How much do we really know about how packages behave on the npm registry?
7y agoen
Source
SnykHow much do we really know about how packages behave on the npm registry?snyk.ioHow many packages on npm can be considered abandoned? How many packages are connected to each other? Let’s explore npm - today’s biggest open source package registry!
You might also wanna read
Investigating npm Packages with the Largest Version Numbers
The author investigates which npm package has the largest version number after noticing the AWS SDK for JavaScript at version 3.888.0. The a
NPM Vulnerability Allows 126 Malicious Packages to Be Downloaded 86,000+ Times
Security researchers have discovered a major vulnerability in NPM (Node Package Manager) that allows attackers to distribute malicious packa
arstechnica.com·8mo agoThe Growing Challenge of Curating New R Packages on CRAN
The article discusses the author's long-running practice of selecting "Top 40" new R packages from CRAN each month. It notes that this task
rworks.dev·13d ago
Exploring crates.io: The Rust Package Registry
The article discusses crates.io, the Rust Package Registry, highlighting its significance in the Rust programming language ecosystem.
176 malicious npm packages used dependency confusion to target internal dependencies and steal credentials
Sonatype researchers uncovered a campaign involving 176 malicious npm packages using a dependency confusion attack strategy. Attackers publi
NPM: Issues with package install, package publish, and login
status.npmjs.org·1y ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.