Olivia
Online
Marcin.Monoverse
@DigitalThorn
UI Dev Manager | Frontend Eng
---
Frontend engineering enthusiast. Mentor✨ Passionate about: #OpenSource #nodejs #React #NodeJS #Monoverse #MicroFrontends
Oxford, England
Joined May 2015
325 Following
129 Followers
378 Posts
Pinned Tweet
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
https://t.co/Zy8qG7PA9f
Credit to the security researcher for responsible disclosure.
Anyone's else @OpenAI codex, 'out-of-the-blue' requested access to basically everything running on my mac?
i literally never worry about context windows using Codex
it can compact like 3 times and the model still remembers the details somehow
Who to follow
We just released Claude Code channels, which allows you to control your Claude Code session through select MCPs, starting with Telegram and Discord.
Use this to message Claude Code directly from your phone.
New in Claude Code: Remote Control.
Kick off a task in your terminal and pick it up from your phone while you take a walk or join a meeting.
Claude keeps running on your machine, and you can control the session from the Claude app or https://t.co/er6Blrr63e
Excited about this one... Lots of amazing things happening during Railway launch week https://t.co/dxhVHSa9kl
Coding games are the best way to learn coding.
You can improve in CSS, Python, React, JavaScript, and Blockchain through fun games.
Top 10 Robot Game for Learning Programming Concepts: 👇
when you create a Monorepo
⚛�� Main difference between useMemo() and useCallback in React ↓
Today we’re releasing TypeChat (https://t.co/0svSoiFx3r), an open source project that uses AI to bridge between natural language and application schema and APIs. It uses TypeScript in novel and interesting ways. Check it out and let us know what you think. @TypeScript
AI powered tethered drones picking apples 🤯
These drones use AI image recognition models to determine ripeness and sugar levels in the apples.
Then they use a little arm to pick them.
AI & robotics will completely revolutionize the agriculture industry.
A quick thank you to @nextjs team for providing a codemods library for a quick and painless migration. https://t.co/flt7at7JFp
Always bet on React
👉 Component Testing vs. API Testing 👈
Vote for your favorite #Cypress feature in our latest March Madness poll: https://t.co/LI6EMosIn1
A big thank you to all the speakers
You can still watch all the talks on our youtube channel
https://t.co/VA3PlWqo09
@kentcdodds @matteocollina @liran_tal @harshil1712 @danieljcafonso @FawazGhali @motleydev @krystalcampioni @jecfish @AlexTraher @focusotter @timbenniks @leimonio @scriptedalchemy @amirilovic @mhartington @_rafaelgss @alexdotjs @JsfnSchfr @furmanekadam @IObert_ @sasha_khivrych @valorkin Kyle Simpson @NikkitaFTW @italojs_ @gethackteam @tpiros @erickwendel_ @chatterboxCoder @AronovBenjamin
@danielcroe @spences10 @lauragift_ @codebeast
@BethGriggs_ @JsfnSchfr sorry if we forgot someone...
GitHub Copilot has got to be the fastest way to stub out a @prisma schema.
Here are four working models, all relations furnished, in about 30 seconds 🤯
🤯 A colleague just introduced me to @typescript Template Literal Types, and they're game-changing!
In the example code, we use them to ensure a string consists of a number followed by the "px" suffix. #CodingTips
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers