DEV Community

npm

Node Package Manager

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen

Supply chain en npm vs PyPI: comparé mis dos simulaciones y el vector más peligroso no es el que todos creen

Comments
10 min read
Stop Shipping Broken Env Configs — I Built a Fix

Stop Shipping Broken Env Configs — I Built a Fix

1
Comments
2 min read
Why Your LLM Agent Forgot What It Did 5 Steps Ago

Why Your LLM Agent Forgot What It Did 5 Steps Ago

1
Comments 1
4 min read
Why Your AI Coding Agent Keeps Recommending Dead Packages

Why Your AI Coding Agent Keeps Recommending Dead Packages

1
Comments
2 min read
AGENTS.md moved AI performance up a model tier. Package trust needs the same.

AGENTS.md moved AI performance up a model tier. Package trust needs the same.

Comments
2 min read
I never expected this response ~robot-toast

I never expected this response ~robot-toast

Comments
2 min read
Malicious npm Packages Disguised as Strapi Plugins Enable Data Exfiltration and Remote Code Execution

Malicious npm Packages Disguised as Strapi Plugins Enable Data Exfiltration and Remote Code Execution

Comments
7 min read
The Axios/npm Incident & Why AI Won’t Replace Devs

The Axios/npm Incident & Why AI Won’t Replace Devs

Comments
1 min read
I built an npm malware scanner and found 21 malicious packages in 24 hours

I built an npm malware scanner and found 21 malicious packages in 24 hours

Comments 1
1 min read
npm audit no alcanza: simulé un supply chain attack sobre mis dependencias de Node y encontré lo que el scanner no ve

npm audit no alcanza: simulé un supply chain attack sobre mis dependencias de Node y encontré lo que el scanner no ve

1
Comments
10 min read
npm audit isn't enough: I simulated a supply chain attack on my Node dependencies and found what the scanner can't see

npm audit isn't enough: I simulated a supply chain attack on my Node dependencies and found what the scanner can't see

1
Comments
9 min read
How the axios@1.14.1 supply chain attack worked (and how to protect yourself)

How the axios@1.14.1 supply chain attack worked (and how to protect yourself)

Comments
4 min read
What the Axios npm Compromise Means for MCP Server Maintainers

What the Axios npm Compromise Means for MCP Server Maintainers

Comments
4 min read
How to Finally (and Iteratively) Kill Every Last 'npm audit'

How to Finally (and Iteratively) Kill Every Last 'npm audit'

Comments
3 min read
hashfree: Clean URL Section Navigation Without the #

hashfree: Clean URL Section Navigation Without the #

7
Comments 2
2 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.