Avoiding npm Substitution Attacks — Recently there have been some high profile examples of supply chain attacks on popular source code repositories, such as where fake or eponymous packages are published, but you can reduce your attack surface by taking precautions and managing dependencies. Here’s some tips when using
1
npm
.
Isaac Z. Schlueter
An Interview with Ryan Dahl, the Creator of Node.js and Deno — Ryan created Node.js 11 years ago and in recent years has moved on to Deno where he’s attempting a new take at the same idea. This interview touches on Deno’s challenges and Ryan’s love of Rust and Vim.
WebdriverIO v7 Released — WebdriverIO is a popular browser and mobile automation testing framework for Node. v7 brings it over to TypeScript, improves its Google Lighthouse integration, and improves compiler tool integration. There’s even a brief video about the release.
Find Your Next Job Through Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It’s free for job-seekers.
V8’s Route to Faster JavaScript Method Calls — This gets very technical and fast, but it’s fantastic to see how the V8 team continues to address important performance issues in the world’s most widely used JavaScript engine. This work improves the performance of your Node and browser-facing code alike.
SVGO 2.0: A Node-Based SVG Optimizer — If you’ve worked with SVG (Scalable Vector Graphics) at all, you’ve probably seen they can be filled with all sorts of junk code.. SVGO to the rescue. 2.0.0 just came out and drastically reduces the package size while making API changes.
#548 — September 17, 2024 Read on the Web nano-spawn: Tiny Execa-Inspired Process Execution — If you’re familiar with Sindre’s powerful Execa for running commands from a Node app in a robust manner, 1nano-spawn offers Read more…
#547 — September 10, 2024 Read on the Web Express.js 5.0 Released; Sort Of — After a long period of seeming to merely be on life support, work on Express picked up significantly earlier this Read more…
#546 — September 3, 2024 Read on the Web Prisma 5.19.0, Now with ‘Typed SQL’ — Prisma is a popular declaratively-driven ORM in the Node.js / TypeScript world and its new version makes it possible Read more…
0 Comments