Node Weekly
This Week's Node.js News - Issue 143
This week's Node news
Read this e-mail on the Web
Node Weekly
June 24, 2016  #143

Apologies for the lateness of this issue today - we were awaiting the security releases of Node addressed in the first item below :-)

Node.js Foundation
Vulnerabilities have been patched in 5.x, 4.x, 0.12.x and 0.10.x. Node 6 has not been affected, however.


John-David Dalton and Bradley Meck
A well-informed proposal to resolve standing issues over whether JavaScript files are treated as regular scripts or modules.


Karl Düüna
A look at not only some npm caching and installation concerns, but also licences, freshness, and dependencies of modules overall.


Heroku   Sponsor
Learn how to build a full stack JavaScript app & RESTful API server you can customize and scale. Read More.

Heroku

Guy Podjarny
Guy outlines five different dimensions to thinking about npm dependencies, including development vs production dependencies and versioning issues.


The npm Blog
A look at issues around using certain public packages in a limited-access environment.


Adam Baldwin
Upgrade to the newly released 4.14, if possible. If you're using acceptsLanguages, you could be vulnerable to a simple attack.


Jobs

In Brief

Node Weekly is curated by Peter Cooper and published by Cooperpress.

Want to sponsor an issue? See our media kit.
Want to post a job? E-mail us or use our self-serve system.

Unsubscribe : Change email address : Read this issue on the Web

© Cooperpress Ltd. Office 30, Lincoln Way, Louth, LN11 0LS, UK
Email policy Privacy policy

Issue 142 #143 Issue 144