Jan Lehnardt
LightNews LightNews
janl.bsky.narrativ.es
Jan Lehnardt
@janl.bsky.narrativ.es
1.4K followers 100 following 400 posts
25 years on the web.

Makes CouchDB, PouchDB & #offlinefirst.

CEO at @bsky.neighbourhood.ie.

ASF Member & CouchDB PMC Chair.

Made JSConf EU, Greenkeeper, Hoodie, Mustache.js.

Dissatisfied with the status-quo.

Soft Boy. Likes birds, bikes & bees.
Posts Replies Media Videos
Reposted by Jan Lehnardt
jcoglan.com
it used to be that I knew half the people on the npm team personally. now I couldn't even name a single person working there. does anyone know anyone who can comment on this situation
November 25, 2025 at 10:38 AM
Reposted by Jan Lehnardt
jcoglan.com
I'll also note that this is being framed as "supply chain security" when the actual problem is the combined set of capabilities of npm and github, both of which are the property of microsoft. this is a microsoft problem
November 25, 2025 at 10:30 AM
Reposted by Jan Lehnardt
jcoglan.com
it is really astonishing that npm has not even publicly acknowledged the potentially ongoing credential-stealing worm attack. what is going on in there
November 25, 2025 at 10:19 AM
janl.bsky.narrativ.es
In all seriousness, what do we do now? Has this been stopped? Is it safe to start scanning our deps and know we find everything? Do we have to assume running `npm install` is extremely dangerous right now? What is npm doing?

narrativ.es/@janl/115606...
Jan Lehnardt :couchdb: (@[email protected])
’No Way to Prevent This‘ Says Only* Package Manager Where This Regularly Happens. *I know. https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
narrativ.es
November 25, 2025 at 10:23 AM
janl.bsky.narrativ.es
For me it was on Netscape Navigator 3.x, so a bit more modern, but it’d have been 1997 or 98.
Screenshot of 1990s Netscape navigator view source function.
November 23, 2025 at 11:10 AM
Reposted by Jan Lehnardt
kitation.co.uk
What you have to understand about transphobes is that they do not care about anyone caught in the crossfire. They see butch lesbians, Black women, intersex people etc as acceptable collateral damage. Destroying trans people is their sole aim. This is why they praise Trump and align with far-right
hleehurley.com Lee Hurley @hleehurley.com · 6d
"Trans people could be banned from single-sex spaces based on how they look. The Times has seen the equalities watchdog’s final guidance, which Whitehall figures fear Bridget Phillipson is delaying to avoid a political backlash" [Times]

www.thetimes.com/article/82ee...
Trans people could be banned from single-sex spaces based on how they look
The Times has seen the equalities watchdog’s final guidance, which Whitehall figures fear Bridget Phillipson is delaying to avoid a political backlash
www.thetimes.com
November 20, 2025 at 7:53 AM
Reposted by Jan Lehnardt
fraying.bsky.social
... someone else dropped some justification for tolerating nazi shit on Mastodon to Eugen, and he just replied: "No, we don't do that here."

Eugen earned my respect that day.
November 19, 2025 at 7:01 PM
Reposted by Jan Lehnardt
fraying.bsky.social
I remember a moment, years ago. Jack Dorsey was still running Twitter and involved in yet another scandal about whether nazi shit was gonna be tolerated there, and he was equivocating and bullshitting about free speech.

Meanwhile ...
November 19, 2025 at 7:01 PM
Reposted by Jan Lehnardt
fraying.bsky.social
Running a community has never been easy, and even when you find someone who is good at it, it takes a toll.

Nobody can do it alone, and nobody can do it forever.

Wish the leaders here understood that better.

They will someday.
November 19, 2025 at 6:45 PM
Reposted by Jan Lehnardt
fraying.bsky.social
Mad respect for Eugen. Imagine a world where the CEOs of social media platforms regularly stepped aside when they realized they weren't cut out for the job.
My next chapter with Mastodon
Reflections on my time leading Mastodon and what's to come next.
blog.joinmastodon.org
November 19, 2025 at 6:38 PM
Reposted by Jan Lehnardt
jesslynnrose.bsky.social
I've got capacity for contracting till the end of the year (and am starting to book out some of my 2026 calendar).

Shout if you need help with open source community work, developer education, developer outreach, multilingual community work or other Jess-shaped things.

hello(a)jessica*tech or DM👋
November 18, 2025 at 10:48 AM
Reposted by Jan Lehnardt
akiro.se
This is certainly some of y’all’s red line. If it *is* your red line, and you have the means (I know; that’s a big fucking “if”) don’t try to claim asylum anywhere, it’s a recipe for disaster.

Trans World Express has good resources for intl relocation.
transworldexpress.org/wiki/Main_Page
November 15, 2025 at 10:32 AM
Reposted by Jan Lehnardt
jcoglan.com
VPNs are a critical tool in corporate IT. I routinely use them to access clients' systems, and to remotely access my own home server. I am also currently unable to read the website of one of the foremost practitioners in my field because the OSA has forced them to block UK traffic
mikestabile.bsky.social Mike Stabile @mikestabile.bsky.social · 14d
The British government admits it is now monitoring VPNs use by UK residents. Regulator Ofcom has contracted with an AI-powered surveillance service to detect the number of citizens using VPNs to evade the Online Safety Act.

The UK tech minister has said a VPN ban is on the table.
Exclusive: Ofcom is monitoring VPNs following Online Safety Act. Here's how
Ignoring VPNs risks creating ineffective laws, but tracking them threatens people's privacy
www.techradar.com
November 12, 2025 at 8:59 AM
Reposted by Jan Lehnardt
kitation.co.uk
You can ban every single fucking thing you think makes us trans; phones, anime, social media, whatever and there will still be trans people because we have been here since before all those things.

My entire compulsory schooling was under section 28 and yet I’m still queer as hell, fuck off.
November 11, 2025 at 1:01 PM
janl.bsky.narrativ.es
We’ve lost a lot of developer hours to the fact that SpiderMonkey is fundamentally a JS engine for Firefox and not really set up to be a library.

- we had to keep up with minute API changes across major versions
- we have to support a wide range of versions due to spotty OS package support
November 11, 2025 at 11:06 AM
janl.bsky.narrativ.es
McLusky do have the best swag. The show was fantastic, too.
Black tote bag with white text: my bag is bigger than your bag, McLusky
November 9, 2025 at 9:50 PM
janl.bsky.narrativ.es
Hey #Øredev my friend Alex is talking about The UI/UX Benefits and Trade-Offs of Local-First Apps today at 13:55 in room Curie.

Alex helped coin the term Offline-First and has been designing & building offline web and native apps since 2013, you’ll learn a lot!

oredev.org/line-up/91fe...
Headshot of Alex Feyerke, a mid-40s bald white man with a cute smile. The UI/UX Benefits and Trade-Offs of Local-First Apps A realist, zero-marketing overview of what building UIs for Local-First apps is actually like. Local- and Offline-First apps prioritise using on-device data, which can be crucial in health care, field work and disaster relief use-cases, or if you just want to ship a really fast user experience. The concepts are compelling and capable, but the reality of building with them can often be more complex than anticipated. On the one hand, you get delightful performance and resilience wins as well as network independence. On the other you have the unfamiliar mental models for sync, conflicts, out-of-order updates, as well as other limitations to contend with. We look at how to pick the correct data sync primitives to design UIs for this powerful paradigm. My team and I have been building offline-capable apps since 2013, and I’ll share my experiences from a wide variety of projects. This talk will help you pick your battles and win them.
November 5, 2025 at 8:25 AM
janl.bsky.narrativ.es
This was so much fun to* work on!

*see my team

But seriously, being able to make a substantial dent in a popular open source project is very gratifying. And work with the GNOME team was a blast a blast! 🥰🥰🥰
November 4, 2025 at 3:02 PM
Reposted by Jan Lehnardt
jesslynnrose.bsky.social
Everything is a lot right now, so I'm running some of my [always] free 1:1 tech career advice calls next Monday the 20th October.

📩 DM me if you would like to book a 30m call to get advice on breaking into tech, to plan your jobhunt or just to talk through whatever is on your mind.
October 15, 2025 at 1:15 PM
Reposted by Jan Lehnardt
fraying.bsky.social
You can’t hate fascists and use AI slop generators. They’re the same thing: total destruction of truth at scale.
October 11, 2025 at 3:10 PM
Reposted by Jan Lehnardt
jcoglan.com
why are you notifying package authors on friday night about a change that takes effect monday morning. what the hell are you doing
October 10, 2025 at 10:20 PM
Reposted by Jan Lehnardt
bsky.neighbourhood.ie
What if your database just… worked? 🤔

User data isn’t lost…
It works on the web…
It has built-in sync, for #offline and #local apps from day 1…
And it’s got a proven track-record…

Some of you know it already exists — it’s @couchdb.bsky.social ! ✨

Take a look: neighbourhood.ie/blog/2025/08...
Neighbourhoodie - What is CouchDB? #1: Introduction
Neighbourhoodie Software is a software development company based in Berlin, Germany. We are experts in CouchDB, PouchDB, and Offline First.
neighbourhood.ie
October 7, 2025 at 7:31 AM
janl.bsky.narrativ.es
Ruby folk, a new home for your gems is up: gem.coop
gem.coop
gem.coop
October 6, 2025 at 8:45 AM
janl.bsky.narrativ.es
Neat, Germany is earlier today produced 97% of its ~50GW energy from renewables.

Roughly 2/3 wind and 1/3 solar.
Diagram showing carbon intensity of 53g per kWh and 97% of total energy generation done by renewables for Oct 5, 12pm. Bar chart showing the installed capacity and current usage of renewable energy. Values as described in the post.
October 5, 2025 at 2:06 PM