Chellappan

51.5K posts

Chellappan

@chellaInTech

#Angular #React #JS #webcomponent #NodeJS #Design Systems #Next.js #FrontEndDev #ChennayinFC-è nel sangue @chennaiyinfc junior vibe coder.

Your heart Entrou em Mayıs 2013

3.6K Seguindo1.3K Seguidores

Tweet fixado

Chellappan@chellaInTech·19 Şub

Warning to customers: @GoNorthEastIN @GoHomestay @GoJammukashmir @GoMaharashtra_ After my earlier tweet, @GoHimachal_ CEO @SidHimachal promised to transfer ₹46K. Still unpaid. No call response, only daily “today” excuses. @VinojBJP please help me recover my money.

English

271

Chellappan retweetou

Ankita Kulkarni@kulkarniankita9·3h

Stop calling "redirect()" inside a try/catch block in Next.js 💡 Here's Why When you add a "redirect()" from "next/navigation" in a try/catch block The redirect() throws a special internal error on purpose and that's how Next.js knows to redirect the user However, if you add redirect in a try block, your catch block will catch it and the user won't redirect 🧠 The Fix → Move redirect() outside the try/catch block

English

342

Chellappan retweetou

Mystica🦋@mysticainf·3h

back to writing this year.. wrote couple of posts about nom dependencies and npm installation strategies. check it out: mystica.me/bytes/npm-depe…

English

118

Chellappan retweetou

Aurora Scharff@aurorascharff·4h

Before Cache Components, one 𝚌𝚘𝚘𝚔𝚒𝚎𝚜() call in your layout made every page dynamic. The precompute pattern encodes request data into the URL to keep pages static. How it works, when Cache Components replace it, and where it still matters ↓ aurorascharff.no/posts/the-prec…

English

1.5K

Chellappan retweetou

Syntax@syntaxfm·23h

Who will be crowned the inaugural March MadCSS Champion? @JoshWComeau OR @stolinski The final premieres TOMORROW at 10AM EST. youtube.com/watch?v=7rOUgT…

YouTube

English

4.1K

Chellappan retweetou

Alex Inkin@Waterplea·23h

This is not an April's Fool joke. Taiga UI 5.0 has hit the npm! 🎉 Check out our shiny new website: taiga-ui.dev/getting-started Then hit: ng update @taiga-ui/cdk or: nx migrate @taiga-ui/cdk nx migrate --run-migrations=migrations.json Changelog: github.com/taiga-family/t… 😎

English

Chellappan@chellaInTech·23h

Hi All Im using the Image component with CloudFront. All domains are in remotePatterns, and it works locally. After deployment remote images fail to load. I even tried a custom loade no luck. Any tips on debugging this post-deployment? @cramforce @samselikoff @timneutkens

English

Chellappan retweetou

Savukku Shankar@SavukkuOfficial·1d

இந்த சங்கி யாரு ? @mkstalin

PttvOnlinenews@PttvNewsX

முழு சங்கியாகவே மாறிவிட்டார்.. - மு.க.ஸ்டாலின் #MKStalin | #DMK | #ADMK | #BJP | #ElectionWithPT

தமிழ்

393

1.8K

38.9K

Chellappan retweetou

MDN Web Docs@MozDevNet·1d

🆕 Document.caretPositionFromPoint() is Newly Available! Give it an (x, y) coordinate and get back the exact DOM node and character offset. Perfect for click-to-edit interfaces. Check it out 👇 developer.mozilla.org/en-US/docs/Web…

English

253

11.4K

Chellappan retweetou

Vercel Developers@vercel_dev·2d

The Vercel security and compute teams have conducted an investigation into the malicious takeover of the 𝚊𝚡𝚒𝚘𝚜@𝟷.𝟷𝟺.𝟷 npm package. • We’ve blocked outgoing access from our build infrastructure to the Command & Control hostname 𝚜𝚏𝚛𝚌𝚕𝚊𝚔.𝚌𝚘𝚖. • The malicious version of the package has been blocked and unpublished from npm. • Vercel’s own infrastructure and applications have been unaffected. • We recommend checking your supply chain for exposure. For more information, read the full advisory ↓ vercel.com/changelog/axio…

English

101

554

79.4K

Chellappan retweetou

Google Maps@googlemaps·2d

Ask Maps is now available to everyone in the U.S. and India. Here are six prompts to get you started. 🧵

English

172

528

5.7K

671.2K

Chellappan retweetou

Andrej Karpathy@karpathy·2d

New supply chain attack this time for npm axios, the most popular HTTP client library with 300M weekly downloads. Scanning my system I found a use imported from googleworkspace/cli from a few days ago when I was experimenting with gmail/gcal cli. The installed version (luckily) resolved to an unaffected 1.13.5, but the project dependency is not pinned, meaning that if I did this earlier today the code would have resolved to latest and I'd be pwned. It's possible to personally defend against these to some extent with local settings e.g. release-age constraints, or containers or etc, but I think ultimately the defaults of package management projects (pip, npm etc) have to change so that a single infection (usually luckily fairly temporary in nature due to security scanning) does not spread through users at random and at scale via unpinned dependencies. More comprehensive article: stepsecurity.io/blog/axios-com…

Feross@feross

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios @1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

English

535

1.1K

10.4K

1.3M

Chellappan retweetou

Socket@SocketSecurity·2d

🚨 Active supply chain attack on axios@1.14.1. The latest version pulls in plain-crypto-js@4.2.1 -- a brand-new package that didn't exist before today. Socket's AI analysis flags it as a malicious obfuscated dropper: runtime deobfuscation, dynamic execSync loading, payload staging to temp/ProgramData directories, and post-execution artifact deletion. Consistent with supply chain malware. We're still investigating. If you use axios, pin your version and audit your lockfile.

English

246

230.9K

Chellappan retweetou

Feross@feross·2d

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

English

530

4.1K

16.3K

11.9M

Chellappan retweetou

Wes Bos@wesbos·2d

‼️Do not npm install or deploy anything right now Supply chain attack on axios 1.14.1 - even if you don’t use axios it may be a nested dep. Pin versions or wait until this is resolved

Maxwell@mvxvvll

@npmjs @GHSecurityLab there is an active supply chain attack on axios@1.14.1 which pulls in a malicious package published today - plain-crypto-js@4.2.1 - someone took over a maintainer account for Axios

English

168

1.8K

1.6M

Chellappan retweetou

Chennaiyin F.C.@ChennaiyinFC·3d

Our cutest and youngest fan ever 😍 #AllInForChennaiyin

English

124

1.5K

Chellappan retweetou

Addy Osmani@addyosmani·4d

I can't remember the last time I was truly stuck on a coding problem. AI agents changed this. Going from "sometimes blocked" to "always moving" is wild.

English

493

30.4K

Chellappan retweetou

Addy Osmani@addyosmani·5d

Build the thing that feels too ambitious. If you're using agents to do exactly what you were doing before - just faster - you may be thinking too small. Ambitious is the right size side-project.

Cheng Lou@_chenglou

My dear front-end developers (and anyone who’s interested in the future of interfaces): I have crawled through depths of hell to bring you, for the foreseeable years, one of the more important foundational pieces of UI engineering (if not in implementation then certainly at least in concept): Fast, accurate and comprehensive userland text measurement algorithm in pure TypeScript, usable for laying out entire web pages without CSS, bypassing DOM measurements and reflow

English

469

63.1K

Chellappan retweetou

Alex Inkin@Waterplea·5d

#AngularTip for the day! You can trigger InjectionToken factory by providing it: { provide: TOKEN }. In case you ever need a default token value again, check out this snippet:

English

Chellappan retweetou

GitHub@github·5d

🆕 The Awesome GitHub Copilot project has a new home. Head over to explore hundreds of community-built customizations: 🔍 Full-text search for agents and skills 📚 A dedicated Learning Hub ⚡ 1-click plugin installs for Copilot CLI & @code Built by the community, for the community. Check it out.👇 awesome-copilot.github.com

English

100

508

47.2K

Chellappan retweetou

Angular@angular·6d

x.com/i/article/2037…

ZXX

14.6K

Descobrir

@JoshWComeau @stolinski @taiga @cramforce @samselikoff @timneutkens @mkstalin @code