<description>Bitwarden's CLI got hit by the Checkmarx supply-chain campaign, TypeScript 7.0 beta lands with the Go-rewritten compiler running ~10x faster than 6.0, and pgBackRest lost its maintainer of thirteen years leaving anyone running production Postgres with a real dependency-trust task this week. We've also got Ubuntu 26.04 LTS shipping with TPM-backed full-disk encryption, and Matz dropping Spinel as an AOT path that takes Ruby to native binaries. This week was a good reminder that the tools we depend on are all moving at once. Security, performance, and maintenance aren't isolated threads.</description>

The Changelog: Software Development, Open Source

Changelog Media

Bitwarden CLI compromised (News)

APR 29, 20268 MIN
The Changelog: Software Development, Open Source

Bitwarden CLI compromised (News)

APR 29, 20268 MIN

Description

Bitwarden’s CLI got hit by the Checkmarx supply-chain campaign, TypeScript 7.0 beta lands with the Go-rewritten compiler running ~10x faster than 6.0, and pgBackRest lost its maintainer of thirteen years leaving anyone running production Postgres with a real dependency-trust task this week. We’ve also got Ubuntu 26.04 LTS shipping with TPM-backed full-disk encryption, and Matz dropping Spinel as an AOT path that takes Ruby to native binaries. This week was a good reminder that the tools we depend on are all moving at once. Security, performance, and maintenance aren’t isolated threads. View the newsletterJoin the discussionChangelog++ members save 2 minutes on this episode because they made the ads disappear. Join today!Sponsors:Coder.com – Secure environments where devs and agents work in parallel. Open by design. Secure by default. Featuring:Adam Stacoviak – Website, GitHub, LinkedIn, Mastodon, X