#javascript-ecosystem

[ follow ]
#developer-tools #npm #npm-registry #open-source-tools #developer-experience #package-management
Node JS
fromTheregister
6 days ago

npmx alternative to npmjs released to fix pain of rpm

An open source npm registry browser called npmx launched in alpha, addressing user frustrations with npmjs.com's interface through improved speed, simplicity, and features like dark mode and better dependency display.
JavaScript
fromSubstack
1 week ago

Friday Links #35: Dev Tools, AI & JS Ecosystem Updates

The JavaScript ecosystem continues evolving with AI-powered tools, performance libraries, experimental frameworks, and utilities designed to enhance developer workflows across frontend, backend, and edge environments.
Information security
fromSecurityWeek
1 month ago

'PackageGate' Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Six vulnerabilities in major JavaScript package managers (NPM, PNPM, VLT, Bun) allow bypassing supply chain protections and enable remote code execution.
fromSubstack
2 months ago

Friday Links #33 - Fresh JavaScript Tools & Trends

OpenAI has introduced ChatGPT Health, a dedicated section inside ChatGPT focused entirely on personal health. It's more than a themed chat - users can discuss symptoms, interpret lab results, track metrics over time, and get clear explanations of medical terms. A key feature is integration with health and fitness services. Users can connect Apple Health, MyFitnessPal, and similar apps so the AI can analyze sleep, activity, nutrition, and wellness trends.
Web development
JavaScript
fromInfoWorld
3 months ago

All I want for Christmas is a server-side JavaScript framework

The JavaScript ecosystem thrives through innovation, abundant open-source tools, and an evolutionary marketplace where useful tools find niches and excellence is rewarded.
JavaScript
fromSubstack
3 months ago

Friday Links #32: Fresh JavaScript Trends & Tools

GPT-5.1 enhances long-context code reasoning and patch generation, integrates into Codex and IDEs, improves benchmark performance, and introduces 24-hour prompt caching.
Web frameworks
fromSubstack
4 months ago

Friday Links #31 - New JavaScript Tools and October Highlights

An open benchmark called AI-Trader shows simulated AI models can profitably trade Nasdaq-100 in a month, with DeepSeek v3.1 leading at +16.46%.
fromTheregister
6 months ago

More npm packages poisoned, but would-be thieves get little

As of Tuesday, the supply-chain attack remains active, and its scope extends beyond the original 18 infected Qix packages to now include five additional compromised DuckDB and coveops/abi packages, according to JFrog. Wiz warns organizations to assume "malicious versions of popular packages are still available for download and might be automatically included in development pipelines."
Information security
[ Load more ]