for $15,000 — A security researcher explains some remote code execution vulnerabilities he found in the
1
npm
tool and how they added up to $15K in payouts. Few of us need to dig into our tools this deeply but it’s interesting to see behind the curtain a little. (These RCEs prompted the
Electron 15.0.0 Released — Following on rather quickly from v14, Electron is now on a new eight week release cadence. v15 of the popular cross-platform desktop app framework upgrade to Chromium 94, V8 9.4, and Node.js 16.5.0 – none of which are huge advancements (though WebCodecs support may interest some), but it’s always great to see how up to date Electron is kept.
Sofia Nguy and Keeley Hammond
Fast Redis Hosting and Analytics — RedisGreen databases include seamless online upgrades, SSL encryption, key size tracking, memory mapping, and more.
RedisGreen sponsor
Node.js Garbage Collection Explained — Learn how garbage collection and memory management works in practice with Node.js complete with illustrations and code examples. This is an older item but recently updated.
A Next.js ‘New Post’ Node Script — How a developer went about creating a Node-powered script to simplify creating new blog posts in a Next.js-based site.
Node.js Developer at X-Team (Remote) — Join the most energizing community for developers and work on long-term projects for Riot Games, FOX, Sony, Coinbase, and more.
X-Team
Find Tech Jobs with Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It’s free for job-seekers.
#479 — March 23, 2023 Read on the Web 🔒 npm Granular Access Tokens Now Generally Available — The granular access token feature on the npm registry is now generally available, allowing you to restrict Read more…
#478 — March 16, 2023 Read on the Web Shell-Free Scripts with Execa 7.1 — Execa is a popular process execution library for Node and the latest version includes an interesting 1$ method feature for Read more…
#477 — March 9, 2023 Read on the Web Feathers 5: The API and Real-Time App Framework — Feathers isn’t as well known as Nest or Fastify, say, but it’s a powerful and mature option Read more…
0 Comments