Shouldn’t you be using CodeSandbox?

The integrated development environment (IDE) remains the centerpiece of developer tools. Online IDEs have ridden the wave of cloud-based tools, growing in power over the last few years. CodeSandbox is one of the more popular options in that space, and its usage has been increasing recently. CodeSandbox is gaining popularity Read more…

The npm audit that cried wolf?

#​396 — July 8, 2021 Read on the Web Node Weekly 1npm audit : Broken by Design — Dan says it best: “The way 1npm audit works is broken. Its rollout as a default after every 1npm install was rushed, inconsiderate, and inadequate for the front-end tooling.” Dan adopts an Read more…

Get a look at CodeSandbox

The integrated development environment (IDE) remains the centerpiece of developer tools. Online IDEs have ridden the wave of cloud-based tools, growing in power over the last few years. CodeSandbox is one of the more popular options in that space, and its usage has been increasing recently. CodeSandbox is gaining popularity Read more…

Node v16.4.2 (Current)

Notable Changes Node.js 16.4.1 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. Commits [ 176e709ec63 ] – win,msi: use localized “Authenticated Users” name (Richard Lau) Read more…

Node v14.17.3 (LTS)

Notable Changes Node.js 14.17.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. Commits [ 10f00104a2c ] – win,msi: use localized “Authenticated Users” name (Richard Lau) Read more…

Node v12.22.3 (LTS)

Notable Changes Node.js 12.22.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. Commits [ 1182f86a4d4 ] – win,msi: use localized “Authenticated Users” name (Richard Lau) Read more…

Node v14.17.2 (LTS)

Notable Changes Vulnerabilities fixed: CVE-2021-22918: libuv upgrade – Out of bounds read (Medium) Node.js is vulnerable to out-of-bounds read in libuv’s uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node’s dns module’s lookup() function and can lead to information disclosures or crashes. You can Read more…

Node v12.22.2 (LTS)

Notable Changes Vulnerabilities fixed: CVE-2021-22918: libuv upgrade – Out of bounds read (Medium) Node.js is vulnerable to out-of-bounds read in libuv’s uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node’s dns module’s lookup() function and can lead to information disclosures or crashes. You can Read more…

Node v16.4.1 (Current)

Notable Changes Vulnerabilities fixed: CVE-2021-22918: libuv upgrade – Out of bounds read (Medium) Node.js is vulnerable to out-of-bounds read in libuv’s uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node’s dns module’s lookup() function and can lead to information disclosures or crashes. You can Read more…

A little look back..

#​395 — July 1, 2021 Read on the Web ✍️ Several readers have written in asking if we can do more frequent recaps of popular things we’ve covered recently. We do an annual roundup as the final issue of each year – here’s 2020’s – but since we’re now exactly Read more…