#lodash — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #lodash, aggregated by home.social.
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔖 The latest issue of my #newsletter is live, issue 013.
March recap: 12 CVEs across #undici, #Fastify, #Lodash & #pathtoregexp, a state-actor supply chain attack on #axios, and the #Nodejs security bug bounty paused 🔐
-
🔐 7 out of 10 of #security reports for #Lodash and #Express are invalid.
The current spike is LLM-generated noise eating volunteers' time that should go to releases, features, and real bugs.
Our tooling wasn't designed for this volume. Every report still needs to be read, cross-referenced, and responded to. We need better tooling and support to sustain this.
-
🔐 7 out of 10 of #security reports for #Lodash and #Express are invalid.
The current spike is LLM-generated noise eating volunteers' time that should go to releases, features, and real bugs.
Our tooling wasn't designed for this volume. Every report still needs to be read, cross-referenced, and responded to. We need better tooling and support to sustain this.
-
🔐 7 out of 10 of #security reports for #Lodash and #Express are invalid.
The current spike is LLM-generated noise eating volunteers' time that should go to releases, features, and real bugs.
Our tooling wasn't designed for this volume. Every report still needs to be read, cross-referenced, and responded to. We need better tooling and support to sustain this.
-
🔐 7 out of 10 of #security reports for #Lodash and #Express are invalid.
The current spike is LLM-generated noise eating volunteers' time that should go to releases, features, and real bugs.
Our tooling wasn't designed for this volume. Every report still needs to be read, cross-referenced, and responded to. We need better tooling and support to sustain this.
-
🔐 7 out of 10 of #security reports for #Lodash and #Express are invalid.
The current spike is LLM-generated noise eating volunteers' time that should go to releases, features, and real bugs.
Our tooling wasn't designed for this volume. Every report still needs to be read, cross-referenced, and responded to. We need better tooling and support to sustain this.
-
🔖 The latest issue of my #newsletter is live, issue 011.
Secure publishing on #npm in 2026, major #Lodash security overhaul, updated security best practices, fresh #Express release backlog & ecosystem insights from talks, CVEs & community work ✨
-
🔖 The latest issue of my #newsletter is live, issue 011.
Secure publishing on #npm in 2026, major #Lodash security overhaul, updated security best practices, fresh #Express release backlog & ecosystem insights from talks, CVEs & community work ✨
-
🔖 The latest issue of my #newsletter is live, issue 011.
Secure publishing on #npm in 2026, major #Lodash security overhaul, updated security best practices, fresh #Express release backlog & ecosystem insights from talks, CVEs & community work ✨
-
🔖 The latest issue of my #newsletter is live, issue 011.
Secure publishing on #npm in 2026, major #Lodash security overhaul, updated security best practices, fresh #Express release backlog & ecosystem insights from talks, CVEs & community work ✨
-
Just shipped a new newsletter to Sponsors! 🎁
Includes the hard truths of #npm security, #Expressjs updates, and the #Lodash overhaul that put my code in space 🚀.
Get early access & support my OSS work here: https://github.com/sponsors/UlisesGascon
-
Just shipped a new newsletter to Sponsors! 🎁
Includes the hard truths of #npm security, #Expressjs updates, and the #Lodash overhaul that put my code in space 🚀.
Get early access & support my OSS work here: https://github.com/sponsors/UlisesGascon
-
Just shipped a new newsletter to Sponsors! 🎁
Includes the hard truths of #npm security, #Expressjs updates, and the #Lodash overhaul that put my code in space 🚀.
Get early access & support my OSS work here: https://github.com/sponsors/UlisesGascon
-
Just shipped a new newsletter to Sponsors! 🎁
Includes the hard truths of #npm security, #Expressjs updates, and the #Lodash overhaul that put my code in space 🚀.
Get early access & support my OSS work here: https://github.com/sponsors/UlisesGascon
-
🛠️ Análisis en profundidad del parche de #seguridad para CVE-2025-13465 en #Lodash: causa raíz, mecánica de prototype pollution en _.unset/_.omit y detalles del parche.
https://orbitant.com/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ Análisis en profundidad del parche de #seguridad para CVE-2025-13465 en #Lodash: causa raíz, mecánica de prototype pollution en _.unset/_.omit y detalles del parche.
https://orbitant.com/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ Análisis en profundidad del parche de #seguridad para CVE-2025-13465 en #Lodash: causa raíz, mecánica de prototype pollution en _.unset/_.omit y detalles del parche.
https://orbitant.com/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ Análisis en profundidad del parche de #seguridad para CVE-2025-13465 en #Lodash: causa raíz, mecánica de prototype pollution en _.unset/_.omit y detalles del parche.
https://orbitant.com/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ In-depth breakdown of the #security fix for CVE-2025-13465 in #Lodash: root cause, prototype pollution mechanics in _.unset/_.omit, and details of the patch.
https://orbitant.com/en/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ In-depth breakdown of the #security fix for CVE-2025-13465 in #Lodash: root cause, prototype pollution mechanics in _.unset/_.omit, and details of the patch.
https://orbitant.com/en/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ In-depth breakdown of the #security fix for CVE-2025-13465 in #Lodash: root cause, prototype pollution mechanics in _.unset/_.omit, and details of the patch.
https://orbitant.com/en/prototype-pollution-javascript-cve-2025-13465/
-
🛠️ In-depth breakdown of the #security fix for CVE-2025-13465 in #Lodash: root cause, prototype pollution mechanics in _.unset/_.omit, and details of the patch.
https://orbitant.com/en/prototype-pollution-javascript-cve-2025-13465/
-
🥹 Proud to have contributed to the #Lodash security overhaul. Strengthening governance, security processes, and infrastructure to keep the project healthy for the community 🛡️
-
🥹 Proud to have contributed to the #Lodash security overhaul. Strengthening governance, security processes, and infrastructure to keep the project healthy for the community 🛡️
-
🥹 Proud to have contributed to the #Lodash security overhaul. Strengthening governance, security processes, and infrastructure to keep the project healthy for the community 🛡️
-
🥹 Proud to have contributed to the #Lodash security overhaul. Strengthening governance, security processes, and infrastructure to keep the project healthy for the community 🛡️
-
Big news 🚀! #Lodash is now on Open Collective!
Support the project and be among the first backers or sponsors 🙌
-
Big news 🚀! #Lodash is now on Open Collective!
Support the project and be among the first backers or sponsors 🙌
-
Big news 🚀! #Lodash is now on Open Collective!
Support the project and be among the first backers or sponsors 🙌
-
Big news 🚀! #Lodash is now on Open Collective!
Support the project and be among the first backers or sponsors 🙌
-
Big news 🚀! #Lodash is now on Open Collective!
Support the project and be among the first backers or sponsors 🙌
-
🔖 The latest issue of my #newsletter is out, issue 010.
Stories from reviving #Expressjs & reimagining #Lodash, secure publishing on #npm, why #OSS doesn’t fail because of code, backlog updates & #OpenSSF #Scorecard ✨
-
🔖 The latest issue of my #newsletter is out, issue 010.
Stories from reviving #Expressjs & reimagining #Lodash, secure publishing on #npm, why #OSS doesn’t fail because of code, backlog updates & #OpenSSF #Scorecard ✨
-
🔖 The latest issue of my #newsletter is out, issue 010.
Stories from reviving #Expressjs & reimagining #Lodash, secure publishing on #npm, why #OSS doesn’t fail because of code, backlog updates & #OpenSSF #Scorecard ✨
-
🔖 The latest issue of my #newsletter is out, issue 010.
Stories from reviving #Expressjs & reimagining #Lodash, secure publishing on #npm, why #OSS doesn’t fail because of code, backlog updates & #OpenSSF #Scorecard ✨
-
✍️ El open source no falla por el código.
Falla por problemas de gobernanza, burnout y trabajo invisible.He escrito sobre lo que aprendí trabajando en #Expressjs y #Lodash:
https://blog.ulisesgascon.com/el-open-source-no-falla-por-el-codigo
-
✍️ El open source no falla por el código.
Falla por problemas de gobernanza, burnout y trabajo invisible.He escrito sobre lo que aprendí trabajando en #Expressjs y #Lodash:
https://blog.ulisesgascon.com/el-open-source-no-falla-por-el-codigo
-
✍️ El open source no falla por el código.
Falla por problemas de gobernanza, burnout y trabajo invisible.He escrito sobre lo que aprendí trabajando en #Expressjs y #Lodash:
https://blog.ulisesgascon.com/el-open-source-no-falla-por-el-codigo
-
✍️ El open source no falla por el código.
Falla por problemas de gobernanza, burnout y trabajo invisible.He escrito sobre lo que aprendí trabajando en #Expressjs y #Lodash:
https://blog.ulisesgascon.com/el-open-source-no-falla-por-el-codigo
-
✍️ Open source doesn’t fail because of code.
It fails because of governance gaps, burnout, and invisible work.I wrote down what I learned working on #Expressjs and #Lodash
https://blog.ulisesgascon.com/open-source-doesnt-fail-because-of-code
-
✍️ Open source doesn’t fail because of code.
It fails because of governance gaps, burnout, and invisible work.I wrote down what I learned working on #Expressjs and #Lodash
https://blog.ulisesgascon.com/open-source-doesnt-fail-because-of-code
-
✍️ Open source doesn’t fail because of code.
It fails because of governance gaps, burnout, and invisible work.I wrote down what I learned working on #Expressjs and #Lodash
https://blog.ulisesgascon.com/open-source-doesnt-fail-because-of-code
-
✍️ Open source doesn’t fail because of code.
It fails because of governance gaps, burnout, and invisible work.I wrote down what I learned working on #Expressjs and #Lodash
https://blog.ulisesgascon.com/open-source-doesnt-fail-because-of-code
-
📺 ¿Qué viene después del caos?
Lecciones de revivir #Expressjs y reimaginar #Lodash.
-
📺 ¿Qué viene después del caos?
Lecciones de revivir #Expressjs y reimaginar #Lodash.
-
📺 ¿Qué viene después del caos?
Lecciones de revivir #Expressjs y reimaginar #Lodash.
-
📺 ¿Qué viene después del caos?
Lecciones de revivir #Expressjs y reimaginar #Lodash.