JavaScript

A massive npm supply chain attack compromised TanStack, Mistral AI’s client library, and over 170 packages. Here’s what happened, how the attack worked, and the practical steps you should take today to protect your projects.

Deno 2.3 brings workspace support and improved Node compatibility. With Bun maturing and Node.js evolving, the JavaScript runtime landscape is reaching an interesting equilibrium.

As we enter 2026, the JavaScript runtime ecosystem is more competitive and innovative than ever. Here’s where things stand.

Deno 2.5 brings improved Node.js compatibility and workspace support, signaling that the JavaScript runtime competition is driving real innovation.

With Bun 1.0 maturing, Deno pushing Node compatibility, and Node.js evolving faster than ever, the JavaScript runtime landscape is more interesting than it’s been in years.

Bun, a new JavaScript runtime built on JavaScriptCore and written in Zig, is making waves with extraordinary benchmark numbers. Is it the Node.js challenger we’ve been waiting for?

Deno 1.0 launches with TypeScript support, a security-first permissions model, and a clean break from Node.js conventions — but can it find its niche?

GitHub’s acquisition of npm consolidates the JavaScript ecosystem’s most critical infrastructure under one roof. Here’s why that matters — and what could go wrong.