
#
npm
#
security
#
opensource
1
 reaction
Comments
2
 comments
5 min read
Scanning npm Packages for Malware Before You Install, Without Running Them
Pavel Espitia
Pavel Espitia
Pavel Espitia
Follow
Jun 2
Scanning npm Packages for Malware Before You Install, Without Running Them
#
security
#
javascript
#
npm
#
devops
Comments
2
 comments
6 min read
date-light: A 1.8KB Alternative to date-fns You Might Actually Like
ë ë€ëì¥
ë ë€ëì¥
ë ë€ëì¥
Follow
May 30
date-light: A 1.8KB Alternative to date-fns You Might Actually Like
#
javascript
#
typescript
#
npm
#
opensource
1
 reaction
Comments
2
 comments
3 min read
Scarab Diagnostic Field Test #021 â pnpm Self-Upgrade No-Manifest Boundary
Scarab Systems
Scarab Systems
Scarab Systems
Follow
Jun 10
Scarab Diagnostic Field Test #021 â pnpm Self-Upgrade No-Manifest Boundary
#
discuss
#
ai
#
npm
#
devops
2
 reactions
Comments
Add Comment
4 min read
The NPM Audit Trap: A Thursday Morning Tragedy
Eduardo Ortega
Eduardo Ortega
Eduardo Ortega
Follow
May 6
The NPM Audit Trap: A Thursday Morning Tragedy
#
webdev
#
node
#
npm
Comments
Add Comment
2 min read
Shipping archkit v0.1: a TypeScript Clean Architecture scaffolder built in one Claude Code session
Alex Rogov
Alex Rogov
Alex Rogov
Follow
May 29
Shipping archkit v0.1: a TypeScript Clean Architecture scaffolder built in one Claude Code session
#
typescript
#
cleanarchitecture
#
npm
#
claudecode
Comments
1
 comment
7 min read
Hi all
NotLeaped84
NotLeaped84
NotLeaped84
Follow
May 6
Hi all
#
showdev
#
design
#
npm
#
ui
Comments
Add Comment
1 min read
ð
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account