Aviv Keller
@aviv.sh
Animals deserve love, not hate. Be their voice, and stop animal cruelty and abuse.
———
✉️ [email protected]
𝕏 https://x.com/@aviv_keller
🌐 https://aviv.sh
👾 https://github.com/avivkeller
🛠️ Security Researcher
💻 @nodejs.org Website
📦 Webpack Security
———
✉️ [email protected]
𝕏 https://x.com/@aviv_keller
🌐 https://aviv.sh
👾 https://github.com/avivkeller
🛠️ Security Researcher
💻 @nodejs.org Website
📦 Webpack Security
Pinned
Aviv Keller
@aviv.sh
· 29d
Introducing 🥁🥁🥁 our JavaScriptLandia award recipients for this year!
Beyond building new features, our recipients guide others, maintain essential systems, document the hard parts, and strengthen the community every step of the way. 💙
Read more about our honorees here: hubs.la/Q03NQvx10
Beyond building new features, our recipients guide others, maintain essential systems, document the hard parts, and strengthen the community every step of the way. 💙
Read more about our honorees here: hubs.la/Q03NQvx10
I’m beyond thrilled to be the recipient of this year’s #JavaScriptLandia “Outstanding Contribution from a New Arrival” award! This award is truly a testament to the fact that anyone, with faith and effort, can make a meaningful impact in #OpenSource.
Thank you,
@openjsf.org
Thank you,
@openjsf.org
The Node.js Website Team: Faster than AWS™️
You know you have a good open source team when you can resolve a production outage from report, triage, debugging, fix, testing, through to PR merge and deployment in 57 minutes.
#nodejs #opensource
github.com/nodejs/nodej...
github.com/nodejs/nodej...
#nodejs #opensource
github.com/nodejs/nodej...
github.com/nodejs/nodej...
Download page is blank · Issue #8248 · nodejs/nodejs.org
URL: https://nodejs.org/en/download Browser Name: Chrome Browser Version: 141.0.7390.108 Operating System: Windows 10, 22H2 How to reproduce the issue: Open nodejs.org website Navigate to Download ...
github.com
October 21, 2025 at 7:14 PM
The Node.js Website Team: Faster than AWS™️
Reposted by Aviv Keller
Hey, THANK YOU JSConf! 💙
To everyone who shared their ideas, sang way too hard at karaoke, and made the hallway track feel like a family reunion... you’re the best.
That's a wrap 👏
To everyone who shared their ideas, sang way too hard at karaoke, and made the hallway track feel like a family reunion... you’re the best.
That's a wrap 👏
October 21, 2025 at 2:47 PM
Hey, THANK YOU JSConf! 💙
To everyone who shared their ideas, sang way too hard at karaoke, and made the hallway track feel like a family reunion... you’re the best.
That's a wrap 👏
To everyone who shared their ideas, sang way too hard at karaoke, and made the hallway track feel like a family reunion... you’re the best.
That's a wrap 👏
us-east-1
an older man sits at a desk using a computer and a mouse
Alt: an older man sits at a desk using a computer and a mouse
media.tenor.com
October 20, 2025 at 8:20 PM
us-east-1
Had a great time at @jsconf.bsky.social and the @nodejs.org #CollabSummit, looking forward to all the cool things planned!
October 18, 2025 at 1:01 AM
Had a great time at @jsconf.bsky.social and the @nodejs.org #CollabSummit, looking forward to all the cool things planned!
I’m beyond thrilled to be the recipient of this year’s #JavaScriptLandia “Outstanding Contribution from a New Arrival” award! This award is truly a testament to the fact that anyone, with faith and effort, can make a meaningful impact in #OpenSource.
Thank you,
@openjsf.org
Thank you,
@openjsf.org
Introducing 🥁🥁🥁 our JavaScriptLandia award recipients for this year!
Beyond building new features, our recipients guide others, maintain essential systems, document the hard parts, and strengthen the community every step of the way. 💙
Read more about our honorees here: hubs.la/Q03NQvx10
Beyond building new features, our recipients guide others, maintain essential systems, document the hard parts, and strengthen the community every step of the way. 💙
Read more about our honorees here: hubs.la/Q03NQvx10
October 16, 2025 at 2:22 PM
I’m beyond thrilled to be the recipient of this year’s #JavaScriptLandia “Outstanding Contribution from a New Arrival” award! This award is truly a testament to the fact that anyone, with faith and effort, can make a meaningful impact in #OpenSource.
Thank you,
@openjsf.org
Thank you,
@openjsf.org
October 12, 2025 at 7:32 PM
See y’all next week for @jsconf.bsky.social!
October 11, 2025 at 12:15 AM
See y’all next week for @jsconf.bsky.social!
At @nodejs.org, we are experimenting with type-checked code snippets, WDYT?
September 6, 2025 at 2:24 AM
At @nodejs.org, we are experimenting with type-checked code snippets, WDYT?
Add Aviv Keller to the team members list by avivkeller · Pull Request #2 · webpack/security-wg
github.com
August 31, 2025 at 12:54 AM
Reposted by Aviv Keller
Node.js v24.7.0 is out 💚
Featuring:
- Post-Quantum Cryptography in node:crypto
- Modern Algorithms in Web Cryptography API
- Node.js execution argument support in single executable applications
And more details in our blog: nodejs.org/en/blog/rele...
Featuring:
- Post-Quantum Cryptography in node:crypto
- Modern Algorithms in Web Cryptography API
- Node.js execution argument support in single executable applications
And more details in our blog: nodejs.org/en/blog/rele...
Node.js
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and scripts.
nodejs.org
August 27, 2025 at 10:16 PM
Node.js v24.7.0 is out 💚
Featuring:
- Post-Quantum Cryptography in node:crypto
- Modern Algorithms in Web Cryptography API
- Node.js execution argument support in single executable applications
And more details in our blog: nodejs.org/en/blog/rele...
Featuring:
- Post-Quantum Cryptography in node:crypto
- Modern Algorithms in Web Cryptography API
- Node.js execution argument support in single executable applications
And more details in our blog: nodejs.org/en/blog/rele...
Reposted by Aviv Keller
🚨 Supply chain attack on Nx npm packages (4.6M weekly downloads)
Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*).
More than 1,000 victim accounts confirmed.
🔗 socket.dev/blog/nx-pack... #nodejs
Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*).
More than 1,000 victim accounts confirmed.
🔗 socket.dev/blog/nx-pack... #nodejs
Nx npm Packages Compromised in Supply Chain Attack Leveragin...
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malwa...
socket.dev
August 27, 2025 at 4:15 PM
🚨 Supply chain attack on Nx npm packages (4.6M weekly downloads)
Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*).
More than 1,000 victim accounts confirmed.
🔗 socket.dev/blog/nx-pack... #nodejs
Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*).
More than 1,000 victim accounts confirmed.
🔗 socket.dev/blog/nx-pack... #nodejs
August 21, 2025 at 11:24 PM
Reposted by Aviv Keller
Next.js 15.5
• Turbopack for builds (beta)
• Node.js middleware (stable)
• TypeScript support improvements
• `next lint` command deprecation
• Next.js 16 deprecation warnings
nextjs.org/blog/next-15-5
• Turbopack for builds (beta)
• Node.js middleware (stable)
• TypeScript support improvements
• `next lint` command deprecation
• Next.js 16 deprecation warnings
nextjs.org/blog/next-15-5
Next.js 15.5
Next.js 15.5 includes Turbopack builds in beta, stable Node.js middleware, TypeScript improvements, `next lint` deprecation, and deprecation warnings for Next.js 16.
nextjs.org
August 20, 2025 at 1:01 AM
Next.js 15.5
• Turbopack for builds (beta)
• Node.js middleware (stable)
• TypeScript support improvements
• `next lint` command deprecation
• Next.js 16 deprecation warnings
nextjs.org/blog/next-15-5
• Turbopack for builds (beta)
• Node.js middleware (stable)
• TypeScript support improvements
• `next lint` command deprecation
• Next.js 16 deprecation warnings
nextjs.org/blog/next-15-5
Reposted by Aviv Keller
The @nodejs.org website team put together a fantastic new page outlining the support options for EOL release lines nodejs.org/en/eol
Did you know that there are paid support options available if you need it for no longer maintained Node.js versions? A portion of those funds come back to the project
Did you know that there are paid support options available if you need it for no longer maintained Node.js versions? A portion of those funds come back to the project
Node.js — End-Of-Life
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and scripts.
nodejs.org
August 15, 2025 at 1:04 PM
The @nodejs.org website team put together a fantastic new page outlining the support options for EOL release lines nodejs.org/en/eol
Did you know that there are paid support options available if you need it for no longer maintained Node.js versions? A portion of those funds come back to the project
Did you know that there are paid support options available if you need it for no longer maintained Node.js versions? A portion of those funds come back to the project
Thank you for everything, Thomas. GitHub wouldn’t be the same without you, and behalf of the entire developer community, we can’t wait to see what’s next from you, and from GitHub.
github.blog/news-insight...
github.blog/news-insight...
Auf Wiedersehen, GitHub ♥️
I am stepping down as GitHub CEO to build my next adventure. GitHub is thriving and has a bright future ahead.
github.blog
August 12, 2025 at 1:02 AM
Thank you for everything, Thomas. GitHub wouldn’t be the same without you, and behalf of the entire developer community, we can’t wait to see what’s next from you, and from GitHub.
github.blog/news-insight...
github.blog/news-insight...
Looks like @nixos-org.bsky.social celebrates Pride all year long 🏳️🌈!
discourse.nixos.org/t/celebratin...
discourse.nixos.org/t/celebratin...
Celebrating Pride Month - with a Fresh Look and a Stronger Voice
You may have noticed something new: we’ve updated our logo across the website and social media channels. It’s not just a splash of color - it’s a thoughtful redesign, thanks to @djacu’s creativity an...
discourse.nixos.org
August 12, 2025 at 12:57 AM
Looks like @nixos-org.bsky.social celebrates Pride all year long 🏳️🌈!
discourse.nixos.org/t/celebratin...
discourse.nixos.org/t/celebratin...
After lots of planning, today we wrapped our first recurring monthly @nodejs.org web team meeting!
Super proud of everything the team achieved last month… and pumped for what’s coming next! 🚀🐢
Super proud of everything the team achieved last month… and pumped for what’s coming next! 🚀🐢
August 5, 2025 at 12:04 AM
After lots of planning, today we wrapped our first recurring monthly @nodejs.org web team meeting!
Super proud of everything the team achieved last month… and pumped for what’s coming next! 🚀🐢
Super proud of everything the team achieved last month… and pumped for what’s coming next! 🚀🐢
Congratulations to the entire team!
The @nodejs.org website team (including my son!) has been working on a redesign of the API docs github.com/nodejs/node/...
Redesign of the Node.js API Docs · Issue #52343 · nodejs/node
Hey, y'all 👋 with the redesign of the Node.js Website done. We're ready to move our efforts into revamping the design of the Node.js API docs and its build process. We understand this is code owned...
github.com
July 27, 2025 at 1:02 AM
Congratulations to the entire team!
There are 726,470 files in my recycle bin. Maybe I should empty it🤔?
July 26, 2025 at 2:33 PM
There are 726,470 files in my recycle bin. Maybe I should empty it🤔?
Reposted by Aviv Keller
@aviv.sh and I are working on an End of Life (EOL) page for @nodejs.org. Better communicating the risks of staying on out of date software is work worth doing, and helps the entire ecosystem stay safer.
github.com/nodejs/nodej...
#opensource #nodejs #vulnerabilities #cve
github.com/nodejs/nodej...
#opensource #nodejs #vulnerabilities #cve
July 22, 2025 at 11:26 AM
@aviv.sh and I are working on an End of Life (EOL) page for @nodejs.org. Better communicating the risks of staying on out of date software is work worth doing, and helps the entire ecosystem stay safer.
github.com/nodejs/nodej...
#opensource #nodejs #vulnerabilities #cve
github.com/nodejs/nodej...
#opensource #nodejs #vulnerabilities #cve
Reposted by Aviv Keller
✨ Node.js: Now with Rolldown?
Yes - to some degree!
@rolldown.rs is planned to power the future API documentation generator of @nodejs.org.
More info in the linked PR!
github.com/nodejs/api-d...
Yes - to some degree!
@rolldown.rs is planned to power the future API documentation generator of @nodejs.org.
More info in the linked PR!
github.com/nodejs/api-d...
feat(web): add web generator by avivkeller · Pull Request #285 · nodejs/api-docs-tooling
Fixes #7.
This PR adds the web generator.
Tasks / Issues
P1 – Must Complete Before Merge
Add more items (anyone can do this as they review1)
P2 – Must complete before migration
Add more items ...
github.com
July 16, 2025 at 8:26 PM
✨ Node.js: Now with Rolldown?
Yes - to some degree!
@rolldown.rs is planned to power the future API documentation generator of @nodejs.org.
More info in the linked PR!
github.com/nodejs/api-d...
Yes - to some degree!
@rolldown.rs is planned to power the future API documentation generator of @nodejs.org.
More info in the linked PR!
github.com/nodejs/api-d...
Reposted by Aviv Keller
Next.js 15.4
• Turbopack Builds: 100% integration test compatibility for next build --turbopack
• General stability and performance improvements
• A preview of what's coming in Next 16
nextjs.org/blog/next-15-4
• Turbopack Builds: 100% integration test compatibility for next build --turbopack
• General stability and performance improvements
• A preview of what's coming in Next 16
nextjs.org/blog/next-15-4
Next.js 15.4
Next.js 15.4 includes updates to performance, stability, and Turbopack compatibility.
nextjs.org
July 14, 2025 at 10:07 PM
Next.js 15.4
• Turbopack Builds: 100% integration test compatibility for next build --turbopack
• General stability and performance improvements
• A preview of what's coming in Next 16
nextjs.org/blog/next-15-4
• Turbopack Builds: 100% integration test compatibility for next build --turbopack
• General stability and performance improvements
• A preview of what's coming in Next 16
nextjs.org/blog/next-15-4
Reposted by Aviv Keller
🚨 New research: North Korea’s Contagious Interview campaign is back, with 67 new malicious npm packages, a new malware loader (XORIndex), and 17K+ downloads.
Details, IOCs, and full package list → socket.dev/blog/contagi... #javascript #nodejs #infosec
Details, IOCs, and full package list → socket.dev/blog/contagi... #javascript #nodejs #infosec
Contagious Interview Campaign Escalates With 67 Malicious np...
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
socket.dev
July 14, 2025 at 10:53 PM
🚨 New research: North Korea’s Contagious Interview campaign is back, with 67 new malicious npm packages, a new malware loader (XORIndex), and 17K+ downloads.
Details, IOCs, and full package list → socket.dev/blog/contagi... #javascript #nodejs #infosec
Details, IOCs, and full package list → socket.dev/blog/contagi... #javascript #nodejs #infosec
It's surreal seeing people use Node.js code I wrote.
You can, indeed, just do things.
You can, indeed, just do things.
July 12, 2025 at 8:56 PM
It's surreal seeing people use Node.js code I wrote.
You can, indeed, just do things.
You can, indeed, just do things.
I scored Invalid Date/28 on jsdate.wtf and all I got was this lousy text to share on social media.
July 12, 2025 at 3:42 PM
I scored Invalid Date/28 on jsdate.wtf and all I got was this lousy text to share on social media.