Hacker News
- Why is an obfuscated JavaScript payload part of an NPM command? https://github.com/npm/cli/issues/4091 4 comments
- Why is an obfuscated JavaScript payload part of an NPM command? https://github.com/npm/cli/issues/4091 2 comments
- Understand filesystem takeover vulnerabilities in NPM JavaScript package manager https://snyk.io/blog/understanding-filesystem-takeover-vulnerabilities-in-npm-javascript-package-manager/ 24 comments
- Half of all JavaScript npm packages could have been hacked via weak credentials https://www.bleepingcomputer.com/news/security/52-percent-of-all-javascript-npm-packages-could-have-been-hacked-via-weak-credentials/ 37 comments
- Show HN: Access npm commands programmatically from JavaScript https://github.com/Manak/npm-programmatic 3 comments
- Show HN: Multiple – Load test any API with JavaScript and NPM packages https://app.multiple.dev/ 15 comments
- jbang-npm: Java Script in your JavaScript https://www.jbang.dev/learn/jbang-npm/ 3 comments javascript
- jbang-npm: Java Script in your JavaScript https://www.jbang.dev/learn/jbang-npm/ 20 comments java
- 13 Decisions to Make Before Publishing JavaScript to NPM https://www.jameskerr.blog/posts/13-decisions-to-make-before-publishing-to-npm/ 4 comments javascript
- when setup JavaScript environment for project using `npm start ` command error occurs https://stackoverflow.com/questions/74339821/when-setup-javascript-environment-for-project-using-npm-start-command-error-o 6 comments learnjavascript
- Easy auditing & sandboxing for your JavaScript dependencies. Fine grained permissions system for npm packages. https://github.com/sandworm-hq 5 comments webdev
- Bun: Fast JavaScript runtime, transpiler, and NPM client written in Zig https://bun.sh/?launch= 14 comments programming
- Bun: Fast JavaScript runtime, transpiler, and npm client written in Zig https://bun.sh/ 39 comments javascript
- I've created my first NPM project completely in NodeJS with Javascript, what do you think? https://github.com/make-my/makemy 4 comments javascript
- Understanding filesystem takeover vulnerabilities in npm JavaScript package manager https://snyk.io/blog/understanding-filesystem-takeover-vulnerabilities-in-npm-javascript-package-manager/ 4 comments node
- settlement.js not found: JavaScript package biz NPM scraps talks, fights union-busting claims https://www.theregister.co.uk/2019/06/14/npm_union_busting_claims/ 55 comments javascript
- Why Regular Expressions can be bad? Regex Denial of Service attacks have been found to be most affecting javascript packages in the npm registry, spiked 143% in the last year https://snyk.io/blog/redos-vulnerabilities-in-npm-spikes-by-143-and-xss-continues-to-grow/ 3 comments javascript
- [Discussion] npm predicions about JavaScript for 2019 https://blog.graphqleditor.com/javascript-predictions-for-2019-by-npm/ 17 comments javascript
- 2019 Predictions for JavaScript from NPM https://www.businesswire.com/news/home/20181206005188/en/npm-announces-2019-predictions-javascript 4 comments javascript
- One-in-two JavaScript project audits by NPM tools sniff out at least one vulnerability... https://www.theregister.co.uk/2018/08/22/npm_vulnerability_scanner/ 4 comments programming
- Compromised JavaScript Package Caught Stealing npm Credentials https://www.bleepingcomputer.com/news/security/compromised-javascript-package-caught-stealing-npm-credentials/ 4 comments webdev
- Somebody Tried to Hide a Backdoor in a Popular JavaScript npm Package - was found in "getcookies," a relatively newly created package. According to the npm team, the backdoor "allowed for an attacker to input arbitrary code into a running server and execute it." https://www.bleepingcomputer.com/news/security/somebody-tried-to-hide-a-backdoor-in-a-popular-javascript-npm-package/ 161 comments javascript
- Somebody Tried to Hide a Backdoor in a Popular JavaScript npm Package https://www.bleepingcomputer.com/news/security/somebody-tried-to-hide-a-backdoor-in-a-popular-javascript-npm-package/ 130 comments programming
- I made an npm package for type checking in JavaScript https://www.npmjs.com/package/typy 23 comments javascript
- Half of all JavaScript npm packages could have been hacked via weak credentials https://www.bleepingcomputer.com/news/security/52-percent-of-all-javascript-npm-packages-could-have-been-hacked-via-weak-credentials/ 67 comments programming
- NPM CEO: "If you are not a white dude and have things to say about JavaScript testing, please submit a talk to Assert(js)" https://twitter.com/izs/status/911105515798720513 525 comments node
- npm is the Beating Heart of the JavaScript Ecosystem https://hashnode.com/post/npm-is-the-beating-heart-of-the-javascript-ecosystem-cimvnbetj02r1wz53u4bjw1dr 13 comments javascript
- Grunt Vs Gulp Vs npm: Javascript build wars http://wisdomgeek.com/web-development/grunt-vs-gulp-vs-npm/ 11 comments webdev
- Solidity javascript compiler now available on npm https://forum.ethereum.org/discussion/3617/solidity-compiler-now-available-on-npm 4 comments ethereum
- Javascript Package Management – NPM – Bower – Grunt http://www.radcortez.com/javascript-package-management-npm-bower-grunt/ 4 comments javascript
- 25 Malicious JavaScript Libraries Distributed via Official NPM Package Repository https://thehackernews.com/2022/02/25-malicious-javascript-libraries.html?m=1 112 comments programming
- Rust.js -- Run your JavaScript apps backed by Rust : NPM and Node.js compatible backend JavaScript platform. https://github.com/yorkie/rust.js 14 comments rust
- A Javascript string manipulation library without npm dependences. https://github.com/dleitee/strman 11 comments javascript
- Meteor JavaScript framework moves to NPM http://www.infoworld.com/article/3048806/javascript/meteor-javascript-framework-moves-to-npm.html 14 comments javascript
- Javascript News 2nd Week(Mar) #69– Empty npm package '-' has over 700,000 downloads, A Proposal For Type Syntax in JavaScript, Interop 2022 - The ArrowFn https://thearrowfn.com/javascript-news-2nd-weekmar-69-empty-npm-package-has-over-700000-downloads/ 2 comments node
- [AF] Flask developer lost in a world of NPM, Node.js, etc... What's are some good resources to wrap my head around using modern Javascript with Flask. https://www.reddit.com/r/flask/comments/5hhz3u/af_flask_developer_lost_in_a_world_of_npm_nodejs/ 11 comments flask
- Learn Modern JavaScript (nodejs, npm, webpack, es6, es5, esnext, typescript) for FREE http://courses.angularclass.com/courses/modern-javascript 60 comments javascript
- Popular JavaScript Package Manager Npm Raises $8M, Launches Private Modules http://techcrunch.com/2015/04/14/popular-javascript-package-manager-npm-raises-8m-launches-private-modules/ 9 comments javascript
- Malicious npm package opens backdoors on programmers' computers JavaScript library posing as a Twilio-related library opens backdoors to let attackers access infected workstations. https://www.zdnet.com/google-amp/article/malicious-npm-package-opens-backdoors-on-programmers-computers/ 12 comments javascript
- I made this random colour generator for myself in JavaScript. I like to use it when I'm making command line tools in Node with npm Chalk https://newcolors.netlify.com/ 8 comments webdev