ci-cd

Browse all articles, tutorials, and guides about ci-cd

2posts

Posts

⌘K

2026-06-12|9 min read

npm v12 Will Stop Running Install Scripts. We Audited Our Repos to See What Actually Breaks

Starting with npm v12 (estimated July 2026), dependency install scripts will not run unless you allowlist them. We ran the new audit tooling on our own production repos: 65 packages flagged, 4 that matter, and a surprising amount of nothing breaking.

Security

2026-05-04|13 min read

CVE-2026-3854: A Single git push Owned GitHub

A semicolon in a git push option let any authenticated user run code on GitHub.com's backend and on 88% of self-hosted GitHub Enterprise installs. Here is how the bug worked and what to do.