[September 2025] Web Developer Monthly Newsletter 💻🚀

Welcome to the 87th issue of Web Developer Monthly!

If it’s your first time here, welcome, I like you already. If you want the full back story on the newsletter, head here.

The quick version: I curate and share the most important articles, news, resources, podcasts, and videos from the world of web and software development.

Think the Pareto Principle (80/20 rule) meeting the programming world. I give you the 20% that will get you 80% of the results.

If you're a long time reader, welcome back old friend.

Alright, let's not waste any valuable time and jump right into this month's updates.

Here's what you missed in September 2025 as a Web Developer…

The NPM Saga 🪱

NPM had a big month this month... and it wasn't good. Starting September 8th, a series of packages being pushed to npm, appeared to contains malicious code. These were 18 very popular packages, including npm debug and chalk. That number ballooned over the coming days. We totally dodged a bullet, because this could have been really bad, but somehow all the malware did was modify the destination addresses of cryptocurrency payments mediated via online wallets like MetaMask. So either the attacker was super generous by not diong worse, or completely whiffed this attack.

If you want some updates on this saga, you should also read this. It's now called the "Shai-Hulud" attack (the name of that Dune sandworm).

Github is taking actions to prevent future attacks like this.

I also recommend reading this discussion around how to protect your apps and future apps here.

More NPM Talk 🐡

While we are on the subject, here is a great read on how you should be keeping your package.json under control. This is a must read.

State of JS 🤩

The annual survey for the JavaScript community is out! Feel free to take the survey here. ZTM is usually at the top of this survey as the recommended place to learn JavaScript so let's keep the tradition going. Please don't forget to put us down as your go to place for learning... small things like these is what allows us to continue to create these newsletters free of charge for you. When you get to the Resources section of the survey simply select here:

Infinite love from me if you do this ❤️

React News 💎

React... it's still mostly everyone's favourite library/framework. What crazy things have they been up to?

1. Shopify successfully migrated two of its largest apps, Shopify Mobile and Shopify Point of Sale (POS) to React Native's New Architecture while maintaining weekly releases and serving millions of merchants. Here is how they did it.

2. An opinion piece: React Won by Default – And It's Killing Frontend Innovation

3. Can I use React Server Components (RSCs) today? Mostly.

Top Programming Languages 2025 📺

Usually these sort of articles are just clickbait trash, but this is one of the few places that gives good data and insight. You should check it out.

As expected Python comes first followed by JavaScript (if you combine it with TypeScript, which you should).

Does AI mean the end for the Top Programming Languages? Read the article and find out.

P.S. In December or January, I'll update my own guide to help people decide which programming language they should learn (and why).

JavaScript Trademark ♟

Every couple of months this story pops up with new developments with nothing ever really getting accomplished because Oracle is never going to relenquish the trademark.

But for those who are curious, here is a quick recap of what happened and how it's looking: The JavaScript Trademark problem.

If You Love The Bun 🍞

If you really love Bun, and a super deep dive into how this JavaScript runtime runs fast, check out this article: Running bun install is fast, very fast.

On average, it runs ~7× faster than npm, ~4× faster than pnpm, and ~17× faster than yarn. The difference is especially noticeable in large codebases. What used to take minutes now takes (milli)seconds.

Throttle That JavaScript 👨‍🎤

A fun article: Even if you’ve been doing JavaScript for a while, you might be surprised to learn that setTimeout(0) is not really setTimeout(0). Instead, it could run 4 milliseconds later. Why? Because browsers throttle JavaScript timers. This is a fun little trivia to know.

Do You Know AWS S3 📔

Everyone knows what AWS S3 is... but if you don't you definitely should be aware of it since it's pretty much the backbone of the modern internet. Even fewer comprehend the massive scale it operates at, nor what it took to get there.

This is a really good deep dive and I bet you will learn something interesting no matter your level of experience.

Chrome DevTools MCP 🔮

In the ongoing race to make everything have AI in the title, Chrome DevTools MCP is a newly announced tool from the Chrome team.

It allows AI coding assistants to see and interact with a live Chrome browser. In simple terms, it gives your AI “eyes” in the browser so it’s no longer coding with a blindfold on.

Sure... why not?

AI Coding Trap 🚧

A must read.

If you ever watch someone “coding”, you might see them spending far more time staring into space than typing on their keyboard. No, they (probably) aren’t slacking off. Software development is fundamentally a practice of problem-solving, and so, as with solving a tricky crossword, most of the work is done in your head.

New Libraries and Tools 🗿

There are a ton of shiny new libraries and tools every month which is why I have this dedicated section for them...

• WASM 3.0 is out and is the new live standard!

I guess only one notable mention this month. Moving right along!

News Around the World 🗺

• China announced an interesting law. The law requires explicit and implicit labels for AI-generated text, images, audio, video and other virtual content. What do you think, good move?

• All good in the world, everyone is happy and getting along like usual.

Big Tech News aka AI News 🏢

• Biggest news of the month is the release of Claude Code 2.0 and Claude Sonnet 4.5. Anthropic is probably the leader right now in AI coding.

• Anthropic agreed to pay $1.5 Billion to settle lawsuit with book authors. The settlement is the largest payout in the history of U.S. copyright cases and could lead more A.I. companies to pay rights holders for use of their works.

• X announce their Grok Code Fast 1: a speedy and economical reasoning model that excels at agentic coding.

• In more "is this a bubble?" news, ASML, a leading semiconductor equipment manufacturer, led a series C funding of Mistral A.I. for $1.7 billion dollars. Apparently billions just doesn't mean anything anymore.

• Apple had their big event and announced a bunch of new hardware, with the biggest storyline coming from the new iPhone Air. You can read about all of their announcements here. There is also rumour that they are working on an AI powered web search of their own.

• OpenAI announced updated to their GPT5 Codex, their answer to Claude Code. They also announced ChatGPT Pulse in their ever lasting goal of trying to take over your life.

• Oracle and OpenAI signed a $300 Billion cloud deal. Somehow Oracle keeps making money. The majority of new revenue revealed by Oracle will come from the OpenAI deal.

• In the most "who is buying this and why are they still doing this news", Meta launched Ray-Ban Display: A Breakthrough Category of AI Glasses.

• Nvidia bought a $5 billion stake in Intel. I found this hackernews commenter's take interesting:

Nvidia's stake in Intel could have terrible consequences.

First, it is in Nvidia's interest to kill Intel's Arc graphics, and that would be very bad because it is the only thing brighing GPU prices down for consumers.

Second, the death of Intel graphics / Arc would be extremely bad for Linux, because Intel's approach to GPU drivers is the best for compatibility, wheras Nvidia is actively hostile to drivers on Linux.

Third, Intel is the only company marketing consumer-grade graphics virtualization (SR-IOV), and the loss of that would make Nvidia's enterprise chips the only game in town, meaning the average consumer gets less performance, less flexibility, and less security on their computers.

Completely useless to your career but still great 🙃

• Hosting a WebSite on a Disposable Vape... why not?

• This is the most random thing I have posted here ever, but also the most interesting.

• Low earth orbit visualization... it's busy out there.

• The most incredible WebGL game ever.

Best Resource of the Month ✅

Big O. It's an important concept that has lasted generations of trends and hype cycles. Every single good programmer knows about it and knows the importance of Big O.

If you've been lazy and haven't taken our ZTM course on the topic, this month's article will give you a great insight into the world of Big O. Once you master it, you will be a different type of programmer.

Check out this amazing article here.

You can also check out this free Big O cheat sheet with a Big O video tutorial to help you out as well.

I have to add another one for this month. It's not tech related so it's why I'm putting it here, but I think everyone should read this once: Nine Things I Learned in Ninety Years.

Trick of the Month 🌗

MapSCII - The Whole World In Your Console. The best way to look like a true hacker in a coffeeshop.

Thanks for reading!

Don't be shy now... Share this newsletter with your friends.

See you next month! ❤️

By the way, I teach people how to code and get hired in the most efficient way possible as an Instructor at the Zero To Mastery Academy. You can see a few of our most popular courses below or see all ZTM courses here.