Dan and I at Epi made a script to scan our repos for exposure to this week's compromise of 400+ NPM packages (Shai-Hulud).
Sharing the script here so you can see if you're affected. Run this on dev machines, CI and deployed environments.
It deeply checks nested dependencies…
LOSING YOUR WORK DOES NOT MATTER.
IF YOUR HOUSE GOES ON FIRE
YOU DON'T BUILD ANOTHER HOUSE
YOU BUILD A MANSION
IF YOU LOSE 20K CODE CHANGES
YOU MAKE 100K CHANGES
"imagine how much power that would require"
if google can waste so many resources on ai summarizes on google that majority don’t care about
then this should be possible too and is far more important to solve than ai summarizes
"imagine how much power that would require"
if google can waste so many resources on ai summarizes on google that majority don’t care about
then this should be possible too and is far more important to solve than ai summarizes
i think i have the solution for this
publishers on npm can be "verified" by npm
when someone downloads a package from a non-verified publisher, it shows a warning where you can click to continue
for verified publishers:
every time they try to update a package, they'll need to…
i think i have the solution for this
publishers on npm can be "verified" by npm
when someone downloads a package from a non-verified publisher, it shows a warning where you can click to continue
for verified publishers:
every time they try to update a package, they'll need to…
i find it funny how some people are so confident about things they know nothing about
me: i deleted microsoft edge through settings
people: you didn't do that, it's impossible
me: i did, here's a video
people: no! impossible!
i find it funny how some people are so confident about things they know nothing about
me: i deleted microsoft edge through settings
people: you didn't do that, it's impossible
me: i did, here's a video
people: no! impossible!
update
i did indeed forget something.
the entire opencut refactor i’ve spent weeks on. now lost.
i was actually gonna push it to github in a few days but, never mind.
sucks
wait fuck, i don’t have a browser
im setting up this new pc
first thing i do, i uninstall microsoft edge
then i realize
i don’t have any other browser
so now i can’t get a browser
i cant install a browser without a browser
please help
368 Followers 433 FollowingGenerative, Code to Canvas NFTs on the Harmony One protocol 💙 Nothing is predefined. #python - Curated by collectors. Discord: https://t.co/WdEDz7U6FL
848 Followers 1K FollowingCode hard, scale fast! Full-stack • DevOps • AI • data nerd | Upwork Top rated | Ranked Top 1% in StackOverflow | Creator of react-mui-dropzone
44K Followers 2K FollowingHelping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!
424K Followers 1K FollowingFounder https://t.co/m6TigM4CJT: Free AI training for the smartest engineers in the world. Will tweet as I wish and suffer the consequences.
18K Followers 115 FollowingIn the last 7 years of SEO (and AI SEO since 2023) experience, I already helped more than 200 people achieve 650M+ visitors and $149M+ revenue…
270K Followers 5K FollowingPosts about Business. Building SaaS for 20+ years. Started https://t.co/xrOkg6UWaz (2005), KISSmetrics (2008) & https://t.co/uA827W8uqv (2020). What are you building? 🙏
8K Followers 17 Following✨ Vibe designing.
An infinite canvas to create, explore and refine with AI in your style.
The Cursor moment for design.
🧙🏻♂️https://t.co/QstG1UFcxD
92K Followers 925 FollowingCEO at @magicpathai 🎨✨
Previously, @AnthropicAI, @brexHQ. @Uber, @Facebook. Creator of Claude Engineer, DesignerGPT, Sequential thinking MCP and more
2K Followers 904 FollowingDesigner at @drewlstudio & @letskree8 • Product Designer • 📨 Available for Freelance Project Website, Dashboard and Mobile – DM me→
7K Followers 840 Following3D/AI interactive designer / Prototyping is my life / AI all the time ! / freelance.
previous student at Gobelins School in Paris.
11K Followers 7 FollowingThe first VPN that CAN'T log your activity and outsmarts internet censorship.
Because an open and private internet is worth fighting for.