Summary The Node.js project will release new versions of 12.x, and 14.x releases lines on or shortly after Tuesday August 31th, 2021 in order to address: Three high severity issues, and two moderate severity issues. Impact The 14.x release line of Node.js is vulnerable to three high severity issues, and Read more…
#402 — August 26, 2021 Read on the Web 📋 In case you missed our notice a couple of weeks ago, we took a week off last week but are now back every week till Christmas 🙂 Don’t forget you can always hit reply to recommend things for us to Read more…
Notable Changes [ 12e90b10f35 ] – doc: deprecate type coercion for 1dns.lookup options (Antoine du Hamel) #38906 [ 1a6d50a18a0 ] – (SEMVER-MINOR) stream: add 1stream.Duplex.from utility (Robert Nagy) #39519 [ 1af7047a815 ] – (SEMVER-MINOR) stream: add 1isDisturbed helper (Robert Nagy) #39628 [ 166400374de ] – (SEMVER-MINOR) util: expose 1toUSVString (Robert Read more…
The integrated development environment (IDE) remains the centerpiece of developer tools. Online IDEs have ridden the wave of cloud-based tools, growing in power over the last few years. CodeSandbox is one of the more popular options in that space, and its usage has been increasing recently. CodeSandbox is gaining popularity Read more…
Cloud-based authentication and authorization platforms—sometimes known as IDaaS, or identity as a service — are an expanding area of cloud tooling, and it’s easy to see why. App security is difficult and error-prone, and virtually every project requires it. The ability to offload much of the work to a dedicated Read more…
Notable Changes fs: experimental: add recursive cp method (Benjamin Coe) #39372 Commits [ 1a80c989306 ] – async_hooks: merge resource_symbol with owner_symbol (Darshan Sen) #38468 [ 169a2a6b6c3 ] – bootstrap: call _undestroy() inside _destroy for stdout and stderr (Matteo Collina) #39685 [ 15bc31ea0aa ] – buffer: add endings option, remove Node.js Read more…
#401 — August 12, 2021 Read on the Web 📋 Node Weekly is taking a little summer vacation next week so we’ll be back for the next time on Thursday, August 26. See you then! 🙂__Peter Cooper, editor Node Weekly August 2021 Security Releases: Node 16.6.2, 14.17.5 and 12.22.5 — Read more…
Notable Changes CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Read more…
Notable Changes CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Read more…
Notable Changes CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Read more…
