wooo! dinner wednesday night?

How long are you staying ? let's catch up!!

They look great

Mostly, no need to use and IDE. I'm still very much using jetbrains stuff and most agents are baked into vs code clones - claude code is cool as I don't have to change my tools

claude code atm

looking at osv, most of the reports on npm is due to malicious code. Is that right? I find around 85% of malware in the dataset.

What's a computer?

AgentQL Integrations: The Agentic Web begins now that every page is an enpoint | AgentQL Last week, we launched six major integrationseach one a step toward a fully accessible Web, where data flows freely between people, AI agents, and smart workflo...

Last week we launched 6 integrations in 5 days. Here's what you need to know!

You can just ship ESM now 🚀

Node.js 18 is going to reach EOL in April and Node.js 20 and newer can require(esm) so no need for dual packages anymore! 📦

“Use the best tool for the job” continues to mean “I started by assuming I’d use my favorite language and then worked backwards from there and now I want to sound objective about it”

Just CFPed @reactsummit.gitnation.org NYC. I would be so excited to give this talk, wish me luck!

This is insane and pretty cool!

How Does Prototype Pollution Work? www.nodejs-security.com/blog/underst...

I miss living in Australia. Paradoxically, the loneliness of not knowing anyone made me feel so free.

AppSec and QA in the Era of Vibe Coding is going to be awesome

Sooo, new sprint, new blogpost. Once again, there are some CDP involved :p This time, I show how to use multiple languages with a same @playwright.dev browser at once! www.heal.dev/docs/blog/pw...

It's not a real XSS if it was coming from vibe coding

Ok I have the best talk idea ever, a talk so great I am sure I will get some VC reaching out to fund its topic.

Now, this is a talk about nextjs (or react+node) and AI, where should I CFP it?

Get ready for the ultimate developer conference experience!

Join us in London for an action-packed event featuring:

✅ 35 talks across 3 tracks
✅ 6 hands-on workshops covering TypeScript, React, Angular, and AI
✅ FREE community events

🎟️ london.cityjsconf.org

#Speaker #Announcement

🚀 The News of JavaScript’s Death Has Been Greatly Exaggerated!

Join Vladimir @v2t.dev , CEO of heal.dev & Node.js core collaborator, as he explores why JS keeps thriving! #JavaScript #TechTalk

Register now
🎟️ london.cityjsconf.org

Yeah, this is not clear in the post, I meant "only one authenticator can be active at once" is that correct ?

RE: corrupt signature: that'd be a great addition, is there a way of doing it with the CDP? Not sur I got this part really.

good point, yeah this is not clear, I will rephrase this part, to clear that up - let me know if you find other things I need to correct?

here is the post:
www.heal.dev/docs/blog/te...

a touch id modal

I just published a new blogpost on testing WebAuthn!

WebAuthn is a modern authentication system that allows great user experiences such as Touch ID or Face ID!

In this post, I give an overview of WebAuthn and how to test apps that uses it!

Link to the post in the comments!

React Paris: React C'est Magique! Bringing you the latest in the React ecosystem, REACT PARIS hosts confirmed speakers, authors and core team members sharing about the hottest frameworks and the trendiest tech tools; joined by a wide ...

dotJS is the main one - I have seen react.paris is having an event this year. But I have not been speaking to a lot of conf locally these past years. @sheplu.bsky.social should know better than I do

When building an AI-enabled app, always ask, "Who is accountable for the decisions of that system?"

If the answer is "I don't know" or "no one", I have some bad news for you

A hand-drawn, xkcd-style line chart titled “Excitement on AI Over Time.” The vertical axis is labeled “OMG Factor” and the horizontal axis is labeled “Time,” but neither axis has numeric values. The orange line starts low, rises to a peak marked “AI is awesome,” then descends to a trough annotated “Limitations everywhere,” before climbing again to the top line of the chart, labeled “UX Heaven.” At this peak, the line transitions into a dotted horizontal line extending to the right, ending with a question mark, suggesting future uncertainty.

Accurate summary of my journey building an AI-based product. Right now, we’re shipping features at high speed—things that were considered impossible not so long ago, and that many would never believe are actually doable (can't wait to share them!).

What’s next?

(DM open if you want to see magic)

Do I need to double comment on the other place and here too ? :p

Exclusive: The backdoor inserted in v1.95.7 adds an "addToQueue" function which exfiltrates the private key through seemingly-legitimate CloudFlare headers.

Calls to this function are then inserted in various places that (legitimately) access the private key.