Security releases available Updates are now available for v16.x, v14.x, and v12.x Node.js release lines for the following issue. We normally like to give advance notice and provide releases in which the only changes are security fixes, but since this vulnerability was already public we felt it was more important Read more…
Notable Changes CVE-2021-22930: Use after free on close http2 on stream canceling (High) Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930 This releases also fixes some Read more…
Notable Changes CVE-2021-22930: Use after free on close http2 on stream canceling (High) Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930 Commits [ 1499e56babe ] – Read more…
Notable Changes Updated npm to 7.20.3 (npm team) #39579 Reverted an ABI-breaking change from V8 9.2 that could impact some native modules (Michaël Zasso) #39624 Fixed a bug in error handling known to affect at least Webpack and Jest (Guy Bedford) #39593 Commits [ 16c769ccedf ] – build: override python Read more…
Notable Changes Say hello to V8 9.2 The V8 engine is updated to version 9.2.230.21. It notably introduces the new 1Array.prototype.at method (also on Typed Arrays and strings): 1234<span class="token keyword">const</span> array <span class="token operator">=</span> <span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">,</span> <span class="token number">2</span><span class="token punctuation">,</span> <span class="token number">3</span><span Read more…
#400 — August 5, 2021 Read on the Web Node Weekly 40+ Node.js Integration Test Best Practices — Component and integration tests are increasingly popular testing techniques for backends. This repository digs into a variety of quick-fire patterns and practices for creating good component tests. There’s also a demo app Read more…
#399 — July 29, 2021 Read on the Web Node Weekly Running CPU-Bound Tasks in Node with Worker Threads — A thorough, practical introduction to using worker threads to get beyond Node’s naturally single-threaded nature. Yarin Ronel ws 8.0: Fast, Stable WebSocket Client and Server for Node — A major update Read more…
Uploading files is a common need for cloud apps. FilePond is a solid open-source project that offers sophisticated file handling and wrappers for many JavaScript frameworks like React and Svelte. This article gives an overview of handling file uploads with FilePond and a Node.js and Express back end. [ Also Read more…
#398 — July 22, 2021 Read on the Web Node Weekly Node-RED 2.0 Released — Node-RED is a now very mature ‘low-code’ Node.js-based programming environment, particularly aimed at connecting together services or IoT devices. The 2.0 release focuses on upgrading dependencies, dropping old Node version support, and an (optional) improved Read more…
#397 — July 15, 2021 Read on the Web Node Weekly A TypeScript Express Starter App — A boilerplate app generator for getting a RESTful API up and running quickly. You can choose from sub-templates covering the basics, using Sequelize, Mongoose, TypeORM, Prisma, or Knex too. 아구몬 Node v16.5.0 (Current) Released Read more…
