News

SD Times5y
GitHub acquires JavaScript package manager provider npm
GitHub has announced plans to acquire npm. Npm is the company behind the Node package manager for the programming language JavaScript, the npm Registry and npm CLI. “npm is a critical part of ...
InfoQ6mon
vlt Introduces New JavaScript Package Manager and Serverless Registry
Introducing **vlt**, a groundbreaking open-source JavaScript package manager by former npm team members. Designed as an intuitive drop-in replacement, vlt simplifies dependency management with an inno ...
VentureBeat8y
Facebook open-sources Yarn, a JavaScript package manager
Facebook today is open-sourcing Yarn, a package manager for efficiently installing JavaScript packages that represent dependencies for applications. Yarn is available now on GitHub under a BSD-2 ...
Bleeping Computer7y
Compromised JavaScript Package Caught Stealing npm Credentials
The JavaScript (npm) package that got compromised is called eslint-scope, a sub-module of the more famous ESLint, a JavaScript code analysis toolkit. Hacker gained access to a developer's npm account ...
Bleeping Computer7y
Somebody Tried to Hide a Backdoor in a Popular JavaScript npm Package
The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular —albeit deprecated ...