Ambar Mutha
@ambarvm.bsky.social
Frontend Eng at VMware
https://github.com/ambarvm/
https://github.com/ambarvm/
Reposted by Ambar Mutha
The maintainer of one of our dependencies, debug, was the target of a phishing attack resulting in the release of [email protected] with malware.
Supply chain security is all of our responsibilities. Be careful out there, and for today don't update your deps.
socket.dev/blog/npm-aut...
Supply chain security is all of our responsibilities. Be careful out there, and for today don't update your deps.
socket.dev/blog/npm-aut...
npm Author Qix Compromised via Phishing Email in Major Suppl...
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
socket.dev
September 8, 2025 at 6:55 PM
The maintainer of one of our dependencies, debug, was the target of a phishing attack resulting in the release of [email protected] with malware.
Supply chain security is all of our responsibilities. Be careful out there, and for today don't update your deps.
socket.dev/blog/npm-aut...
Supply chain security is all of our responsibilities. Be careful out there, and for today don't update your deps.
socket.dev/blog/npm-aut...
I scored 14/28 on jsdate.wtf and all I got was this lousy text to share on social media.
new Date("wtf")
How well do you know JavaScript's Date class?
jsdate.wtf
July 11, 2025 at 5:55 PM
I scored 14/28 on jsdate.wtf and all I got was this lousy text to share on social media.
Reposted by Ambar Mutha
Do you know someone working at Microsoft that could help us get the @vitest.dev vs code extension verified back?
January 13, 2025 at 2:29 PM
Do you know someone working at Microsoft that could help us get the @vitest.dev vs code extension verified back?
Reposted by Ambar Mutha
And for Vite integration: we are now passing all relevant tests in github.com/rolldown/vite, the temporary fork of Vite that runs on Rolldown instead of esbuild / Rollup. Expect a proper release early 2025!
GitHub - rolldown/vite: No-bundle Dev Server for Vue 3 Single-File Components
No-bundle Dev Server for Vue 3 Single-File Components - rolldown/vite
github.com
December 25, 2024 at 4:18 PM
And for Vite integration: we are now passing all relevant tests in github.com/rolldown/vite, the temporary fork of Vite that runs on Rolldown instead of esbuild / Rollup. Expect a proper release early 2025!
Reposted by Ambar Mutha
@juri.dev I remember the nx docs recommend setting `fetch-depth: 0` to make nx-affected work; For us, on a relatively big monorepo, this took 1m40s on CI because it fetches all history😅.
We now found out that setting `filter: tree:0` gets that down to 28s while nx affected still works 🤯
We now found out that setting `filter: tree:0` gets that down to 28s while nx affected still works 🤯
December 4, 2024 at 3:33 PM
@juri.dev I remember the nx docs recommend setting `fetch-depth: 0` to make nx-affected work; For us, on a relatively big monorepo, this took 1m40s on CI because it fetches all history😅.
We now found out that setting `filter: tree:0` gets that down to 28s while nx affected still works 🤯
We now found out that setting `filter: tree:0` gets that down to 28s while nx affected still works 🤯
Reposted by Ambar Mutha
In a nice turn of events, a week after I learned about this API I found a use for it at work.
Thank you @ambarvm.bsky.social for this piece of info. 🙏
(and did I lose `p-mutex`? Nope - I used it to fake this API when running Vitest tests 😁)
Thank you @ambarvm.bsky.social for this piece of info. 🙏
(and did I lose `p-mutex`? Nope - I used it to fake this API when running Vitest tests 😁)
TIL: browsers have a native lock API. It even makes sense!
Goodbye `p-mutex`? Will switch and see.
Learning - first check native API before reaching to a library. These days, you might just find what you're looking for.
developer.mozilla.org/en-US/docs/W...
Goodbye `p-mutex`? Will switch and see.
Learning - first check native API before reaching to a library. These days, you might just find what you're looking for.
developer.mozilla.org/en-US/docs/W...
November 17, 2024 at 12:26 PM
In a nice turn of events, a week after I learned about this API I found a use for it at work.
Thank you @ambarvm.bsky.social for this piece of info. 🙏
(and did I lose `p-mutex`? Nope - I used it to fake this API when running Vitest tests 😁)
Thank you @ambarvm.bsky.social for this piece of info. 🙏
(and did I lose `p-mutex`? Nope - I used it to fake this API when running Vitest tests 😁)
Reposted by Ambar Mutha
I have used the web locks api for this.
developer.mozilla.org/en-US/docs/W...
Request lock 🔒
Check if the token is expired with an api call.
Refresh if expired.
Release lock 🔓
developer.mozilla.org/en-US/docs/W...
Request lock 🔒
Check if the token is expired with an api call.
Refresh if expired.
Release lock 🔓
Web Locks API - Web APIs | MDN
The Web Locks API allows scripts running in one tab or worker to asynchronously acquire a lock, hold it while work is performed, then release it. While held, no other script executing in the same orig...
developer.mozilla.org
November 10, 2024 at 5:03 AM
I have used the web locks api for this.
developer.mozilla.org/en-US/docs/W...
Request lock 🔒
Check if the token is expired with an api call.
Refresh if expired.
Release lock 🔓
developer.mozilla.org/en-US/docs/W...
Request lock 🔒
Check if the token is expired with an api call.
Refresh if expired.
Release lock 🔓
Reposted by Ambar Mutha
November 8, 2024 at 6:40 AM