About 15 results
https://nesbitt.io/2026/01/19/importmap-lock.html · 19 Jan 2026
Extending import maps with package metadata to improve dependency management and security for browser-native JavaScript.
https://nesbitt.io/2026/01/19/a-jepsen-test-for-package-managers.html · 19 Jan 2026
Applying Jepsen-style adversarial testing to package managers.
https://nesbitt.io/2025/12/25/cursed-bundler-using-go-get-to-install-ruby-gems.html · 25 Dec 2025
Go's module system accidentally created a universal, content-addressed, transparency-logged package CDN. You could abuse this for any language.
https://nesbitt.io/2025/12/23/could-lockfiles-just-be-sboms.html · 23 Dec 2025
Lockfiles and SBOMs record the same information in different formats. What if package managers used SBOMs directly, instead of converting later?
https://mariuskimmina.leaflet.pub/3mag5jxux2c2a · 20 Dec 2025 · 🦋 Bluesky
I've been loving all the new apps that have started to emerge in the at-protocol ecosystem, now there isn't just BlueSky but also https://tangled.org/ https://www.flashes.blue/ https://atcr.io/ https://leaflet.pub/home and there is probably even more aweso...