Maël Nison
@mael.dev
Arcanis on GitHub. Lead maintainer for @yarnpkg.dev 🧶
Staff DevX Mistral AI 🇪🇺 previously: Datadog, Meta, Sketchfab
My life: my wife, two sons, two cats, and far too many side projects 📦
Staff DevX Mistral AI 🇪🇺 previously: Datadog, Meta, Sketchfab
My life: my wife, two sons, two cats, and far too many side projects 📦
Reposted by Maël Nison
I am looking for a full-time job.
Being independent in open source for 3.5+ years has been wonderful. I've gotten done most of the high-level goals I wanted to, and miss having people & structure around me.
If you know of a role for a staff-level TypeScript+web developer, let me know! 🙂
Being independent in open source for 3.5+ years has been wonderful. I've gotten done most of the high-level goals I wanted to, and miss having people & structure around me.
If you know of a role for a staff-level TypeScript+web developer, let me know! 🙂
October 30, 2025 at 2:40 PM
I am looking for a full-time job.
Being independent in open source for 3.5+ years has been wonderful. I've gotten done most of the high-level goals I wanted to, and miss having people & structure around me.
If you know of a role for a staff-level TypeScript+web developer, let me know! 🙂
Being independent in open source for 3.5+ years has been wonderful. I've gotten done most of the high-level goals I wanted to, and miss having people & structure around me.
If you know of a role for a staff-level TypeScript+web developer, let me know! 🙂
Those discussions about 'use workflow' remind me something!
October 27, 2025 at 9:54 AM
Those discussions about 'use workflow' remind me something!
I started a new position at Mistral AI this week, still focused on developer experience. Interesting change of pace, going from a huge IPO'd company to a super fast growing startup on the rise! And a European one at that 🇪🇺🥳
October 18, 2025 at 2:20 PM
I started a new position at Mistral AI this week, still focused on developer experience. Interesting change of pace, going from a huge IPO'd company to a super fast growing startup on the rise! And a European one at that 🇪🇺🥳
It's baffling that GitHub still doesn't implement a neutral exit code. It used to be there! It was inherited from Azure Pipelines and they just ... removed it, with no replacement.
Add a way (command or step) to early-exit the job and set check conclusion · community · Discussion #82744
Select Topic Area Product Feedback Body Currently, to skip the rest of the steps during a job, an if condition has to be added to all of the steps or steps have to be moved to another job. It'd be ...
github.com
October 15, 2025 at 9:59 AM
It's baffling that GitHub still doesn't implement a neutral exit code. It used to be there! It was inherited from Azure Pipelines and they just ... removed it, with no replacement.
Is that a surprise? The same can happen by having the LLM update the eslint configuration to add a malicious plugin. Due to how vscode works it'll be instantly evaluated.
GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773) · Embrace The Red
An attacker can put GitHub Copilot into YOLO mode by modifying the project's settings.json file on the fly, and then executing commands, all without user approval
embracethered.com
October 12, 2025 at 6:36 PM
Is that a surprise? The same can happen by having the LLM update the eslint configuration to add a malicious plugin. Due to how vscode works it'll be instantly evaluated.
I heard good things about Zed and Warp so I decided to try them, as I needed to reinstall a laptop anyway. So far they seem nice enough !
October 11, 2025 at 9:15 AM
I heard good things about Zed and Warp so I decided to try them, as I needed to reinstall a laptop anyway. So far they seem nice enough !
Reposted by Maël Nison
Ruby Central said some really concerning things today. I don’t think they’re representing the situation accurately. andre.arko.net/2025/10/09/t...
The RubyGems “security incident”
Ruby Central posted an extremely concerning “Incident Response Timeline” today, in which they make a number of exaggerated or purely misleading claims. Here’s my effort to set the record straight.
Fir...
andre.arko.net
October 10, 2025 at 3:17 AM
Ruby Central said some really concerning things today. I don’t think they’re representing the situation accurately. andre.arko.net/2025/10/09/t...
Reposted by Maël Nison
Yarn 4.10 is fresh off the press! 💫 It includes a new npmMinimalAgeGate setting, catalog support, and OIDC publishing.
Release v4.10.0 · yarnpkg/berry
What's Changed
Bumps TypeScript to 5.9 by @arcanis in #6889
Updates tests for the merge conflict resolution v5 by @arcanis in #6892
Tweaks tests by @arcanis in #6894
docs: fix typo in enableScript...
github.com
September 18, 2025 at 9:26 AM
Yarn 4.10 is fresh off the press! 💫 It includes a new npmMinimalAgeGate setting, catalog support, and OIDC publishing.
A good security aspect of my job lately has been that I spend significantly more time writing package managers than installing packages 😄
September 16, 2025 at 8:42 PM
A good security aspect of my job lately has been that I spend significantly more time writing package managers than installing packages 😄
Non-AI items on my GitHub wishlist:
🔍 GH Pages previews for PRs
⚠️ Status checks for issues
📝 Type hints in the viewer
🔗 GH first-parent iterator in the API
Anything else I forget?
🔍 GH Pages previews for PRs
⚠️ Status checks for issues
📝 Type hints in the viewer
🔗 GH first-parent iterator in the API
Anything else I forget?
August 20, 2025 at 12:49 PM
Non-AI items on my GitHub wishlist:
🔍 GH Pages previews for PRs
⚠️ Status checks for issues
📝 Type hints in the viewer
🔗 GH first-parent iterator in the API
Anything else I forget?
🔍 GH Pages previews for PRs
⚠️ Status checks for issues
📝 Type hints in the viewer
🔗 GH first-parent iterator in the API
Anything else I forget?
Reposted by Maël Nison
Can’t wait for this to land: drafts.csswg.org/mediaqueries... (API for recording user preferences in a way that just works)
Media Queries Level 5
https://drafts.csswg.org/mediaqueries-5/#auto-pref①
August 17, 2025 at 4:30 PM
Can’t wait for this to land: drafts.csswg.org/mediaqueries... (API for recording user preferences in a way that just works)
Why is there no JS API that can flip prefers-color-scheme for the current page? Dark mode switches require adding custom selectors, which doesn't compose with third-party components.
August 17, 2025 at 11:28 AM
Why is there no JS API that can flip prefers-color-scheme for the current page? Dark mode switches require adding custom selectors, which doesn't compose with third-party components.
Mistral is very good at building interesting narratives; much better than ChatGPT it feels: chat.mistral.ai/chat/5110f7a...
Le Chat
Chat with Mistral AI's cutting edge language models.
chat.mistral.ai
August 17, 2025 at 7:58 AM
Mistral is very good at building interesting narratives; much better than ChatGPT it feels: chat.mistral.ai/chat/5110f7a...
React 19 broke "click a component to open its source"; not sure the team is even aware? 😮 github.com/facebook/rea...
[React 19] Need Bring Back `_debugSource` or Provide an Equivalent for Better Developer Experience · Issue #32574 · facebook/react
Problem React 19 removed the _debugSource property from Fiber nodes (PR #28265), which has broken critical developer tools that enable "click to open the source from browser" functionality. This re...
github.com
August 9, 2025 at 10:41 AM
React 19 broke "click a component to open its source"; not sure the team is even aware? 😮 github.com/facebook/rea...
The more I see async iterators, the more I feel like they're a really fancy way to make a frustrating and painful API
August 8, 2025 at 8:54 PM
The more I see async iterators, the more I feel like they're a really fancy way to make a frustrating and painful API
I've been hoping for this proposal for so long ❤️ github.com/tc39/proposa...
GitHub - tc39/proposal-import-bytes: A modest proposal for importing bytes in javascript
A modest proposal for importing bytes in javascript - tc39/proposal-import-bytes
github.com
July 31, 2025 at 3:27 PM
I've been hoping for this proposal for so long ❤️ github.com/tc39/proposa...
Reposted by Maël Nison
We need a European Sovereign Tech Fund
github.blog/open-source/... "Open source software is critical infrastructure, but it’s underfunded. With a new feasibility study, GitHub’s developer policy team is building a coalition of policymakers and industry to close the maintenance funding gap."
github.blog/open-source/... "Open source software is critical infrastructure, but it’s underfunded. With a new feasibility study, GitHub’s developer policy team is building a coalition of policymakers and industry to close the maintenance funding gap."
We need a European Sovereign Tech Fund
With a new feasibility study, GitHub’s developer policy team is building a coalition of policymakers and industry to close the maintenance funding gap.
github.blog
July 24, 2025 at 9:57 AM
We need a European Sovereign Tech Fund
github.blog/open-source/... "Open source software is critical infrastructure, but it’s underfunded. With a new feasibility study, GitHub’s developer policy team is building a coalition of policymakers and industry to close the maintenance funding gap."
github.blog/open-source/... "Open source software is critical infrastructure, but it’s underfunded. With a new feasibility study, GitHub’s developer policy team is building a coalition of policymakers and industry to close the maintenance funding gap."
My opinions about an old license drama are subtly evolving
❌(REVERTED): Add text to MIT License banning ICE collaborators by jamiebuilds · Pull Request #1616 · lerna/lerna
The Lerna Core team has reverted this PR and revert information and response can be found in #1633
============================================
In this PR, the following text has been added to the ...
github.com
July 20, 2025 at 6:35 AM
My opinions about an old license drama are subtly evolving
My wife gave me a birthday present and the kid inside me is screaming 😱
July 12, 2025 at 8:07 PM
My wife gave me a birthday present and the kid inside me is screaming 😱
I'm thinking perhaps we could expose the `pnpapi` module to every install, whether PnP or not, so that 3rd-party tools could easily introspect the dependency tree without parsing the lockfile.
PnP API | Yarn
In-depth documentation of the PnP API.
yarnpkg.com
June 20, 2025 at 9:18 AM
I'm thinking perhaps we could expose the `pnpapi` module to every install, whether PnP or not, so that 3rd-party tools could easily introspect the dependency tree without parsing the lockfile.
Do you know any blind developers? What do they think about AI in their day-to-day work?
June 20, 2025 at 8:51 AM
Do you know any blind developers? What do they think about AI in their day-to-day work?
Can you imagine the nerve? github.com/viperdavis/f...
Help needed: Seeking developers to launch a crypto project similar to our token faucet with subsequent deployment on a DEX · Issue #1 · viperdavis/faucet-token-help
Hi there, Hope all is well! Apologies for the unsolicited message, but we’re actively looking for a talented developer to implement a token distribution system similar to what we have on our websit...
github.com
June 15, 2025 at 1:23 PM
Can you imagine the nerve? github.com/viperdavis/f...
The GH API is simultaneously great and frustrating. It's mostly complete, but lacks a couple of fields for seemingly no particular reason (here, it's the job summary that's missing).
June 13, 2025 at 8:48 PM
The GH API is simultaneously great and frustrating. It's mostly complete, but lacks a couple of fields for seemingly no particular reason (here, it's the job summary that's missing).
Reposted by Maël Nison
Ah, seems to be because of Cloudflare (www.cloudflarestatus.com), which in turn might be because of GCP
Cloudflare Status
Welcome to Cloudflare's home for real-time and historical data on system performance.
www.cloudflarestatus.com
June 12, 2025 at 6:41 PM
Ah, seems to be because of Cloudflare (www.cloudflarestatus.com), which in turn might be because of GCP