home.social
Sign in Create account

#npm — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #npm, aggregated by home.social.

  1. mastodon.raddemo.host @[email protected] ·

    How to Install #Directus on #AlmaLinux #VPS

    Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
    What is Directus?
    Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, ...
    Continued 👉 blog.radwebhosting.com/install #contentmanagement #opensource #selfhosting #installguide #nodejs #npm #letsencrypt #vpsguide #postgresql #cmsapps #selfhosted

    #directus #almalinux #vps #headless #cms #contentmanagement
  2. mastodon.raddemo.host @[email protected] ·

    How to Install #Directus on #AlmaLinux #VPS

    Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
    What is Directus?
    Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, ...
    Continued 👉 blog.radwebhosting.com/install #contentmanagement #opensource #selfhosting #installguide #nodejs #npm #letsencrypt #vpsguide #postgresql #cmsapps #selfhosted

    #directus #almalinux #vps #headless #cms #contentmanagement
  3. mastodon.raddemo.host @[email protected] ·

    How to Install #Directus on #AlmaLinux #VPS

    Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
    What is Directus?
    Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, ...
    Continued 👉 blog.radwebhosting.com/install #contentmanagement #opensource #selfhosting #installguide #nodejs #npm #letsencrypt #vpsguide #postgresql #cmsapps #selfhosted

    #directus #almalinux #vps #headless #cms #contentmanagement
  4. github.com/ghostwriter @[email protected] ·

    this vibe coded PR with 1,000,000+ additions is just open-source ransomware with prettier commit messages.

    shoutout to the brave soul reviewing:

    "LGTM" after skimming 14 lines… 🤡

    uninstalling immediately!

    github.com/oven-sh/bun/pull/30

    #npm #yarn #pnpm #bun #deno #js #javascript #typescript

    #npm #yarn #pnpm #bun #deno #js
  5. github.com/ghostwriter @[email protected] ·

    this vibe coded PR with 1,000,000+ additions is just open-source ransomware with prettier commit messages.

    shoutout to the brave soul reviewing:

    "LGTM" after skimming 14 lines… 🤡

    uninstalling immediately!

    github.com/oven-sh/bun/pull/30

    #npm #yarn #pnpm #bun #deno #js #javascript #typescript

    #npm #yarn #pnpm #bun #deno #js
  6. github.com/ghostwriter @[email protected] ·

    this vibe coded PR with 1,000,000+ additions is just open-source ransomware with prettier commit messages.

    shoutout to the brave soul reviewing:

    "LGTM" after skimming 14 lines… 🤡

    uninstalling immediately!

    github.com/oven-sh/bun/pull/30

    #npm #yarn #pnpm #bun #deno #js #javascript #typescript

    #typescript #javascript #js #deno #bun #pnpm
  7. ayo :unverified: @[email protected] ·

    This timeline tab on npmx.dev shows good & bad changes to the package over time. :)

    npmx.dev/package-timeline/@ayo

    #webdev #npm #webperf

    #webdev #npm #webperf
  8. ayo :unverified: @[email protected] ·

    This timeline tab on npmx.dev shows good & bad changes to the package over time. :)

    npmx.dev/package-timeline/@ayo

    #webdev #npm #webperf

    #webdev #npm #webperf
  9. ayo :unverified: @[email protected] ·

    This timeline tab on npmx.dev shows good & bad changes to the package over time. :)

    npmx.dev/package-timeline/@ayo

    #webdev #npm #webperf

    #webdev #npm #webperf
  10. ayo :unverified: @[email protected] ·

    This timeline tab on npmx.dev shows good & bad changes to the package over time. :)

    npmx.dev/package-timeline/@ayo

    #webdev #npm #webperf

    #webperf #npm #webdev
  11. ayo :unverified: @[email protected] ·

    This timeline tab on npmx.dev shows good & bad changes to the package over time. :)

    npmx.dev/package-timeline/@ayo

    #webdev #npm #webperf

    #webdev #npm #webperf
  12. Marcel SIneM(S)US @[email protected] ·

    #SupplyChain-Angriff auf #TanStack: 42 Pakete kompromittiert | Developer heise.de/news/Supply-Chain-Ang #npm #MiniShaiHulud #Patchday #CredentialStealer

    #supplychain #tanstack #npm #minishaihulud #patchday #credentialstealer
  13. Marcel SIneM(S)US @[email protected] ·

    #SupplyChain-Angriff auf #TanStack: 42 Pakete kompromittiert | Developer heise.de/news/Supply-Chain-Ang #npm #MiniShaiHulud #Patchday #CredentialStealer

    #supplychain #tanstack #npm #minishaihulud #patchday #credentialstealer
  14. Marcel SIneM(S)US @[email protected] ·

    #SupplyChain-Angriff auf #TanStack: 42 Pakete kompromittiert | Developer heise.de/news/Supply-Chain-Ang #npm #MiniShaiHulud #Patchday #CredentialStealer

    #credentialstealer #patchday #minishaihulud #npm #tanstack #supplychain
  15. Marcel SIneM(S)US @[email protected] ·

    #SupplyChain-Angriff auf #TanStack: 42 Pakete kompromittiert | Developer heise.de/news/Supply-Chain-Ang #npm #MiniShaiHulud #Patchday #CredentialStealer

    #supplychain #tanstack #npm #minishaihulud #patchday #credentialstealer
  16. Chee Aun 🤔 @[email protected] ·

    Been getting these random #npm issues lately 😕

    Scenario: dependency has optional peer dep that installs pre-built binaries based on current OS. I npm install it on macOS, it gets the macOS binaries & put it as non-optional dep in package-lock.json. CI runs on Linux, it got confused & failed installation. And npm ci doesn't skip incompatible peer deps.

    Relevant issues:
    - github.com/npm/cli/issues/7750 (2024, closed, continued in other issues/PRs)
    - github.com/npm/cli/issues/8464 (regression since 2025)

    #npm
  17. Chee Aun 🤔 @[email protected] ·

    Been getting these random #npm issues lately 😕

    Scenario: dependency has optional peer dep that installs pre-built binaries based on current OS. I npm install it on macOS, it gets the macOS binaries & put it as non-optional dep in package-lock.json. CI runs on Linux, it got confused & failed installation. And npm ci doesn't skip incompatible peer deps.

    Relevant issues:
    - github.com/npm/cli/issues/7750 (2024, closed, continued in other issues/PRs)
    - github.com/npm/cli/issues/8464 (regression since 2025)

    #npm
  18. Chee Aun 🤔 @[email protected] ·

    Been getting these random #npm issues lately 😕

    Scenario: dependency has optional peer dep that installs pre-built binaries based on current OS. I npm install it on macOS, it gets the macOS binaries & put it as non-optional dep in package-lock.json. CI runs on Linux, it got confused & failed installation. And npm ci doesn't skip incompatible peer deps.

    Relevant issues:
    - github.com/npm/cli/issues/7750 (2024, closed, continued in other issues/PRs)
    - github.com/npm/cli/issues/8464 (regression since 2025)

    #npm
  19. Chee Aun 🤔 @[email protected] ·

    Been getting these random #npm issues lately 😕

    Scenario: dependency has optional peer dep that installs pre-built binaries based on current OS. I npm install it on macOS, it gets the macOS binaries & put it as non-optional dep in package-lock.json. CI runs on Linux, it got confused & failed installation. And npm ci doesn't skip incompatible peer deps.

    Relevant issues:
    - github.com/npm/cli/issues/7750 (2024, closed, continued in other issues/PRs)
    - github.com/npm/cli/issues/8464 (regression since 2025)

    #npm
  20. Chee Aun 🤔 @[email protected] ·

    Been getting these random #npm issues lately 😕

    Scenario: dependency has optional peer dep that installs pre-built binaries based on current OS. I npm install it on macOS, it gets the macOS binaries & put it as non-optional dep in package-lock.json. CI runs on Linux, it got confused & failed installation. And npm ci doesn't skip incompatible peer deps.

    Relevant issues:
    - github.com/npm/cli/issues/7750 (2024, closed, continued in other issues/PRs)
    - github.com/npm/cli/issues/8464 (regression since 2025)

    #npm
  21. tech news ᳇ eicker.news @[email protected] ·

    #Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. socket.dev/blog/tanstack-npm-p #tech #media #news

    #socket #supplychainattack #tanstack #npm #github #oidc
  22. tech news ᳇ eicker.news @[email protected] ·

    #Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. socket.dev/blog/tanstack-npm-p #tech #media #news

    #socket #supplychainattack #tanstack #npm #github #oidc
  23. tech news ᳇ eicker.news @[email protected] ·

    #Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. socket.dev/blog/tanstack-npm-p #tech #media #news

    #socket #supplychainattack #tanstack #npm #github #oidc
  24. tech news ᳇ eicker.news @[email protected] ·

    #Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. socket.dev/blog/tanstack-npm-p #tech #media #news

    #news #media #tech #oidc #github #npm
  25. tech news ᳇ eicker.news @[email protected] ·

    #Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. socket.dev/blog/tanstack-npm-p #tech #media #news

    #socket #supplychainattack #tanstack #npm #github #oidc
  26. Analyst207 @[email protected] ·

    Malware Worm Targets npm, PyPi in Mass Supply-Chain Attack

    A self-spreading worm, dubbed Mini Shai-Hulud, has infected over 170 packages with nearly 180 million weekly downloads, posing a massive threat to the software supply chain. This highly contagious malware has been open-sourced, making it easier for others to exploit and escalate the attack.

    osintsights.com/malware-worm-t

    #SupplyChain #MalwareOperations #Npm #Pypi #Shaihulud

    #supplychain #malwareoperations #npm #pypi #shaihulud
  27. AA @[email protected] ·

    New.

    Picus: Mini Shai-Hulud: The npm Supply Chain Worm Explained picussecurity.com/resource/blo

    Rapid7: When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise rapid7.com/blog/post/tr-it-sup @Rapid7Official

    Published yesterday:

    Sophos: Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments sophos.com/en-us/blog/inside-t @SophosXOps #infosec #threatresearch #npm #Teams #Microsoft #bot

    #infosec #threatresearch #npm #teams #microsoft #bot
  28. AA @[email protected] ·

    New.

    Picus: Mini Shai-Hulud: The npm Supply Chain Worm Explained picussecurity.com/resource/blo

    Rapid7: When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise rapid7.com/blog/post/tr-it-sup @Rapid7Official

    Published yesterday:

    Sophos: Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments sophos.com/en-us/blog/inside-t @SophosXOps #infosec #threatresearch #npm #Teams #Microsoft #bot

    #infosec #threatresearch #npm #teams #microsoft #bot
  29. AA @[email protected] ·

    New.

    Picus: Mini Shai-Hulud: The npm Supply Chain Worm Explained picussecurity.com/resource/blo

    Rapid7: When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise rapid7.com/blog/post/tr-it-sup @Rapid7Official

    Published yesterday:

    Sophos: Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments sophos.com/en-us/blog/inside-t @SophosXOps #infosec #threatresearch #npm #Teams #Microsoft #bot

    #infosec #threatresearch #npm #teams #microsoft #bot
  30. AA @[email protected] ·

    New.

    Picus: Mini Shai-Hulud: The npm Supply Chain Worm Explained picussecurity.com/resource/blo

    Rapid7: When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise rapid7.com/blog/post/tr-it-sup @Rapid7Official

    Published yesterday:

    Sophos: Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments sophos.com/en-us/blog/inside-t @SophosXOps #infosec #threatresearch #npm #Teams #Microsoft #bot

    #bot #microsoft #teams #npm #threatresearch #infosec
  31. AA @[email protected] ·

    New.

    Picus: Mini Shai-Hulud: The npm Supply Chain Worm Explained picussecurity.com/resource/blo

    Rapid7: When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise rapid7.com/blog/post/tr-it-sup @Rapid7Official

    Published yesterday:

    Sophos: Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments sophos.com/en-us/blog/inside-t @SophosXOps #infosec #threatresearch #npm #Teams #Microsoft #bot

    #infosec #threatresearch #npm #teams #microsoft #bot
  32. Hackread.com @Hackread ·

    Research reveals that hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  33. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  34. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  35. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #npm #cyberattack #shaihulud #malware #cybersecurity #teampcp
  36. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  37. The New Oil @[email protected] ·

    #ShaiHulud attack ships signed malicious #TanStack, #Mistral #npm packages

    bleepingcomputer.com/news/secu

    #cybersecurity

    #shaihulud #tanstack #mistral #npm #cybersecurity
  38. The New Oil @[email protected] ·

    #ShaiHulud attack ships signed malicious #TanStack, #Mistral #npm packages

    bleepingcomputer.com/news/secu

    #cybersecurity

    #shaihulud #tanstack #mistral #npm #cybersecurity
  39. The New Oil @[email protected] ·

    #ShaiHulud attack ships signed malicious #TanStack, #Mistral #npm packages

    bleepingcomputer.com/news/secu

    #cybersecurity

    #shaihulud #tanstack #mistral #npm #cybersecurity
  40. The New Oil @[email protected] ·

    #ShaiHulud attack ships signed malicious #TanStack, #Mistral #npm packages

    bleepingcomputer.com/news/secu

    #cybersecurity

    #cybersecurity #npm #mistral #tanstack #shaihulud
  41. The New Oil @[email protected] ·

    #ShaiHulud attack ships signed malicious #TanStack, #Mistral #npm packages

    bleepingcomputer.com/news/secu

    #cybersecurity

    #shaihulud #tanstack #mistral #npm #cybersecurity
  42. OTX Bot @[email protected] ·

    TanStack npm Packages Compromised in Ongoing Supply-Chain Attack

    Pulse ID: 6a040869301ab23a12b403da
    Pulse Link: otx.alienvault.com/pulse/6a040
    Pulse Author: Tr1sa111
    Created: 2026-05-13 05:13:13

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #bot #Tr1sa111

    #cybersecurity #infosec #npm #otx #openthreatexchange #bot
  43. OTX Bot @[email protected] ·

    TanStack npm Packages Compromised in Ongoing Supply-Chain Attack

    Pulse ID: 6a040869301ab23a12b403da
    Pulse Link: otx.alienvault.com/pulse/6a040
    Pulse Author: Tr1sa111
    Created: 2026-05-13 05:13:13

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #bot #Tr1sa111

    #cybersecurity #infosec #npm #otx #openthreatexchange #bot
  44. OTX Bot @[email protected] ·

    TanStack npm Packages Compromised in Ongoing Supply-Chain Attack

    Pulse ID: 6a040869301ab23a12b403da
    Pulse Link: otx.alienvault.com/pulse/6a040
    Pulse Author: Tr1sa111
    Created: 2026-05-13 05:13:13

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #bot #Tr1sa111

    #cybersecurity #infosec #npm #otx #openthreatexchange #bot
  45. OTX Bot @[email protected] ·

    TanStack npm Packages Compromised in Ongoing Supply-Chain Attack

    Pulse ID: 6a040869301ab23a12b403da
    Pulse Link: otx.alienvault.com/pulse/6a040
    Pulse Author: Tr1sa111
    Created: 2026-05-13 05:13:13

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #bot #Tr1sa111

    #tr1sa111 #bot #openthreatexchange #otx #npm #infosec
  46. OTX Bot @[email protected] ·

    TanStack npm Packages Compromised in Ongoing Supply-Chain Attack

    Pulse ID: 6a040869301ab23a12b403da
    Pulse Link: otx.alienvault.com/pulse/6a040
    Pulse Author: Tr1sa111
    Created: 2026-05-13 05:13:13

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #NPM #OTX #OpenThreatExchange #bot #Tr1sa111

    #cybersecurity #infosec #npm #otx #openthreatexchange #bot
  47. mastodon.raddemo.host @[email protected] ·

    🚀 Deploy Self-Hosted #OpenClaw on #VPS (3 Minute Quick-Start Guide 🤖)

    This article provides a quick, yet thorough step-by-step guide to deploy self-hosted OpenClaw on VPS servers. A lot of users have been deploying directly to Mac Minis, but we'd like to present another, radically different clawd deployment strategy. In this guide, we will deploy OpenClaw on Linux VPS-specifically, #Debian VPS.
    What is ...
    Continued 👉 blog.radwebhosting.com/deploy- #selfhosting #clawdbot #selfhosted #npm

    #openclaw #vps #debian #selfhosting #clawdbot #selfhosted
  48. mastodon.raddemo.host @[email protected] ·

    🚀 Deploy Self-Hosted #OpenClaw on #VPS (3 Minute Quick-Start Guide 🤖)

    This article provides a quick, yet thorough step-by-step guide to deploy self-hosted OpenClaw on VPS servers. A lot of users have been deploying directly to Mac Minis, but we'd like to present another, radically different clawd deployment strategy. In this guide, we will deploy OpenClaw on Linux VPS-specifically, #Debian VPS.
    What is ...
    Continued 👉 blog.radwebhosting.com/deploy- #selfhosting #clawdbot #selfhosted #npm

    #openclaw #vps #debian #selfhosting #clawdbot #selfhosted
  49. mastodon.raddemo.host @[email protected] ·

    🚀 Deploy Self-Hosted #OpenClaw on #VPS (3 Minute Quick-Start Guide 🤖)

    This article provides a quick, yet thorough step-by-step guide to deploy self-hosted OpenClaw on VPS servers. A lot of users have been deploying directly to Mac Minis, but we'd like to present another, radically different clawd deployment strategy. In this guide, we will deploy OpenClaw on Linux VPS-specifically, #Debian VPS.
    What is ...
    Continued 👉 blog.radwebhosting.com/deploy- #selfhosting #clawdbot #selfhosted #npm

    #openclaw #vps #debian #selfhosting #clawdbot #selfhosted
  50. Rad Web Hosting @[email protected] ·

    How to Install #Directus on #AlmaLinux #VPS

    Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
    What is Directus?
    Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, ...
    Continued 👉 blog.radwebhosting.com/install #nodejs #cmsapps #opensource #installguide #contentmanagement #letsencrypt #npm #selfhosted #postgresql #selfhosting #vpsguide

    #directus #almalinux #vps #headless #cms #nodejs