2018-12-07
1008
#node
Alberto Gimeno
105
Dec 7, 2018 ⋅ 3 min read

How to protect your Node.js applications from malicious dependencies

Alberto Gimeno Ecosystem Engineer at GitHub. Sometimes I write about JavaScript, Node.js, and frontend development.

Recent posts:

Debugging RSC hydration mismatches in production

How to fix RSC hydration mismatches in Next.js

Debug RSC hydration mismatches in production with Next.js instrumentation, Suspense isolation, HTML diffing, and CI smoke tests.

Nelson Michael
Jul 2, 2026 ⋅ 15 min read
Why your dependencies are a bigger security risk than your code

Why npm dependencies are a bigger security risk than your code

Explore why npm dependencies are a major supply chain security risk and how to protect JavaScript apps from compromised packages and transitive threats.

Elijah Asaolu
Jun 30, 2026 ⋅ 8 min read
What the React Compiler Actually Does

I let React Compiler handle memoization: Here’s what actually broke

Enabled React Compiler v1.0 on a production Next.js app. Here’s every warning, breakage, and silent opt-out I documented — and what actually worked.

Isaac Okoro
Jun 29, 2026 ⋅ 7 min read
TanStack Start RSC vs. Next.js RSC: Performance, DX, and production readiness

TanStack Start RSC vs. Next.js RSC: Performance, DX, and production readiness

We built the same app in TanStack Start RSC and Next.js RSC. TanStack shipped 40% less JS and built 4x faster — but Next.js is still the safer production bet.

Chizaram Ken
Jun 25, 2026 ⋅ 7 min read
View all posts

Would you be interested in joining LogRocket's developer community?

Join LogRocket’s Content Advisory Board. You’ll help inform the type of content we create and get access to exclusive meetups, social accreditation, and swag.

Sign up now