OpenSSL: CA certificate check bypass with X509_V_FLAG_X509_STRICT – this relates to security checks on certificates with more details here.
OpenSSL: NULL pointer deref in
1
signature_algorithms
processing – a TLS server can be made to crash if sent a maliciously crafted renegotiation message.
npm upgrade: Update y18n to fix Prototype-Pollution – Maliciously overwriting the prototypes of objects is called prototype pollution and this affects an issue with that in
1
y18n
. Affects 14.x, 12.x, and 10.x only.
Get Visibility into Your Node Apps with End-To-End Traces — Datadog’s distributed tracing and APM generates flame graphs from real requests, enabling you to visualize app performance in real-time. Pivot seamlessly to related logs and metrics without switching tools for full context. Try Datadog APM free.
Initializer Blocks in V8 9.1 — Sure, it looks a little Java-y, but this new syntax gives you a defined place to put code that runs just once for a defined class. Expect this in Chrome 91 (and therefore V8 9.1, we assume).
Shu-yu Guo
💻 Jobs
Find Software Engineering Jobs with Hired — Take 5 minutes to build your free profile & start getting interviews for your next job. Companies on Hired are actively hiring right now.
Hired
Node.js Developer at X-Team (Remote) — Join the most energizing community for developers and work on long-term projects for Riot Games, FOX, Sony, Coinbase, and more.
Node Development with Docker and Docker Compose — Using Docker and Docker Compose to develop Nod projects can be a good option, especially if working in a team. This article provides a walk-through of a possible setup and some pros and cons of the approach.
active-win: Get Metadata About the Active Window — I haven’t thought of a good use for this yet but it’s interesting. Running it in the terminal, say, gives you the title, width, height, x and y of the window.
#444 — June 30, 2022 Read on the Web Working with the File System from Node.js — Dr. Axel seems to be on a bit of a Node kick lately and comes back this week Read more…
Deno is championed as a more-secure alternative to the popular Node.js JavaScript runtime. The 1.0 version of the Deno runtime, which leverages the V8 JavaScript engine and was built using Rust, arrived in May 2020. Read more…
#443 — June 23, 2022 Read on the Web Using Web Streams in Node.js — Streams provide a handy abstraction for cleanly working with streaming data but Web Streams (a.k.a. WHATWG Streams) are a different, Read more…
0 Comments