'%20d='M69.364%2019.146c36.687%2027.806%2076.147%2084.186%2090.636%20114.439%2014.489-30.253%2053.948-86.633%2090.636-114.439C277.107-.917%20320-16.44%20320%2032.957c0%209.865-5.603%2082.875-8.889%2094.729-11.423%2041.208-53.045%2051.719-90.071%2045.357%2064.719%2011.12%2081.182%2047.953%2045.627%2084.785-80%2082.874-106.667-44.333-106.667-44.333s-26.667%20127.207-106.667%2044.333c-35.555-36.832-19.092-73.665%2045.627-84.785-37.026%206.362-78.648-4.149-90.071-45.357C5.603%20115.832%200%2042.822%200%2032.957%200-16.44%2042.893-.917%2069.364%2019.147Z'/%3e%3c/svg%3e)
Good postmortem on the @tanstack.com supply-chain attack. The key part (which should be called out loudly): never run install on untrusted code inside a `pull_request_target` workflow. tanstack.com/blog/npm-sup...
🦋 Live Bluesky Post
Matt Kane
@mk.gg
❤️ 56 Likes
🔄 12 Reposts
💬 0 Replies
📝 4 Quotes
Created:
Indexed:
Technical Details
Post URI:
at://did:plc:uwbl4k3tza7eyjv3morkrld2/app.bsky.feed.post/3mln3v2o2fk2z Content ID:
bafyreigumzdcp3bxbttws5v2q7d4vpfsaehxicai3liry4cm2qojd7zzh4 Author DID:
did:plc:uwbl4k3tza7eyjv3morkrld2 Languages:
en Live Collection Info
This post was fetched in real-time using the live Bluesky loader. The data is fresh and reflects the current state on Bluesky.