Moltbook is fascinating.
30.01.2026 04:47
๐ 1
๐ 0
๐ฌ 0
๐ 0
Moltbook is fascinating.
TIL that IPv4 over IPv6 is a mainstream home internet setup in Japan to avoid old PPPoE limits.
It took me back to my college years in China, when I was playing with IPv6 over IPv4 because native IPv6 wasnโt widely available.
Itโs really interesting to see how differently things evolved here.
@pnpm.io getting better by the day
pnpm.io/blog/release...
I still can't believe that a one-person package manager is doing better than npm CLI, owned by a corporate, where the resources of the two projects are incomparable.
Draw your own conclusions.
Apple forgot to turn off sourcemaps when shipping their new App Store website lol github.com/rxliuli/apps...
lmao ๐คฃ
Published an article about mitigating supply chain attacks with pnpm
pnpm.io/supply-chain...
some thoughts about the bloat introduced by edge-case first libraries
We encourage everyone to migrate from using npm publish tokens to trusted publisher!
github.com/e18e/ecosyst...
Finally, finally! SALVATION HAS ARRIVED! Time to refactor every GitHub Actions workflow! ๐
Wow, this was unexpected. I've got mixed feelings, but huge congrats to the team!
But there is a language switcher at the bottom of the GoDaddy homepage? And you can use root paths like www.godaddy.com/en to go directly to the English homepage.
Bought. The interactive debugger looks cool!
I rarely feel that the Vue ecosystem is lacking anything, but this time, I truly wish we had a Vue version of this library. Impressive work!
You won't have to worry even without corepack - pnpm reads from `packageManager` too: pnpm.io/npmrc#manage... And you can prevent npm from being used with `devEngines`: github.com/npm/cli/pull...
Finally. I wish the community could migrate from the `packageManager` field to `devEngines` following this - always pinning versions is good in theory but way too cumbersome in practice.
This thing is so useful. Especially for security - ensuring the published package is actually what exists in the source
Can't believe scoped packages wasn't a free feature of npm until 2017-03-22 blog.npmjs.org/post/1587182...
GitHub commit message: docs: add --no flag to npx command to avoid downloading the incorrect package from npm Thanks to @alxndrsn for finding this issue and the insightful blog post. https://www.alxndrsn.com/2024-08-01-npx-binary-confusion/ Also thanks to @lirantal for his newsletter that brought this issue to my attention. https://www.nodejs-security.com/newsletter/npm-supply-chain-security-prisma-orm-security-fun-nodejs-security-challenges Git Diff: - npx vue-cli-service serve + npx --no vue-cli-service serve
๐ฎโ๐จ Still paying down the tech debt that accumulated during the transition from non-scoped packages to scoped onesโฆ Iโm lucky to have subscribed to @lirantal.comโs Node.js security newsletter. Itโs always informative!
- www.alxndrsn.com/2024-08-01-n...
- www.nodejs-security.com/newsletter/n...
Speeding up the JavaScript ecosystem part 11 is here! This time we're looking at:
Extending Rust tools with JavaScript plugins
marvinh.dev/blog/speedin...
Have you tried `v-memo`?
Looks like Reka UI, the rebranded Radix Vue component library, has just got officially released ๐ It's such a cool name. Can't wait to try it out!
![Screenshot of Node.js REPL with the following text:
โบ await import ("./index.js")
[Module: null prototype] { oneTrueDate: [Function: oneTrueDate] }
_.oneTrueDate(new Date())
'2024-03-01'](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:oiawuf6mbqiigagveorctrsj/bafkreif2lzwfhgecpevk6dzjefczhn5evybe2tp5bagdzmjo2k7jq5mmze)
Screenshot of Node.js REPL with the following text: โบ await import ("./index.js") [Module: null prototype] { oneTrueDate: [Function: oneTrueDate] } _.oneTrueDate(new Date()) '2024-03-01'
#TIL So this is the fastest way to import an ES module in the Node.js REPLโฆ How did I never know about the `_` (underscore) auto-assignment in the REPL?!
nodejs.org/api/repl.htm... So many wasted keystrokes over the years!
@rspack/core does not have a postinstall script, so it wonโt be in the list in the first place. If the attacker adds one, it wonโt be executed by default.
This feature mitigates risks like this, and thatโs it, itโs not designed to prevent all possible attacks.
Note it's not about their Node APIs (so Vite isn't affected), just when executing the binaries (i.e. `pnpm exec esbuild`) there will be a performance hit.
In my experience this new default doesn't break many projects.
But it might slow down some native packages a bit.
For example, packages like esbuild, lightningcss-cli try to optimize their binaries in the postinstall scripts; these will no longer be executed by default: github.com/evanw/esbuil...
Resurfacing this post now that pnpm 10 is tagged as latest.
?? The link preview is still available even though I deleted the link? Interesting feature/bugโฆ
And in case you still want that username, you can temporarily change your handle back and forth to reserve it. This feature was introduced about a month ago: bsky.app/profile/bsky...
@acemarke.dev Hi Mark, I just noticed that the Bluesky link on your GitHub profile is invalid since you changed your handle. Just wanted to give you a heads-up in case you'd like to update it
