vlt

2025-11-19 • security software development package management npm vlt client

The blog post introduces Phased Package Installations, a new approach to package management that separates the installation and building phases to enhance security. Traditional package managers run scripts automatically during ins...

2025-09-18 • project management vlt client security auditing dependency selector host selector

The blog post introduces the new :host selector in vlt's Dependency Selector Syntax (DSS), which allows users to manage dependencies across multiple projects. It explains how the :host selector can be used for cross-project securi...

2025-08-06 • javascript software development dependency management vlt client graph modifiers

The blog post introduces Graph Modifiers, a new feature in vlt that allows developers to customize their dependency graphs with precision. It explains how Graph Modifiers enable users to override specific dependency declarations, ...

2025-08-13 • node.js monorepo vlt client vlx lpx dependency selector

The post introduces the new --scope flag for vlr, vlx, and vlt pkg commands, allowing developers to target specific dependencies in their projects using the Dependency Selector Syntax. This feature enhances precision in running sc...

2025-09-04 • javascript software development dependency gui querying

The blog post discusses significant updates to a GUI that allows users to interactively create queries for managing dependencies in JavaScript projects without needing to know the Dependency Selector Syntax (DSS). It highlights th...

2025-08-21 • software development monorepo npm vlt client

The blog post discusses the new features of the vlt tool for managing releases in projects or monorepos. It introduces commands like 'vlt version', 'vlt pack', and 'vlt publish' that support graph-aware release operations using th...

2025-07-30 • programming software development dependency management catalog vlt client

The blog post announces the introduction of catalog support in vlt, which allows for centralized dependency management across projects. It explains what catalogs are, how to set them up in the vlt.json file, and provides examples ...

2025-05-27 • deno bun node vlt client java specification request

The text introduces the support for installing JSR packages directly with the vlt client, explaining how it works and what it opens up in the future.

2025-05-09 • macos linux windows npm xdg base directory specification vlt client vlx lpx

The text introduces the new vlt exec and vlt exec-cache commands, explaining how they work and how to use them. It describes how vlx and vlxl commands work, and how to use the exec-cache command. It also explains the exec-cache fe...

2025-04-17 • security software development dependency management

The text introduces a new set of security-focused Dependency Selector Syntax (DSS) selectors in the vlt client, powered by Socket, to provide developers with insights into the risks in their dependency trees. It explains the need ...

2025-02-26 • metadata javascript npm packages security policy reproduction

The JavaScript package ecosystem has been under scrutiny due to security and trustworthiness concerns. Provenance systems have limitations, and a new open-source tool called reproduce is designed to independently verify whether a ...

2025-02-13 • gui dashboard dependency management vlt client

The text discusses the new features of VLT's graphical user interface, including the ability to initialize a new project with one click, managing dependencies, saved queries, project-specific and globally accessible saved queries,...

2025-02-04 • dependency graphs monorepo vlt client halfstack phoenix vlt gui

The text is a recap of the HalfStack Phoenix conference, where the author presented a talk titled 'Performing Laparoscopic Lockfile Surgery' about dependency graphs in complex monorepos. The talk focused on the challenges of under...

2024-11-21 • node.js package management serverless computing vlt client nodeconf eu

The vlt team attended NodeConf EU and the Node.js Collaborator Summit to share the first public version of the vlt Client and Serverless Registry. The conference included a technical dive into building a faster package manager, a ...

2024-11-05 • javascript package management configuration management serverless computing registry

Introducing vlt, a new JavaScript package manager and serverless registry. The vlt client offers innovative dependency query selector syntax, export formats, and GUI experience. The vsr serverless package registry provides a uniqu...

2024-10-08 • sustainable living open source software development contributions

The text discusses the team's commitment to the open source ecosystem, their decision to join the Open Source Pledge, and their financial contributions to open source projects and maintainers. They believe in the importance of ope...

2024-06-17 • open source git javascript npm packages build tools and infrastructure vlt client

Luke Karrys announces joining vlt to work on JavaScript packages, expressing excitement for the opportunity and gratitude for his time at GitHub working on npm. He believes npm will continue to be important, but sees the need for ...

2024-06-13 •

...

2024-03-20 • technology innovation digital experience investors

The text introduces the team and investors of vlt technology Inc., highlighting their experience and vision. The team includes Isaac Z. Schlueter, Darcy Clarke, and Ruy Adorno, who have extensive experience in the tech industry. T...

2023-06-27 • git cybersecurity javascript npm packages package management

The npm ecosystem has a massive bug where the manifest of a package is published independently from its tarball, leading to inconsistencies and potential exploitation. The bug impacts cache poisoning, installation of unknown depen...