A Worm Just Ate Its Way Through the npm Registry… fir )May 14, 2026 190 videos , dependencies , security , tanstack What to Know in JavaScript (2026 Edition) chr /fro )Apr 2, 2026 189 javascript , ecmascript , standards , frameworks , runtimes , tooling , testing Post Mortem: Axios npm Supply Chain Compromise Apr 2, 2026 188 axios , security The Hidden Blast Radius of the Axios Compromise ahm /soc )Apr 1, 2026 187 dependencies , axios , security Claude Code’s Entire Source Code Got Leaked via a Sourcemap in npm, Let’s Talk About It Mar 31, 2026 186 claude , anthropic , ai , source-maps Minimum Release Age Is an Underrated Supply Chain Defense dan )Mar 31, 2026 185 security , dependencies , bun , pnpm , yarn , deno , renovate , dependabot , axios Axios Compromised on npm—Malicious Versions Drop Remote Access Trojan Mar 30, 2026 184 dependencies , axios , security A Gentle Intro to npm Workspaces, With Visuals pre )Mar 25, 2026 183 introductions How to Steal npm Publish Tokens by Opening GitHub Issues nec )Mar 4, 2026 182 github , security , ai How to Publish to npm From GitHub Actions bah )Feb 23, 2026 181 how-tos , github-actions npmx dan /npm )Jan 23, 2026 180 websites , npmx , packages Securing npm Is Table Stakes nza +/cha )Jan 21, 2026 179 podcasts , interviews , security , ai npm to Implement Staged Publishing After Turbulent Shift Off Classic Tokens sar /soc )Jan 7, 2026 178 dependencies , security , github How We’re Protecting Our Newsroom From npm Supply Chain Attacks rya /pnp )Dec 5, 2025 177 dependencies , security , case-studies No More Tokens—Locking Down npm Publish Workflows zac )Dec 4, 2025 176 dependencies , security , github , processes The Shai-Hulud 2.0 npm Worm: Analysis, and What You Need to Know Nov 25, 2025 175 security , dependencies GitLab Discovers Widespread npm Supply Chain Attack git )Nov 24, 2025 174 dependencies , security , gitlab , github , aws , gcp , azure Automated npm Secret Rotation in GitHub Actions mhe )Nov 16, 2025 173 security , automation , github-actions Will npm’s New Security Steps Stop Attacks? rev )Oct 28, 2025 172 security , github , maintenance , foss The State of Node.js 2025 Explained by Its TSC Member mco /git )Oct 14, 2025 171 videos , nodejs 15 Recent Node.js Features That Replace Popular npm Packages nod )Oct 1, 2025 170 nodejs , dependencies , maintenance How Deno Protects Against npm Exploits den )Sep 30, 2025 169 deno , security Strengthening npm Security: Important Changes to Authentication and Token Management Sep 29, 2025 168 security Mastering npx: A Cheatsheet for npm and Node.js Power Users Sep 25, 2025 167 npx , cheat-sheets , examples , nodejs Our Plan for a More Secure npm Supply Chain xco )Sep 22, 2025 166 dependencies , security , foss npm Security Best Practices Sep 21, 2025 165 security , provenance , best-practices This May Be the Worst One the )Sep 17, 2025 164 videos , dependencies , security Ongoing Supply Chain Attack Targets CrowdStrike npm Packages pvd +/soc )Sep 16, 2025 163 dependencies , security ctrl/tinycolor and 40+ npm Packages Compromised Sep 15, 2025 162 dependencies , security Which npm Package Has the Largest Version Number? Sep 14, 2025 161 dependencies , versioning , semver How to Keep package.json Under Control tmc /val )Sep 11, 2025 160 how-tos , nodejs , dependencies , maintainability Oh No, Not Again… a Meditation on npm Supply Chain Attacks tan )Sep 9, 2025 159 dependencies , security , microsoft Anatomy of a Billion-Download npm Supply-Chain Attack Sep 8, 2025 158 security , dependencies npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack bur +/soc )Sep 8, 2025 157 security , dependencies npm Trusted Publishing With OIDC Is Generally Available Jul 31, 2025 156 dependencies , provenance , github npm “Accidentally” Removes Stylus Package, Breaks Builds and Pipelines ax /ble )Jul 23, 2025 155 stylus eslint-config-prettier Compromised: How npm Package With 30 Million Downloads Spread Malware Jul 21, 2025 154 prettier , eslint , security , malware npm Phishing Email Targets Developers With Typosquatted Domain sar /soc )Jul 18, 2025 153 security Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader soc )Jul 14, 2025 152 security , dependencies 30 Years of JavaScript: 10 Milestones That Changed the Web ric )Jul 5, 2025 151 javascript , anniversaries , history , ecmascript , ajax , jquery , web-2.0 , nodejs , react , typescript , webassembly npm Targeted by Malware Campaign Mimicking Familiar Library Names soc )May 2, 2025 150 malware , security , dependencies , link-lists npm Should Remove the Default License From New Packages (ISC) ext )Apr 30, 2025 149 dependencies , licensing , foss A Decade of Impact: How Our npm Packages Hit 1 Billion Downloads and Shaped JavaScript Apr 1, 2025 148 dependencies , history , javascript Malware Found on npm Infecting Local Package With Reverse Shell rev )Mar 26, 2025 147 dependencies , security Lazarus Strikes npm Again With New Wave of Malicious Packages soc )Mar 10, 2025 146 dependencies , security @11ty/image-color zac )Feb 25, 2025 145 packages , images , colors Tutorial: Publishing ESM-Based npm Packages With TypeScript rau )Feb 4, 2025 144 tutorials , dependencies , typescript Is npm Enough? Why Startups Are Coming After This JavaScript Package Registry kat /red )Jan 30, 2025 143 jsr , bun , pnpm , yarn , javascript Keep Your Node.js Apps Secure With “npx is-my-node-vulnerable” tre )Jan 29, 2025 142 packages , nodejs , security My Failed Attempt to Shrink All npm Packages by 5% eva )Jan 27, 2025 141 dependencies , compression How I Open-Sourced My Secret Access Tokens From GitHub, Slack, and npm—and Who Actually Cares Jan 24, 2025 140 security , github , slack Mastering npm Scripts: Automate Everything in Your Frontend Workflow Dec 22, 2024 139 dependencies , environments , ci-cd , automation HTML Conformance: A Comparison of 6.5 npm Validator Packages (With 1.5 Recommendations) j9t )Dec 17, 2024 138 html , conformance , tooling , comparisons Publishing a Simple Client-Side JavaScript Package to npm With GitHub Actions sim )Dec 7, 2024 137 dependencies , javascript , github-actions How to Prerelease an npm Package spa /clo )Nov 19, 2024 136 how-tos , dependencies , versioning , semver Understanding “npm audit” and Fixing Vulnerabilities Oct 21, 2024 135 security , vulnerabilities , nodejs npm vs. npx Oct 4, 2024 134 nodejs , npx , comparisons Significance of package-lock.json or yarn-lock.json Sep 21, 2024 133 yarn , comparisons More npm Packages on Cloudflare Workers: Combining Polyfills and Native Code to Support Node.js APIs jas +)Sep 9, 2024 132 cloudflare , nodejs , apis , dependencies caniuse-cli bra )Sep 6, 2024 131 packages , support , browsers , web-platform , caniuse , command-line CSS Style Observer bra )Aug 29, 2024 130 packages , css How to Create an npm Package mat )Aug 21, 2024 129 how-tos , dependencies ObsoHTML, the Obsolete HTML Checker j9t )Aug 11, 2024 128 packages , html , quality The Great npm Garbage Patch Aug 6, 2024 127 dependencies , spam , security Building an “npm create” Package ach )Jul 28, 2024 126 Publishing a TypeScript Module to npm vs. JSR den )Jul 10, 2024 125 videos , typescript , modules , dependencies , jsr , comparisons Supply Chain Security in npm—We Can Be Optimistic About the Future Jul 9, 2024 124 dependencies , security , provenance Leaner npm Packument (Metadata) Contents Jul 9, 2024 123 Create npm Package With CommonJS and ESM Support in TypeScript Jun 29, 2024 122 dependencies , commonjs , esm , typescript npm and Node.js Should Do More to Make ES Modules Easy to Use Jun 19, 2024 121 nodejs , esm What Happens When a Major npm Library Goes Commercial? mco )Jun 17, 2024 120 dependencies , foss Researchers Uncover npm Registry Vulnerability to Cache Poisoning and DoS Attacks sar /soc )Jun 15, 2024 119 dependencies , vulnerabilities , caching , security How a Single Vulnerability Can Bring Down the JavaScript Ecosystem Jun 3, 2024 118 javascript , dependencies , caching , vulnerabilities , security CodeFlattener May 19, 2024 117 packages , javascript Using Vite to Rebuild Local Dependencies in an npm Workspace Apr 23, 2024 116 dependencies , vite Building an npm Package Compatible With ESM and CJS in 2024 Apr 18, 2024 115 dependencies , interoperability , esm , commonjs npm Basics for New Developers nim )Apr 11, 2024 114 fundamentals Node.js TSC Confirms: No Intention to Remove npm From Distribution sar /soc )Mar 22, 2024 113 nodejs The Ultimate Guide to Understanding npx vs. npm Mar 18, 2024 112 guides , npx , nodejs eslint-plugin-depend Mar 9, 2024 111 packages , maintenance , simplicity How npm Install Scripts Can Be Weaponized: A Real-World Example of a Harmful npm Package eth )Mar 3, 2024 110 dependencies , examples , security Why Does “is-number” Package Have 59M Weekly Downloads? Feb 29, 2024 109 dependencies Node.js Community Debate Intensifies Over Enabling Corepack by Default and Potentially Unbundling npm sar /soc )Feb 8, 2024 108 nodejs , corepack , yarn , pnpm , dependencies Malicious npm Package Masquerades as Noblox.js, Targeting Roblox Users for Data Theft sar /soc )Feb 6, 2024 107 dependencies , security GitHub, npm Registry Abused to Host SSH Key-Stealing Malware Jan 24, 2024 106 github , security , malware , foss Modern JavaScript Library Starter Jan 23, 2024 105 dependencies , libraries Deceptive Deprecation: The Truth About npm Deprecated Packages Jan 18, 2024 104 deprecation , security , dependencies , research npm in Review: A 2023 Retrospective on Growth, Security, and Quirky Facts soc )Jan 10, 2024 103 retrospectives When “Everything” Becomes Too Much: The npm Package Chaos of 2024 soc )Jan 5, 2024 102 foss A Comprehensive Guide to npm Workspaces and Monorepos Dec 30, 2023 101 guides , monorepos , yarn , dependencies I Replaced npm, Yarn, and nvm With pnpm paw )Dec 1, 2023 100 dependencies , yarn , pnpm , nvm How to Use npm Packages Outside of Node Nov 6, 2023 99 how-tos , dependencies , javascript Secret Scanning Scans Public npm Packages Oct 26, 2023 98 github , dependencies , security TypeScript Monorepo With npm Workspaces skw )Oct 1, 2023 97 monorepos , typescript , architecture Honey, I Shrunk the npm Package Sep 27, 2023 96 dependencies , compression SSH Keys Stolen by Stream of Malicious PyPI and npm Packages ble )Sep 27, 2023 95 security , ssh , dependencies npm Provenance General Availability Sep 26, 2023 94 github , provenance , security How to Migrate From npm to pnpm Sep 20, 2023 93 how-tos , migrating , pnpm dependency-time-machine Aug 12, 2023 92 packages , dependencies , maintenance , automation Sophisticated, Highly-Targeted Attacks Continue to Plague npm Aug 12, 2023 91 security Publishing With npm Provenance From Private Source Repositories Is No Longer Supported Jul 26, 2023 90 github , provenance , security , foss Social Engineering Campaign Targeting Tech Employees Spreading Through npm Malware soc )Jul 25, 2023 89 security , malware A Comprehensive Beginner’s Guide to npm: Simplifying Package Management Jul 14, 2023 88 guides , dependencies Making the Switch: From Yarn/npm to pnpm Jul 4, 2023 87 migrating , yarn , pnpm Identify Unused npm Packages in Your Project ami )Jul 1, 2023 86 dependencies , maintenance Comparing npm, Yarn, and pnpm Package Managers: Which One Is Right for Your Distributed Project to Handle High Loads? Jun 28, 2023 85 yarn , pnpm , comparisons , performance , best-practices The Massive Bug at the Heart of the npm Ecosystem Jun 27, 2023 84 dependencies , security , bugs Create React UI Lib: Component Library Speedrun Jun 16, 2023 83 typescript , react , components npm Won’t Publish Packages Containing the Word “keygen” Jun 14, 2023 82 discussions , dependencies Comparing the Best Node.js Version Managers: nvm, Volta, and asdf Apr 25, 2023 81 nodejs , nvm npm vs. Yarn vs. pnpm Apr 24, 2023 80 yarn , pnpm , comparisons Introducing npm Package Provenance Apr 19, 2023 79 introductions , github , provenance , security , foss Generating Provenance Statements Apr 19, 2023 78 provenance , security Dissecting npm Malware: Five Packages and Their Evil Install Scripts Apr 15, 2023 77 security , malware Understanding npm Versioning Apr 4, 2023 76 dependencies , versioning , semver One in Two New npm Packages Is SEO Spam Right Now Mar 30, 2023 75 seo The Landscape of npm Packages for CLI Apps Mar 24, 2023 74 nodejs , dependencies , command-line Automatic npm Publishing With GitHub Actions and npm Granular Tokens Mar 22, 2023 73 github-actions , automation Why We Added package.json Support to Deno tin /den )Mar 20, 2023 72 deno , support , nodejs Speeding Up the JavaScript Ecosystem—npm Scripts mar )Mar 19, 2023 71 javascript , performance , bundling Unlocking Security Updates for Transitive Dependencies With npm Jan 19, 2023 70 dependencies , security , maintenance Lockfile Trick: Package an npm Project With Nix in 20 Lines Dec 18, 2022 69 tips-and-tricks New npm Features for Secure Publishing and Safe Consumption Dec 6, 2022 68 security , dependencies Migrating From npm to pnpm Nov 17, 2022 67 migrating , pnpm npm Security: Preventing Supply Chain Attacks Nov 7, 2022 66 dependencies , security How to Build, Test, and Publish a TypeScript npm Package in 2022 Oct 29, 2022 65 how-tos , typescript Why You Should Prefer Using pnpm Over npm and Yarn? Oct 13, 2022 64 pnpm , yarn , comparisons Use “npm query” and jq to Dig Into Your Dependencies Oct 5, 2022 63 videos , dependencies , auditing Phylum Detects Active Typosquatting Campaign Targeting npm Developers Oct 2, 2022 62 dependencies , security depngn Sep 30, 2022 61 packages , nodejs , dependencies Best Practices for Creating a Modern npm Package Sep 12, 2022 60 best-practices Dependabot Unlocks Transitive Dependencies for npm Projects Sep 7, 2022 59 dependencies , security , dependabot 4 Ways to Minimize Your Dependencies in Node.js app )Aug 31, 2022 58 nodejs , dependencies Installing and Running Node.js Bin Scripts rau )Aug 25, 2022 57 installing , nodejs Introducing the New npm Dependency Selector Syntax Aug 3, 2022 56 introductions Introducing Even More Security Enhancements to npm Jul 26, 2022 55 introductions , security Top 5 npm Vulnerability Scanners Jul 20, 2022 54 security , vulnerabilities , tooling css-browser-support 5t3 )Jul 3, 2022 53 packages , css , browsers , support Image Guard j9t )Jun 27, 2022 52 packages , images , compression , performance , jpeg , png , gif , webp , avif Alternatives to Installing npm Packages Globally rau )Jun 18, 2022 51 installing , dependencies How to Migrate From Yarn/npm to pnpm May 29, 2022 50 how-tos , migrating , yarn , pnpm You May Not Need a Bundler for Your npm Library May 27, 2022 49 bundling What npm Can Learn From Go May 26, 2022 48 npm Security Update: Attack Campaign Using Stolen OAuth Tokens May 26, 2022 47 security , oauth , version-control , github Snyk Finds 200+ Malicious npm Packages, Including Cobalt Strike Dependency Confusion Attacks May 24, 2022 46 javascript , dependencies , security 4 Reasons to Avoid Using “npm link” Apr 18, 2022 45 How to Respond to Growing Supply Chain Security Risks? Apr 3, 2022 44 how-tos , security , dependencies , nodejs Update Node Dependencies Automatically, Selectively, or Incrementally Mar 14, 2022 43 nodejs , dependencies , yarn What’s Really Going On Inside Your node_modules Folder? soc )Mar 1, 2022 42 nodejs , dependencies How to Publish Deno Modules to npm kit /den )Feb 28, 2022 41 how-tos , deno , modules , dependencies Understanding Dependencies Inside Your package.json nod )Feb 24, 2022 40 nodejs , dependencies , yarn How to Fix Your Security Vulnerabilities With npm Override Feb 23, 2022 39 how-tos , security , vulnerabilities , dependencies The Basics of package.json nod )Feb 15, 2022 38 fundamentals , nodejs , dependencies , yarn pkg.land Dec 30, 2021 37 websites , packages , dependencies Monorepos—How the Pros Scale Huge Software Projects fir )Dec 13, 2021 36 videos , monorepos , yarn , pnpm , lerna , nx , comparisons GitHub’s Commitment to npm Ecosystem Security Nov 15, 2021 35 github , security Yarn vs. npm: Everything You Need to Know Sep 21, 2021 34 yarn , comparisons timefind Sep 1, 2021 33 packages , history Common npm Mistakes Every Developer Should Avoid Aug 30, 2021 32 mistakes npm Security Best Practices owa )Aug 3, 2021 31 security , best-practices Simple Monorepos via npm Workspaces and TypeScript Project References rau )Jul 21, 2021 30 monorepos , typescript NPM Global Audit Jun 16, 2021 29 packages , security , quality , auditing Uninstalling Dev Dependencies With npm Mar 21, 2021 28 dependencies “npm ruin dev” ada /css )Dec 9, 2020 27 html , css , javascript , nodejs What Is Node and When Should I Use It? Feb 16, 2020 26 nodejs , javascript How to Publish an Updated Version of an npm Package spa /clo )Feb 10, 2020 25 how-tos , dependencies How to Add CSS Vendor Prefixes Automatically luk )Sep 24, 2019 24 how-tos , css , vendor-extensions , automation , tooling , postcss , webpack , gulp Using npx and npm Scripts to Reduce the Burden of Developer Tools bnb )Apr 22, 2019 23 npx , tooling , productivity a11y-syntax-highlighting eri )Jan 2, 2019 22 packages , accessibility , syntax-highlighting How to Worry About npm Package Weight chr /css )Dec 18, 2018 21 dependencies Lerna: A Tale of Renaming npm Packages Jul 24, 2018 20 dependencies , refactoring , lerna Validating Dependencies in the Project With npm-check and depcheck Jun 1, 2018 19 dependencies , security , maintenance , auditing , tooling Introducing npx: An npm Package Runner zka )Jul 11, 2017 18 introductions , npx , nodejs 10 Node.js Best Practices: Enlightenment From the Node Gurus Jan 17, 2017 17 nodejs , best-practices , environments , event-loop , naming , scalability , caching , express Solving npm Scripts Problems in JavaScript Projects hcr )Jan 2, 2017 16 yarn , javascript Why npm Scripts? css )Feb 12, 2016 15 nodejs , conversion , linting , minification , compression , sprites , images , examples why-is-node-running Feb 9, 2016 14 packages , nodejs How to Solve the Global npm Module Dependency Problem Sep 4, 2015 13 how-tos , dependencies image-dimensions sin )Apr 14, 2015 12 packages , images Learning Node.js: The “npm link” May 14, 2014 11 videos , nodejs 9 Quick Tips About npm Dec 14, 2013 10 tips-and-tricks , nvm , command-line Peer Dependencies dom )Feb 8, 2013 9 nodejs , dependencies Madge May 20, 2012 8 packages , dependencies , visualization npm Package Size Checker 7 tools , exploration , auditing , debugging , dependencies npm, Yarn, and pnpm Command Converter 6 tools , exploration , conversion , yarn , pnpm , command-line npm Package Types Checker 5 tools , exploration , auditing , debugging , dependencies , typescript , type-safety npm Dependency Visualizer 4 tools , exploration , auditing , debugging , dependencies , visualization npm Package Download Statistics Checker 3 tools , exploration , auditing , debugging , dependencies , metrics npm Package Checker 2 tools , exploration , auditing , debugging , dependencies Dependencies Badge Generator 1 tools , exploration , images , dependencies 