Eleventy 1.0

#​421 β€” January 20, 2022 Read on the Web Node Weekly Remix vs Next.js β€” While this is a comparison written by the Remix team, it seems open about its methodology and tries to be fair in its comparison. The comparison (and sometimes implicit criticism) of Jamstack has been a Read more…

Node v17.4.0 (Current)

Notable Changes [ 1ef6f98c2e3 ] – (SEMVER-MINOR) child_process: add support for URL to 1cp.fork (Antoine du Hamel) #41225 [ 1d62fe315c2 ] – (SEMVER-MINOR) crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto (James M Snell) #41266 [ 1fcb37e9ce5 ] – doc: add Mesteery to collaborators (Mestery) #41543 [ 14079fc42b7 ] – (SEMVER-MINOR) Read more…

πŸ“¦ Broken packages

#​420 β€” January 13, 2022 Read on the Web Node Weekly JavaScript Developer Breaks Two Popular npm Packages β€” The creator of Faker.js and colors.js, two packages we’ve mentioned quite often, made some unorthodox commits to his projects recently that caused them to either disappear or break in interesting ways Read more…

Node v16.13.2 (LTS)

Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…

Node v14.18.3 (LTS)

Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…

Node v17.3.1 (Current)

Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…

Node v12.22.9 (LTS)

Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…

A simple automated build pipeline for Node.js

Build processes can be quite sophisticated for enterprise applications, but even simple and early-stage projects can benefit from automated build pipelines. This article describes a quick-to-deploy system for running an automated build, test, and deploy pipeline with Node.js, Jenkins, and Git. You’ll need Git and Node/NPM installed on your system Read more…

January 10th 2022 Security Releases

Summary The Node.js project will release new versions of the 12.x, 14.x, 16.x, and 17.x releases lines on or shortly after Monday, January 10th, 2021 in order to address: Three medium severity issues One low severity issue Impact The 17.x release line of Node.js is vulnerable to three medium severity Read more…