Ulises Gascón
#OpenSource Maintainer (@nodejs.org, @expressjs.bsky.social, Lodash, Yeoman...), #TC39 Delegate and #Maker | He/Him
- Just shipped a new newsletter to Sponsors! 🎁 Includes the hard truths of #npm security, #Expressjs updates, and the #Lodash overhaul that put my code in space 🚀. Get early access & support my OSS work here: github.com/sponsors/Uli...
- Hungry now? Here is a snack from the last one: blog.ulisesgascon.com/newsletter-i...
- 😊 It is now accessible on my blog: blog.ulisesgascon.com/newsletter-i...
- 🔖 The latest issue of my #newsletter is live, issue 011. Secure publishing on #npm in 2026, major #Lodash security overhaul, updated security best practices, fresh #Express release backlog & ecosystem insights from talks, CVEs & community work ✨ blog.ulisesgascon.com/newsletter-i...
- We talk constantly about the risks of unmaintained dependencies and supply chain vulnerabilities, but rarely about the complexity of fixing them when the project is as massive as Lodash. This amazing article captures the reality of Open Source sustainability. Thanks @sarahgooding.bsky.social!
- "Security work is emotionally expensive and invisible, and sharing it makes it sustainable." - @ulisesgascon.com Many thanks to @jddalton.bsky.social, @jordan.har.band, and @ulisesgascon.com for their insights on maintaining Lodash and all the hard work put into reviving the project. 💚
