DEV Community

npm

Node Package Manager

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Validando CNPJ de forma definitiva: Conheça a cnpj-universal (JS/TS)
leandrogazoli profile

Validando CNPJ de forma definitiva: Conheça a cnpj-universal (JS/TS)

#javascript #typescript #nestjs #npm
Comments
2 min read
The Axios Supply Chain Attack Explained — npm's Biggest Security Breach in 2026
ishaaan profile

The Axios Supply Chain Attack Explained — npm's Biggest Security Breach in 2026

#security #javascript #npm #supplychainattack
Comments
16 min read
npm package commitment scores: zod has 139M weekly downloads and one maintainer
piiiico profile
Pico

npm package commitment scores: zod has 139M weekly downloads and one maintainer

#security #npm #opensource #webdev
Comments
4 min read
The Axios Attack Proved npm audit Is Broken. Here's What Would Have Caught It
poolcamacho profile

The Axios Attack Proved npm audit Is Broken. Here's What Would Have Caught It

#npm #security #javascript #opensource
1
Comments
6 min read
The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns
ethan_kreloff_4a7339e3d1d profile

The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns

#security #javascript #npm #webdev
Comments
4 min read
I built Material Symbols SVG, an icon library for using Material Symbols as SVG components
k-s-h-r profile

I built Material Symbols SVG, an icon library for using Material Symbols as SVG components

#react #npm #typescript #frontend
Comments
5 min read
Why Your AI Coding Agent Keeps Recommending Dead Packages
the_bookmaster profile

Why Your AI Coding Agent Keeps Recommending Dead Packages

#agents #ai #npm #programming
1
Comments
2 min read
I never expected this response ~robot-toast
pratham_kumar_8cc837c51ed profile

I never expected this response ~robot-toast

#javascript #webdev #opensource #npm
Comments
2 min read
Malicious npm Packages Disguised as Strapi Plugins Enable Data Exfiltration and Remote Code Execution
kornilovconstru profile

Malicious npm Packages Disguised as Strapi Plugins Enable Data Exfiltration and Remote Code Execution

#npm #strapi #malware #exfiltration
Comments
7 min read
Supply Chain Security measures
0xkoji profile
0xkoji

Supply Chain Security measures

#security #npm #uv #githubactions
Comments
1 min read
Shipping a Go CLI to Every Ecosystem: GitHub Releases, Homebrew, and npm
_402ccbd6e5cb02871506 profile
Kazu

Shipping a Go CLI to Every Ecosystem: GitHub Releases, Homebrew, and npm

#cli #github #go #npm
Comments
5 min read
npm audit isn't enough: I simulated a supply chain attack on my Node dependencies and found what the scanner can't see
jtorchia profile

npm audit isn't enough: I simulated a supply chain attack on my Node dependencies and found what the scanner can't see

#english #typescript #npm #devops
1
Comments
9 min read
npm audit no alcanza: simulé un supply chain attack sobre mis dependencias de Node y encontré lo que el scanner no ve
jtorchia profile

npm audit no alcanza: simulé un supply chain attack sobre mis dependencias de Node y encontré lo que el scanner no ve

#spanish #espanol #typescript #npm
1
Comments
10 min read
The Axios/npm Incident & Why AI Won’t Replace Devs
cyberjanitor profile

The Axios/npm Incident & Why AI Won’t Replace Devs

#ai #javascript #npm #security
Comments
1 min read
I built an npm malware scanner and found 21 malicious packages in 24 hours
yurithecoder profile

I built an npm malware scanner and found 21 malicious packages in 24 hours

#security #npm #javascript #opensource
Comments 1
1 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.