Tag: security
6 articles
· pnpm / nodejs
pnpm 10 review — what changed and is it worth upgrading?
pnpm 10 blocks all dependency lifecycle scripts by default — a real supply-chain security win. Here is what changed and who should upgrade now.
· 1password / security
1Password for developers in 2026 — beyond the password vault
Process-isolated SSH agent, automatic Git signing, biometric secrets for Claude Code and AWS — all on Individual. March 2026 price hike changed solo dev math.
· auth / passkeys
Passkey Adoption in 2026: What's Actually Blocking It
Passkeys hit 85–95% auth success on iOS and Android. On Windows desktop they land at 45–60%, and enterprise SSO is architecturally incompatible. Here is the real picture for Node and Edge developers building auth today.
· node / passkeys
Best Passkey/WebAuthn Library for Node.js in 2026
SimpleWebAuthn wins on every measure — 803K weekly downloads, FIDO conformant, TypeScript-native. Here is what to install and when to pick something else.
· macos / security
Best SSH key manager for Mac developers in 2026: 1Password SSH Agent
1Password SSH Agent stores keys in your vault, requires Touch ID per operation, and wires git commit signing in three clicks. It is the right answer for most Mac developers managing multiple hosts.
· supabase / postgresql
Supabase RLS pitfalls — what we learned in production
7 Supabase RLS pitfalls: NULL auth.uid(), service_role leaks, 171ms policies, infinite recursion, privilege escalation — with the exact SQL fix for each.