mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.1K
active users

#npm

39 posts31 participants4 posts today

Addendum: #siyuan is buggy as fuckery out of the box. My attempts to build the knowledge base constantly ruined.

To be fair, the Moloch thinks it's due to the #NPM (NginX proxy manager) timeouts and store permissions.

But, we will persevere for now.

Centralization in package registries is really problematic: The CSS preprocessor stylus has been flagged as malicious on #npm. So thousands of people and software projects which depend on this package are now failing. All because a completely unrelated software package for "Stylus input" in #ChromeOS seems to be problematic. Seems that they're just flagging packages with "stylus" in their name. #WebDev

github.com/stylus/stylus/issue

current status I have been doing my best to deal with this issue. If you are able to contact an official employee of npmjs directly, please help us resolve this issue. Thank you. https://nvd.nist.g...
GitHub[Pinned] I am currently negotiating with the npmjs official. Please wait for the outcome. · Issue #2938 · stylus/stylusBy iChenLei

Scavenger Malware Compromises Popular npm Packages

The popular npm package eslint-config-prettier was recently published without authorization raising concerns of a supply chain attack.

Pulse ID: 688039a7818cda8d24f2977c
Pulse Link: otx.alienvault.com/pulse/68803
Pulse Author: cryptocti
Created: 2025-07-23 01:23:51

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.