Standard Search

https://nesbitt.io/2026/01/19/importmap-lock.html · 19 Jan 2026

Extending import maps with package metadata to improve dependency management and security for browser-native JavaScript.

package-managers javascript importmap idea

https://nesbitt.io/2026/01/19/a-jepsen-test-for-package-managers.html · 19 Jan 2026

Applying Jepsen-style adversarial testing to package managers.

package-managers idea

https://nesbitt.io/2026/01/18/workspaces-and-monorepos-in-package-managers.html · 18 Jan 2026

How various package managers implement workspaces and their relationship with monorepos.

package-managers monorepo deep-dive

https://nesbitt.io/2026/01/17/lockfile-format-design-and-tradeoffs.html · 17 Jan 2026

Lockfile format tradeoffs, best practices, and a survey of existing formats across package managers.

package-managers deep-dive

https://nesbitt.io/2026/01/14/package-manager-people.html · 14 Jan 2026

People who built, maintain, or research package managers.

package-managers research reference

https://nesbitt.io/2026/01/13/package-manager-glossary.html · 13 Jan 2026

A cross-ecosystem glossary of package management terms.

package-managers reference

https://nesbitt.io/2026/01/10/16-best-practices-for-reducing-dependabot-noise.html · 10 Jan 2026

A practical guide to ignoring security updates responsibly

package-managers dependencies satire

https://nesbitt.io/2026/01/09/package-management-blog-posts.html · 9 Jan 2026

Blog posts, talks, and essays that changed how people think about dependency management.

package-managers history reference

https://nesbitt.io/2026/01/08/brew-vulns-cve-scanning-for-homebrew.html · 8 Jan 2026

A new Homebrew subcommand that scans your installed packages for known vulnerabilities using the OSV database.

package-managers homebrew tools

https://nesbitt.io/2026/01/05/the-nine-levels-of-javascript-dependency-hell.html · 5 Jan 2026

Come, I will show you what I have seen.

package-managers javascript npm satire