NPM version 11.10.0 (Feb 2026) can now consider the relative age of a package before installing it through the introduction of a new min-release-age config flag.
Limiting package installation based on age is known as dependency cooldown, specifically useful as a low-effort defense to address the rise in supply chain attacks.
Continue reading Give Your Dependencies a RestOpenAI is a research company that focuses on artificial intelligence (AI) and machine learning. Originally founded in 2015, OpenAI’s goal was to “advance digital intelligence in the way that is most likely to benefit humanity as a whole, unconstrained by a need to generate financial return.”
Continue reading How To Use the OpenAI APIAfter reading the Wired story last week about Zachary Harris discovering a widespread vulnerability related to the use of weak cryptographic DKIM keys (less than 1024 bits) by companies like Google, eBay, Yahoo, Twitter and PayPal, and the subsequent CERT warning (VU#268267), I decided to write a quick tool to check DKIM TXT records and determine their key length:
This tool grabs your DKIM DNS TXT record and uses OpenSSL to parse the contained public key to determine its key length.
DigitalOcean provides cloud products for every stage of your journey. Get started with $200 in free credit!
A security vulnerability was discovered at GitHub back in 2012 that made it possible for an attacker to add new SSH keys to arbitrary GitHub user accounts. Although there was no known malicious activity using this exploit, they took the responsible step to email all their users that have SSH keys associated with their account to verify and approve them before they could be used to clone/pull/push repositories over SSH again.
Continue reading GitHub SSH Public Key Fingerprint CheckingHere’s a tip if you are having trouble connecting to GitHub using Eclipse/Egit with a recently generated SSH key pair…
Continue reading Eclipse, EGit, github, jsch and AES-128 encrypted private keys
