npmx Weekly #12
This week's digest highlights significant updates and enhancements in the npmx project, focusing on user experience, internationalization, and community engagement.
“The only way to do great work is to love what you do.”
— Steve Jobs
Updates from Missing Control
In our ongoing efforts to enhance the npmx platform, we have made several impactful updates this week. From feature enhancements to community initiatives, here’s what you need to know.
Feature Enhancements for Comparison Page
New features added to the comparison page now include GitHub stars, issues, and creation dates, improving package comparison insights based on user feedback.
Resources
Internationalization Improvements
Significant updates to internationalization have been made, including the addition of missing translations in Chinese, Dutch, French, and Brazilian Portuguese, enhancing accessibility for non-English speakers.
User Profile Enhancements
A fix has been implemented to ensure user profile pages accurately display packages based on npm maintainership rather than repository ownership.
Resources
Security Awareness
'%20d='M69.364%2019.146c36.687%2027.806%2076.147%2084.186%2090.636%20114.439%2014.489-30.253%2053.948-86.633%2090.636-114.439C277.107-.917%20320-16.44%20320%2032.957c0%209.865-5.603%2082.875-8.889%2094.729-11.423%2041.208-53.045%2051.719-90.071%2045.357%2064.719%2011.12%2081.182%2047.953%2045.627%2084.785-80%2082.874-106.667-44.333-106.667-44.333s-26.667%20127.207-106.667%2044.333c-35.555-36.832-19.092-73.665%2045.627-84.785-37.026%206.362-78.648-4.149-90.071-45.357C5.603%20115.832%200%2042.822%200%2032.957%200-16.44%2042.893-.917%2069.364%2019.147Z'/%3e%3c/svg%3e)
We're still alive 👋 To report a vulnerability, you can privately report it via the Security tab at repo.npmx.dev. All security vulnerabilities will be promptly verified and addressed. Thanks for helping us keep npmx.dev secure. Let's build secure websites, together 🤍
patak@patak.cat
So we're back to security through obscurity? Sorry, but this is wrong. Our OSS apps and libs will be more secure thanks to the new models, not less. They are being released to researchers responsibly. Let's help maintainers avoid burnout. Let's fund them. Let's welcome more eyes checking our code.
npmx.dev emphasizes security by encouraging users to report vulnerabilities, fostering a community commitment to safety in web development.
npmx Meetup in London
there's plans for an @npmx.dev meetup brewing this evening in London 👀
April 16, 2026 at 10:17 AM UTCPlans for an npmx meetup in London are underway, providing an opportunity for community engagement and networking among developers and enthusiasts.
Download Graph Discrepancies
Users have reported discrepancies in download graph values between npmx and npmjs, prompting investigations into data sources for accuracy.
Feature Development: Timeline Tab
A new timeline tab is added to the package page, allowing users to view the evolution of a package over time, including significant changes in versions.
Resources
Clipboard Functionality in Safari
Updates have addressed issues with 'Copy as Markdown' functionality in Safari, implementing a custom solution for proper copying of README content.
Resources
GitHub Actions Updates
Recent updates to GitHub Actions include major version upgrades for actions/download-artifact and actions/upload-artifact, introducing new features and ensuring compatibility with Node.js 24.
Introduction of New OG Images
Merged PR #2292 reintroduces new Open Graph images, enhancing the visual presentation of the platform in line with recent branding changes.
Thanks for tuning in to this week’s updates! We’re so glad to have you on this journey with us.
Stay curious, keep building, and we’ll see you right back here next week! ✨