Max Strübing

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

What a week! 🌷 Wrapping up an unforgettable #KubeCon + #CloudNativeCon Europe in Amsterdam. Until next time, tot ziens! 🚲🚀⚓ #KubeConEU #CloudNativeCon #TeamKubermatic #Kubernetes #CNCF

And that’s a wrap on Day 1! 🎉 We are blown away by the energy of the #CloudNative community here in Amsterdam. Thank you to everyone who stopped by Booth 820. And what a better way to end the day than at the Stammtisch! 🍻 Get some rest, and we will see you tomorrow! 🌷

Starting my way to Amsterdam for my first @KubeCon_ ever. I'm a little excited 🙌 #Kubermatic #KubermaticTeam @Kubermatic #KubeCon #CloudNativeCon #KubeConCloudNativeCon

@gdb If by correct you mean that your code could still have serious logical errors your post is ~correct

rust is a perfect language for agents, given that if it compiles it's ~correct

Chat-like interfaces replacing traditional UI are gradually exposing that *events* are the fundamental source of truth for state management

I love @EffectTS_ and @elmlang, so I built Foldkit: - The Elm Architecture - In TypeScript - Powered by Effect After 7 years of working on React apps, Foldkit is what I've always wanted frontend dev to feel like. foldkit.dev

Love it! peonping.com

@dimaip Nearly triple the amount of your highest option in your poll :P

@mxstrbng 27.8M they say for the kernel? A lot, but not like crazy a lot.

What's nowadays considered to be a large codebase?

@dimaip LGTM

Github UI isn't ready for this, and it's not even trying to keep up. Such a let down.

@dimaip Just share your thoughts and don't optimize for likes - everything is fine :)

So yeah, twtr has been super important for my career, in terms of navigating the tech landscape. But its algo clearly doesn't like me: after 15 years here, I still get 0-2 likes per tweet, despite all the hot takes I try to share here constantly. Well, at least I can treat is as my personal diary and use it to sharpen my thoughts. #MyXAnniversary

I've made a PR in the @nixos_org pkgs repository and when it got merged got this nice little message from one the maintainers. Love these small things of kindness ♥️

TIL: NodeJS can run TypeScript natively even since v22, you do not even need any special flags. `node typescript_file.ts` will do. 🤯

On the other hand `tmuxinator` itself with just starting projects/terminal sessions saved me a lot of time already.

TIL: with `tmuxinator` you can just use `tmuxinator stop <project>` instead of manually closing all panes/windows. I've been doing this for years and this would have saved me soooo much time.

@m_davies94 I only knew the band "chelsea grin" - googled for chelsea smile and found out it's a song by bring me the horizon. Anyway, what guitar(s) do you have?

I just broke my 6th string playing chelsea smile, I’ve never broken the 6th string before haha

@dimaip I feel honored ♥️

@mxstrbng Exactly. But I want more tweets from you in it.

Saw a lot of SaaS-look-at-my-MRR-build-in-public people in my feed today... Then I realised I was in the wrong "For you" tab. Switched back to "Following" and the life went back to normal.

@makkes Is this even a thing? When I first started programming and build a sample application with a database connection, connection pooling was thrown into my face very quickly by whatever resources I've consumed to get it done at the time.

Just don't let your application open and close connections all the time. wtf is so hard about that?