Drabbande. Och man blir rasande! Miljonärerna förökar sig ungarna går sönder. Hatar npm. Hatar privatiseringsmyglet.
November 10, 2025 at 8:17 PM
Drabbande. Och man blir rasande! Miljonärerna förökar sig ungarna går sönder. Hatar npm. Hatar privatiseringsmyglet.
▶️ Empresa é condenada a pagar R$ 1,2 milhão por dano no Pantanal
Justiça Federal determinou recuperação ambiental e multa à NPM
#UltimasNoticias #CapitalNews
www.capitalnews.com.br/politica-e-p...
Justiça Federal determinou recuperação ambiental e multa à NPM
#UltimasNoticias #CapitalNews
www.capitalnews.com.br/politica-e-p...
Empresa é condenada a pagar R$ 1,2 milhão por dano no Pantanal | Notícias de Campo Grande e MS - Capital News
Justiça Federal determinou recuperação ambiental e multa à NPM
www.capitalnews.com.br
November 10, 2025 at 8:13 PM
▶️ Empresa é condenada a pagar R$ 1,2 milhão por dano no Pantanal
Justiça Federal determinou recuperação ambiental e multa à NPM
#UltimasNoticias #CapitalNews
www.capitalnews.com.br/politica-e-p...
Justiça Federal determinou recuperação ambiental e multa à NPM
#UltimasNoticias #CapitalNews
www.capitalnews.com.br/politica-e-p...
Nyliberalismen, npm.
Den här starka och gripande texten kändes på många plan. Och nej, det här är inte värdigt Sverige.
www.aftonbladet.se/nyheter/kolu...
www.aftonbladet.se/nyheter/kolu...
Sorg har ingen tidtabell
Mitt hjärta slår ett dubbelslag när jag ser kuvertet på hallmattan. Avsändaren är Inspektionen för vård och omsorg, Ivo, och jag har väntat på brevet i drygt t
www.aftonbladet.se
November 10, 2025 at 8:11 PM
Nyliberalismen, npm.
Alerta crítico: falha na biblioteca JavaScript expr-eval afeta 800 mil downloads semanais
#cert #cve #fork #Github #ia #javascript #npm #online #prompts #segurança #software #vulnerabilidade
#cert #cve #fork #Github #ia #javascript #npm #online #prompts #segurança #software #vulnerabilidade
Alerta crítico: falha na biblioteca JavaScript expr-eval afeta 800 mil downloads semanais
tugatech.com.pt
November 10, 2025 at 7:10 PM
Alerta crítico: falha na biblioteca JavaScript expr-eval afeta 800 mil downloads semanais
#cert #cve #fork #Github #ia #javascript #npm #online #prompts #segurança #software #vulnerabilidade
#cert #cve #fork #Github #ia #javascript #npm #online #prompts #segurança #software #vulnerabilidade
Today, I attempted to build my static site using Cloudflare Pages, but the build runner was unable to execute a simple 'npm install' command to install dependencies.
From the dashboard, I could only configure the build command, which isn't very helpful if the project isn't installed.
From the dashboard, I could only configure the build command, which isn't very helpful if the project isn't installed.
November 10, 2025 at 7:04 PM
Today, I attempted to build my static site using Cloudflare Pages, but the build runner was unable to execute a simple 'npm install' command to install dependencies.
From the dashboard, I could only configure the build command, which isn't very helpful if the project isn't installed.
From the dashboard, I could only configure the build command, which isn't very helpful if the project isn't installed.
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
www.bleepingcomputer.com
November 10, 2025 at 6:32 PM
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
And then companies will complain that piracy is rising: buddy, your application is more shitty than the average NPM module
November 10, 2025 at 5:55 PM
And then companies will complain that piracy is rising: buddy, your application is more shitty than the average NPM module
Nyliberalismen, npm.
November 10, 2025 at 5:51 PM
Nyliberalismen, npm.
Trying to test a very basic Hello World on Firebase. NPM taking 30 minutes to handle dependencies. Is TypeScript always this insufferable? I miss Python.
November 10, 2025 at 5:45 PM
Trying to test a very basic Hello World on Firebase. NPM taking 30 minutes to handle dependencies. Is TypeScript always this insufferable? I miss Python.
I might publish the impl I posted in that issue as an npm package!
November 10, 2025 at 3:56 PM
I might publish the impl I posted in that issue as an npm package!
November 10, 2025 at 3:00 PM
I had a chat with @charlieeriksen.bsky.social about the recent NPM attacks
We chat about what happened (now that the dust settled), and we discuss what's next.
Charlie is doing some great work in this space, he understands the problem better than most
We chat about what happened (now that the dust settled), and we discuss what's next.
Charlie is doing some great work in this space, he understands the problem better than most
NPM supply chain attacks with Charlie Eriksen
Josh chats with Charlie Eriksen, a security researcher at Aikido Security. We discuss the recent NPM supply chain attacks that affect hundreds of packages. Charlie shares his experiences dealing with ...
opensourcesecurity.io
November 10, 2025 at 2:58 PM
I had a chat with @charlieeriksen.bsky.social about the recent NPM attacks
We chat about what happened (now that the dust settled), and we discuss what's next.
Charlie is doing some great work in this space, he understands the problem better than most
We chat about what happened (now that the dust settled), and we discuss what's next.
Charlie is doing some great work in this space, he understands the problem better than most
Not a fan of the circular dependency of node > npm > corepack > pnpm > env > node > ...
Migrated to mise.jdx.dev and I keep my package manager separate from my runtime and packages.
Migrated to mise.jdx.dev and I keep my package manager separate from my runtime and packages.
Home | mise-en-place
mise-en-place documentation
mise.jdx.dev
November 10, 2025 at 2:39 PM
Not a fan of the circular dependency of node > npm > corepack > pnpm > env > node > ...
Migrated to mise.jdx.dev and I keep my package manager separate from my runtime and packages.
Migrated to mise.jdx.dev and I keep my package manager separate from my runtime and packages.
New Guide: Migrate to syncpack 14 jamiemason.github.io/syncpack/gui... #monorepo #pnpm #npm #typescript #javascript
November 10, 2025 at 2:18 PM
New Guide: Migrate to syncpack 14 jamiemason.github.io/syncpack/gui... #monorepo #pnpm #npm #typescript #javascript
npm is pretty much dead at this point other than times when the news bothers them
November 10, 2025 at 2:05 PM
npm is pretty much dead at this point other than times when the news bothers them
Finns ju en del universitet- och högskolelärare här. Balans bryr sig om er med och har skrivit en del om hur er arbetsbelastning påverkas av NPM och den politiska målstyrningen. Bara att höra av sig om nån institution eller facklig lokalavdelning vill boka föreläsning (källa Arbetsmiljöverket).
November 10, 2025 at 2:01 PM
Finns ju en del universitet- och högskolelärare här. Balans bryr sig om er med och har skrivit en del om hur er arbetsbelastning påverkas av NPM och den politiska målstyrningen. Bara att höra av sig om nån institution eller facklig lokalavdelning vill boka föreläsning (källa Arbetsmiljöverket).
I meant something that tracks the download stats etc. of my published packages on NPM 🙃
November 10, 2025 at 1:44 PM
I meant something that tracks the download stats etc. of my published packages on NPM 🙃
Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution
Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution
cybersecuritynews.com
November 10, 2025 at 1:27 PM
Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution
Is there some sort of dashboard app where I can track my different NPM packages' stats all in one place? #webdev #javascript
November 10, 2025 at 12:36 PM
Is there some sort of dashboard app where I can track my different NPM packages' stats all in one place? #webdev #javascript
Reason and ReScript are very different nowadays. They have a past together with BuckleScript.
ReScript is HM, nice syntax, fast compiler, etc maybe less fp as reason, but still good and tightly integrated with the JavaScript ecosystem: npm, shipping prebuild binaries, their own lsp
ReScript is HM, nice syntax, fast compiler, etc maybe less fp as reason, but still good and tightly integrated with the JavaScript ecosystem: npm, shipping prebuild binaries, their own lsp
November 10, 2025 at 12:10 PM
Reason and ReScript are very different nowadays. They have a past together with BuckleScript.
ReScript is HM, nice syntax, fast compiler, etc maybe less fp as reason, but still good and tightly integrated with the JavaScript ecosystem: npm, shipping prebuild binaries, their own lsp
ReScript is HM, nice syntax, fast compiler, etc maybe less fp as reason, but still good and tightly integrated with the JavaScript ecosystem: npm, shipping prebuild binaries, their own lsp