Tag: security

6 articles

· pnpm / nodejs

pnpm 10 review — what changed and is it worth upgrading?

pnpm 10 blocks all dependency lifecycle scripts by default — a real supply-chain security win. Here is what changed and who should upgrade now.

· 1password / security

1Password for developers in 2026 — beyond the password vault

Process-isolated SSH agent, automatic Git signing, biometric secrets for Claude Code and AWS — all on Individual. March 2026 price hike changed solo dev math.

· auth / passkeys

Passkey Adoption in 2026: What's Actually Blocking It

Passkeys hit 85–95% auth success on iOS and Android. On Windows desktop they land at 45–60%, and enterprise SSO is architecturally incompatible. Here is the real picture for Node and Edge developers building auth today.

· node / passkeys

Best Passkey/WebAuthn Library for Node.js in 2026

SimpleWebAuthn wins on every measure — 803K weekly downloads, FIDO conformant, TypeScript-native. Here is what to install and when to pick something else.

· macos / security

Best SSH key manager for Mac developers in 2026: 1Password SSH Agent

1Password SSH Agent stores keys in your vault, requires Touch ID per operation, and wires git commit signing in three clicks. It is the right answer for most Mac developers managing multiple hosts.

· supabase / postgresql

Supabase RLS pitfalls — what we learned in production

7 Supabase RLS pitfalls: NULL auth.uid(), service_role leaks, 171ms policies, infinite recursion, privilege escalation — with the exact SQL fix for each.