Daniele Cambi

I’ve been working successfully with my extensions and widgets experiments for the past few weeks. So I thought I share it with you and get new ideas and suggestions to improve it. 👉 Say hello to Xtended! pub.dev/packages/xtend…

🚨 How the TanStack npm attack actually happened: 1. Attacker opened a normal-looking pull request (#7378) on the TanStack repo. 2. GitHub automatically ran CI tests on that PR. 3. Code inside the PR stole the workflow's GitHub Actions Cache write token during the test run. 4. The attacker used that token to plant poisoned files in the shared build cache. The PR could be closed afterwards. The poisoned cache stays. 5. The official release workflow later pulled from the cache, baked the malicious files into the build, and signed and published 84 malicious package versions to npm.

Drizzle v1.0.0-rc.1 is out 🚀 ▪︎ Effect v4 native support ▪︎ JIT row mappers to reduce ORM overhead to ~0 ▪︎ Reworked casing API (breaking change) ▪︎ Drizzle for LLM agents (preview) Drizzle is now as fast as using raw driver and mapping(or not mapping) results by hand 🙃

We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin: vercel.com/kb/bulletin/ve…

@theo T3 chat is returning a 401 “OAuth token expired” even if Claude CLI is installed and logged in. Am I missing something?

@ThomasBurkhartB It is indeed such a great name

TIL that the most popular React state management library is named "Zustand" which I find really funny as a German, because, yes, it means "State" but can be used to express annoyance too.

@Paul_ter_Laak @orcdev @convex Did you migrate from SQL? How did the migration look like?

@orcdev @convex I migrated my SaaS platform to it, quite a learning curve to get convex pulled, about 7 weeks in. Production migration this Saturday. Early test show it's way faster, and nothing beats the out of the box sync! Will be starting a blog series next Monday.

convert me to use @convex in one sentence

@orcdev @convex I’m skeptical, how much does it lock you on the platform? How does the data migration from and to convex look like?

🛡️ React Native Security Rule #6 : AsyncStorage is NOT secure storage. If you save tokens, passwords, or credentials there, you’re storing them in plaintext. On rooted/jailbroken devices, attackers can dump it in seconds. AsyncStorage is fully readable. Treat it as public, not private. Never store: • auth tokens • passwords • API secrets Use instead: • expo-secure-store • react-native-keychain • native Keychain / Keystore

@Baconbrix Looks great! Is that going to have an Android counterpart? Or is it gonna be iOS only?

In the next version of Expo Router use <Stack.Header /> to build actions and drop down menus

@Baconbrix @expo Where do I find a list of all available templates? I’d rather use those than refer to the nativewind docs that uses rn-new

Just updated the @Expo Tailwind template to use Tailwind v4, postcss.config.mjs, and no custom babel config! Simpler config and more resilient build pipeline. → Try it now with: ~ / npx create-expo -e with-router-tailwind

@ASalvadorini Now for the final test, is great grandchild barnbarnbarn?

barnbarn -> child's child (grandchild) Last but not least, the bonus 😂👇 bonusmamma -> stepmother bonuspappa -> stepfather So sweet! 🇸🇪

#swedish is such a wonderful language (spoken by @RydMike with many others)! 🙏😇😅 mormor -> mother's mother (grandmother) farmor -> father's mother (grandmother) morfar -> mother's father (grandfather) farfar -> father's father (grandfather) ... ⬇️⬇️⬇️

@tsapeta My guess? Llms.

𝚎𝚡𝚙𝚘-𝚊𝚟 has been deprecated for quite a long time and will be removed in SDK 55, but it still continues to grow on npm. Why do people use it instead of 𝚎𝚡𝚙𝚘-𝚊𝚞𝚍𝚒𝚘 and 𝚎𝚡𝚙𝚘-𝚟𝚒𝚍𝚎𝚘?

@filiphracek I loved this! Looks like we’re a few more than 2, thanks for sharing Filip

New article! This one's a very technical deep dive, with an expected global audience of about 1-2 people. But still, I had fun writing it. filiph.net/text/making-my…

@ASalvadorini @TahaTesser @Angaisb_ We’ve been doing progress, a steady 0.01% per year

@TahaTesser @Angaisb_ Year of Linux desktop has been going on since I can remember, most likely early 90s for me 🙏😇😅

We're finally getting Gemini 3.0 Pro next week It's happening!!!

@ThomasBurkhartB Maybe they’re replaceable though

@ThomasBurkhartB Same, this is one of the heavy aloy knobs, they feel super satisfying. Is the condensator thing causing noise? I get that from time to time

This was what you were waiting for to get to your 18th birthday 😂

@luke_pighetti I love this. Makes me wonder why I have t thought about it before, looks super clean

the Grocery List Pro codebase has 17k lines and "child:" is repeated 622 times. if you want to reduce this to zero and improve flutter's extreme boilerplate, thumbs up this RADICAL BREAKING CHANGE github.com/flutter/flutte…

@ThomasBurkhartB @pedromassangom I understand, it’s a crowded room with too little incentive to do well, especially financial one. Glad you could find a way to make it work

@dancamdev @pedromassangom Honestly Main reason was longtime frustration but it seems you need to reach people differently. And thanks to #Claudecode I now have enough time and motivation to create what I always wanted but what seemed to big of a task for a single developer.

Love how @ThomasBurkhartB got called out in public and learned how to do marketing for his stuff and now getting 5k impressions with a single post. Well done sir 👏