Olivia
Online
Darcy Clarke
@darcy
@vltpkg Founder & Chief End-User Officer
Prev: @GitHub @npmjs Staff EM & @Themify Co-Founder
Proudly 🇨🇦 & investing here...
Toronto
Joined November 2008
2.1K Following
5.9K Followers
9.2K Posts
@rajibmondal_ It's your new favorite package manager
@rough__sea You mean bots right?
If this sounds like you, you should apply on our site: https://t.co/F3eGxlB552
⚡️ We're looking for a DevRel person @vltpkg based in our Toronto 🇨🇦 HQ. You'll work closely w/ me & should love the idea of owning various aspects of product marketing. You'll be vlt's biggest fan & advocate; molding this unique role in a way that plays to your strengths & ours.
Who to follow
Juriy Zaytsev 🇺🇦
@kangax
Ever tried, ever failed, no matter. Try again, fail again, fail better.
Addy Osmani
@addyosmani
Director, @GoogleCloud AI. Gemini ✨ Agents. Prev: Eng. leader, @GoogleChrome • Author • Great user, developer & AI experiences • @GoogleAI @GoogleDeepMind
🦋 @ruyadorno.com
@ruyadorno
Node.js TSC • Building the future of JavaScript packages at https://t.co/M29g9G40iB
Previously @Google, @GitHub, @npmjs
https://t.co/obx4j8XXu4
Notably, I hope this doesn't give the province/feds cover for more real estate bailouts. Government programs, spending & thinking they can employ every Canadian is the problem here.
Not the best way to end Toronto Tech Week that's for sure. I think the boots on the ground have known this for awhile so waiting for technicalities is pretty sad. The bright side is, hard times can create strong people/companies - if they survive.
Canada has now posted three quarterly GDP declines in the past year. Now technically in recession
@motdotla Ugh - any reason for using that acronym in particular? Seems like it's going to cause some confusion.
Everyone needs a metal tee. Varlock long sleeve goes HARD
@DavidSherret I'll also double check on my end
@DavidSherret Wow, that's a totally different problem. Could you share your package.json/config in an issue?
@wesbos I forget, is "fron end developer" the french spelling?
@wesbos Good ol' web archive
Today is a big day for @SocketSecurity. We just raised a $60M Series C at a $1B valuation, led by @ThriveCapital with participation from @a16z, @AbstractVC, and @CapitalOne Ventures. Total funding is now $125M.
Four years ago, we started Socket because open source dependencies were flowing into production faster than anyone could vet them. AI has massively accelerated that. Code is being written, shipped, and deployed before any human reads it. Security has to operate at that same speed.
One data point from Thrive's diligence that I keep coming back to: they first discovered Socket because @cursor_ai, @OpenAI, and @AnthropicAI all independently told them it was the most important security tool they'd adopted for AI-driven development. Three of the most sophisticated AI companies converging on the same vendor unprompted.
Since our Series B, Socket has grown to more than 20,000 organizations, protecting over 1.5 million repositories and blocking more than 1,000 supply chain attacks every week. The team is now over 100 people.
Three out of five FAANG companies are Socket customers. So are the companies building the most ambitious AI products: @AnthropicAI, @cursor_ai, @xai, @figma, @vercel, @Replit, @scale_AI, @GustoHQ, @Mercadolibre, and @cribl_io, alongside Fortune 100s in financial services and global media.
What we've shipped since the last round:
• Socket Firewall blocks malicious packages at install time, before they reach a developer's laptop or CI pipeline. Free for everyone.
• Reachability analysis via our acquisition of Coana, eliminating 50-80% of irrelevant vulnerability alerts by focusing only on CVEs that are actually exploitable.
• Socket Certified Patches for remediating exploitable CVEs in seconds without waiting on upstream maintainers.
• Coverage extending to browser extensions, editor extensions, MCP servers, and AI tools via our acquisition of @secureannex.
When the Axios compromise hit, our detection systems flagged the malicious dependency within six minutes. Within 24 hours, more than 2,000 organizations onboarded to Socket to block it.
Where the funding goes: deeper investment in Firewall, massively expanding Certified Patches, moving protection closer to every point of install across the developer toolchain, and new product launches pushing Socket into a category we haven't entered before.
We're hiring across engineering, sales, customer success, and threat intel.
❤️ Thank you to our customers, investors, and the open-source community for your support. Together, we’re making software safer for everyone.
Just reminded of this thread... and all of the reasons I quit GitHub...
Great article: https://t.co/4GGw6AIq0Y
Notably, this is in part why I quit GitHub. npm package "provenance" was being shoved down our throats by package security "experts" without any meaningful reasons for how it made the ecosystem more secure (but here we are).
https://t.co/GPHyZlAYU3
"This feature enables you to securely publish npm packages directly from CI/CD workflows using OpenID Connect"
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers