DEV Community

npm

Node Package Manager

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Modern JavaScript Tooling Explained: npm, npx, pnpm, Yarn & Bun
srsoumyax11 profile

Modern JavaScript Tooling Explained: npm, npx, pnpm, Yarn & Bun

#javascript #node #npm #tooling
1
Comments
5 min read
guard-install now scans GitHub repos before you run them
nithindj192 profile

guard-install now scans GitHub repos before you run them

#npm #node #riskanalysis
Comments
1 min read
Proof-of-Commitment Internals: How the Scoring Algorithm Works
piiiico profile
Pico

Proof-of-Commitment Internals: How the Scoring Algorithm Works

#npm #security #javascript #supplychain
1
Comments
6 min read
Spotify Verified for Human Artists: What It Signals for Code, Content, and My Own Blog
jtorchia profile

Spotify Verified for Human Artists: What It Signals for Code, Content, and My Own Blog

#english #npm #claudecode #developertools
1
Comments
8 min read
From pnpm's Cool Feature to npm's Life jacket: The (somewhat accidental) birth of age-install
cinfinitedev_engine profile

From pnpm's Cool Feature to npm's Life jacket: The (somewhat accidental) birth of age-install

#npm #javascript #security #softwareengineering
Comments
6 min read
npm installs packages blindly — I built a CLI to fix that
nithindj192 profile

npm installs packages blindly — I built a CLI to fix that

#showdev #cli #npm #security
Comments
1 min read
Hono Has 34M Weekly Downloads and One Maintainer
piiiico profile
Pico

Hono Has 34M Weekly Downloads and One Maintainer

#javascript #webdev #security #npm
Comments
3 min read
Four MCP packages, four ways the supply chain shifted in two weeks of npm monitoring
michael_onyekwere profile

Four MCP packages, four ways the supply chain shifted in two weeks of npm monitoring

#security #supplychain #mcp #npm
Comments
7 min read
You've probably never heard of these npm packages. They're in your production app.
piiiico profile
Pico

You've probably never heard of these npm packages. They're in your production app.

#npm #security #javascript #webdev
Comments
3 min read
Hardening npm dependency security
alexocallaghan profile

Hardening npm dependency security

#security #node #webdev #npm
Comments
4 min read
Three npm Disasters That Were Predictable (And What the Signals Looked Like)
piiiico profile
Pico

Three npm Disasters That Were Predictable (And What the Signals Looked Like)

#npm #security #javascript #opensource
1
Comments
6 min read
I audited 25 top npm packages with a zero-install CLI. Here's who passes.
piiiico profile
Pico

I audited 25 top npm packages with a zero-install CLI. Here's who passes.

#npm #security #javascript #opensource
1
Comments
4 min read
I Built a 8.7KB React Animation Library (120+ FPS) on top of GSAP
youssefzidan1 profile

I Built a 8.7KB React Animation Library (120+ FPS) on top of GSAP

#gsap #npm #webdev #react
3
Comments
1 min read
We analysed 396 breaking dependency releases. Here's what they have in common.

GitHub “Finish-Up-A-Thon” Challenge Submission
ahafarag profile

We analysed 396 breaking dependency releases. Here's what they have in common.

#npm #devops #javascript #opensource
Comments
3 min read
AI Hallucinated Dependencies Are the New Supply Chain Attack: How to Stop Them
toniantunovic profile

AI Hallucinated Dependencies Are the New Supply Chain Attack: How to Stop Them

#supplychainsecurity #aicode #npm #security
Comments
8 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.