Browsing Tag
npm
28 posts
🚨 npm Vulnerabilities Are Growing — A Practical Defense Using OSV.dev in React Native
As we know, npm packages are getting hacked day by day. From malicious package injections to supply chain…
The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns
Most security audits focus on code. But across five reviews of high-profile npm libraries — totaling 195 million…
Axios Has 100 Million Weekly Downloads. North Korea Backdoored It in 39 Minutes.
Yesterday — March 31, 2026 — a North Korea-linked threat actor hijacked the npm account of an Axios…
I built a rate limiter that’s 9x faster than rate-limiter-flexible – benchmarks included
The Problem With express-rate-limit, tiered limits require: Creating 3 separate limiter instances Writing manual routing logic 25 lines…
Stop npm i-ing Blind: How I Catch Malicious Packages Before They Hit Production
Stop npm i-ing Blind: Catch Malicious Packages Before They Hit Production Most developers assume their dependencies are “safe…
🛠️ Hacktoberfest 2025 — 17 Pull Requests in One Day, for the Love of Clean Code 😅🤖🧠
Experience report from Boly38 on an intense open source contribution day: 17 PRs focused on security, CI/CD, and…
Node Cmd Exe
This Node.js Package Changes Everything About Running Shell Commands Dhanush N ・ Jul 25 #opensource #npm #node #javascript
Using Multiple Versions of a Package in a Single Project: Why and How
Modern software development often calls for innovative approaches to managing dependencies, especially in large-scale JavaScript projects. One such…
Package Manager Fight: npm vs pnpm vs npx vs yarn vs bun
In the ever-evolving landscape of JavaScript development, package managers are a crucial part of managing dependencies, streamlining workflows,…
