#409 — October 14, 2021 Read on the Web Node Weekly The GitHub Advisory Database Now Powers 1npm audit — 1npm audit is a command you can run to scan your project’s dependencies for known security vulnerabilities. Edward Thomson (GitHub) Node Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will Read more…
Notable Changes crypto update root certificates (Richard Lau) #40280 deps upgrade npm to 8.0.0 (npm team) #40369 update 1nghttp2 to v1.45.1 (thunder-coding) #40206 update V8 to 9.4.146.19 (Michaël Zasso) #40285 tools update certdata.txt (Richard Lau) #40280 Commits [ 134f3021ca3 ] Read more…
#408 — October 7, 2021 Read on the Web Node Weekly Writing Clean JavaScript Tests with the BASIC Principles — An introduction to applying several key principles to shorten, clean, and simplify JavaScript and Node.js-based test suites. Yoni Goldberg Eleventy 1.0 Read more…
Summary The Node.js project will release new versions of the 12.x, 14.x, and 16.x releases lines on or shortly after Tuesday October 12th, 2021 in order to address: Two medium severity issues Impact The 16.x release line of Node.js is Read more…
#407 — September 30, 2021 Read on the Web Node Weekly Guidelines for Choosing a Node.js Framework — Hapi? Koa? Express? Slow down. Unlike a lot of articles, this one doesn’t give you any specific framework suggestions (the list of Read more…
Notable Changes [ 13a60de0135 ] – assert: change status of legacy asserts (James M Snell) #38113 [ 1df37c106a7 ] – (SEMVER-MINOR) buffer: introduce Blob (James M Snell) #36811 [ 1223494c548 ] – (SEMVER-MINOR) buffer: add base64url encoding option (Filip Skokan) Read more…
#406 — September 23, 2021 Read on the Web Node Weekly The Story of 5 RCEs Found in 1npm for $15,000 — A security researcher explains some remote code execution vulnerabilities he found in the 1npm tool and how they Read more…
