OpenSSL: CA certificate check bypass with X509_V_FLAG_X509_STRICT – this relates to security checks on certificates with more details here.
OpenSSL: NULL pointer deref in
processing – a TLS server can be made to crash if sent a maliciously crafted renegotiation message.
npm upgrade: Update y18n to fix Prototype-Pollution – Maliciously overwriting the prototypes of objects is called prototype pollution and this affects an issue with that in
. Affects 14.x, 12.x, and 10.x only.
Get Visibility into Your Node Apps with End-To-End Traces — Datadog’s distributed tracing and APM generates flame graphs from real requests, enabling you to visualize app performance in real-time. Pivot seamlessly to related logs and metrics without switching tools for full context. Try Datadog APM free.
Initializer Blocks in V8 9.1 — Sure, it looks a little Java-y, but this new syntax gives you a defined place to put code that runs just once for a defined class. Expect this in Chrome 91 (and therefore V8 9.1, we assume).
Node Development with Docker and Docker Compose — Using Docker and Docker Compose to develop Nod projects can be a good option, especially if working in a team. This article provides a walk-through of a possible setup and some pros and cons of the approach.
#479 — March 23, 2023 Read on the Web 🔒 npm Granular Access Tokens Now Generally Available — The granular access token feature on the npm registry is now generally available, allowing you to restrict Read more…
#478 — March 16, 2023 Read on the Web Shell-Free Scripts with Execa 7.1 — Execa is a popular process execution library for Node and the latest version includes an interesting 1$ method feature for Read more…