npm to Implement Staged Publishing After Turbulent Shift Off Classic Tokens sar /soc )Jan 7, 2026 175 dependencies , security , github How We’re Protecting Our Newsroom From npm Supply Chain Attacks rya /pnp )Dec 5, 2025 174 dependencies , security , case-studies No More Tokens—Locking Down npm Publish Workflows zac )Dec 4, 2025 173 dependencies , security , github , processes The Shai-Hulud 2.0 npm Worm: Analysis, and What You Need to Know Nov 25, 2025 172 security , dependencies GitLab Discovers Widespread npm Supply Chain Attack git )Nov 24, 2025 171 dependencies , security , gitlab , github , aws , gcp , azure Automated npm Secret Rotation in GitHub Actions mhe )Nov 16, 2025 170 security , automation , github-actions Will npm’s New Security Steps Stop Attacks? rev )Oct 28, 2025 169 security , github , maintenance , foss The State of Node.js 2025 Explained by Its TSC Member mco /git )Oct 14, 2025 168 videos , nodejs 15 Recent Node.js Features That Replace Popular npm Packages nod )Oct 1, 2025 167 nodejs , dependencies , maintenance How Deno Protects Against npm Exploits den )Sep 30, 2025 166 deno , security Strengthening npm Security: Important Changes to Authentication and Token Management git )Sep 29, 2025 165 security Mastering npx: A Cheatsheet for npm and Node.js Power Users Sep 25, 2025 164 npx , cheat-sheets , examples , nodejs Our Plan for a More Secure npm Supply Chain xco /git )Sep 22, 2025 163 dependencies , security , foss npm Security Best Practices Sep 21, 2025 162 security , provenance , best-practices This May Be the Worst One the )Sep 17, 2025 161 videos , dependencies , security Ongoing Supply Chain Attack Targets CrowdStrike npm Packages pvd +/soc )Sep 16, 2025 160 dependencies , security ctrl/tinycolor and 40+ npm Packages Compromised Sep 15, 2025 159 dependencies , security Which npm Package Has the Largest Version Number? Sep 14, 2025 158 dependencies , versioning , semver How to Keep package.json Under Control tmc /val )Sep 11, 2025 157 how-tos , nodejs , dependencies , maintainability Oh No, Not Again… a Meditation on npm Supply Chain Attacks tan )Sep 9, 2025 156 dependencies , security , microsoft Anatomy of a Billion-Download npm Supply-Chain Attack Sep 8, 2025 155 security , dependencies npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack bur +/soc )Sep 8, 2025 154 security , dependencies npm Trusted Publishing With OIDC Is Generally Available git )Jul 31, 2025 153 dependencies , provenance , github npm “Accidentally” Removes Stylus Package, Breaks Builds and Pipelines ax /ble )Jul 23, 2025 152 stylus eslint-config-prettier Compromised: How npm Package With 30 Million Downloads Spread Malware Jul 21, 2025 151 prettier , eslint , security , malware npm Phishing Email Targets Developers With Typosquatted Domain sar /soc )Jul 18, 2025 150 security Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader soc )Jul 14, 2025 149 security , dependencies 30 Years of JavaScript: 10 Milestones That Changed the Web ric /the )Jul 5, 2025 148 javascript , anniversaries , history , ecmascript , ajax , jquery , web-2.0 , nodejs , react , typescript , webassembly npm Targeted by Malware Campaign Mimicking Familiar Library Names soc )May 2, 2025 147 malware , security , dependencies , link-lists npm Should Remove the Default License From New Packages (ISC) ext )Apr 30, 2025 146 dependencies , licensing , foss A Decade of Impact: How Our npm Packages Hit 1 Billion Downloads and Shaped JavaScript Apr 1, 2025 145 dependencies , history , javascript Malware Found on npm Infecting Local Package With Reverse Shell rev )Mar 26, 2025 144 dependencies , security Lazarus Strikes npm Again With New Wave of Malicious Packages soc )Mar 10, 2025 143 dependencies , security @ 11ty/image-color zac )Feb 25, 2025 142 packages , images , colors Tutorial: Publishing ESM-Based npm Packages With TypeScript rau )Feb 4, 2025 141 tutorials , dependencies , typescript Is npm Enough? Why Startups Are Coming After This JavaScript Package Registry kat /red )Jan 30, 2025 140 jsr , bun , pnpm , yarn , javascript Keep Your Node.js Apps Secure With “npx is-my-node-vulnerable” tre )Jan 29, 2025 139 packages , nodejs , security My Failed Attempt to Shrink All npm Packages by 5% eva )Jan 27, 2025 138 dependencies , compression How I Open-Sourced My Secret Access Tokens From GitHub, Slack, and npm—and Who Actually Cares Jan 24, 2025 137 security , github , slack Mastering npm Scripts: Automate Everything in Your Frontend Workflow Dec 22, 2024 136 dependencies , environments , ci-cd , automation HTML Conformance: A Comparison of 6.5 npm Validator Packages (With 1.5 Recommendations) j9t )Dec 17, 2024 135 html , conformance , tooling , comparisons Publishing a Simple Client-Side JavaScript Package to npm With GitHub Actions sim )Dec 7, 2024 134 dependencies , javascript , github-actions How to Prerelease an npm Package spa /clo )Nov 19, 2024 133 how-tos , dependencies , versioning , semver Understanding “npm audit” and Fixing Vulnerabilities Oct 21, 2024 132 security , vulnerabilities , nodejs npm vs. npx Oct 4, 2024 131 nodejs , npx , comparisons Significance of package-lock.json or yarn-lock.json Sep 21, 2024 130 yarn , comparisons More npm Packages on Cloudflare Workers: Combining Polyfills and Native Code to Support Node.js APIs jas +/clo )Sep 9, 2024 129 cloudflare , nodejs , apis , dependencies caniuse-cli bra )Sep 6, 2024 128 packages , support , browsers , web-platform , caniuse , command-line CSS Style Observer bra )Aug 29, 2024 127 packages , css How to Create an npm Package mat )Aug 21, 2024 126 how-tos , dependencies ObsoHTML, the Obsolete HTML Checker j9t )Aug 11, 2024 125 packages , html , quality The Great npm Garbage Patch Aug 6, 2024 124 dependencies , spam , security Building an “npm create” Package ach )Jul 28, 2024 123 Publishing a TypeScript Module to npm vs. JSR den )Jul 10, 2024 122 videos , typescript , modules , dependencies , jsr , comparisons Leaner npm Packument (Metadata) Contents git )Jul 9, 2024 121 Supply Chain Security in npm—We Can Be Optimistic About the Future Jul 9, 2024 120 dependencies , security , provenance Create npm Package With CommonJS and ESM Support in TypeScript Jun 29, 2024 119 dependencies , commonjs , esm , typescript npm and Node.js Should Do More to Make ES Modules Easy to Use Jun 19, 2024 118 nodejs , esm What Happens When a Major npm Library Goes Commercial? mco )Jun 17, 2024 117 dependencies , foss Researchers Uncover npm Registry Vulnerability to Cache Poisoning and DoS Attacks sar /soc )Jun 15, 2024 116 dependencies , vulnerabilities , caching , security How a Single Vulnerability Can Bring Down the JavaScript Ecosystem Jun 3, 2024 115 javascript , dependencies , caching , vulnerabilities , security CodeFlattener May 19, 2024 114 packages , javascript Using Vite to Rebuild Local Dependencies in an npm Workspace Apr 23, 2024 113 dependencies , vite Building an npm Package Compatible With ESM and CJS in 2024 Apr 18, 2024 112 dependencies , interoperability , esm , commonjs npm Basics for New Developers nim )Apr 11, 2024 111 fundamentals Node.js TSC Confirms: No Intention to Remove npm From Distribution sar /soc )Mar 22, 2024 110 nodejs The Ultimate Guide to Understanding npx vs. npm Mar 18, 2024 109 guides , npx , nodejs eslint-plugin-depend Mar 9, 2024 108 packages , maintenance , simplicity How npm Install Scripts Can Be Weaponized: A Real-World Example of a Harmful npm Package eth )Mar 3, 2024 107 dependencies , examples , security Why Does “is-number” Package Have 59M Weekly Downloads? Feb 29, 2024 106 dependencies Node.js Community Debate Intensifies Over Enabling Corepack by Default and Potentially Unbundling npm sar /soc )Feb 8, 2024 105 nodejs , corepack , yarn , pnpm , dependencies Malicious npm Package Masquerades as Noblox.js, Targeting Roblox Users for Data Theft sar /soc )Feb 6, 2024 104 dependencies , security GitHub, npm Registry Abused to Host SSH Key-Stealing Malware Jan 24, 2024 103 github , security , malware , foss Modern JavaScript Library Starter Jan 23, 2024 102 dependencies , libraries Deceptive Deprecation: The Truth About npm Deprecated Packages Jan 18, 2024 101 deprecation , security , dependencies , research npm in Review: A 2023 Retrospective on Growth, Security, and Quirky Facts soc )Jan 10, 2024 100 retrospectives When “Everything” Becomes Too Much: The npm Package Chaos of 2024 soc )Jan 5, 2024 99 foss A Comprehensive Guide to npm Workspaces and Monorepos Dec 30, 2023 98 guides , monorepos , yarn , dependencies I Replaced npm, Yarn, and nvm With pnpm paw )Dec 1, 2023 97 dependencies , yarn , pnpm , nvm How to Use npm Packages Outside of Node Nov 6, 2023 96 how-tos , dependencies , javascript Secret Scanning Scans Public npm Packages git )Oct 26, 2023 95 github , dependencies , security TypeScript Monorepo With npm Workspaces skw )Oct 1, 2023 94 monorepos , typescript , architecture Honey, I Shrunk the npm Package Sep 27, 2023 93 dependencies , compression SSH Keys Stolen by Stream of Malicious PyPI and npm Packages ble )Sep 27, 2023 92 security , ssh , dependencies npm Provenance General Availability git )Sep 26, 2023 91 github , provenance , security How to Migrate From npm to pnpm Sep 20, 2023 90 how-tos , migrating , pnpm dependency-time-machine Aug 12, 2023 89 packages , dependencies , maintenance , automation Sophisticated, Highly-Targeted Attacks Continue to Plague npm Aug 12, 2023 88 security Publishing With npm Provenance From Private Source Repositories Is No Longer Supported git )Jul 26, 2023 87 github , provenance , security , foss Social Engineering Campaign Targeting Tech Employees Spreading Through npm Malware soc )Jul 25, 2023 86 security , malware A Comprehensive Beginner’s Guide to npm: Simplifying Package Management Jul 14, 2023 85 guides , dependencies Making the Switch: From Yarn/npm to pnpm Jul 4, 2023 84 yarn , pnpm Identify Unused npm Packages in Your Project ami )Jul 1, 2023 83 dependencies , maintenance Comparing npm, Yarn, and pnpm Package Managers: Which One Is Right for Your Distributed Project to Handle High Loads? Jun 28, 2023 82 yarn , pnpm , comparisons , performance , best-practices The Massive Bug at the Heart of the npm Ecosystem Jun 27, 2023 81 dependencies , security Create React UI Lib: Component Library Speedrun Jun 16, 2023 80 typescript , react , components npm Won’t Publish Packages Containing the Word “keygen” Jun 14, 2023 79 discussions , dependencies Comparing the Best Node.js Version Managers: nvm, Volta, and asdf Apr 25, 2023 78 nodejs , nvm npm vs. Yarn vs. pnpm Apr 24, 2023 77 yarn , pnpm , comparisons Generating Provenance Statements Apr 19, 2023 76 provenance , security Introducing npm Package Provenance git )Apr 19, 2023 75 introductions , github , provenance , security , foss Dissecting npm Malware: Five Packages and Their Evil Install Scripts Apr 15, 2023 74 security , malware Understanding npm Versioning Apr 4, 2023 73 dependencies , versioning , semver One in Two New npm Packages Is SEO Spam Right Now Mar 30, 2023 72 seo The Landscape of npm Packages for CLI Apps Mar 24, 2023 71 nodejs , dependencies , command-line Automatic npm Publishing With GitHub Actions and npm Granular Tokens Mar 22, 2023 70 github-actions , automation Why We Added package.json Support to Deno tin /den )Mar 20, 2023 69 deno , support , nodejs Speeding Up the JavaScript Ecosystem—npm Scripts mar )Mar 19, 2023 68 javascript , performance , bundling Unlocking Security Updates for Transitive Dependencies With npm git )Jan 19, 2023 67 dependencies , security , maintenance Lockfile Trick: Package an npm Project With Nix in 20 Lines Dec 18, 2022 66 tips-and-tricks New npm Features for Secure Publishing and Safe Consumption git )Dec 6, 2022 65 security , dependencies Migrating From npm to pnpm Nov 17, 2022 64 migrating , pnpm npm Security: Preventing Supply Chain Attacks Nov 7, 2022 63 dependencies , security How to Build, Test, and Publish a TypeScript npm Package in 2022 Oct 29, 2022 62 how-tos , typescript Why You Should Prefer Using pnpm Over npm and Yarn? Oct 13, 2022 61 pnpm , yarn , comparisons Use “npm query” and jq to Dig Into Your Dependencies Oct 5, 2022 60 videos , dependencies , auditing Phylum Detects Active Typosquatting Campaign Targeting npm Developers Oct 2, 2022 59 dependencies , security depngn Sep 30, 2022 58 packages , nodejs , dependencies Best Practices for Creating a Modern npm Package Sep 12, 2022 57 best-practices Dependabot Unlocks Transitive Dependencies for npm Projects git )Sep 7, 2022 56 dependencies , security , dependabot 4 Ways to Minimize Your Dependencies in Node.js app )Aug 31, 2022 55 nodejs , dependencies Installing and Running Node.js Bin Scripts rau )Aug 25, 2022 54 installing , nodejs Introducing the New npm Dependency Selector Syntax git )Aug 3, 2022 53 introductions Introducing Even More Security Enhancements to npm git )Jul 26, 2022 52 introductions , security Top 5 npm Vulnerability Scanners Jul 20, 2022 51 security , vulnerabilities , tooling css-browser-support 5t3 )Jul 3, 2022 50 packages , css , browsers , support Imagemin Guard j9t )Jun 27, 2022 49 packages , images , compression , performance , jpeg , png , gif , webp , avif Alternatives to Installing npm Packages Globally rau )Jun 18, 2022 48 installing , dependencies How to Migrate From Yarn/npm to pnpm May 29, 2022 47 how-tos , migrating , yarn , pnpm You May Not Need a Bundler for Your npm Library May 27, 2022 46 bundling npm Security Update: Attack Campaign Using Stolen OAuth Tokens git )May 26, 2022 45 security , oauth , version-control , github What npm Can Learn From Go May 26, 2022 44 Snyk Finds 200+ Malicious npm Packages, Including Cobalt Strike Dependency Confusion Attacks May 24, 2022 43 javascript , dependencies , security 4 Reasons to Avoid Using “npm link” Apr 18, 2022 42 How to Respond to Growing Supply Chain Security Risks? Apr 3, 2022 41 how-tos , security , dependencies , nodejs Update Node Dependencies Automatically, Selectively, or Incrementally Mar 14, 2022 40 nodejs , dependencies , yarn What’s Really Going On Inside Your node_modules Folder? soc )Mar 1, 2022 39 nodejs , dependencies How to Publish Deno Modules to npm kit /den )Feb 28, 2022 38 how-tos , deno , modules , dependencies Understanding Dependencies Inside Your package.json nod )Feb 24, 2022 37 nodejs , dependencies , yarn How to Fix Your Security Vulnerabilities With npm Override Feb 23, 2022 36 how-tos , security , vulnerabilities , dependencies The Basics of package.json nod )Feb 15, 2022 35 fundamentals , nodejs , dependencies , yarn pkg.land Dec 30, 2021 34 websites , packages , dependencies GitHub’s Commitment to npm Ecosystem Security git )Nov 15, 2021 33 github , security Yarn vs. npm: Everything You Need to Know Sep 21, 2021 32 yarn , comparisons timefind Sep 1, 2021 31 packages , history Common npm Mistakes Every Developer Should Avoid Aug 30, 2021 30 mistakes npm Security Best Practices owa )Aug 3, 2021 29 security , best-practices Simple Monorepos via npm Workspaces and TypeScript Project References rau )Jul 21, 2021 28 monorepos , typescript NPM Global Audit Jun 16, 2021 27 packages , security , quality , auditing Uninstalling Dev Dependencies With npm Mar 21, 2021 26 dependencies “npm ruin dev” ada /css )Dec 9, 2020 25 html , css , javascript , nodejs What Is Node and When Should I Use It? Feb 16, 2020 24 nodejs , javascript How to Publish an Updated Version of an npm Package spa /clo )Feb 10, 2020 23 how-tos , dependencies How to Add CSS Vendor Prefixes Automatically luk )Sep 24, 2019 22 how-tos , css , vendor-extensions , automation , tooling , postcss , webpack , gulp a11y-syntax-highlighting eri )Jan 2, 2019 21 packages , accessibility , syntax-highlighting How to Worry About npm Package Weight chr /css )Dec 18, 2018 20 dependencies Lerna: A Tale of Renaming npm Packages Jul 24, 2018 19 dependencies , refactoring , tooling Validating Dependencies in the Project With npm-check and depcheck Jun 1, 2018 18 dependencies , security , maintenance , auditing , tooling Introducing npx: An npm Package Runner zka )Jul 11, 2017 17 introductions , npx , nodejs 10 Node.js Best Practices: Enlightenment From the Node Gurus Jan 17, 2017 16 nodejs , best-practices , environments , event-loop , naming , scalability , caching , express Solving npm Scripts Problems in JavaScript Projects hcr )Jan 2, 2017 15 yarn , javascript Why npm Scripts? css )Feb 12, 2016 14 nodejs , conversion , linting , minification , compression , sprites , images , examples why-is-node-running Feb 9, 2016 13 packages , nodejs How to Solve the Global npm Module Dependency Problem Sep 4, 2015 12 how-tos , dependencies image-dimensions sin )Apr 14, 2015 11 packages , images Learning Node.js: The “npm link” May 14, 2014 10 videos , nodejs 9 Quick Tips About npm Dec 14, 2013 9 tips-and-tricks , nvm , command-line Peer Dependencies dom )Feb 8, 2013 8 nodejs , dependencies Madge May 20, 2012 7 packages , dependencies , visualization npm Package Size Checker 6 tools , exploration , auditing , debugging , dependencies npm, Yarn, and pnpm Command Converter 5 tools , exploration , conversion , yarn , pnpm , command-line npm Package Types Checker 4 tools , exploration , auditing , debugging , dependencies , typescript , type-safety npm Dependency Visualizer 3 tools , exploration , auditing , debugging , dependencies , visualization npm Package Download Statistics Checker 2 tools , exploration , auditing , debugging , dependencies , metrics npm Package Checker 1 tools , exploration , auditing , debugging , dependencies 