Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

The AWS SDK for JavaScript v3 is a rewrite of v2 with some great new features. As with version 2, it enables you to easily work with Amazon Web Services, but has a modular architecture with a separate ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Josh W. Comeau——那个写《CSS for JavaScript Developers》的 Josh——最近在他的博客上发了篇文章，直接拿 CSS keyframes、原生 JS ...

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject ...

作者 | Daniel Curtis译者 | 明知山Vercel 近日 发布 Next.js 16.2，开源 React 框架的最新版本，带来了性能提升、更好的调试体验、面向 AI 智能体的新工具，以及 超过 200 项 Turbopack 相关修复与改进。本次发布的核心亮点是速度。Vercel 官方数据显示，next dev 启动速度提升了约 400%，在默认应用中比 Next.js 16.1 ...

“Breaking ground on 14 Roc is a defining moment for downtown Miami and a glimpse into the city’s future,” W. Galbut, the ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...

We are looking for contributors. Please check open issues in the above repos if you think you could help, or open a new one if you have an idea you'd like to discuss. jsDelivr is a free CDN for ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...