Dependency Tree Of Doom: When Your NPM Packages Go Rogue

npm dependencies Malware Dependency hell Package management Anime Supply chain Software security

Javascript Programming Frontend Webdev Security

4 months ago 141,117 views 0 shares

Dependency Tree Of Doom: When Your NPM Packages Go Rogue

npm-memes, dependencies-memes, supply-chain-memes, security-memes, malware-memes | ProgrammerHumor.io

When your npm install summons mysterious Japanese packages and your cat-themed AI companions start discussing supply chain security... You're basically running npm install malware at this point. The dependency tree just got a whole lot more suspicious! Those cute anime avatars are the perfect disguise for what's really happening - your project is one kawaii face away from being completely compromised. Next time you blindly accept those package.json updates, remember that Vanilla isn't just following Chocola... she's injecting her own "special" code too.

More Like This

Too relatable that it made me cry

Javascript Programming Testing

10 months ago 68.3K views 0 shares

Too relatable that it made me cry | programming-memes, tech-memes, program-memes, try-memes, test-memes, json-memes, function-memes, unit test-memes, class-memes, dictionary-memes, IT-memes, ide-memes | ProgrammerHumor.io

Content Programming in high school and college: I can write a function to check if a number is a palindrome, a "Dog" class that overrides methods of the "Animal" class, and a dictionary that receives the real name of a superhero as key and returns their secret identity. I suppose that I have enough practice to start the next unicorn that will disrupt a major tech industry. imgtip FIVE YEARS LATER, SEARCHING FOR WORK: hi "What are all of these arcane symbols? How do I unit test? Who is JSON, and why is the letter 'A' missing in his name?" imgfli ProgrammerHumor. io

Knowing how to program is becoming more and more important. Here is how you start:

Javascript Microsoft Azure Programming Linux

3 years ago 80.4K views 0 shares

Knowing how to program is becoming more and more important. Here is how you start: | code-memes, program-memes, test-memes, bug-memes, global-memes, git-memes, visual studio-memes, list-memes, azure-memes, class-memes, dart-memes, warning-memes, error-memes, debug-memes, search-memes, microsoft-memes, IT-memes, console-memes, public-memes, manager-memes, dependencies-memes | ProgrammerHumor.io

Content TYPE YOUR PROGRAM HERE: D Doctrine - Microsoft Visual Studio File Edit View NCrunch GitExt Project Build Debug Team Process: Debug Any CPU al Lifecycle Events Thread: 0 O Server Explorer X Find Results 1 Azure (Not connected) el Data Connections E Servers P S SharePoint Connection Toolbox Search Toolbox 4 General X X X Efind all "doctrine" D:ProjectsDoctrine D: ProjectsDoctrine D:ProjectsDoctrine D: ProjectsDoctrine D:ProjectsDoctrine D:ProjectsDoctrine D progerte Doctrine Error List Entire Solution Search Error List Code Description There are no usable controls in this group. Drag an item onto this text to add it to the toolbox. Output Ready ProdrammerHumor io Ln 4 Col 1 Ch 1 57 Quick Launch (CtrlQ) X Tools Architecture Tact ReSharper Analyze Window Help Sign in IIS Express - o o Capture Frame C A Code Map ? Application Insights I sOL Bi Change Typer he sou lEs the Dertrine Controller.cs X cH Doctr As Doctrir using Systi using Micri using Micr Class.. Solution E. q X Propert... X namespace 1 reference public Sea ca Doctrine. NE ca ExampleWek (X) 0 Errors A 0 Warnings A Search Solution P - ba Solution 'Docti Solution Ite J globalj L src 4 ail Doctrine D a Prop "H Refe D C Doct D 6 C Doct C Doci Proiect File Find Sy... Package Manager Console Package source: All responsible for, nor does it grant any licenses to, third-party packages. Some packages may include dependencies which are 97 NuGet... Find S... INS MIN DO Doctrine M dotnetcore

The Forbidden Button Pattern

Javascript Webdev Programming Frontend

3 months ago 109.7K views 0 shares

The Forbidden Button Pattern

The ultimate reverse psychology UI pattern! Some brilliant dev created buttons that say "Please don't touch this" right next to "Click here to purchase" – essentially guaranteeing everyone will press the forbidden button. It's the digital equivalent of putting a big red button labeled "DO NOT PRESS" in front of curious humans. The implementation is so beautifully lazy yet effective that it deserves a spot in the Hall of Fame for Malicious Compliance . The dev clearly understood that humans are hardwired to do exactly what they're told not to do. Probably knocked this out 5 minutes before the deadline while muttering "ship it and let QA deal with it."

You can fool the normal people but not developers

Javascript Programming Java Linux Databases

4 years ago 69.8K views 0 shares

You can fool the normal people but not developers | developer-memes, javascript-memes, java-memes, jquery-memes, function-memes, performance-memes, network-memes, query-memes, console-memes, product-memes | ProgrammerHumor.io

Content THE DAFNI X SWAROVSKI BAG 25.00 ADD TO CART 3 people are currently looking at this product. GUARANTEED SAFE CHECKOUT I DI Elements Console Sources script type-"textjavascript" Query (function () Network Performance persons viewing this prodiutc setinterval (function() var spanNumber juery".product. viewing"); var number - Math. floor (Math.random() 12) 3; spanNumber. text (number); J, 5000); Memory Application 026 A 8 Styles F thov .c1s element.style margin-top: 19px; eeld05aa236-1. .fl-row, .fl-row- content, .f1-col-

Traditional For Wins Sometimes

Javascript Programming Python Java Debugging

4 months ago 175.6K views 0 shares

Traditional For Wins Sometimes

The eternal battle between fancy modern streams and good ol' for loops! Sure, streams can filter, map, and reduce with the elegance of a ballet dancer, but try debugging that one-liner that spans three monitors. Meanwhile, traditional for loops are just sitting there like "Yeah, I might not be the cool kid anymore, but at least you know exactly which iteration exploded your production server at 3 AM." Sometimes you don't need a Ferrari when a reliable Toyota with an actual dashboard will get you there without the existential crisis of atomized variables.

That's why I don't like web dev

Javascript Java Debugging Frontend Backend

2 years ago 45.7K views 0 shares

That's why I don't like web dev | javascript-memes, java-memes, web-memes, design-memes, bug-memes, electron-memes, machine-memes, performance-memes, url-memes, debug-memes, linker-memes, firefox-memes, ide-memes, mac-memes, language-memes | ProgrammerHumor.io

Content PROBLEM: JAVASCRIPT HAS ALMOST NO STANDARD LIBRARY SOLUTION: THOUSANDS OF COMMUNITY -SUPPORTED LIBRARIES OF WILDLY VARYING QUALITY PROBLEM: JAVASCRIPT HAS NO PACKAGING OR A LINKER TO TIE THESE PACKAGES TOGETHER PROBLEM: JAVASCRIPT WON'T RUN OUTSIDE THE BROWSER SOLUTION: V8 PROBLEM: JAVASCRIPT IS SINGLE -THREAD BY DESIGN SOLUTION: ASYNCHRONOUS PROGRAMMING, NODE. JS PROBLEM: CALLBACK HELL PROBLEM: PROTOTYPAL INHERITANCE IS PANTS -ON- HEAD STUPID THAT'S RIGHT, I SAID IT. PROBLEM: WEB RESOURCES NEED TO BE MINIFIED AND ZIPPED FOR PERFORMANCE PROBLEM: THE DOM IS TOO SLOW FOR VIDEO GAMES SOLUTION: CANVAS PROBLEM: JAVASCRIPT IS TOO SLOW FOR VIDEO GAMES SOLUTION: USE AN ASSEMBLY- LIKE SUBSET OF JAVASCRIPT CALLED ASM.JS PROBLEM: ASM.JS IS BASICALLY UNWRITABLE 4 HUMANS. SOLUTION: COMPILE A BETTER LANGUAGE TO JAVASCRIPT (C, EMASCRIPT 2016, COFFEESCRIPT, JSX) SOLUTION: HUNDREDS OF COMMUNITY SUPPORTED BUILD TOOLS OF WILDLY VARYING QUALITY PROBLEM: GRUNT. SOLUTION: GULP PROBLEM: GULP PROBLEM: MACHINE GENERATED OUTPUT IS MORE DIFFICULT TO DEBUG PROBLEM: ASYNC IS STILL A NIGHTMARE, HUH? PROBLEM: BALLOONING PROJECT SIZE AND COMPLEXITY PROBLEM: JAVASCRIPT STILL DOESN'T DO EVERYTHING PROBLEM: OUTPUT RUNS VERY SLOWLY ON MOBILE DEVICES SOLUTION: ELECTRON, PHONEGAP, FIREFOXOS HOW IS DIGGING GOING TO GET US OUT OF THIS HOLE? WHERE I AM FROM, THE POINT OF DIGGING IS NOT FREEDOM FROM DIGGING