サクサク読めて、
アプリ限定の機能も多数!
アプリで開く
●はてなブックマークって?
●アプリ・拡張の紹介
●ユーザー登録
●ログイン
●ログアウト
トップへ戻る
総合
●人気
●新着
●
IT
●
最新ガジェット
●
自然科学
●
経済・金融
●
おもしろ
●
マンガ
●
ゲーム
●
はてなブログ︵総合︶
一般
●人気
●新着
●
社会ニュース
●
地域
●
国際
●
天気
●
グルメ
●
映画・音楽
●
スポーツ
●
はてな匿名ダイアリー
世の中
●人気
●新着
●
新型コロナウイルス
●
働き方
●
生き方
●
地域
●
医療・ヘルス
●
教育
●
はてな匿名ダイアリー
政治と経済
●人気
●新着
●
政治
●
経済・金融
●
企業
●
仕事・就職
●
マーケット
●
国際
●
はてなブログ︵政治と経済︶
暮らし
●人気
●新着
●
カルチャー・ライフスタイル
●
ファッション
●
運動・エクササイズ
●
結婚・子育て
●
住まい
●
グルメ
●
お金
●
はてなブログ︵暮らし︶
●
掃除・整理整頓
●
雑貨
●
買ってよかったもの
●
旅行
●
アウトドア
●
趣味
学び
●人気
●新着
●
人文科学
●
社会科学
●
自然科学
●
語学
●
ビジネス・経営学
●
デザイン
●
法律
●
本・書評
●
将棋・囲碁
●
はてなブログ︵学び︶
テクノロジー
●人気
●新着
●
IT
●
セキュリティ技術
●
はてなブログ︵テクノロジー︶
●
AI・機械学習
●
プログラミング
●
エンジニア
おもしろ
●人気
●新着
●
まとめ
●
ネタ
●
おもしろ
●
これはすごい
●
かわいい
●
雑学
●
癒やし
エンタメ
●人気
●新着
●
スポーツ
●
映画
●
音楽
●
アイドル
●
芸能
●
お笑い
●
サッカー
●
話題の動画
アニメとゲーム
●人気
●新着
●
マンガ
●
Webマンガ
●
ゲーム
●
任天堂
●
PlayStation
●
アニメ
●
バーチャルYouTuber
●
オタクカルチャー
●
おすすめ
買ってよかったもの
﹃Socket - Secure your dependencies. Ship with confidence.﹄
●
人気
●
新着
●
すべて
4users
socket.dev
Security News pnpm 9.5 Introduces Catalogs: Shareable Dependency Version Specifiers pnpm 9.5 introduces a Catalogs feature, enabling shareable dependency version specifiers, reducing merge conflicts and improving support for monorepos. pnpm is eight years into its unique approach to package management, and continues to gain traction, especially among those who need efficiency and support for monor
●
テクノロジー
●2024/07/09 11:22
●article
●javascript
●あとで読む
12users
socket.dev
Security News Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China. More than 110K websites using the Polyfill.io service have been impacted by a supply chain attack after a Chinese company bought the service earlier this year. The C
●
テクノロジー
●2024/07/01 13:54
●security
●javascript
●トラブル
●network
●セキュリティ
2users
socket.dev
Security News ESLint Approves RFC to Add Support for TypeScript Config Files ESLint has approved an RFC that adds support for TypeScript configuration files, which is aimed at improving the developer experience and recognizing changes in the evolving JavaScript ecosystem. ESLint, a widely used tool for identifying and reporting on patterns found in ECMAScript/JavaScript code, has approved an RFC (
●
テクノロジー
●2024/05/26 00:24
2users
socket.dev
Node.js TSC Confirms: No Intention to Remove npm from DistributionThe Node.js Technical Steering Committee has confirmed that removing npm from the Node.js distribution is not a project goal, amidst continued discussions regarding enabling Corepack by default. The Node.js Technical Steering Committee (TSC) met this week and made a few key decisions as part of the broader discussion regarding enabl
●
テクノロジー
●2024/04/04 18:08
●node.js
2users
socket.dev
JSR: What We Know So Far About Deno’s New JavaScript Package RegistryJSR, a new package registry from the Deno team, aims to address npm’s limitations but the JavaScript community is concerned about ecosystem fragmentation. The JavaScript community is buzzing about JSR, a new package registry from the team behind Deno, a runtime for JavaScript, TypeScript, and WebAssembly based on the V8 JavaScrip
●
テクノロジー
●2024/02/24 03:45
8users
socket.dev
Express.js Spam PRs Incident Highlights the Commoditization of Open Source ContributionsA mountain of spam PRs landed in the Express.js project repo after a popular YouTube tutorial used it as an example for contributing to open source. This put a spotlight on the mandate for job seekers to find a way to contribute to OSS. A tidal wave of spam pull requests recently hit the popular Express.js open
●
テクノロジー
●2024/02/14 09:01
●OSS
●Youtube
5users
socket.dev
Node.js Community Debate Intensifies Over Enabling Corepack by Default and Potentially Unbundling npmThe Node community is wrestling with the decision to enable Corepack by default, which has sparked a debate about the potential of removing npm from the Node.js binary. A heated debate is happening in the Node.js community over a proposal to enable Corepack by default that was opened in November 20
●
テクノロジー
●2024/02/09 21:48
●npm
●node.js
●article
2users
socket.dev
npm in Review: A 2023 Retrospective on Growth, Security, and Quirky FactsFrom unprecedented expansion to security challenges: A comprehensive look at npm's dynamic year. It's a new year! So let's look back at how npm, the most popular package manager in the world, fared in 2023. We will look at some of the major trends in the ecosystem and investigate what the data reveal about how npm grew over t
●
テクノロジー
●2024/01/21 10:44
●article
3users
socket.dev
When "Everything" Becomes Too Much: The npm Package Chaos of 2024An NPM user named PatrickJS launched a troll campaign with a package called "everything," which depends on all public npm packages. Happy 2024, folks! Just when we thought we'd seen it all, an npm user named PatrickJS, aka gdi2290, threw us a curveball. He (along with a group of contributors) kicked off the year with a bang, launchin
●
テクノロジー
●2024/01/07 11:43
3users
socket.dev
Concatenated JSONJSON does not natively provide a means of streaming multiple root values without waiting for a complete end of a root value; however, JSON values do not overlap in grammar (except in the case of numbers) and as such can be concatenated without ambiguity if treating the end of a value as the end of an entry in the stream generally. So, for these cases many JSON parsers do allow for
●
テクノロジー
●2023/12/27 11:40
●article
8users
socket.dev
Introducing "safe npm", a Socket npm WrapperSocket is proud to introduce an exciting new tool—“safe npm”—that protects developers whenever they use npm install. Socket is proud to introduce an exciting new tool—“safe npm”—that protects developers whenever they use npm install. Socket’s “safe npm” CLI tool transparently wraps the npm command and protects developers from malware, typosquats, install
●
テクノロジー
●2023/03/20 08:00
●article
●security
●あとで読む
2users
socket.dev
These Chinese devs are storing 1000s of eBooks on GitHub and npmCircumventing Chinese censorship: Plethora of eBooks pervade these GitHub and npm repositories containing contents of banned websites like 'The Economist' A community of Chinese devs that calls itself 'ApacheCN' is using open source platforms like GitHub and npm to store 1000s of eBooks. Last week, Socket's automated npm analysis engi
●
テクノロジー
●2022/11/07 13:27
●電子書籍
●GitHub
●中国
25users
socket.dev
Secure your dependencies. Ship with confidence.Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.
●
テクノロジー
●2022/03/02 06:10
●npm
●security
●202203
●node.js
●セキュリティ
●Github
●webservice
●javascript
●service
このページはまだ
ブックマークされていません
このページを最初にブックマークしてみませんか?
﹃Socket - Secure your dependencies. Ship with confidence.﹄の新着エントリーを見る
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
●総合
●一般
●世の中
●政治と経済
●暮らし
●学び
●テクノロジー
●エンタメ
●アニメとゲーム
●おもしろ
●アプリ・拡張機能
●開発ブログ
●ヘルプ
●お問い合わせ
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●公式アカウント
●ホットエントリー
●はてなブログ
●はてなブログPro
●人力検索はてな
●はてなブログ タグ
●はてなニュース
●ソレドコ
Copyright © 2005-2024 Hatena. All Rights Reserved.
設定を変更しましたx