Reposted by Meligy
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a comp ...
NPM package caught using QR Code to fetch cookie-stealing malware
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a comp ...
www.bleepingcomputer.com
September 23, 2025 at 10:42 AM
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a comp ...
Reposted by Meligy
Robert Balicki is a Staff Engineer at Pinterest and creator of the open-source project Isograph. He joins Gregor Vand to discuss challenges and solutions for managing data in frontend apps.
@statisticsftw.bsky.social
softwareengineeringdaily.com/2025/09/23/i...
@statisticsftw.bsky.social
softwareengineeringdaily.com/2025/09/23/i...
Rethinking GraphQL Frontends with Robert Balicki - Software Engineering Daily
A challenge in modern frontend application design is efficiently fetching and managing GraphQL data while keeping UI components responsive and maintainable. Developers often face issues like over-fetc...
softwareengineeringdaily.com
September 23, 2025 at 10:43 AM
Robert Balicki is a Staff Engineer at Pinterest and creator of the open-source project Isograph. He joins Gregor Vand to discuss challenges and solutions for managing data in frontend apps.
@statisticsftw.bsky.social
softwareengineeringdaily.com/2025/09/23/i...
@statisticsftw.bsky.social
softwareengineeringdaily.com/2025/09/23/i...
Reposted by Meligy
Cloud models are now in preview, letting you run larger models with fast, datacenter-grade hardware
ollama.com/blog/cloud-m...
ollama.com/blog/cloud-m...
Cloud models · Ollama Blog
Cloud models are now in preview, letting you run larger models with fast, datacenter-grade hardware. You can keep using your local tools while running larger models that wouldn’t fit on a personal com...
ollama.com
September 23, 2025 at 10:53 AM
Cloud models are now in preview, letting you run larger models with fast, datacenter-grade hardware
ollama.com/blog/cloud-m...
ollama.com/blog/cloud-m...
Reposted by Meligy
pnpm v10.16.0 adds "minimumReleaseAge", a setting for defining how long a version has to have been published before pnpm will install it.
A nice countermeasure against accidental installs of short-lived compromised packages before they get taken down. Not a 100% fix, but a great additional step!
A nice countermeasure against accidental installs of short-lived compromised packages before they get taken down. Not a 100% fix, but a great additional step!
Release pnpm 10.16 · pnpm/pnpm
Minor Changes
There have been several incidents recently where popular packages were successfully attacked. To reduce the risk of installing a compromised version, we are introducing a new settin...
github.com
September 12, 2025 at 10:49 PM
pnpm v10.16.0 adds "minimumReleaseAge", a setting for defining how long a version has to have been published before pnpm will install it.
A nice countermeasure against accidental installs of short-lived compromised packages before they get taken down. Not a 100% fix, but a great additional step!
A nice countermeasure against accidental installs of short-lived compromised packages before they get taken down. Not a 100% fix, but a great additional step!
Reposted by Meligy
“A Complete Next.js Streaming Guide: loading.tsx, Suspense, and Performance”
medium.com/@aalbertini9...
#nextjs #reactjs #webperf #frontendDev #javascript
medium.com/@aalbertini9...
#nextjs #reactjs #webperf #frontendDev #javascript
A Complete Next.js Streaming Guide: loading.tsx, Suspense, and Performance
When building modern web apps, speed isn’t just about fast loading — it’s about feeling fast. Users expect immediate feedback, even when…
medium.com
August 2, 2025 at 7:41 PM
“A Complete Next.js Streaming Guide: loading.tsx, Suspense, and Performance”
medium.com/@aalbertini9...
#nextjs #reactjs #webperf #frontendDev #javascript
medium.com/@aalbertini9...
#nextjs #reactjs #webperf #frontendDev #javascript
Reposted by Meligy
This is probably one of my best articles that isn’t about React Query. I just re-read it and love everything about it. I probably peaked at that time. Give it a read:
Component Composition is great btw
Component composition is one of the best parts of React, and I think we should take more time to break our components into manageable parts before littering one component with conditional renderings.
tkdodo.eu
August 17, 2025 at 8:38 AM
This is probably one of my best articles that isn’t about React Query. I just re-read it and love everything about it. I probably peaked at that time. Give it a read:
Reposted by Meligy
There's a powerful React feature called streaming that you can also use in your Next.js apps. And in this handbook, Sumit teaches you all about streaming and how it works in Next. You'll also learn about SSR, automatic vs manual streaming, React Suspense, & more.
www.freecodecamp.org/news/the-nex...
www.freecodecamp.org/news/the-nex...
August 9, 2025 at 12:01 AM
There's a powerful React feature called streaming that you can also use in your Next.js apps. And in this handbook, Sumit teaches you all about streaming and how it works in Next. You'll also learn about SSR, automatic vs manual streaming, React Suspense, & more.
www.freecodecamp.org/news/the-nex...
www.freecodecamp.org/news/the-nex...
Reposted by Meligy
Full speed ahead on component testing for React Server Components!
✅ vitest-plugin-rsc canary now on npm
✅ vite RSC refactor for testing support
✅ @nextjs.org context providers
✅ Notes app demo with tests
👉 github.com/kasperpeulen...
✅ vitest-plugin-rsc canary now on npm
✅ vite RSC refactor for testing support
✅ @nextjs.org context providers
✅ Notes app demo with tests
👉 github.com/kasperpeulen...
August 7, 2025 at 5:47 PM
Full speed ahead on component testing for React Server Components!
✅ vitest-plugin-rsc canary now on npm
✅ vite RSC refactor for testing support
✅ @nextjs.org context providers
✅ Notes app demo with tests
👉 github.com/kasperpeulen...
✅ vitest-plugin-rsc canary now on npm
✅ vite RSC refactor for testing support
✅ @nextjs.org context providers
✅ Notes app demo with tests
👉 github.com/kasperpeulen...
@danabra.mov I remember in an earlier demo of Suspense you showed a data fetch not showing loading right away but only if data fetch takes a while.
Next.js Promise Racing
Learn how you can use Next.js' and React's primitives to achieve a neat party trick: Conditionally show a loading spinner based on a given wait time.
playfulprogramming.com
July 14, 2025 at 4:57 AM
@danabra.mov I remember in an earlier demo of Suspense you showed a data fetch not showing loading right away but only if data fetch takes a while.
Reposted by Meligy
- If _this_ component re-renders, it has the same `children` prop ref as before, so its immediate child will be skipped, and then it's just which nested components accessed context
- If this comp's _parent_ re-renders, it's passing a new `children` ref in here, so its children render
- If this comp's _parent_ re-renders, it's passing a new `children` ref in here, so its children render
July 6, 2025 at 4:06 PM
- If _this_ component re-renders, it has the same `children` prop ref as before, so its immediate child will be skipped, and then it's just which nested components accessed context
- If this comp's _parent_ re-renders, it's passing a new `children` ref in here, so its children render
- If this comp's _parent_ re-renders, it's passing a new `children` ref in here, so its children render
Reposted by Meligy
Node.js release day: 24.2.0 is out ! More Explicit Resource Management support, import.meta.main, and much more – see download information and full changelog at nodejs.org/en/blog/rele...
Node.js — Node v24.2.0 (Current)
Node.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine.
nodejs.org
June 9, 2025 at 10:56 PM
Node.js release day: 24.2.0 is out ! More Explicit Resource Management support, import.meta.main, and much more – see download information and full changelog at nodejs.org/en/blog/rele...
Reposted by Meligy
Can @davidfowl.com @maddymontaquila.net & @damianedwards.com add .NET Aspire goodness to a real-world ASP.NET Core app on a Friday afternoon? Yes, they can! 🎉 Watch @Bitwarden's open-source .NET code base get Aspirified on #AspiriFridays: www.youtube.com/live/UjQ-fVk...
AspiriFridays with David, Damian, and Maddy - Bitwarden
YouTube video by dotnet
www.youtube.com
June 2, 2025 at 11:39 PM
Can @davidfowl.com @maddymontaquila.net & @damianedwards.com add .NET Aspire goodness to a real-world ASP.NET Core app on a Friday afternoon? Yes, they can! 🎉 Watch @Bitwarden's open-source .NET code base get Aspirified on #AspiriFridays: www.youtube.com/live/UjQ-fVk...
Reposted by Meligy
Major MSW docs rewrite is here! 🎉
I've finally found time to complete this change last weekend. Let's talk about what's new! 👇
mswjs.io/docs/
I've finally found time to complete this change last weekend. Let's talk about what's new! 👇
mswjs.io/docs/
Introduction
Welcome to the Mock Service Worker documentation!
mswjs.io
June 2, 2025 at 4:00 PM
Major MSW docs rewrite is here! 🎉
I've finally found time to complete this change last weekend. Let's talk about what's new! 👇
mswjs.io/docs/
I've finally found time to complete this change last weekend. Let's talk about what's new! 👇
mswjs.io/docs/
An important update on the present and the future of @mswjs/data:
github.com/mswjs/data/...
Please read this.
github.com/mswjs/data/...
Please read this.
Mark the library as deprecated (unmaintained) · Issue #313 · mswjs/data
Hi team, I think it’s time to consider officially marking @mswjs/data as deprecated or at least clearly labeling it as unmaintained. The last commit was 9 months ago, and there’s been zero visible ...
github.com
June 3, 2025 at 11:15 AM
Reposted by Meligy
i'm writing "RSC for _ Developers" where _ is your favorite framework / language / whatever.
what "_" do you want to see represented?
what "_" do you want to see represented?
May 5, 2025 at 2:52 AM
i'm writing "RSC for _ Developers" where _ is your favorite framework / language / whatever.
what "_" do you want to see represented?
what "_" do you want to see represented?
Is it just me or the amount of non tech posts by tech people here is much more than on X?
June 1, 2025 at 9:48 PM
Is it just me or the amount of non tech posts by tech people here is much more than on X?
Reposted by Meligy
@t3.gg I need to point out that queryOptions addresses some of the type-safety issues between cache entries, getQueryData and setQueryData. You might want to give this a read: tkdodo.eu/blog/the-que...
The Query Options API
v5 brought a new, powerful API, especially if you're using React Query with TypeScript...
tkdodo.eu
May 18, 2025 at 6:51 AM
@t3.gg I need to point out that queryOptions addresses some of the type-safety issues between cache entries, getQueryData and setQueryData. You might want to give this a read: tkdodo.eu/blog/the-que...
Reposted by Meligy
... and the full slides and detailed notes from my other NICAR talk yesterday, "What’s new in the world of LLMs" https://simonwillison.net/2025/Mar/8/nicar-llms/
What’s new in the world of LLMs, for NICAR 2025
I presented two sessions at the NICAR 2025 data journalism conference this year. The first was this one based on my review of LLMs in 2024, extended by several months …
simonwillison.net
March 8, 2025 at 11:24 PM
... and the full slides and detailed notes from my other NICAR talk yesterday, "What’s new in the world of LLMs" https://simonwillison.net/2025/Mar/8/nicar-llms/
Reposted by Meligy
📢 Just launched! Amazon Bedrock Data Automation is now generally available, making it easier to extract insights from multimodal content like documents, images, audio, and videos. Check out my blog post ✍️ with sample code 👇
aws.amazon.com/blogs/aws/ge...
#AWS #AI #GenerativeAI #MachineLearning
aws.amazon.com/blogs/aws/ge...
#AWS #AI #GenerativeAI #MachineLearning
Get insights from multimodal content with Amazon Bedrock Data Automation, now generally available | Amazon Web Services
Amazon Bedrock Data Automation streamlines the extraction of valuable insights from unstructured multimodal content (documents, images, audio, and videos) by providing a simplified way to build…
aws.amazon.com
March 4, 2025 at 9:40 AM
📢 Just launched! Amazon Bedrock Data Automation is now generally available, making it easier to extract insights from multimodal content like documents, images, audio, and videos. Check out my blog post ✍️ with sample code 👇
aws.amazon.com/blogs/aws/ge...
#AWS #AI #GenerativeAI #MachineLearning
aws.amazon.com/blogs/aws/ge...
#AWS #AI #GenerativeAI #MachineLearning
Reposted by Meligy
From zero to hero with identity and access control in #AzureKubernetesService by Ricardo Martins techcommunity.microsoft.com/t5/startups-...
From zero to hero with identity and access control in Azure Kubernetes Service | Microsoft Community Hub
Kubernetes administrators transitioning to Azure Kubernetes Service (AKS) often face challenges in understanding how authentication and authorization work in...
techcommunity.microsoft.com
March 5, 2025 at 9:45 AM
From zero to hero with identity and access control in #AzureKubernetesService by Ricardo Martins techcommunity.microsoft.com/t5/startups-...
Reposted by Meligy
Do you measure your TS libraries type perf?
@ssalbdivad.dev built his own testing tool for this to keep @arktype.io fast!
https://creators.spotify.com/pod/show/devtoolsfm/episodes/David-Blass----ArkType--better-runtime-type-validation-e2uvake
https://www.youtube.com/watch?v=JxAaWsAAQxM
@ssalbdivad.dev built his own testing tool for this to keep @arktype.io fast!
https://creators.spotify.com/pod/show/devtoolsfm/episodes/David-Blass----ArkType--better-runtime-type-validation-e2uvake
https://www.youtube.com/watch?v=JxAaWsAAQxM
February 19, 2025 at 4:02 PM
Do you measure your TS libraries type perf?
@ssalbdivad.dev built his own testing tool for this to keep @arktype.io fast!
https://creators.spotify.com/pod/show/devtoolsfm/episodes/David-Blass----ArkType--better-runtime-type-validation-e2uvake
https://www.youtube.com/watch?v=JxAaWsAAQxM
@ssalbdivad.dev built his own testing tool for this to keep @arktype.io fast!
https://creators.spotify.com/pod/show/devtoolsfm/episodes/David-Blass----ArkType--better-runtime-type-validation-e2uvake
https://www.youtube.com/watch?v=JxAaWsAAQxM
Reposted by Meligy
OpenAI just introduced GPT-4.5, the newest version of GPT, with better factual accuracy, fewer hallucinations, and improved conversational skills like picking up subtle human emotions and understanding what users actually want
February 27, 2025 at 8:44 PM
OpenAI just introduced GPT-4.5, the newest version of GPT, with better factual accuracy, fewer hallucinations, and improved conversational skills like picking up subtle human emotions and understanding what users actually want
Reposted by Meligy
I can't wait for @nextjs.org to support @nodejs.org runtime in middleware, and @react.dev compiler in SWC compiler.
But the way more pressing one is middleware.
But the way more pressing one is middleware.
February 24, 2025 at 5:00 AM
I can't wait for @nextjs.org to support @nodejs.org runtime in middleware, and @react.dev compiler in SWC compiler.
But the way more pressing one is middleware.
But the way more pressing one is middleware.
Finally starting to take Blue Sky seriously. Better late than never I guess. Looking to connect with other developers. I myself do a bit of TypeScript, react, dotnet, devops, and every once in a while some Azure / AWS specific stuff. Also hoping to meet some Aussie devs in real life.
February 23, 2025 at 2:01 PM
Finally starting to take Blue Sky seriously. Better late than never I guess. Looking to connect with other developers. I myself do a bit of TypeScript, react, dotnet, devops, and every once in a while some Azure / AWS specific stuff. Also hoping to meet some Aussie devs in real life.