Just 5 months ago we covered how Storybook 9 was in beta, and already Storybook 10 is in beta. The biggest change is that Storybook is going all in on ESM and dropping CJS support, which is making for some big performance gains and smaller bundle sizes.
This past week, npm suffered the largest supply chain attack in its history when a prolific OSS maintainer got phished. Luckily, the attack was noticed and reported within the hour and it looks like the hackers got next to nothing for their efforts, but it serves as another reminder to be extra careful before clicking links in emails.
In the same security vein, browser company Brave uncovered a security vulnerability in AI-browser Comet where malicious instructions on a web page could cause the agent to “go rogue” while it was being asked to summarize a page’s contents. Perplexity has since added more guardrails to try and mitigate this sort of thing, but be cognizant of the data and site access you’re giving to AI agents.
Timestamps:
- 1:12 - Storybook 10
- 7:53 - npm’s supply chain attack
- 17:24 - Brave discloses a security vulnerability in Comet
- 26:38 - You’re absolutely right!
- 35:26 - What’s making us happy
Links:
Thanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.
