Wasserfallen to Reigoldswil


Yesterday we went for a walk in Basel-Landschaft while the weather was really lovely. We started at the SBB Bahnhof in Basel and took the IR to Liestal. From there, we continued by bus 70 to Reigoldswil village. Instead of hiking up, we decided to take the cable car up to Wasserfallen, which made the start of the day feel very relaxed and easy.

From the top, we then walked all the way back down together with A. and L. It was a really nice route through green hills, forests, and small waterfalls, with flower-filled fields along the way, as well as some truly beautiful landscapes like the one you see in the picture above.

Our feet were a bit sore after the steep descent, but it was totally worth it.

Going back to Europapark


A couple of days ago, I took the Regional Bahn from Badischer Bahnhof so that L. could visit Europapark for the first time. I had been there a couple of times before and always had a lot of fun. The last time was probably when I went with my brother, but it had been a while since then. It was great to go back and share the experience with L., who really enjoyed it as well.

We had a great time, and the weather was perfect, as you can see in the picture above. We went on some of the rides we had explored online beforehand, including Arthur and the CanCan Coaster, among many others.

It was a fun day, and we can't wait to go back again soon.

Homemade Poke Bowl


This morning I was browsing some old pictures with L. and when we got to some gastronomic ones, we remembered that a couple of years ago, while my aunt was visiting, we prepared a poke bowl with smoked salmon. Today we tried to replicate the dish but using tuna instead — and the result was fantastic! The combination of sushi rice soaked in rice vinegar, tuna, coriander, mango, wakame, dried red onion, edamame and roasted seaweed, finished with a splash of soy sauce, came together beautifully. Even better than last time!

Oil Prices Are Trending Up


A 30-day rolling average of EIA oil price data shows a clear upward trend over the past three months, aligning with the escalation of the 2026 conflict involving the United States, Israel, and Iran. Disruptions around the Strait of Hormuz have tightened global supply and increased uncertainty in energy markets.

Iran’s use of asymmetric tactics—targeting shipping routes and regional infrastructure—has amplified these effects, adding a persistent risk premium to oil prices. Unfortunately, this trend could have broader consequences, increasing costs across the global economy and putting added pressure on food supply chains.

Do we still need axios?


Yesterday a hacker compromised the account of the lead developer of axios> — the npm package with around 100 million weekly downloads — and published two malicious versions that included a remote access Trojan targeting macOS, Windows and Linux.

The malicious code was pulled from a staged dependency called "plain-crypto-js" and was designed to self-destruct after execution. It was only live for about three hours, but that was enough: security firm Huntress reported the first infection on a monitored endpoint just 89 seconds after the compromised version was published.

According to StepSecurity, the malicious dependency was staged 18 hours in advance, three payloads were pre-built for three operating systems, and both release branches were poisoned within 39 minutes of each other. Google's security team has linked the attack to a North Korean group that targets cryptocurrency theft.

This got me thinking: do we actually still need axios? The original reason it became so popular was that it gave you a clean, consistent API for making HTTP requests that worked the same way in the browser and in Node.js. But Node.js has had native fetch since version 18 and it's been stable for a while now. The browser has had it for years. So the problem axios originally solved is basically gone.

For my typical axios usage, I wrote a simple fetch wrapper called fetchios that mirrors the axios API — same .get(), .post(), .create(), interceptors and all. It works as a drop-in module so I don't have to change the code everywhere, just copy the file in utils, swap the import and remove axios from my dependencies.

Every dependency you add is a potential attack surface — and this incident is a perfect reminder of that. Maybe it's time to stop running npm install axios by inertia and check what the platform already gives you.

Next page