Bootstrap·1yBootstrap 5.3.5
Bootstrap version 5.3.5 has been released to address a regression issue from Autoprefixer that caused floating form labels to always be 'floated' in Firefox. This release includes several documentation and dependency updates. The update is available on the Bootstrap website and on npm.
Astro·1yWhat's new in Astro - April 2025
Astro's April 2025 update highlights recent activities and developments within the ecosystem, including the launch of Astro 5.6 and 5.7 releases, achieving 2 million monthly downloads, and the introduction of new themes and templates. The update also features contributions from the community, recognition of notable adopters, and various integrations and tools. Additionally, insights into the Astro Agency Partner Program and community updates are shared.
Anthony Fu·1yCategorize Your Dependencies
The post discusses the limitations of using dependencies and devDependencies in npm, suggesting a more flexible approach to categorizing dependencies in projects using pnpm catalogs. It introduces various dependency categories beyond production and development, enhancing version management and project maintainability. The post also highlights tooling support for pnpm catalogs and envisions future integration possibilities to improve developer experience.
Tech Lead Digest·1yXRP supply chain attack: Official NPM package infected with crypto stealing backdoor
A sophisticated attack compromised the official xrpl NPM package by inserting a backdoor to steal cryptocurrency private keys, affecting numerous applications and websites. The attack involved releasing unauthorized versions of the package containing malicious code. Users are advised to check if they have used the compromised versions and take immediate steps to secure their wallets. Aikido Intel detected the malware and has updated the threat feed to protect against such vulnerabilities.