惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
SegmentFault 最新的问题
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Attack and Defense Labs
Attack and Defense Labs
F
Full Disclosure
Vercel News
Vercel News
N
News | PayPal Newsroom
The GitHub Blog
The GitHub Blog
H
Hacker News: Front Page
H
Heimdal Security Blog
P
Privacy International News Feed
博客园 - 司徒正美
Google DeepMind News
Google DeepMind News
N
Netflix TechBlog - Medium
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cisco Blogs
L
Lohrmann on Cybersecurity
D
Docker
Recent Announcements
Recent Announcements
Security Archives - TechRepublic
Security Archives - TechRepublic
人人都是产品经理
人人都是产品经理
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Proofpoint News Feed
T
Tailwind CSS Blog
C
Check Point Blog
博客园 - 叶小钗
Google Online Security Blog
Google Online Security Blog
Martin Fowler
Martin Fowler
Stack Overflow Blog
Stack Overflow Blog
博客园 - 聂微东
S
Secure Thoughts
博客园 - Franky
博客园_首页
阮一峰的网络日志
阮一峰的网络日志
P
Palo Alto Networks Blog
Latest news
Latest news
量子位
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 三生石上(FineUI控件)
The Cloudflare Blog
Last Week in AI
Last Week in AI
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Cyberwarzone
Cyberwarzone
小众软件
小众软件
Cisco Talos Blog
Cisco Talos Blog
Hacker News: Ask HN
Hacker News: Ask HN
T
Threatpost
T
Tenable Blog
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学

JavaScript Weekly

Babel 8.0, Vite 8.1, and TypeScript 7.0 RC JavaScript Weekly Issue 790: June 16, 2026 JavaScript Weekly Issue 789: June 9, 2026 JavaScript Weekly Issue 788: June 2, 2026 JavaScript Weekly Issue 787: May 26, 2026 JavaScript Weekly Issue 785: May 12, 2026 JavaScript Weekly Issue 784: May 5, 2026 JavaScript Weekly Issue 783: April 28, 2026 JavaScript Weekly Issue 782: April 21, 2026 JavaScript Weekly Issue 781: April 14, 2026 JavaScript Weekly Issue 780: April 7, 2026 JavaScript Weekly Issue 779: March 31, 2026 JavaScript Weekly Issue 778: March 24, 2026 JavaScript Weekly Issue 777: March 17, 2026
JavaScript Weekly Issue 786: May 19, 2026
2026-05-19 · via JavaScript Weekly

RFC: It’s Time for npm to Make Install Scripts Opt-In — npm is the only major package manager that runs dependency install scripts (e.g. postinstall) by default, and they’ve become too much of a security weakness, says Jamie, who works for GitHub (maintainers of npm). This RFC features further discussion of the idea and the tradeoffs involved.

Jamie Magee

💡 npq is a tool that makes npm installs safer. It stands in front of npm and audits packages before installing them, including the presence of pre/post install scripts.

How Depot Built a CI Orchestrator on AWS Lambda — Long-running CI orchestration without long-lived servers. Depot rebuilt their CI engine using AWS Lambda durable functions — stateful, callback-driven, and crash-recoverable. A deep dive into the run-workflow-job hierarchy powering Depot CI.

Depot

IN BRIEF:

RELEASES:

🤖 Mark Erikson's Agent Setup, Workflow, and Tools — Mark, well known for maintaining Redux and creating Redux Toolkit, goes deep into his daily development workflow, including his use of OpenCode (an open source JavaScript-powered coding agent), how he manages his knowledge base, tasks, and more.

Mark Erikson

📄 Hardening TanStack After the npm Compromise – What TanStack is doing to improve supply chain security after an attacker published malicious versions of TanStack packages last week. The TanStack Team

📺 The TanStack Start Story: Tanner Linsley on Competing with Next.js – A candid 40-minute interview with TanStack’s founder. Nuno Maduro

📄 Cross-Document View Transitions: The Gotchas Nobody Mentions Durgesh Rajubhai Pawar (CSS Tricks)

💡 Schedule-X is another great option in this space and v4.6 just landed.

Alien Signals: 'The Lightest Signal Library' — Boils the best of Vue, Preact and Svelte’s approaches down into the lightest signal library going. A push-pull reactivity core so well-tuned it got merged back into Vue.

Johnson Chu

HyperFormula: The headless spreadsheet engine with 400+ Excel-compatible formulas. Run complex calculations at high speed.


Flaky tests slowing down dev? Meticulous gives engineers confidence to ship faster by autonomously testing every edge case of your web app.


⚙️ Middleware, but for AI agents. Compose Claude Code, Codex & Gemini as one TypeScript harness — 100+ agent recipes. agentfield.ai/github.

📢  Elsewhere in the ecosystem