Node.js

Feeds to Scour
SubscribedAll
Scoured 452 posts in 7.6 ms

Upcoming breaking changes for npm v12 - GitHub Changelog

 ⚛️React  Content type: Blog  Content type: Tutorial
github.blog··Lobsters, Hacker News, r/javascript, r/node

wrknbuycnsmndie/nestjs-11-12-benchmark

 ⚙️Backend Development  Content type: Code
github.com··DEV

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

 ⚛️React
thehackernews.com·

Your Package Manager Is Lying to You: npm, Yarn, pnpm, Bun, and Deno tradeoffs

 ⚙️Backend Development  Content type: Blog
blog.gaborkoos.com··Hacker News, r/javascript, r/node, r/programming, r/typescript, r/webdev

Wait, binding.gyp Can Do What? Exploring npm's Weirdest Build System

 🐍Python  Content type: Blog
aikido.dev·

Stop Guessing What ^18.2.0 Actually Installs

 ⚛️React
devencyclopedia.com··DEV

GitHub announces npm security changes to tackle supply-chain attacks

 ⚙️Backend Development  Content type: News
bleepingcomputer.com·

npm Tooling Bug Incorrectly Marks One-Character Packages as Security Holders

 🐍Python  Content type: Blog
socket.dev·

GitHub pulls pin on npm's auto-run scripts

 🔄Business Automation  Content type: News
theregister.com··Hacker News

New Shai-Hulud Miasma Wave Hits Hundreds of npm Packages

 ☁️SaaS
malware.news·

GitHub finally pulls the plug on automatic install script execution for npm

 🔄Business Automation  Content type: News
csoonline.com·

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

 🐍Python
securityweek.com·

Show HN: Master – Rails-style full-stack productivity for Node.js

 🌐Web Development  Content type: Blog  Content type: Discussion
bookbag.ai··Hacker News

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

 ☁️SaaS
it.slashdot.org·

I Replaced Our Commercial Artifact Registry With a Free One After a 5× Renewal Price Hike.

 🐍Python  Content type: Blog
medium.com
·

Node.js Annual Releases, Terraform 1.15, Gemma 4 Multimodal

 ⚙️Backend Development  Content type: Discussion
thedevsignal.com··DEV
Less-relevant results

Dependency Execution Intelligence

 🐍Python
depgaze.xyz··Hacker News

I built a 3KB alternative to replace zxcvbn (389KB) without detection loss

 🐍Python  Content type: Blog
medium.com
·

How 56 npm packages used binding.gyp to steal CI/CD secrets

 ⚛️React  Content type: Blog
reversinglabs.com·

Node.js — Wednesday, June 17, 2026 Security Releases

 🐍Python
nodejs.org·

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help