Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Package Managers
📦 Package Managers
Dependency Resolution, Version Constraints, Lock Files, Security
Filter Results
Timeframe
Fresh
Past Hour
Today
This Week
This Month
Feeds to Scour
Subscribed
All
Scoured
640
posts in
12.0
ms
npm
Tooling Bug Incorrectly Marks One-Character
Packages
as
Security
Holders
🔗
Dependency Resolution
Content type:
Blog
socket.dev
·
23h
23 hours ago
Actions for npm Tooling Bug Incorrectly Marks One-Character Packages as Security Holders
shcherbak-ai/licenseal: Fast cross-ecosystem
dependency
license compatibility checker + Claude Code review skill
🔗
Dependency Resolution
Content type:
Code
github.com
·
4d
4 days ago
·
Hacker News
Actions for shcherbak-ai/licenseal: Fast cross-ecosystem dependency license compatibility checker + Claude Code review skill
Upcoming breaking changes for
npm
v12 - GitHub Changelog
🔗
Dependency Resolution
Content type:
Blog
Content type:
Tutorial
github.blog
·
1d
1 day ago
·
Lobsters
,
Hacker News
,
r/javascript
,
r/node
Actions for Upcoming breaking changes for npm v12 - GitHub Changelog
GitHub announces
npm
security
changes to tackle
supply-chain
attacks
🔗
Dependency Resolution
Content type:
News
bleepingcomputer.com
·
1h
1 hour ago
Actions for GitHub announces npm security changes to tackle supply-chain attacks
Package
Manager
Patents
📊
Dependency Graphs
Content type:
Blog
nesbitt.io
·
2d
2 days ago
Actions for Package Manager Patents
GitHub pulls pin on
npm
's auto-run scripts
🔗
Dependency Resolution
Content type:
News
theregister.com
·
7h
7 hours ago
·
Hacker News
Actions for GitHub pulls pin on npm's auto-run scripts
I Replaced Our Commercial Artifact
Registry
With a Free One After a 5× Renewal Price Hike.
🔗
Dependency Resolution
Content type:
Blog
medium.com
·
1h
1 hour ago
Actions for I Replaced Our Commercial Artifact Registry With a Free One After a 5× Renewal Price Hike.
Stop Guessing What ^18.2.0 Actually Installs
🔗
Dependency Resolution
devencyclopedia.com
·
5d
5 days ago
·
DEV
Actions for Stop Guessing What ^18.2.0 Actually Installs
Massive
PyPI
Supply
Chain
Attack Harvests Cloud Credentials via Python Startup Hooks
📦
Container Security
orca.security
·
2d
2 days ago
Actions for Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks
Over 100
NPM
,
PyPI
Packages
Hit in New Shai-Hulud Supply Chain Attacks
🔗
Dependency Resolution
securityweek.com
·
1d
1 day ago
Actions for Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
New Shai-Hulud Miasma Wave Hits Hundreds of
npm
Packages
🔗
Dependency Resolution
malware.news
·
6d
6 days ago
Actions for New Shai-Hulud Miasma Wave Hits Hundreds of npm Packages
Shai-Hulud Hades
PyPI
Campaign: 19
Packages
Trojanized via Wheel Startup Hooks
🔗
Dependency Resolution
Content type:
Blog
socradar.io
·
1d
1 day ago
Actions for Shai-Hulud Hades PyPI Campaign: 19 Packages Trojanized via Wheel Startup Hooks
Install-script allowlists
🔗
Dependency Resolution
Content type:
Blog
nesbitt.io
·
5d
5 days ago
Actions for Install-script allowlists
pnpm 11.5 Adds Support for Recognizing
npm
Staged Publishes
🔗
Dependency Resolution
Content type:
Blog
socket.dev
·
6d
6 days ago
Actions for pnpm 11.5 Adds Support for Recognizing npm Staged Publishes
fix docker store seed target
packages
(#91547) · openclaw/openclaw@c8a8152
🔗
Dependency Resolution
Content type:
Code
github.com
·
1d
1 day ago
Actions for fix docker store seed target packages (#91547) · openclaw/openclaw@c8a8152
Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New
PyPI
Wave
🔗
Dependency Resolution
Content type:
Blog
socket.dev
·
3d
3 days ago
Actions for Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave
I Researched the Red Hat
npm
Incident — Here's What Every Developer Should Know
🔗
Dependency Resolution
Content type:
Code
github.com
·
2d
2 days ago
·
DEV
Actions for I Researched the Red Hat npm Incident — Here's What Every Developer Should Know
test: isolate
npm
update smoke env · openclaw/openclaw@53a3d58
🔗
Dependency Resolution
Content type:
Code
github.com
·
5d
5 days ago
Actions for test: isolate npm update smoke env · openclaw/openclaw@53a3d58
hamj20k/bulkhead-ai: Stop prompt-injection "soup": one import that keeps your instructions and untrusted RAG/tool/web content in separate, structured fields.
npm
+
pip
, zero core
deps
.
🔗
Dependency Resolution
Content type:
Code
github.com
·
3d
3 days ago
·
r/PromptEngineering
Actions for hamj20k/bulkhead-ai: Stop prompt-injection "soup": one import that keeps your instructions and untrusted RAG/tool/web content in separate, structured fields. npm + pip, zero core deps.
Pin official
npm
plugin install records (#88585) · openclaw/openclaw@7b5f75e
🔗
Dependency Resolution
Content type:
Code
github.com
·
6d
6 days ago
Actions for Pin official npm plugin install records (#88585) · openclaw/openclaw@7b5f75e
Log in to enable infinite scrolling
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help