惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

W
WeLiveSecurity
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
Security @ Cisco Blogs
T
Threat Research - Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
腾讯CDC
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Blog of Author Tim Ferriss
Microsoft Azure Blog
Microsoft Azure Blog
罗磊的独立博客
F
Full Disclosure
博客园 - 【当耐特】
C
CERT Recently Published Vulnerability Notes
Engineering at Meta
Engineering at Meta
Application and Cybersecurity Blog
Application and Cybersecurity Blog
T
Threatpost
I
Intezer
V2EX - 技术
V2EX - 技术
H
Hackread – Cybersecurity News, Data Breaches, AI and More
The Hacker News
The Hacker News
小众软件
小众软件
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
B
Blog RSS Feed
Microsoft Security Blog
Microsoft Security Blog
N
News | PayPal Newsroom
MyScale Blog
MyScale Blog
AI
AI
Vercel News
Vercel News
Spread Privacy
Spread Privacy
美团技术团队
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The GitHub Blog
The GitHub Blog
V
Vulnerabilities – Threatpost
Schneier on Security
Schneier on Security
Cyberwarzone
Cyberwarzone
G
GRAHAM CLULEY
Help Net Security
Help Net Security
Hacker News: Ask HN
Hacker News: Ask HN
Google DeepMind News
Google DeepMind News
MongoDB | Blog
MongoDB | Blog
L
LINUX DO - 热门话题
U
Unit 42
L
LangChain Blog
Recent Announcements
Recent Announcements

Eleventy Blog

New Sponsorship Tiers for the Build Awesome Kickstarter How We Use GitHub Issues and How That’s Changing Back Build Awesome Pro and make it easier to build for the web! The Possum Mascot, now with additional Awesome Collaborative Editing as Progressive Enhancement Eleventy is now Build Awesome Eleventy, 2025 in Review Eleventy Core Dependency Watch (2025 Edition) The Eleventy Community Survey (2025)
Securely Publishing our Packages to npm
Zach Leather · 2026-06-07 · via Eleventy Blog

As we harden our release practices in the wake of numerous recent vulnerabilities in npm packages amongst high profile authors, it seems worthwhile to celebrate a major milestone for 11ty core and our official suite of plugins: we are now npm Access Token-free!

The @11ty/* ecosystem on npm is now fully migrated to Trusted Publishers.

If you’re interested in taking steps to improve your own security footprint, you can read more about the steps we took at No more tokens! Locking down npm Publish Workflows

No more tokens! Locking down npm Publish Workflows

Dependency Watch

In this same vein, as a project Eleventy has continuously and relentlessly focused on reducing our dependency footprint. You may remember the latest Dependency Watch on our v3.1.0 core release notes:

Version Production Dep Count Production Size
v3.1.0 ×142 21.4 MB
v3.0.0 ×187 27.4 MB
v2.0.1 ×215 36.4 MB
v1.0.2 ×356 73.3 MB

Very astute observers may also be eyeing the upcoming 4.0 canaries which include even more improvements to these numbers! v4.0.0-alpha.4 is 16.6 MB with ×131 deps (with more improvements on the way)!


More Blog Posts