From Dev.to Community
Tech Articles
Curated developer articles, tutorials, and guides — auto-updated hourly
Dwayne McDanielMay 26, 2026 • 3 min read
Mini Shai-Hulud: A persistent supply-chain worm
On April 29th, Aikido researchers detected multiple compromised Node.js packages in SAP's namespace....
#security#supplychain#npm#securityresearch
1 1
Alex ChenMay 26, 2026 • 5 min read
npm Scripts and package.json: The Complete Guide (2026)
npm Scripts and package.json: The Complete Guide (2026) Most developers only use npm start...
#javascript#node#npm#tooling
1 0
날다람쥐May 30, 2026 • 3 min read
date-light: A 1.8KB Alternative to date-fns You Might Actually Like
If you've ever shipped a frontend app and watched your bundle bloat because of date utilities, you'r...
#javascript#typescript#npm#opensource
1 1
Yasser's studioMay 30, 2026 • 7 min read
What We Actually Did About npm Supply Chain Attacks
In May 2026, attackers compromised 42 TanStack packages by poisoning a GitHub Actions build cache...
#security#npm#github#typescript
0 0
Alex RogovMay 29, 2026 • 7 min read
Shipping archkit v0.1: a TypeScript Clean Architecture scaffolder built in one Claude Code session
npx @autosergach/archkit create my-lib scaffolds a TypeScript library with Clean Architecture — doma...
#typescript#cleanarchitecture#npm#claudecode
0 1
Akash LomasMay 25, 2026 • 5 min read
Architectural Collapse: How Extension Poisoning, Node Vulnerabilities, and Infrastructure Fog Enabled the GitHub Repository Breach
Enterprise perimeter defenses are fundamentally built on an obsolete assumption that, the developer'...
#vulnerabilities#github#vscode#npm
0 0
Dayna BlackwellMay 27, 2026 • 4 min read
14,000 Python Developers Installed My Go Binary via pip. Here's How.
Your Go binary is on GitHub Releases. Congratulations. Go developers will find it with go install......
#go#python#npm#devtools
0 1
SEN LLCMay 24, 2026 • 5 min read
An npm Downloads Comparison Chart in 300 Lines of Vanilla JS — Nice-Tick Math and API-Direct Fetch
"react vs vue vs svelte vs solid-js — who's actually winning?" This tool answers it. Fetches daily.....
#javascript#npm#dataviz#webdev
0 0
CinfiniteDevMay 25, 2026 • 2 min read
GoBadge v2: From Module Stats to Universal Badges
What started as a tool for Go modules just became something much bigger. I launched GoBadge a few.....
#npm#webdev#product#opensource
1 0
Yash HadadeMay 29, 2026 • 3 min read
I Built My First npm Package — A CLI for Scaffolding Modular Node.js Projects
The problem I kept running into Every time I started a new Node.js backend — whether it was a...
#node#npm#opensource#javascript
1 0
Mahesh ShindeMay 25, 2026 • 2 min read
I Built ShellReq - A Native API Client for VS Code & Terminal
ShellReq - Native API Client for VS Code & Terminal A lightweight, native API testing...
#opensource#vscode#typescript#npm
1 0
Sohana AkbarMay 26, 2026 • 2 min read
Docker Caching Strategies That Actually Work with npm ci
If you’ve ever waited 10 minutes for npm ci to run inside a Docker build, you know the pain. You ad...
#docker#npm#node#caching
0 0
Andrew GibbsMay 31, 2026 • 1 min read
34 malicious packages discovered targeting Solana developers: Steals wallet credentials and SSH keys
Socket Security just published research on TrapDoor malware: 34 malicious packages targeting...
#blockchain#infosec#npm#security
0 0
Jakub Freisler FRSMay 27, 2026 • 3 min read
`skills-npm`: a Stable Way to Distribute and Maintain Agent Skills
Managing AI agent capabilities shouldn't be a messy task. Discover how skills-npm brings professiona...
#aiagents#npm#skillsnpm#softwareengineering
0 1
lavvorMay 30, 2026 • 2 min read
I Built a Zero-Dependency Discord.js Package That Creates Temporary Voice Channels Automatically
I Built a Zero-Dependency Discord.js Package That Creates Temporary Voice Channels Automatically Th...
#discordjs#npm#typescript#opensource
0 0
Alexandro Paixao MarquesMay 25, 2026 • 9 min read
Angular 21 Multiselect Dropdown: A Migration-Friendly Component with Live Functional Tests
Modern Angular applications rarely need just a dropdown. In real projects, a multiselect dropdown.....
#angular#typescript#npm#javascript
0 0
Rohit ChavanMay 25, 2026 • 5 min read
The File Problems Every React Native App Eventually Hits
A few years ago, I thought file handling in React Native was a solved problem. Pick a library....
#reactnative#npm#development
0 0
JoodiMay 31, 2026 • 1 min read
I Built a Tiny Skeleton Loader for React
Every time I started a new React or Next.js project, I found myself writing the same...
#react#javascript#npm#frontend
1 0
![[Boost]](https://media2.dev.to/dynamic/image/width=1200,height=627,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F98dt5pynk09srczgvyce.png)
Ali AbdElbagiMay 26, 2026 • 1 min read
[Boost]
What Happens When You Run `npm run dev` ...
#beginners#javascript#node#npm
0 0
Jerry SatpathyMay 29, 2026 • 2 min read
I Built an AI-Powered Interview Simulator That Runs Entirely in Your Terminal
Interview prep is mostly passive. You read through question lists, watch videos, or practice with a...
#ai#node#npm#opensource
0 0
PicoMay 29, 2026 • 3 min read
drizzle-kit Has 8.2M Weekly Downloads and Ships an Archived Dependency With 1 Publisher
drizzle-kit has 8.2 million weekly downloads, 4 npm publishers, provenance enabled, and a behavioral...
#npm#security#typescript#supplychain
0 0
PicoMay 30, 2026 • 3 min read
I Scored Every Compromised npm Package From May 2026. Four Out of Five Attacks Were Predictable.
Five major npm supply chain attacks in three weeks. I scored every compromised package. The data say...
#npm#security#supplychain#javascript
0 0
PicoMay 31, 2026 • 2 min read
FastAPI Was Flagged as Malware Last Week. It Wasn't.
On May 26, OSV withdrew 157 malware reports. FastAPI, Strawberry GraphQL, rdflib, Pulumi, and dozens...
#security#python#npm#opensource
0 0
Nicolas DabeneMay 28, 2026 • 10 min read
Understanding the Shai-Hulud Malware Worm: When npm install Becomes a Backdoor
Introduction: Welcome to the Era of Supply Chain Attacks In Frank Herbert’s universe,...
#shaihulud#malware#npm#supplychainattack
0 0