OpenJS + JavaScript Monthly London Meetup = ๐คฉ Join us for the "warm up" to CityJS London!
๐ Wednesday April 15
๐ Tessl Office, 210 Pentonville Rd, London N1 9JY
๐ Details: https://guild.host/events/jsmonthly-205-cityjs-bsmk1x
Throwback Thursday: Christina Koch is taking off ๐ and will be the first woman to journey around the moon.
In 2020, she spoke at OpenJS World about what life is like in outer space as an international crew member of the ISS, and being a female in STEM.
Recap here: https://bit.ly/4smsjsQ
Thank you @jddalton.bsky.social for sharing your story ๐
Lodash gets 100M+ downloads a day. For years, it was maintained by one person: John-David Dalton
Then life happened. He stepped back.
Open source isnโt just code. Itโs people.
Read about our conversation about burnout with John-David here: https://bit.ly/3NWa92P
"The biggest supply-chain risk isnโt abandoned code. Itโs unsupported ecosystems."
At RSAC 2026, @rginn206.bsky.social outlined a consistent pattern across ecosystems: when maintainer capacity does not scale with dependency usage, security risk increases.
Read more on the blog: bit.ly/3PzHKA0
We are thrilled to announce that
@rginn206.bsky.social 206 at @openjsf.org will be joining us for #CityJSLondon event - Come and see Robin speaking at our #WomenInTech panel and delivering interesting talks
Register now
london.cityjsconf.org
ECMAScript EXTRA-SPECIAL excitement ๐
๐จ๐จ๐จ IT'S ABOUT TIME! ๐จ๐จ๐จ
Congrats to @ptomato.name on advancing Temporal to Stage 4 at @tc39.es today ๐
Temporal is the replacement for the JavaScript Date API ๐
Node.js is moving to one major release per year starting with Node 27! ๐
โ
Simpler: Every release becomes LTS.
โ
Predictable: Version numbers now align with the year.
โ
New: A 6-month Alpha channel for early testing.
https://bit.ly/4rnosLg
Yesterday was International Women's Day ๐ We're SO grateful for our women contributors, community members and staff. THANK YOU!
Announcing the @nodejs.org LTS Upgrade and Modernization Program! ๐
We're helping enterprises move safely off end-of-life Node.js versions to reduce security risks with our partnerNodeSource.
Modern Node.js is safer Node.js. Details:
openjsf.org/blog/nodejs-...
We're excited to announce that Socket is joining the @openjsf.org! Proud to support the #JavaScript ecosystem alongside so many great projects and contributors.
socket.dev/blog/socket-...
๐ Weโre thrilled to welcome @socket.dev as our newest Silver member.
Socket is doing critical work to secure the JavaScript ecosystem by helping developers identify and prevent supply chain risks. We're excited to collaborate and make open source safer for everyone! ๐ก๏ธ๐ป
openjsf.org/blog/socket-...
GitHub is funding open source security work across dozens of projects, including OpenJS projects like @nodejs.org and Webpack.
Strong ecosystems are built through sustained investment in the software supply chain, and we appreciate @github.com's continued support of open source maintainers. ๐ซถ
WHAT EVEN IS A CVE!!! โ
@ulisesgascon.com breaks it down and explains what a CVE is and how it helps in our latest short.
You can view all of the shorts in our series on our YouTube Channel too for more security insights ๐ youtube.com/@OpenJSFound...
๐ซฃ
We're testing something, please ignore this ๐ฅธ
[green-grass-grows]
Want to make an impact? Join the OpenJS Foundation. Fund the projects you rely on. Contribute engineer time where it matters.
AI is changing how software vulnerabilities are discovered and how quickly they are reported. For community-led open source projects, this shift is both promising and deeply challenging.
Check out our latest blog on how AI is stress-testing open source security: openjsf.org/blog/ai-is-s...
Big year for security at OpenJS ๐
With support from Alpha Omega, we leveled up security across Node.js and the OpenJS ecosystem in 2025. Faster vulnerability response, automated releases, a new OpenJS CNA, stronger disclosure practices, and hands on support for over 10 projects.
hubs.la/Q040lXwL0
Big thanks to our Cross Project Council for getting it done ๐ช
Happy Friday from our fresh collaboration page. ๐
Want to get involved in our collaboration spaces and projects? Check out the page to see what groups to join and what meetings are happening.
If you care about JavaScript, you belong here. โ๏ธ
openjsf.org/collaboration
nvm.sh users: please upgrade to github.com/nvm-sh/nvm/r... if you're using `wget` on your system, to fix a medium vulnerability (github.com/nvm-sh/nvm/s...).
jQuery UI 1.14.2 is now available. ๐ This release includes improvements to Tabs behavior and removes the mousewheel plugin dependency.
Read the full release notes here: blog.jqueryui.com/2026/01/jque...
Big news ๐ The OpenJS Foundation is bringing a dedicated summit to RenderATL 2026. ๐ฅ
Created by and for the JavaScript and Node.js community. Expect technical talks, real world lessons, and practical takeaways.
Check out the details + register for the conference: hubs.la/Q040sX130
Lodash v4.17.23 is live and features a whole new look for security ๐๐ฅ
Security fixes, stronger governance, and improved maintenance = safer and more reliable for your projects.
Check it out ๐
hubs.la/Q03_NX2J0
New Security Snapshot is live.
@ulisesgascon.com walks through how Express handles security reports, from first contact to shipped patch.
Clear steps, zero panic, just a solid process that keeps users safe. ๐
Oh hi. ๐ We're back with the latest Security Snapshot that covers how to publish to npm safely and with ease. โจ
@rafaelgss.dev breaks down why local publishing with 2FA gives you the safest setup right now.
How did Node.js help you in 2025, and what security changes do you want next year?
Drop your thoughts below. Your feedback shapes the work ahead. ๐ฃ๏ธ
Open Visualization Collaborator Summit Recap ๐ค ๐ป
Our OpenVis community gathered to share updates, experiments, and new ideas across the vis.gl ecosystem and related projects.
๐ Read here for a recap of the event: openjsf.org/blog/open-vi...
How can you ACTUALLY get involved with OpenJS projects??
@ulisesgascon.com gives the download in our latest snapshot.
Join Slack, join our community meetings, or watch recordings.
Come say hi. ๐
