Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
DEV Community
Close
npm
Follow
Hide
Node Package Manager
Posts
Left menu
👋
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Setting GitHub as a trusted publisher for npm
Steve Fenton
Steve Fenton
Steve Fenton
Follow
Apr 13
Setting GitHub as a trusted publisher for npm
#
webdev
#
node
#
npm
#
github
1
reaction
Comments
Add Comment
2 min read
The Worm in the Registry
Vektor Memory
Vektor Memory
Vektor Memory
Follow
May 13
The Worm in the Registry
#
ai
#
cybersecurity
#
npm
#
github
2
reactions
Comments
Add Comment
10 min read
Mini Shai-Hulud: un gusano de cadena de suministro que explotó TanStack y el ecosistema npm.
Cristian Carrillo
Cristian Carrillo
Cristian Carrillo
Follow
May 12
Mini Shai-Hulud: un gusano de cadena de suministro que explotó TanStack y el ecosistema npm.
#
cybersecurity
#
supplychain
#
npm
#
ciberseguridad
2
reactions
Comments
Add Comment
5 min read
Malicious `axios@1.14.1` Published: Exfiltrated CI/CD Secrets; Pin Dependency Versions to Mitigate
Marina Kovalchuk
Marina Kovalchuk
Marina Kovalchuk
Follow
Apr 8
Malicious `axios@1.14.1` Published: Exfiltrated CI/CD Secrets; Pin Dependency Versions to Mitigate
#
security
#
npm
#
axios
#
cicd
Comments
Add Comment
12 min read
Why you keep attacking npm?
Axel Espinosa
Axel Espinosa
Axel Espinosa
Follow
May 12
Why you keep attacking npm?
#
discuss
#
node
#
javascript
#
npm
2
reactions
Comments
Add Comment
1 min read
npm Publish Without Tokens
Jurij Tokarski
Jurij Tokarski
Jurij Tokarski
Follow
Apr 7
npm Publish Without Tokens
#
cicd
#
github
#
npm
#
security
Comments
Add Comment
3 min read
Debugging Node.js in Docker and Kubernetes Without Restarting
Bill Tu
Bill Tu
Bill Tu
Follow
Apr 7
Debugging Node.js in Docker and Kubernetes Without Restarting
#
javascript
#
node
#
npm
Comments
Add Comment
6 min read
7 Bugs That Taught Us How to Build Better Diagnostic Tools
Bill Tu
Bill Tu
Bill Tu
Follow
Apr 7
7 Bugs That Taught Us How to Build Better Diagnostic Tools
#
javascript
#
node
#
npm
1
reaction
Comments
Add Comment
8 min read
Beyond the Event Loop: Tracking Slow I/O in Production Node.js
Bill Tu
Bill Tu
Bill Tu
Follow
Apr 7
Beyond the Event Loop: Tracking Slow I/O in Production Node.js
#
javascript
#
npm
#
node
Comments
Add Comment
8 min read
Validando CNPJ de forma definitiva: Conheça a cnpj-universal (JS/TS)
Leandro Gazoli
Leandro Gazoli
Leandro Gazoli
Follow
Apr 7
Validando CNPJ de forma definitiva: Conheça a cnpj-universal (JS/TS)
#
javascript
#
typescript
#
nestjs
#
npm
Comments
Add Comment
2 min read
The Axios Supply Chain Attack Explained — npm's Biggest Security Breach in 2026
Ishaan Pandey
Ishaan Pandey
Ishaan Pandey
Follow
Apr 6
The Axios Supply Chain Attack Explained — npm's Biggest Security Breach in 2026
#
security
#
javascript
#
npm
#
supplychainattack
Comments
Add Comment
16 min read
The Axios Attack Proved npm audit Is Broken. Here's What Would Have Caught It
Pool Camacho
Pool Camacho
Pool Camacho
Follow
Apr 6
The Axios Attack Proved npm audit Is Broken. Here's What Would Have Caught It
#
npm
#
security
#
javascript
#
opensource
1
reaction
Comments
Add Comment
6 min read
The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns
Ethan Kreloff
Ethan Kreloff
Ethan Kreloff
Follow
Apr 4
The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns
#
security
#
javascript
#
npm
#
webdev
Comments
Add Comment
4 min read
I built Material Symbols SVG, an icon library for using Material Symbols as SVG components
k-s-h-r
k-s-h-r
k-s-h-r
Follow
Apr 4
I built Material Symbols SVG, an icon library for using Material Symbols as SVG components
#
react
#
npm
#
typescript
#
frontend
Comments
Add Comment
5 min read
Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks
Juan Torchia
Juan Torchia
Juan Torchia
Follow
May 8
Supply chain npm vs PyPI: I compared both simulations and the most dangerous vector isn't what everyone thinks
#
english
#
npm
#
node
#
devops
Comments
Add Comment
9 min read
👋
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account