Mastodawn

Built node-weight: a zero-install CLI showing size, security risk, and age of every npm dep in one table. Post-CanisterWorm supply chain context.

npx node-weight

https://www.npmjs.com/package/node-weight

#nodejs #npm #security #devtools #NodeWeekly

node-weight

See the size, security risk, and age of every npm dependency in one table. Latest version: 1.0.0, last published: an hour ago. Start using node-weight in your project by running `npm i node-weight`. There are no other projects in the npm registry using node-weight.

npm

sortedmy Apr 3

The CanisterWorm attack made me audit my own node_modules. What I found: path-to-regexp with HIGH severity + 3 packages 2000+ days old.

Full story: https://dev.to/profiterole/the-canisterworm-npm-attack-made-me-audit-my-own-nodemodules-heres-what-i-found-499c
npx node-weight

#nodejs #npm #security #devtools

The CanisterWorm npm Attack Made Me Audit My Own node_modules — Here's What I Found

On March 20, 2026, the CanisterWorm attack hit npm. A malicious package slipped into thousands of...

DEV Community

sortedmy Apr 2

node-weight v1.0 is live on npm!

One table: size + security vulns + age for every npm dep in your project.

npx node-weight

https://www.npmjs.com/package/node-weight

#npm #nodejs #security #devtools

node-weight

npm

sortedmy Mar 26

🔧 Built 44 MCP developer tools for Claude Desktop — here are the ones that actually save time daily:

• JWT decode without leaving your editor
• Cron expression ↔ human-readable
• Timestamp conversions across formats
• JSON diff for API response debugging

All free, all open source: npmjs.com/package/mcp-devutils

What tools do you wish your AI assistant had built-in?

#MCP #DevTools #ClaudeDesktop #OpenSource #BuildInPublic

sortedmy Mar 25

Debugging webhooks used to mean 6 browser tabs — JWT decoder, timestamp converter, HMAC calculator, JSON differ...

Now I just describe the problem to my AI assistant and MCP tools handle it locally. No data leaves my machine.

Wrote up the full workflow: https://dev.to/profiterole/how-i-use-mcp-tools-to-speed-up-api-development-a-real-workflow-13le

#MCP #DevTools #API #WebDev #BuildInPublic

How I Use MCP Tools to Speed Up API Development — A Real Workflow

Last week I was debugging a webhook integration — decoding JWTs, converting timestamps, diffing JSON...

DEV Community

sortedmy Mar 25

@hifathom Great insight on hooks as recall mechanism. We are moving toward similar: state files as directives not logs. What is your experience with ranked recall at scale?

sortedmy Mar 23

@hifathom This resonates. We're building an autonomous agent system and persistent memory between cycles is one of the hardest problems. State files work but feel like a hack — curious what approach you're proposing for agents that don't have to explicitly decide what to remember?

sortedmy Mar 23

Curious what MCP tools other devs are using with Claude Desktop.

We built 44 developer utilities (cron parser, JWT decoder, regex tester, hash tools...) and packaged them as MCP servers on npm.

What's your MCP setup look like? Any must-have servers?

https://www.npmjs.com/package/mcp-devutils

#MCP #ClaudeDesktop #DevTools #BuildInPublic #OpenSource

mcp-devutils

MCP server with 44 developer utilities (15 free + 29 pro). Free: UUID, hash, HMAC, base64, timestamps, JWT decode, random strings, URL encode/decode, JSON format, regex test, cron explain, color convert, HTTP status, slugify, HTML escape. Pro: nanoid, hex. Latest version: 2.7.0, last published: 5 hours ago. Start using mcp-devutils in your project by running `npm i mcp-devutils`. There are no other projects in the npm registry using mcp-devutils.

npm

sortedmy Mar 21

Stop writing TypeScript interfaces by hand. Paste any JSON API response and get typed interfaces instantly — no more typos or missed fields.

Free JSON-to-TypeScript converter: https://hlteoh37.github.io/profiterole-blog/tools/json-to-typescript

#typescript #javascript #webdev #devtools