#lodash — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #lodash, aggregated by home.social.
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔐 7 out of 10 of #security reports for #Lodash and #Express are invalid.
The current spike is LLM-generated noise eating volunteers' time that should go to releases, features, and real bugs.
Our tooling wasn't designed for this volume. Every report still needs to be read, cross-referenced, and responded to. We need better tooling and support to sustain this.
-
🔖 The latest issue of my #newsletter is out, issue 010.
Stories from reviving #Expressjs & reimagining #Lodash, secure publishing on #npm, why #OSS doesn’t fail because of code, backlog updates & #OpenSSF #Scorecard ✨
-
🚀 Recent #Lodash updates focus on stronger #CI & #security posture!
✅ CI support expanded (Node 4 → 25)
🌐 New browser tests via #Playwright
📝 Docs now have dedicated CI
🔒 Added #OpenJS #CNA escalation policy
📊 Reporting #OSSF #Scorecard
🧯 New Incident Response Plan (#IRP)
🧠 Threat Model inspired by #Express & #Webpack
More details: https://blog.ulisesgascon.com/the-future-of-lodash
-
🚀 Recent #Lodash updates focus on stronger #CI & #security posture!
✅ CI support expanded (Node 4 → 25)
🌐 New browser tests via #Playwright
📝 Docs now have dedicated CI
🔒 Added #OpenJS #CNA escalation policy
📊 Reporting #OSSF #Scorecard
🧯 New Incident Response Plan (#IRP)
🧠 Threat Model inspired by #Express & #Webpack
More details: https://blog.ulisesgascon.com/the-future-of-lodash
-
🚀 Recent #Lodash updates focus on stronger #CI & #security posture!
✅ CI support expanded (Node 4 → 25)
🌐 New browser tests via #Playwright
📝 Docs now have dedicated CI
🔒 Added #OpenJS #CNA escalation policy
📊 Reporting #OSSF #Scorecard
🧯 New Incident Response Plan (#IRP)
🧠 Threat Model inspired by #Express & #Webpack
More details: https://blog.ulisesgascon.com/the-future-of-lodash
-
🚀 Recent #Lodash updates focus on stronger #CI & #security posture!
✅ CI support expanded (Node 4 → 25)
🌐 New browser tests via #Playwright
📝 Docs now have dedicated CI
🔒 Added #OpenJS #CNA escalation policy
📊 Reporting #OSSF #Scorecard
🧯 New Incident Response Plan (#IRP)
🧠 Threat Model inspired by #Express & #Webpack
More details: https://blog.ulisesgascon.com/the-future-of-lodash
-
Вам не нужен Lodash. Хватит! Пожалуйста
На State Of JS 2023 Lodash занял первое место в топе библиотек - что меня сильно огорчило. Я топлю за его отказ последние годы - и хотел бы рассказать, почему я считаю его вредным и не особо вам нужным. Ну давай!