🎉 npm v12 is here! Install scripts are now off by default, git and remote-URL deps no longer resolve unless you allow them, and 2FA-bypass tokens are starting to be phased out.
Details → https://t.co/IFTxAMKNE6 #nodejs
6 months of Claude Max 20x, on us.
We're expanding Claude for Open Source to more of the community.
If you're a maintainer, a core contributor, someone landing PRs across the ecosystem, or someone keeping a critical package alive, apply today!
📌 Stable versions on Packagist are now immutable. Once published, the commit a version points to can no longer change. Retags are blocked, deletions are tracked with a reason and recoverable, and everything is recorded on the public transparency log.
#php#phpc#composerphp
Plugin devs, how would you respond to this? I mean, sure, the breach was in the plugin, but would've been protected by proper protection (no remote PHP execution from the uploads dir). What's your take?
SMTP submission is now available in beta for Cloudflare Email Service. Send emails through standard clients like Nodemailer and smtplib.
https://t.co/uUD4jxzcJs
‼️ Apple is allegedly building a feature that lets carriers block apps on your iPhone in iOS 27 if you miss a payment.
The string reads: "If your balance isn't paid in full by the time specified in the contract, [carrier] may block access to most of your apps and their associated subscriptions on this iPhone. You'll still be able to use [some apps] and these apps."
The carrier name slots into a placeholder, and a short list of apps would stay usable. Aaron notes the meaning is still unclear.
Screenshot by MacRumors' @aaronp613.