Seen somewhere in a Telegram group. So, the shit load now is over the top and daily even worse...
#dependencies
Dependency Hell Just Got Real
A developer tries to install a package and discovers their entire Python environment has become a dependency nightmare.
#python #coding #dependencies #developer #programming #pip #package #install
Wow this is perfect for keeping NPM dependencies secure ๐ฅ
๐ฎ **deputui** โ A TUI for reviewing release notes of your NPM dependencies
๐ฏ Pipe in pnpm outdated, skim release notes and select exactly which updates to install
๐ฆ Written in Rust & built with @ratatui_rs
โญ GitHub: https://github.com/twiddler/deputui
#rustlang #ratatui #tui #npm #pnpm #security #packaging #dependencies
I recently wrote a deep dive exploring some of the reasons why security teams get blindsided by vulnerabilities in Python packages. If you're dealing with alert fatigue or wondering why your team spends hours validating false positives this one's worth your time.
https://www.anaconda.com/blog/python-dependency-architecture-security-alert-fatigue
#Python #OpenSource #Security #Dependencies #DevSecOps
For years I use eslint in TypeScript projects.
New project, new fun, eslint 9.x.x. Minimal config it generates
import js from "@eslint/js";
import globals from "globals";
import tseslint from "typescript-eslint";
import { defineConfig } from "eslint/config";
and 84 dependencies. Before eslint, the project has:
@HaraldKi/lutrujs@0.0.1 /home/harald/work/lutrujs
โโโ prettier@3.8.1
โโโ typescript@5.9.3
Any suggestion for a less intrusive linter?
@katzenmann As they say, there's always a trade off. If you're worried about compilation - don't. Your dependencies are going to be compiled once unless you update. There are other more serious worries about #Rust #dependencies than that.
#Development #Guidelines
Dependency layers in design systems ยท โBe intentional about what you own.โ https://ilo.im/16a01d
_____
#Dependencies #Decisions #Community #Expertise #Codebase #Frameworks #DesignSystems #Development #WebDev #Frontend
Node.js Package Configuration Guide, by @nodejs:
https://nodejs.github.io/package-examples/
#guides #packages #dependencies #configuration #commonjs #esm
Cannot install python3-pyqt6 : Depends: qt6-base-abi (= 6.4.2) #apt #packagemanagement #2404 #dependencies #pyqt
Autoremovable packages after libusb-1.0-0 removal #apt #packagemanagement #2404 #dependencies
#Python:
Where every project is just 1.000.000 #dependencies non resolving #conflicts and "oh we dunno #WorkedOnMyMachine pl0x "
And people ask me why I like #PHP and #JS more ...
yes.
(I can hear it. the python people coming to town and giving me advice on what I'm doing wrong, why pytorch is awesome and.
oh no )
#WeNeedMorePythonDependencyRiots
#repost โขacws #acws
Where every project is just 1.000.000 #dependencies non resolving #conflicts and "oh we dunno #WorkedOnMyMachine pl0x "
And people ask me why I like #PHP and #JS more ...
yes.
(I can hear it. the python people coming to town and giving me advice on what I'm doing wrong, why pytorch is awesome and.
oh no )
#WeNeedMorePythonDependencyRiots
#repost โขacws #acws
Protip:
Never try to even #remotely #code anything for #tensorflow
It. is. hell.
(Either it crashes, or the #dependencies want #python 3.10 as the maintainers are too lalalalalla to like update anything, or too lazy and want to wait till "worth" it.
It
is.
in
sane)
Not fun.
At.
all. NO.
nonononono.
Did I mention "no" ?
Here is a #gif of whether you should mess with #tensorflow :
(It's easy to understand.
very easy):
Never try to even #remotely #code anything for #tensorflow
It. is. hell.
(Either it crashes, or the #dependencies want #python 3.10 as the maintainers are too lalalalalla to like update anything, or too lazy and want to wait till "worth" it.
It
is.
in
sane)
Not fun.
At.
all. NO.
nonononono.
Did I mention "no" ?
Here is a #gif of whether you should mess with #tensorflow :
(It's easy to understand.
very easy):
It was time to update the #JUnit tests in Tom Zhouโs #TweetNacl port of tweetnacl-js to #Java.
The tests were on 4.13.2 and I adjusted them for current 6.0.2.
Now, #dependencies are up-to-date again.
Get it here: https://central.sonatype.com/search?q=tweetnacl-java&smo=true&namespace=org.purejava
They hacked the #AWS #JavaScript SDK, a core library powering the entire @AWScloud ecosystem - including the AWS Console itself ๐คฏ
source: nitter.privacyredirect.com/yuvโฆ
original source: https://x.com/yuvalavra/status/2011842613389726109
#amazon #cloud #service #software #cybersecurity #problem #security #dependencies #internet #hack #hacker #news
#Development #Pitfalls
The 9 levels of JS dependency hell ยท Developers solved each problem, only to create the next https://ilo.im/169mic
_____
#Programming #Coding #Dependencies #JavaScript #Packages #Attacks #AI #WebDev #Frontend #Backend
The Nine Levels of JavaScript Dependency Hell, by @andrewnez:
https://nesbitt.io/2026/01/05/the-nine-levels-of-javascript-dependency-hell.html
Nvidia 570 drivers conflict / deps issues in 24.04 why's it so hard :\ #nvidia #2404 #dependencies
npm to Implement Staged Publishing After Turbulent Shift Off Classic Tokens, by @sarahgooding (@SocketSecurity):
Web Dependencies Are BrokenโCan We Fix Them?, by @leaverou:
Web dependencies are broken. Can we fix them?
Dear JS ecosystem, I love you, but you have a dependency management problem when it comes to the Web, and the time has come for an intervention.
โ by @leaverou
๐คท https://lea.verou.me/blog/2026/web-deps/
#webdev #frontend #npm #javascript #js #fixthem #dependencies #frontend #dev #fixit #broken #web
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst