Free JavaScript books, Node.js UDP Permission Model support & Performance gains, new dotenv secrets solution
Dr. Axel Rauschmayer shares his collection of free JavaScript books
Headlines
Rafael Gonzaga tee up upcoming UDP support in Node.js permission model
Yagiz Nizipli continues the performance quest for speed gains in fs.existsSync() on Windows
Remember the North Korea malware on npm? — North Korean state hackers compromise npm supply chain with malicious packages back in December 14th, last year. The crypto thieves exploited the Ledger Connect kit library published to npm, stealing $600k before detected.
Installing Playwright on Heroku for Programmatic Node.js Browser Automation — Getting Playwright to work on Heroku wasn’t smooth sailing.
Manage secrets with dotenv? Try dotenvx — The maintainers of dotenv, the popular .env secrets file project for Node.js is building a pro-version called dotenvx to improve workflows and secrets management for developers.
Node.js for Beginners, 2024 by Ulises Gascon — A comprehensive guide to building efficient, full-featured web applications with Node.js, authored by Express maintainer and Node.js collaborator.
On npm
- simple-release-tools — A simple tools to automate releases. By Dan Green, active maintainer of the conventional-changelog project.
- nanoviews — Another one from Dan Green, this package is a small non-virtual DOM manipulation library. Very early development phase in case you wanted to jump in and contribute.
New Security Vulnerabilities
- vue-template-compiler found vulnerable to Cross-site Scripting, 24 July 2024
- hono was found vulnerable to Cross-Site Request Forgery (CSRF), 23 August 2024
- squirrelly found vulnerable to Code Injection, 22 August 2024
Node.js Tip of the Week
🔮 New Node.js feature is environment variables support — You can keep using dotenv, or you can remove it and spin up Node.js with:
node --env-file=./.envand it will automatically populate your process.env:
Hiring
- Monday hiring for Cloud Infrastructure Security Team Lead in Tel Aviv 🇮🇱
- Snyk hiring for Software Engineer - Security Intelligence in Tel Aviv 🇮🇱
- Snyk hiring for Full Stack Software Engineer in Bucharest 🇷🇴
- ebay hiring for Senior Fullstack Engineer in Kleinmachnow 🇩🇪