Sabitlenmiş Tweet
Ejiro -
4.4K posts
Ejiro -
@ejirocodes
Product Engineer before it became cool, building https://t.co/1LNhvr3ytu, https://t.co/SzyYfa6Cwb, https://t.co/CMzl30XeoR. I'm so much more than I tweet :)
object Object Katılım Eylül 2018
1.2K Takip Edilen1.4K Takipçiler
Ejiro - retweetledi
✨ Shipped Tailwind CSS v4.3!
📜 New scrollbar utilities
🔍 New zoom utilities
⇥ New tab-size utilities
...plus a bunch of other little stuff 🎁
tailwindcss.com/blog/tailwindc…
English
Ejiro - retweetledi
TL;DR for open-source maintainers
🚫 NEVER use "pull_request_target" workflows
🚫 NEVER use shared caches in your publish pipeline
Combining these 2 in particular is extremely dangerous
I've repeated this countless times over the years, but another reminder is always useful
TANSTACK@tan_stack
SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.
English
Ejiro - retweetledi
40% of the code Claude writes for you is wasted. you're paying for the rewrite.
a 65-line markdown file fixes it. 120,000 developers have starred it.
the author tested it on "30 codebases over 6 weeks" and reported a mistake rate drop from 41% to either 11% or 3%
depending on whether you read the headline or the body.
the irony is that the article is right.
CLAUDE.md is the most under-leveraged file in your stack.
65 lines of behavioral rules outperform a 4,000-token preferences dump.
"be careful" is useless. testable imperatives are gold.
"be senior" doesn't work Claude already thinks it is.
the 4 rules that ship the most leverage:
/ state assumptions, never guess silently
/ minimum code, nothing speculative
/ surgical changes, don't refactor adjacent code
/ define success, loop until verified
compliance: ~80%. mistake rate: from ~40% to single digits.
no human caught the contradicting numbers in the title.
nobody had to.
Mnimiy@Mnilax
English
Today I developed and delivered a project using Python,FastAPI and ManticoreSearch. It was a one-time job. It was my first time using it, and it’s an incredible library—I can’t believe I hadn’t come across it before.
github.com/manticoresoftw…
English
Decided to use NestJS for my new project I’m working on
Omo watin be this 🥲
English
Languine is now self-hostable. MIT.
One click deploy on @vercel and you own the entire localization pipeline.
Set up in seconds ⚡
English
@bahdcoder Yep. Two of the domains I bought recently was from them
No need to transfer for DNS config
English
Just use cloudflare bro. You get tons of additional features on your domain all for free.
Elite.dev' 🍂@elite_developer
What's the best place to get domain names, Cloudfare or GoDaddy?
English
"Senior" frontend developer but you no fit create protected routes using JWT tokens to verify Authorization status😂
English
Ejiro - retweetledi
🚀Rolldown 1.0 is here!🚀
Rust-based high-performance JavaScript bundler.
🏎️ Runs at native speed that’s 10~30x faster than Rollup
🤝 Compatible with existing Rollup & Vite plugins
⚡The underlying bunder for Vite 8
After 2 years, Rolldown is officially stable and has 20+M weekly downloads. Companies like Framer & PLAID are already using Rolldown in production.
Thank you to every contributor, user, and team that helped us get here.
English
Ejiro - retweetledi
Midday is joining Ramp
We started Midday to build something we wanted for ourselves and it grew into something much bigger than we expected.
And here is the story behind it 🧵
English
Ejiro - retweetledi
Ejiro - retweetledi
I’m a staff software engineer still in Nigeria 🙂
Ejiro -@ejirocodes
I personally don’t know any staff-level software engineer still in Nigeria. Talents grow to a certain level, then relocate
English