alt.hn

5/23/2026 at 6:25:46 PM

Aube – Node.js package manager in Rust

 https://aube.en.dev/

by brianzelip

5/23/2026 at 11:34:32 PM

Interesting has a 24hr cooldown before trusting package updates and a no-trust option for trusting downgrades given all the npm hacks and issues lately, smart move. I wonder if there's better ways to protect against this.

by giancarlostoro

5/24/2026 at 1:15:21 AM

Same here; I hope the vulnerability discovery process evolves from "letting somebody else find out first". There are tons of vendors that scan the ecosystem, but I'd love something that works automatically at the point of install

by LoganDark

5/24/2026 at 4:40:32 AM

appears vibecoded which doesn't give me confidence, still interesting though.

pnpm has also moved a few of its components from javascript to rust in its latest release

by gu5

5/24/2026 at 1:12:07 PM

> appears vibecoded

??

It's from the author of mise, https://mise.en.dev/.

by brianzelip

5/24/2026 at 5:32:03 PM

Interesting, but it's still vibe coded.

by IshKebab

5/24/2026 at 12:31:20 PM

[dead]

by coalstartprob