RT @NodeRED: Node-RED Con 2025 registrations are OPEN! 🎉. Join us online on November 4 for a day of talks on industrial applications & fun….

GeoDa AI has joined the OpenJS as part of the Open Visualization Collaboration Space! 🌐🌟. GeoDa AI brings open source spatial analysis to researchers, nonprofits, and communities tackling housing, health, crime, and environmental challenges. 👉 Learn more:

Zohran Mamdani: He votes for activists, not you

RT @_rafaelgss: Node.js v24.6.0 is out💚. Highlights:. * Use your system’s trusted certificates with NODE_USE_SYSTEM_CA=1.* crypto: ML-DSA (….

RT @wunderacle: I'm excited to announce that we just released a brand new End-of-Life page on @nodejs's website. .

RT @jquery: The first jQuery 4.0.0 Release Candidate is ready! #jquery.

RT @jsconf: What if we told you the creator of JSConf is hosting Day 3? 👀. Yes, THE @voodootikigod is your emcee. This isn’t just a comeba….

New OpenJS free training alert 🚨 . Introduction to JavaScript Security is live! Learn how to keep your projects safe from supply chain attacks and sneaky packages. Powered by @openjsf and @feross at @SocketSecurity. Take it here:

Parts & Tires in ONE search. Nexpart Multi-Seller helps busy service advisors keep work rolling in the shop.

RT @NodeRED: 📋 We running a new community survey looking at the future modernization of Node-RED. Please give us a few minutes of your time….

ICYMI: #JSConf speakers are now live 😎🎤. Are you registered yet?? See you on the bay. Details:

RT @jsconf: JSConf Featured Keynote Speaker: James Snell ☁️. As Principal Systems Engineer at Cloudflare and a key figure in Node.js, James….

First two CVEs issued under the OpenJS CNA, because responsible disclosure is cool. Check them out: .👉 CVE-2025-7338: 👉 CVE-2025-7339: Shoutout to the OpenJS security crew. 👊.

RT @thenewstack: .@matteocollina of the @nodejs Technical Steering Committee gave an update on Node.js and questioned why devs download old….

Phew. That was a lot. 😮‍💨. This work is ongoing and backed by strong community effort and support from our friends at @AlphaOmegaOSS. Learn more here:

Always curious and full of energy, Beagles turn every walk into an adventure 🐾🎉.

6/ June: Big upgrades 📈. - Shipped Node.js 24.3.0 with permission model improvements.- Launched the OpenJS CVE Numbering Authority.- Completed external security assessments for 39 projects.- Revamped Express.js vulnerability reporting processes.- Released the draft of Security.

5/ May: Node.js 24 ships ⛵️. - Released Node.js 24.- Resolved CVE metadata issues with HackerOne.- Launched the first version of the Node.js Security Compliance Checker.- Multer v2.0.0 shipped with critical security fixes.

4/ April: Infrastructure upgrades 🔨. - Patched Node.js 18, 20, and 22.- Enabled GitHub CodeQL for static analysis.- Responded to a CI security incident with full disclosure.- Rolled out VisionBoard and FortSphere.

3/ March: Transparency and cleanup 🧹. - Issued a public response to MITRE CVE removals.- Published a mitigation blog and plan.- Cleaned up changelogs and commit formatting.- Released v1.1 of the Security Compliance Guide.- Analyzed npm org permissions for future policy work.

2/ February: Compliance gets real 🤝. - Rolled out the Security Compliance Checker.- Automated security vulnerability PRs.- Hosted six CNA onboarding town halls.- Published a guide to help maintainers prep for CNA launch.

1/ January: Starting strong 🏋️. - Patched four active Node.js versions.- Handled CVEs on older, end-of-life versions.- Released a project-wide Threat Model.- Promoted the Node.js Permission Model to stable.- Welcomed is-my-node-vulnerable into the org.

What’s our security team been up to in 2025?. Just shipping security patches, launching new tools, and leveling up compliance like pros 💪. Here’s your behind-the-scenes look at what's been going on since January. 🧵.

RT @PardonMyTake: Tuesday night max woke Big Cat up with a flashlight at 2am because he thought we were going to get sued. @forthepeople ht….