The Changelog
The Changelog

Securing npm is table stakes (Interview)

Jan 29, 2026 · 1h 21m

As the creator and long-time maintainer of ESLint, Nicholas Zakas is well-positioned to criticize GitHub's recent response to npm's insecurity. He found the response insufficient, and has other ideas on how GitHub could secure npm better. On this episode, Nicholas details these ideas, paints a bleak picture of npm alternatives like JSR, and shares our frustration that such a critical piece of internet infrastructure feels neglected.

N'eo ket bet treuzskrivet an taol-mañ c'hoazh

Arverañ STT.ai evit treiñ an taol-kaoz-mañ gant AI. Degas skrid a-feson gant dizoleiñ ar c'haozeerien, ar stampoù amzer, hag ezporzhiañ e meur a mentrezh.

Eilañ an taol- mañ
Dinoiñ ar c' honar & Dilemel ar roll Ezporzh evel SRT, TXT, JSON

Troioù-kaer

Astral has been acquired by OpenAI (News)
Mar 27, 2026 · 10m
From Tailnet to platform (Interview)
Mar 11, 2026 · 1h 42m
Big change brings big change (News)
Mar 10, 2026 · 5m
Finale & Friends (Friends)
Mar 02, 2026 · 1h 46m
Opus 4.5 changed everything (Interview)
Feb 27, 2026 · 1h 44m
The mythical agent-month (News)
Feb 23, 2026 · 7m
Selling SDKs in the era of many Claudes (Interview)
Feb 19, 2026 · 1h 50m
All the Claw things (News)
Feb 16, 2026 · 6m
Han shot first (Friends)
Feb 13, 2026 · 2h 0m
Building the machine that builds the machine (Interview)
Feb 11, 2026 · 1h 36m