📦 Just released [email protected] 🍿 #release details: github.com/onebeyond/sy...

✨ Keep up to date with @nodejs.org by watching the #Nodejs #Security Working Group's last meeting on YouTube! www.youtube.com/watch?v=a7zV...

it's time github.com/nodejs/node/...

🎩 Big milestone for #yeoman! We’ve completed a full #security review across the #Yeoman organization. New policies, better automation, and stronger foundations for the next phase of the maintenance reboot process. yeoman.io/blog/securit...

I just sent my new Open Source Treats 🎃 newsletter to sponsors — packed with updates on #Lodash, #Yeoman & #Expressjs! It’ll be public on my blog in a few days, but if you’d like early access and want to support my open source work: 👉 github.com/sponsors/Uli...

i wrote about atproto and why it matters

Migrating to new Node.js versions via codemods @nodejs.org @jakob.jingleheimer.dev @augustin-mauroy.bsky.social nodejs.org/en/learn/get... #ECMAScript #JavaScript

Help us shape the future of #yeoman generator-webapp! 🎩 Deprecate or rebuild for 2025? github.com/yeoman/gener...

📦 Just released [email protected] 🍿 #release details: github.com/yeoman/gener...

📦 Just released [email protected] 🍿 #release details: github.com/yeoman/gener...

📦 Just released [email protected] 🍿 #release details: github.com/yeoman/yeoma...

🚧 #yeoman Maintenance Reboot Update 🚧 As part of the ongoing #Yeoman maintenance reboot (github.com/yeoman/yeoma...), we’ve archived and deprecated several legacy packages and repositories that are no longer actively maintained or relevant to modern workflows ✨

I am looking for a full-time job. Being independent in open source for 3.5+ years has been wonderful. I've gotten done most of the high-level goals I wanted to, and miss having people & structure around me. If you know of a role for a staff-level TypeScript+web developer, let me know! 🙂

Still running on an old version of Node.js? We’ve got new guides and tools to help you migrate your code smoothly. Start here: nodejs.org/en/learn/get... Thank you @augustin-mauroy.bsky.social for the work here 🙏

Crimes are being committed

New @nodejs.org 24.11.0 release. nodejs.org/en/blog/rele... This release marks the transition of Node.js 24.x into Long Term Support (LTS). It will continue to receive updates through to the end of April 2028.

📺 The recording for the morning sessions of the Node.js Collab Summit 2025 is up on Youtube! Thanks @vlt.sh for sponsoring my participation and sending in the whole crew! #nodejs #javascript youtu.be/ppi87YjU9x0

My JSConf talk is up 📺 it's mostly a recap of new features that landed in the Node.js runtime last year, watch it here: youtu.be/1XFWACCrL5I?... #nodejs #javascript

🚀 #HappMonday! Here’s a quick summary of all the recent changes in the #Lodash repo. Let's improve #CI and #security posture 👇

The Future of Lodash: blog.ulisesgascon.com/the-future-o...

I am a serious developer here to talk about serious TypeScript topics at @magnolia.boo. #MagnoliaConf

Lodash still runs half the web and now it’s getting the love it deserves. 🥹 ICYMI: Thanks to investment from the @sovereign.tech, Lodash is moving into community governance and long-term sustainability. Read up: 🧠 blog.ulisesgascon.com/the-future-o... 🏛️ openjsf.org/blog/sta-inv...

#Lodash is evolving — shifting from BDFL to shared stewardship. The focus now is maintenance: stability, security & sustainability over new features. A great reminder that mature open source projects thrive when we share responsibility. #OpenSource blog.ulisesgascon.com/the-future-o...

The future of Lodash fosstodon.org/@ulisesgascon blog.ulisesgascon.com/the-future-o... #ECMAScript #JavaScript

Introducing 🥁🥁🥁 our JavaScriptLandia award recipients for this year! Beyond building new features, our recipients guide others, maintain essential systems, document the hard parts, and strengthen the community every step of the way. 💙 Read more about our honorees here: hubs.la/Q03NQvx10

Node.js 25 is here! We have upgraded V8 to 14.1, bringing major JSON.stringify performance improvements and JIT pipeline optimizations. This release introduces the permission model --allow-net, Web Storage is enabled by default, and more! nodejs.org/en/blog/rele...

Lit is joining OpenJS as an Impact Project! 🔥 Donated by Google Open Source, Lit powers 10,000+ custom elements inside Google and is loved for its fast, standards-based web components. Welcome to the OpenJS family, @lit.dev! Learn more: hubs.la/Q03Np1Mm0

♥️ I’m very happy to announce that @weorbitant.bsky.social is now a Platinum Sponsor! They’re fueling my #OpenSource work and helping make my journey as a #maintainer more #sustainable. Huge thanks to the @weorbitant.bsky.social team for the support and trust 🙏 orbitant.com/en/

Don’t worry, this is going to involve dropping lots of no-longer-needed APIs :-D

✨ Gracias al increíble trabajo de @jddalton.bsky.social, #Lodash sigue siendo una de las librerías más confiables de #JavaScript. Ahora ampliamos la #colaboración, la #gobernanza y la #seguridad para garantizar su futuro. blog.ulisesgascon.com/el-futuro-de...

✨ Thanks to @jddalton.bsky.social’s incredible work, #Lodash remains one of the most trusted libraries in #JavaScript. We’re now expanding #collaboration, #governance, and #security to ensure its future. blog.ulisesgascon.com/the-future-o...

New Era for React = Stronger JavaScript Ecosystem 💙 React doesn’t live in isolation - It works alongside Node.js, Electron, webpack, and more. A dedicated foundation under the Linux Foundation means more collaboration, security, and sustainability across the ecosystem. hubs.la/Q03MylxX0

So cool to be in the room at React Conf when the new React Foundation was announced 💙 with its new home at the Linux Foundation. At @openjsf.org we’re celebrating this big win for JavaScript communities.

React is being fostered going forward with a new foundation!

After using it for almost a year, I guess I can recommend it to people usebruno.com

🔒 The latest issue of my #newsletter is out, number 008. It covers the npm Shai Hulud attack and emergency response, GitHub’s Secure Open Source Fund, new Express releases, and the OpenJS AI Collaboration Space... blog.ulisesgascon.com/newsletter-i...

Just released @nodejs.org 22.20.0. nodejs.org/en/blog/rele...

Welcome @rafaelgss.dev to the @openjsf.org #CNA team! 👏 👏 👏 github.com/openjs-found...

ℹ️ Don't know who needs to hear this but npm has had a --before=<date> flag since v6.9.0 (02/2019): github.com/npm/cli/blob/v… Setting a relative date is easy w/: $ npm install --before="$(date -v -7d)" # & only get registry deps that are over a week olddocs.npmjs.com/cli/v11/usin...re

Lots of GREAT progress and discussion on our @expressjs.bsky.social Performance Working Group. Thanks everyone who is participating as I think this is the second most (security comes first) impactful thing we could be working on. For anyone interested in helping out: github.com/expressjs/pe...

Welcome @bjohansebas.bsky.social to the @expressjs.bsky.social Security Triage team! 👏 👏 👏 github.com/expressjs/se...

🗞️ Exciting update: #webpack now has an official Threat Model! It sets clear boundaries, improves #security awareness, and strengthens our #ecosystem for everyone. 💪 github.com/webpack/security-wg/pull/9

🚩 Keep up to date with @nodejs.org by watching the #Nodejs Security Working Group's last meeting on YouTube! www.youtube.com/watch?v=2_ex...

The maintainer of one of our dependencies, debug, was the target of a phishing attack resulting in the release of [email protected] with malware. Supply chain security is all of our responsibilities. Be careful out there, and for today don't update your deps. socket.dev/blog/npm-aut...

🍿 Exciting news! The @openjsf.org Foundation #AI Collaboration Space holds its first meeting next week. A community hub where developers, maintainers and policy thinkers explore how #JavaScript connects billions of people to #AI. github.com/openjs-found...

🔒 Securing #OpenSource projects is not an easy task. ✨ Here’s a great #initiative helping the #maintainers and community move forward: 👉 openjsf.org/blog/securit...

🗞️ Exciting news: #webpack now has a Security Working Group! We’ll: 👉 Define triage & policies 👉 Guide secure plugin development 👉 Improve report processes 👉 Promote best practices 👉 Support #OpenJS & #OpenSSF initiatives github.com/webpack/secu...

The @expressjs.bsky.social project has helped transfer over iconv-lite (with the awesome effort of @bjohansebas.bsky.social). Hopefully we can be a good home for this package which adds another 446M monthly downloads to the projects scope. github.com/pillarjs/ico...

Say hello to the newest member of the @expressjs.bsky.social family 👋 iconv-lite: Convert character encodings in pure #javascript. And yes… a new release is baking in the oven 🔥 github.com/pillarjs/ico...

✨ The #OSPO Book is here!✨ github.com/todogroup/os...