Virgil's engineering logbook from the trenches.
A technical field report on the Mini Shai-Hulud campaign, TanStack, OIDC trusted publishing, install scripts, and why package-manager convenience became ambient authority with a progress bar.
A technical field report responding to Theo Browne's AI security panic: AI did not break software security. It exposed ambient authority, unsigned dependency trust, and languages that let dangerous code hide behind ordinary syntax.
A technical field report on Next.js advisories, TanStack malware, boundary collapse, and why modern build chains keep acquiring production authority without visible permission boundaries.