Denys
@denys.dev
Software architect, writer, founder. Angular, React, Rust. Linguistics and Lexicography. 20+ years of FE/BE engineering experience. London, UK
Reposted by Denys
Just ported @ryanfeigenbaum.com's amazing color logic into a standalone, MIT-licensed library. Perceptually uniform palettes for your next generative art or design project. 🎨 meodai.github.io/pro-color-ha...
November 20, 2025 at 9:51 PM
Just ported @ryanfeigenbaum.com's amazing color logic into a standalone, MIT-licensed library. Perceptually uniform palettes for your next generative art or design project. 🎨 meodai.github.io/pro-color-ha...
Reposted by Denys
🚀 @angular.dev v21 is out!
🎯 Signal Forms
⚡ Zoneless by default
🧪 Vitest
Plus HttpClient by default, `@angular/aria`, and more!
👉 blog.ninja-squad.com/2025/11/20/w...
🎯 Signal Forms
⚡ Zoneless by default
🧪 Vitest
Plus HttpClient by default, `@angular/aria`, and more!
👉 blog.ninja-squad.com/2025/11/20/w...
November 20, 2025 at 8:15 AM
🚀 @angular.dev v21 is out!
🎯 Signal Forms
⚡ Zoneless by default
🧪 Vitest
Plus HttpClient by default, `@angular/aria`, and more!
👉 blog.ninja-squad.com/2025/11/20/w...
🎯 Signal Forms
⚡ Zoneless by default
🧪 Vitest
Plus HttpClient by default, `@angular/aria`, and more!
👉 blog.ninja-squad.com/2025/11/20/w...
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
thehackernews.com/2025/11/rust...
#rust #rustlang
thehackernews.com/2025/11/rust...
#rust #rustlang
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Google reports Rust cut Android memory bugs below 20% while improving speed, safety, and development reliability.
thehackernews.com
November 17, 2025 at 7:05 PM
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
thehackernews.com/2025/11/rust...
#rust #rustlang
thehackernews.com/2025/11/rust...
#rust #rustlang
Reposted by Denys
The Gaia-X initiative, a project to build a European cloud free of US influence, failed to take off.
We spoke to both current and former project officials about what lessons they learned: politi.co/43xSeUI
We spoke to both current and former project officials about what lessons they learned: politi.co/43xSeUI
November 17, 2025 at 12:29 PM
The Gaia-X initiative, a project to build a European cloud free of US influence, failed to take off.
We spoke to both current and former project officials about what lessons they learned: politi.co/43xSeUI
We spoke to both current and former project officials about what lessons they learned: politi.co/43xSeUI
Excellent overview of the British life before capitalism came by
youtu.be/g3GdEeGiStw
youtu.be/g3GdEeGiStw
Why Britons Were So Slim in the 1970s (The Truth Will Surprise You)
YouTube video by UK Nostalgia
youtu.be
November 17, 2025 at 10:15 AM
Excellent overview of the British life before capitalism came by
youtu.be/g3GdEeGiStw
youtu.be/g3GdEeGiStw
“A Munich court ordered OpenAI to pay damages to Germany’s largest music rights organisation for using copyrighted lyrics in AI models such as ChatGPT.”
www.euronews.com/next/2025/11...
www.euronews.com/next/2025/11...
OpenAI cannot use song lyrics without paying, German court rules
A Munich court ordered OpenAI to pay damages to Germany’s largest music rights organisation for using copyrighted lyrics in AI models such as ChatGPT.
www.euronews.com
November 12, 2025 at 7:55 PM
“A Munich court ordered OpenAI to pay damages to Germany’s largest music rights organisation for using copyrighted lyrics in AI models such as ChatGPT.”
www.euronews.com/next/2025/11...
www.euronews.com/next/2025/11...
Very good read:
The Ecological Cost of AI Is Much Higher Than You Think
www.truthdig.com/articles/the...
The Ecological Cost of AI Is Much Higher Than You Think
www.truthdig.com/articles/the...
The Ecological Cost of AI Is Much Higher Than You Think - Truthdig
As the demands of AI grow, each generation of microchips requires more energy, minerals and water to produce, driving a ruinous cycle.
www.truthdig.com
November 12, 2025 at 7:52 PM
Very good read:
The Ecological Cost of AI Is Much Higher Than You Think
www.truthdig.com/articles/the...
The Ecological Cost of AI Is Much Higher Than You Think
www.truthdig.com/articles/the...
Reposted by Denys
We've updated our XSS cheat sheet to include 9 new vectors from @garethheyes.co.uk! Here are the top three, you can find the rest here: portswigger.net/web-security...
November 10, 2025 at 2:49 PM
We've updated our XSS cheat sheet to include 9 new vectors from @garethheyes.co.uk! Here are the top three, you can find the rest here: portswigger.net/web-security...
Reposted by Denys
Repeat after me: Do not fill in and sync your government ID data to your Google account
blog.google/products/chr...
blog.google/products/chr...
Chrome now helps you fill in passport, driver’s license, vehicle information and more.
Chrome already saves you time every day by securely filling in your addresses, passwords and payment information. Today, we’re making it even more helpful. For desktop u…
blog.google
November 6, 2025 at 1:10 AM
Repeat after me: Do not fill in and sync your government ID data to your Google account
blog.google/products/chr...
blog.google/products/chr...
Reposted by Denys
Tips and tricks to work around the "unexpected" results of Apple's Liquid Glass design language.
I've no words...
medienbaecker.com/articles/the...
I've no words...
medienbaecker.com/articles/the...
November 4, 2025 at 6:09 PM
Tips and tricks to work around the "unexpected" results of Apple's Liquid Glass design language.
I've no words...
medienbaecker.com/articles/the...
I've no words...
medienbaecker.com/articles/the...
Reposted by Denys
November 3, 2025 at 5:56 PM
Reposted by Denys
Migrating to new Node.js versions via codemods
@nodejs.org @jakob.jingleheimer.dev @augustin-mauroy.bsky.social
nodejs.org/en/learn/get...
#ECMAScript #JavaScript
@nodejs.org @jakob.jingleheimer.dev @augustin-mauroy.bsky.social
nodejs.org/en/learn/get...
#ECMAScript #JavaScript
Node.js — Userland Migrations
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and scripts.
nodejs.org
November 3, 2025 at 12:41 AM
Migrating to new Node.js versions via codemods
@nodejs.org @jakob.jingleheimer.dev @augustin-mauroy.bsky.social
nodejs.org/en/learn/get...
#ECMAScript #JavaScript
@nodejs.org @jakob.jingleheimer.dev @augustin-mauroy.bsky.social
nodejs.org/en/learn/get...
#ECMAScript #JavaScript
Reposted by Denys
Ever seen `__proto__` in JavaScript and thought nothing of it? 💥
You might be opening the door to prototype pollution - a sneaky vulnerability that lets attackers modify built-in objects like `Object.prototype`.
Learn how it works 👇
developer.mozilla.org/en-US/docs/...
You might be opening the door to prototype pollution - a sneaky vulnerability that lets attackers modify built-in objects like `Object.prototype`.
Learn how it works 👇
developer.mozilla.org/en-US/docs/...
JavaScript prototype pollution - Security | MDN
Prototype pollution is a vulnerability where an attacker can add or modify properties on an object's prototype. This means malicious values can unexpectedly appear on objects in your application, often leading to logic errors or additional attacks like cross-site scripting (XSS).
developer.mozilla.org
November 3, 2025 at 11:56 AM
Ever seen `__proto__` in JavaScript and thought nothing of it? 💥
You might be opening the door to prototype pollution - a sneaky vulnerability that lets attackers modify built-in objects like `Object.prototype`.
Learn how it works 👇
developer.mozilla.org/en-US/docs/...
You might be opening the door to prototype pollution - a sneaky vulnerability that lets attackers modify built-in objects like `Object.prototype`.
Learn how it works 👇
developer.mozilla.org/en-US/docs/...
The new @proton.me Mail app for the iOS is really good. Many thanks to the team!
October 29, 2025 at 1:31 PM
The new @proton.me Mail app for the iOS is really good. Many thanks to the team!
Stunning and massive @bun.sh 1.3.0 release! The release notes take some time to go through
bun.com/blog/release...
bun.com/blog/release...
Bun 1.3
Bun 1.3 introduces zero-config frontend development, unified SQL API, built-in Redis client, security enhancements, package catalogs, async stack traces, VS Code test integration, and Node.js compatib...
bun.com
October 16, 2025 at 2:09 PM
Stunning and massive @bun.sh 1.3.0 release! The release notes take some time to go through
bun.com/blog/release...
bun.com/blog/release...
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
github.com/evilsocket/o...
#oss
github.com/evilsocket/o...
#oss
GitHub - evilsocket/opensnitch: OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch. - evilsocket/opensnitch
github.com
October 11, 2025 at 4:37 PM
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
github.com/evilsocket/o...
#oss
github.com/evilsocket/o...
#oss
Reposted by Denys
we now have an @e18e.dev github action which can diff your dependencies in PRs
things like:
- change in trust level (loss of trusted publisher)
- adding >threshold dependencies
- adding >threshold install size
- bundle size difference (vs main)
- duplicate deps
early days so please give feedback!
things like:
- change in trust level (loss of trusted publisher)
- adding >threshold dependencies
- adding >threshold install size
- bundle size difference (vs main)
- duplicate deps
early days so please give feedback!
GitHub - e18e/action-dependency-diff: A GitHub action to report dependency changes and potential problems
A GitHub action to report dependency changes and potential problems - e18e/action-dependency-diff
github.com
September 26, 2025 at 3:19 PM
we now have an @e18e.dev github action which can diff your dependencies in PRs
things like:
- change in trust level (loss of trusted publisher)
- adding >threshold dependencies
- adding >threshold install size
- bundle size difference (vs main)
- duplicate deps
early days so please give feedback!
things like:
- change in trust level (loss of trusted publisher)
- adding >threshold dependencies
- adding >threshold install size
- bundle size difference (vs main)
- duplicate deps
early days so please give feedback!
Reposted by Denys
Koi Security claims to have spotted the world's first malicious MCP server that secretly copies and stealers all emails passing through a Postmark server
www.koi.security/blog/postmar...
www.koi.security/blog/postmar...
First Malicious MCP in the Wild: The Postmark Backdoor That's Stealing Your Emails | Koi Blog
www.koi.security
September 25, 2025 at 4:25 PM
Koi Security claims to have spotted the world's first malicious MCP server that secretly copies and stealers all emails passing through a Postmark server
www.koi.security/blog/postmar...
www.koi.security/blog/postmar...
Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship
openssf.org/blog/2025/09...
openssf.org/blog/2025/09...
Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship – Open Source Security Foundation
openssf.org
September 25, 2025 at 1:47 PM
Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship
openssf.org/blog/2025/09...
openssf.org/blog/2025/09...
What happens if you don’t own your data:
Slack is extorting us with a $195k/yr bill increase
skyfall.dev/posts/slack
Slack is extorting us with a $195k/yr bill increase
skyfall.dev/posts/slack
Slack is extorting us with a $195k/yr bill increase
An open letter, or something
skyfall.dev
September 22, 2025 at 1:44 AM
What happens if you don’t own your data:
Slack is extorting us with a $195k/yr bill increase
skyfall.dev/posts/slack
Slack is extorting us with a $195k/yr bill increase
skyfall.dev/posts/slack
Every time they tell me #AI hallucinates and invents facts, I look around in NYC… people still pay the palm readers to do the inference…
September 21, 2025 at 1:28 PM
Every time they tell me #AI hallucinates and invents facts, I look around in NYC… people still pay the palm readers to do the inference…