#554 — November 5, 2024 |
|
Why Code Security Matters - Even in Hardened Environments — A nicely diagrammed deep dive (and it really is deep) into a technique that allows malicious parties to turn a file write vulnerability in a Node app into a remote code execution exploit even when the file system is mounted read-only. Stefan Schiller (Sonar) |
Wasmer Adds Node.js and Bun Support — Wasmer is a fast, Rust-powered WebAssembly runtime and as of Wasmer 5.0, it has (experimental) V8 backend support, meaning you can try all sorts of curious things like, say, running Clang or Python inside Node. Syrus Akbary |
Move Fast and Fix Things with Honeybadger — Honeybadger transforms your logs into rich events and helps you fix issues before your users know what happened. Get notified instantly and find the root cause faster with your application errors and logs in one place. Try our free plan! Honeybadger sponsor |
📈 NPM Chart: Search for a Package to See Its Download Stats Over Time — The tool allows you to customize the data by selecting a color theme, monthly or weekly view, and a start date. You can download as SVG or PNG or share as a direct link. The charts are attractive and well suited to dropping into a blog post, README, or presentation. Sébastien Chopin |
IN BRIEF:
|
Building My Resume in HTML with Eleventy — Eleventy (a.k.a. 11ty) is a popular Node.js-based static site generator and gives you a very familiar feeling developer experience. Michael Engen |
Revamping a Five-Year Old Node.js Project — It’s a tale as old as time. Your company has built a fast and reliable app which has done its job so well that it hasn’t been touched in years and suddenly you’re asked to rewrite it. DongDong Zhang |
Reduce Your Apache Kafka Costs by 80+% — Kafka with no local disks or interzone fees, zero ops auto-scaling and in your cloud with no cross-account access. WarpStream sponsor |
📄 How to Build Smaller Container Images: Docker Multi-Stage Builds – Including “How NOT to organize a Node.js application’s Dockerfile”. Ivan Velichko 📄 Securing Your Express REST API with Passport.js – A modern take on a classic task. Huseyin Babal 📄 Deprecating Node.js REST APIs in 6 Frameworks Adrian Machado |
🛠 Code & Tools |
Faker 9.2: Generate Massive Amounts of Fake Data — Names, bios, addresses, zip codes, dates, monetary amounts, transactions and, as of v9.2, pet names and roman numerals! I love the guided DevTools console based demo you can try – an idea other projects should consider. GitHub repo. Faker.js Team |
📂 Yauzl: Yet Another Un-ZIP Library for Node — One of those libraries you might not have heard of but which is getting 15 million downloads a week due to being depended upon by popular projects. Yauzl keeps it simple and just provides safe, async unzipping of ZIP archives. Yazl is its counterpart for making ZIPs. Josh Wolfe |
Edge.js: Run .NET and Node.js Code In-Process — Call .NET functions from Node.js and Node.js functions from .NET and Edge.js takes care of marshalling the data properly. Works with .NET Core on Windows, macOS and Linux. agracio / Tomasz Janczuk |
|
Fraction.js: Library for Working with Rational Numbers — The imprecise representation of floating point numbers can lead to all sorts of problems, so if you’re working with fractions at all, you might want a little more precision, which Fraction.js offers. Robert Eisele |
💬 The Lounge: A Modern, Self Hosted Web-Based IRC Client — It’s been a few years since we linked to this, so we felt it was about time. It’s a self-hostable Node-powered webapp that acts as a client to IRC chat servers (potentially handy to roll your own self-hosted community chat or support channel). The Lounge |
🐘 pg-dump-parser: Parses Postgres Dump Files into Arrays of Schema Objects — Takes a Postgres database dump, splits it up, and turns the table and view structures into a format you can more easily work on from code (or just use as a reference or check into version control). Gajus Kuizinas |
|