Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will Read more…
Notable Changes crypto update root certificates (Richard Lau) #40280 deps upgrade npm to 8.0.0 (npm team) #40369 update 1nghttp2 to v1.45.1 (thunder-coding) #40206 update V8 to 9.4.146.19 (Michaël Zasso) #40285 tools update certdata.txt (Richard Lau) #40280 Commits [ 134f3021ca3 ] Read more…
#408 — October 7, 2021 Read on the Web Node Weekly Writing Clean JavaScript Tests with the BASIC Principles — An introduction to applying several key principles to shorten, clean, and simplify JavaScript and Node.js-based test suites. Yoni Goldberg Eleventy 1.0 Read more…
Summary The Node.js project will release new versions of the 12.x, 14.x, and 16.x releases lines on or shortly after Tuesday October 12th, 2021 in order to address: Two medium severity issues Impact The 16.x release line of Node.js is Read more…
#407 — September 30, 2021 Read on the Web Node Weekly Guidelines for Choosing a Node.js Framework — Hapi? Koa? Express? Slow down. Unlike a lot of articles, this one doesn’t give you any specific framework suggestions (the list of Read more…
Notable Changes [ 13a60de0135 ] – assert: change status of legacy asserts (James M Snell) #38113 [ 1df37c106a7 ] – (SEMVER-MINOR) buffer: introduce Blob (James M Snell) #36811 [ 1223494c548 ] – (SEMVER-MINOR) buffer: add base64url encoding option (Filip Skokan) Read more…
#406 — September 23, 2021 Read on the Web Node Weekly The Story of 5 RCEs Found in 1npm for $15,000 — A security researcher explains some remote code execution vulnerabilities he found in the 1npm tool and how they Read more…
Notable Changes [ 1fb226ff2ee ] – (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #39927 [ 185206b7311 ] – deps: upgrade npm to 7.24.0 (npm team) #40167 [ 198f56d179c ] – deps: update Acorn to v8.5.0 (Michaël Zasso) #40015 [ Read more…
Deno 1.14, the latest update to the TypeScript/JavaScript runtime and rival to Node.js, features a number of new additions to the Web Crypto API. The Web Crypto API is a standard JavaScript API for performing cryptographic operations such as hashing, Read more…
