Dictionary Compression is finally here, and it's ridiculously good
https://httptoolkit.com/blog/dictionary-compression-performance-zstd-brotli/
https://httptoolkit.com/blog/dictionary-compression-performance-zstd-brotli/
Httptoolkit
Dictionary Compression is finally here, and it's ridiculously good
Dictionary compression could completely change how applications send data over the web. It's recently gained broad support, and offers absurd real-world...
Forwarded from Mundo JS
https://antares-sql.app/
Open source SQL client
made to be simple.
A modern, fast and productivity driven,
forever 100% free solution with a focus in UX.
Open source SQL client
made to be simple.
A modern, fast and productivity driven,
forever 100% free solution with a focus in UX.
❤5
TL;DR – Turborepo 2.9
Turborepo 2.9, released today, brings a massive performance improvement: Time to First Task is now up to 96% faster. In a large monorepo like Vercel's — with over 1,000 packages — startup time dropped from 8.1 seconds to just 716 milliseconds.
The biggest highlight is turbo query, which has graduated from experimental to stable. It lets you query your monorepo in a simple yet powerful way, either through direct commands (
Another important change: Turborepo now accepts circular dependencies between packages in
There are also some interesting experimental features, like OpenTelemetry support (to send build metrics to tools like Grafana, Datadog, and Honeycomb) and Structured Logging in JSON format.
The release also lays the groundwork for Turborepo 3.0, introducing new "Future Flags" that let you opt into upcoming changes incrementally, alongside several deprecations (such as the removal of the daemon and some legacy commands).
This is a release focused on faster startup, better usability in real-world monorepos, and improved observability tooling. If you maintain large repositories with Turborepo, it's definitely worth upgrading.
via @mundoJS
Turborepo 2.9, released today, brings a massive performance improvement: Time to First Task is now up to 96% faster. In a large monorepo like Vercel's — with over 1,000 packages — startup time dropped from 8.1 seconds to just 716 milliseconds.
The biggest highlight is turbo query, which has graduated from experimental to stable. It lets you query your monorepo in a simple yet powerful way, either through direct commands (
turbo query ls, turbo query affected) or even with GraphQL. It essentially replaces the old turbo-ignore with far more flexibility.Another important change: Turborepo now accepts circular dependencies between packages in
package.json. Instead of throwing an error, it only validates the Task Graph — which makes life a lot easier for teams working with large, imperfectly structured repositories.There are also some interesting experimental features, like OpenTelemetry support (to send build metrics to tools like Grafana, Datadog, and Honeycomb) and Structured Logging in JSON format.
The release also lays the groundwork for Turborepo 3.0, introducing new "Future Flags" that let you opt into upcoming changes incrementally, alongside several deprecations (such as the removal of the daemon and some legacy commands).
This is a release focused on faster startup, better usability in real-world monorepos, and improved observability tooling. If you maintain large repositories with Turborepo, it's definitely worth upgrading.
via @mundoJS
Forwarded from Mundo JS
https://securityonline.info/axios-npm-supply-chain-attack-poisoned-versions-rat/
Uma supply chain attack comprometeu o pacote axios no npm. O atacante assumiu o controle da conta do lead maintainer e publicou versões envenenadas que continham um RAT (Remote Access Trojan) multi-plataforma.
Essas versões maliciosas permitiam roubo de dados, execução de comandos e persistência nos sistemas das vítimas que instalaram ou atualizaram para as versões comprometidas.
O ataque foi detectado e as versões maliciosas foram removidas, mas recomenda-se que usuários verifiquem as versões instaladas de axios e atualizem para versões limpas o quanto antes.
Uma supply chain attack comprometeu o pacote axios no npm. O atacante assumiu o controle da conta do lead maintainer e publicou versões envenenadas que continham um RAT (Remote Access Trojan) multi-plataforma.
Essas versões maliciosas permitiam roubo de dados, execução de comandos e persistência nos sistemas das vítimas que instalaram ou atualizaram para as versões comprometidas.
O ataque foi detectado e as versões maliciosas foram removidas, mas recomenda-se que usuários verifiquem as versões instaladas de axios e atualizem para versões limpas o quanto antes.
Daily CyberSecurity
Axios Under Siege: Critical npm Supply Chain Attack Hijacks Lead Maintainer to Drop Multi-Platform RAT
Axios versions 1.14.1 & 0.30.4 have been poisoned. A hijacked maintainer account is dropping a RAT via postinstall scripts. Revert to safe versions now!
👍1
https://blog.cloudflare.com/emdash-wordpress
A Cloudflare lançou o EmDash, um CMS open-source moderno criado do zero como sucessor espiritual do WordPress.
Ele resolve o principal problema do WP — segurança de plugins (96% das vulnerabilidades vêm deles) — rodando cada plugin em um sandbox isolado (Dynamic Workers) com permissões explícitas declaradas, tipo OAuth.
Principais destaques:
- Construído em TypeScript + Astro
- Serverless e escala a zero (paga só pelo uso de CPU)
- Importa sites do WordPress facilmente
- Autenticação com passkeys por padrão
- Ferramentas de IA nativas
- Monetização via x402 (pay-per-use)
Versão 0.1 já está em beta aberta no GitHub. Basicamente: WordPress, mas seguro por design.
A Cloudflare lançou o EmDash, um CMS open-source moderno criado do zero como sucessor espiritual do WordPress.
Ele resolve o principal problema do WP — segurança de plugins (96% das vulnerabilidades vêm deles) — rodando cada plugin em um sandbox isolado (Dynamic Workers) com permissões explícitas declaradas, tipo OAuth.
Principais destaques:
- Construído em TypeScript + Astro
- Serverless e escala a zero (paga só pelo uso de CPU)
- Importa sites do WordPress facilmente
- Autenticação com passkeys por padrão
- Ferramentas de IA nativas
- Monetização via x402 (pay-per-use)
Versão 0.1 já está em beta aberta no GitHub. Basicamente: WordPress, mas seguro por design.
The Cloudflare Blog
Introducing EmDash — the spiritual successor to WordPress that solves plugin security
Today we are launching the beta of EmDash, a full-stack serverless JavaScript CMS built on Astro 6.0. It combines the features of a traditional CMS with modern security, running plugins in sandboxed Worker isolates.
❤4