Subject: State of JS 2025; npm security plans; JS Handbook 2025 edition; storing data in bigints; library for Temporal API; npm attack; pnpm

Survey (Oct 1–Nov 1): “State of JavaScript 2025”

stateofjs.com github.com/Devographics

npm: “Our plan for a more secure npm supply chain”

github.blog github.com/xcorail github.com/npm

“Today, we’re sharing details of recent npm registry incidents, the actions we took towards remediation, and how we’re continuing to invest in npm security.”

The JavaScript Handbook, 2025 edition (free with newsletter subscription)

flaviocopes.com github.com/flaviocopes

Storing unwise amounts of data in JavaScript bigints

jonathan-frere.com github.com/MrJohz

temporal_rs library powers JavaScript’s Temporal API in the engines V8, Boa and Kiesel

boajs.dev github.com/boa-dev

Podcasts

PodRocket podcast: Unpacking the npm supply chain attacks with Feross Aboukhadijeh

podrocket.logrocket.com github.com/feross

devtools.fm podcast: Zoltan Kochan – pnpm and the future of package management

www.devtools.fm github.com/zkochan github.com/devtools-fm

This email was sent to {{ email | default }}. You can unsubscribe from this list here or update your preferences.