OpenSSL: CA certificate check bypass with X509_V_FLAG_X509_STRICT – this relates to security checks on certificates with more details here.
OpenSSL: NULL pointer deref in
1
signature_algorithms
processing – a TLS server can be made to crash if sent a maliciously crafted renegotiation message.
npm upgrade: Update y18n to fix Prototype-Pollution – Maliciously overwriting the prototypes of objects is called prototype pollution and this affects an issue with that in
1
y18n
. Affects 14.x, 12.x, and 10.x only.
Get Visibility into Your Node Apps with End-To-End Traces — Datadog’s distributed tracing and APM generates flame graphs from real requests, enabling you to visualize app performance in real-time. Pivot seamlessly to related logs and metrics without switching tools for full context. Try Datadog APM free.
Initializer Blocks in V8 9.1 — Sure, it looks a little Java-y, but this new syntax gives you a defined place to put code that runs just once for a defined class. Expect this in Chrome 91 (and therefore V8 9.1, we assume).
Shu-yu Guo
💻 Jobs
Find Software Engineering Jobs with Hired — Take 5 minutes to build your free profile & start getting interviews for your next job. Companies on Hired are actively hiring right now.
Hired
Node.js Developer at X-Team (Remote) — Join the most energizing community for developers and work on long-term projects for Riot Games, FOX, Sony, Coinbase, and more.
Node Development with Docker and Docker Compose — Using Docker and Docker Compose to develop Nod projects can be a good option, especially if working in a team. This article provides a walk-through of a possible setup and some pros and cons of the approach.
active-win: Get Metadata About the Active Window — I haven’t thought of a good use for this yet but it’s interesting. Running it in the terminal, say, gives you the title, width, height, x and y of the window.
#479 — March 23, 2023 Read on the Web 🔒 npm Granular Access Tokens Now Generally Available — The granular access token feature on the npm registry is now generally available, allowing you to restrict Read more…
#478 — March 16, 2023 Read on the Web Shell-Free Scripts with Execa 7.1 — Execa is a popular process execution library for Node and the latest version includes an interesting 1$ method feature for Read more…
#477 — March 9, 2023 Read on the Web Feathers 5: The API and Real-Time App Framework — Feathers isn’t as well known as Nest or Fastify, say, but it’s a powerful and mature option Read more…
0 Comments