Tag: npm
Features everyone should steal from npmx
What happens when users design their own package registry frontend
npm's Defaults Are Bad
The npm client's default settings are a root cause of JavaScript's recurring supply chain security problems.
npm Data Subject Access Request
A response to a GDPR data subject access request.
Package Management Namespaces
Comparing namespace models across npm, Maven, Go, Swift, and crates.io.
The Nine Levels of JavaScript Dependency Hell
Come, I will show you what I have seen.
Why JavaScript Needed Docker
How Docker became JavaScript's real lockfile
Fixing NPM permissions errors on WSL
Saving this one for posterity since I seem to run into something like this once every couple of months. Really gotta get a Mac for my next dev machine. sudo apt update && sudo apt upgrade -y # Since you mention that you have set your user to be root: sudo sh -c 'echo "[user]\ndefault=root" > /etc/wsl.conf' wsl.exe -l -v # Confirm your distribution name for the following command: wsl.exe --terminate Ubuntu Credit to this StackOverflow answer.
Zoltan Kochan - PNPM and the Future of Package Management
Zoltan Kochan, PNPM's lead maintainer, explores how his revolutionary package manager transformed JavaScript dependency management with speed and superior developer experience.
npxは永続的なインストールは行わないが、実行のために一時的なダウンロード(実質的なインストール)は行う
James Garbutt - E18e
James Garbutt explains e18e, the community initiative focused on improving JavaScript package performance across the entire npm ecosystem.
Darcy Clarke - npm, vlt and the Future of JavaScript Package Management
Darcy Clarke introduces VLT, a new JavaScript package manager aiming to disrupt npm with innovative features and VSR registry.
Adding Comments to My Blog with Bluesky!
Jordan Harband - Npm Ecosystem, HeroDevs
Jordan Harband defends his controversial stance on legacy support while managing countless npm packages that power millions of JavaScript projects.
Feross Aboukhadijeh - Socket
Feross Aboukhadijeh discusses Socket.dev's advanced approach to open source security, using static analysis and AI to detect complex vulnerabilities.
Isaac Schlueter - npm, Tier
Isaac Schlueter shares the creation story of npm, early Node.js days, and his new pricing platform Tier that's changing how products handle monetization.
Christoph Nakazawa - Athena Crisis, Jest, Yarn, MooTools, Metro
Christoph Nakazawa discusses his journey from shepherding major OSS projects like Jest, Yarn, and Metro to building his new gaming venture Athena Crisis.
Semver: The unknown buildMetadata
The semver’s spec mentions a group called “buildMetadata”. If you’ve never heard of this before, you’re not alone
I have to tell you about Dependabot 🤖
Dependabot is an automation service that will automatically create PRs to keep your projects' dependencies up to date, and it is really powerful.
Promise.allSettled() Pt.2 - it's partly settled!
This is a follow-up to my first post on the upcoming Promise.allSettled() function, coming soon to a node application near you.
Picking apart JavaScript import syntax
Part 2 in a series of posts on destructuring syntax for JavaScript and Node.
I reclaimed 10GB of disk space from node_modules
If you're not careful, your node projects can start to fill all the spare disk space on your computer. This one weird trick (lol) can help avoid that.