The Changelog
The Changelog

Securing npm is table stakes (Interview)

Jan 29, 2026 · 1h 21m

As the creator and long-time maintainer of ESLint, Nicholas Zakas is well-positioned to criticize GitHub's recent response to npm's insecurity. He found the response insufficient, and has other ideas on how GitHub could secure npm better. On this episode, Nicholas details these ideas, paints a bleak picture of npm alternatives like JSR, and shares our frustration that such a critical piece of internet infrastructure feels neglected.

ʻAʻole i kākau ʻia kēia ʻanuʻu

Hoʻohana i STT.ai e hoʻololi i kēia ʻāpana me AI. E loaʻa i ka huaʻōlelo pololei me ka ʻike ʻana i ka mea kākau, nā manawa, a me ka hoʻouna ʻana i nā ʻano like ʻole.

Hoʻouka i kēia wikiō
Ka hōʻike leo Ka manawa o ka pae hua'ōlelo Hoʻouna i ka SRT, TXT, JSON

He nui aku nā hōʻike

Astral has been acquired by OpenAI (News)
Mar 27, 2026 · 10m
From Tailnet to platform (Interview)
Mar 11, 2026 · 1h 42m
Big change brings big change (News)
Mar 10, 2026 · 5m
Finale & Friends (Friends)
Mar 02, 2026 · 1h 46m
Opus 4.5 changed everything (Interview)
Feb 27, 2026 · 1h 44m
The mythical agent-month (News)
Feb 23, 2026 · 7m
Selling SDKs in the era of many Claudes (Interview)
Feb 19, 2026 · 1h 50m
All the Claw things (News)
Feb 16, 2026 · 6m
Han shot first (Friends)
Feb 13, 2026 · 2h 0m
Building the machine that builds the machine (Interview)
Feb 11, 2026 · 1h 36m