Issues » 143

This week's Node news
Read this e-mail on the Web
Node Weekly
June 24, 2016  #143

Apologies for the lateness of this issue today - we were awaiting the security releases of Node addressed in the first item below :-)

Node.js Foundation
Vulnerabilities have been patched in 5.x, 4.x, 0.12.x and 0.10.x. Node 6 has not been affected, however.


John-David Dalton and Bradley Meck
A well-informed proposal to resolve standing issues over whether JavaScript files are treated as regular scripts or modules.


Karl Düüna
A look at not only some npm caching and installation concerns, but also licences, freshness, and dependencies of modules overall.


Heroku   Sponsored
Learn how to build a full stack JavaScript app & RESTful API server you can customize and scale. Read More.

Heroku

Guy Podjarny
Guy outlines five different dimensions to thinking about npm dependencies, including development vs production dependencies and versioning issues.


The npm Blog
A look at issues around using certain public packages in a limited-access environment.


Adam Baldwin
Upgrade to the newly released 4.14, if possible. If you're using acceptsLanguages, you could be vulnerable to a simple attack.


Jobs

In brief

Node Weekly is curated by Peter Cooper and published by Cooper Press.
Node.js is a trademark of Joyent, Inc. Used with kind permission.

Send feedback by simply replying to this mail.
Want to sponsor an issue? See our media kit.
Want to post a job? E-mail us or use our self-serve system.

Unsubscribe : Change email address : Read this issue on the Web

© Cooper Press Ltd. Office 30, Lincoln Way, Louth, LN11 0LS, UK
Email policy Privacy policy

ONE e-mail each Friday. Easy to unsubscribe. No spam — your e-mail address is safe
Published by Cooper Press