est.social

3 postitusega3 osalejaga0 postitust täna

Richie KhooPackage Manager for MarkdownI'm working on a project that is intended to encourage folk to make markdown text files which can be bundled together in different bundles of text files using a package manager. Question for coders; Which package manager would you suggest I use?Main criterias (in order) are:1. Easy for someone with basic command line skills to edit the file and update version numbers and add additional packages.2. All being equal, more commonly and easy to setup is preferred.<a href="https://hachyderm.io/tags/Markdown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Markdown</a> <a href="https://hachyderm.io/tags/CommonMark" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CommonMark</a> <a href="https://hachyderm.io/tags/PackageManager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PackageManager</a> <a href="https://hachyderm.io/tags/Programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Programming</a> <a href="https://hachyderm.io/tags/Dev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Dev</a> <a href="https://hachyderm.io/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NPM</a> <a href="https://hachyderm.io/tags/RubyGems" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RubyGems</a> <a href="https://hachyderm.io/tags/Cargo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cargo</a> <a href="https://hachyderm.io/tags/PickingAMastodonInstance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PickingAMastodonInstance</a> <a href="https://hachyderm.io/tags/Ruby" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ruby</a> <a href="https://hachyderm.io/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://hachyderm.io/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rust</a> <a href="https://hachyderm.io/tags/Javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Javascript</a> <a href="https://hachyderm.io/tags/NodeJs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NodeJs</a> <a href="https://hachyderm.io/tags/Lisp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lisp</a> <a href="https://hachyderm.io/tags/CommonGuide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CommonGuide</a>

BillIn today's Supply Chain News ...Eleven oooold npm packages were hijacked to steal API keys. Wonder how many of them jise are just sitting on n someone's built pipeline with "latest" as the version parameter?<a href="https://www.sonatype.com/blog/multiple-crypto-packages-hijacked-turned-into-info-stealers" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.sonatype.com/blog/multiple-crypto-packages-hijacked-turned-into-info-stealers</a>h/t to SonaType for the top notch research.<a href="https://infosec.exchange/tags/supplychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychain</a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a>

BillOk, normal patterns after an hour of excitement.ReversingLabs has a good writeup of an npm package infected with malware that generates a backdoor. Great way to get insight into the patterns the baddies follow.<a href="https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell</a><a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a>

Hackread.com🚨 Malware warning: A new npm attack targets the popular Ethereum library ethers, sneaking in a backdoor to take control of systems.Read: <a href="https://hackread.com/npm-malware-infects-ethereum-library-with-backdoor/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackread.com/npm-malware-infects-ethereum-library-with-backdoor/</a><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> <a href="https://mstdn.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://mstdn.social/tags/Ethereum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ethereum</a> <a href="https://mstdn.social/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a>

Dino<a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BleepingComputer</a> Do we think something like this is enough to find if this garbage is present on a Linux system? `sudo find / -iregex '.*ethers-.*` <a href="https://masto.ai/tags/node" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#node</a> <a href="https://masto.ai/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> <a href="https://masto.ai/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a>

Thor A. HoplandOut of pure curiosity, and because I'm on that <a href="https://snabelen.no/tags/webdev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webdev</a> <a href="https://snabelen.no/tags/framework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#framework</a> discovery tip. Heck, this project even made me download an IDE for Android lolJust to read `install.bin` - which is an sh script.Excuse me, but why are you bundling <a href="https://snabelen.no/tags/nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nodejs</a> and <a href="https://snabelen.no/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a>? Is it to facilitate a setup process for containers, or is it merely to make the process easy?I'm a bit sceptical to that sort of thing, especially when fetching from a vendors domain directly. Any plans to build packages via CI?<a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aral</a> <a href="https://fedi.jaenis.ch/@andre" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@andre</a>

jdm2 🇵🇷Quick question for the node.js developers on the fediverse.How would I go about monitoring an app's memory and CPU usage over time? <a href="https://boriken.social/tags/node" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#node</a> <a href="https://boriken.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nodejs</a> <a href="https://boriken.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a>

Avoid the Hack! :donor:Week 11 of the <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Privacy</a> Roundup is out. Featuring:- Data broker bragging about having personal information of billions of people - How the ESP32 <a href="https://infosec.exchange/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bluetooth</a> backdoor isn't a backdoor - North Korean government APTs spreading <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> on <a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> play, <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> - An ICE OSINT Tool that can monitor 200+ websites of a target - <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apple</a> patching an exploited zero-day in WebKit - <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> Patch Tuesday, 6 exploited zero-days... and more, of course.<a href="https://infosec.exchange/tags/privacymatters" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacymatters</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a> <a href="https://avoidthehack.com/privacy-week11-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://avoidthehack.com/privacy-week11-2025</a>

Hackread.com🚨 Alert: North Korea’s Lazarus Group is at it again! They hid backdoor in fake npm packages, stealing credentials and crypto.<a href="https://hackread.com/lazarus-group-backdoor-fake-npm-packages-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackread.com/lazarus-group-backdoor-fake-npm-packages-attack/</a><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LazarusGroup</a> <a href="https://mstdn.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> <a href="https://mstdn.social/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NorthKorea</a>

FlohEinsteinDo you want to advertise "my Node.js product now uses AI!!" but don't know how to add AI? Use the package "is-even-ai"<a href="https://www.npmjs.com/package/is-even-ai" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.npmjs.com/package/is-even-ai</a><a href="https://chaos.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nodejs</a> <a href="https://chaos.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> <a href="https://chaos.social/tags/isevenai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#isevenai</a> <a href="https://chaos.social/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devops</a>

Viimatised otsingud

Otsimisvalikud

Administraator:

Serveri statistika:

#npm