An Active Typosquatting Campaign Targeting npm Users — Security supply chain company Phylum detected a campaign to ‘typosquat’ against a variety of high profile packages. The idea behind typosquatting is that you claim package names similar to others, such as ‘expresss’ for
1
express
or ‘ignroe’ for
1
ignore
. The discovered packages were removed from the npm registry but this is an issue to keep an eye out for.
Louis Lang (Phylum)
Axios 1.0: A Reasonably Popular HTTP Client Library — We thought you’d like an understatement.. 😁 With 96k GitHub stars and a presence in many thousands of apps, Axios is very popular and it’s amazing it’s just now reached 1.0. The Fetch API has taken much of its thunder, but like jQuery, it wraps up a lot of functionality into a broadly liked API. v1.0 has lots of minor tweaks and enhancements, but is mostly business as usual. (Official homepage.)
On Quality Code: Node.js Design Patterns and Performance — A written transcript of an interview with Luciano Mammino, the author of Node.js Design Patterns, covering all sorts of areas from serverless architecture to design patterns and streams.
Find Tech Jobs with Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It’s free for job-seekers.
#541 — July 23, 2024 Read on the Web Node.js v22.5.0 (Current) Released – But Don’t Install It! — A notable release for three reasons: first, the WebSocket feature in 1node:http is now exposed. Second, remember how Read more…
#540 — July 16, 2024 Read on the Web A Guide to Reading and Writing Node.js Streams — A post from the creator of Fastify (and a Node.js TSC member) is always a treat. Matteo Read more…
#539 — July 9, 2024 Read on the Web Node to Get SQLite Built-In? — Deno has its own built in key/value store powered by SQLite – perhaps Node could gain similar powers by this Read more…
0 Comments