technical.cx Sources

Lobsters

Postmortem: TanStack npm supply-chain compromise | TanStack Blog

On 2026-05-11, an attacker chained a pull_request_target Pwn Request, GitHub Actions cache poisoning across the fork↔base trust boundary, and OIDC token extraction from runner memory to publish 84 malicious versions across 42 @tanstack/* packages on npm....

Lobsters

Zig vs Rust in 2026

Nearly 3 years ago, before coding agents, I wrote a bytecode VM and garbage collector in Zig and unsafe Rust, and felt that the human ergonomics of writing unsafe code was in Zig’s favor.

Programming

Programming

Lobsters

Tom's Namespaces: An Odin Fanfic

Tom likes making games. He has worked professionally as a game developer, but he also likes to make games in his free time, as a hobby. He makes these hobby games in a “from scratch” kind of way. This means that he just has a main procedure and imports some...

Programming