#294 — June 27, 2019

Read on the Web

Node Weekly

▶  Let's Analyze an Exploited NPM Package — A very neat talk from an experienced speaker and Web security expert that digs into the event-stream security vulnerability that was big news last year. Here’s how it happened, how the vulnerability worked, and how to mitigate similar problems in future.

Jarrod Overson

Execa 2 Released: Better Process Execution From Node — Execa improves upon Node’s child_process module in a variety of ways. 2.0 introduces more features including TypeScript support, process cancellation and being able to interleave stdout and stderr output from other processes. GitHub repo.


Deploy Node.js Apps on the Developer Cloud — Get flexible server configurations sized for any Node.js project with simple, predictable pricing.

DigitalOcean sponsor

npm 6.9.1 Released After Long Delay — Last week we mentioned the long awaited status of npm 6.9.1 and the possible ‘strike’ in ongoing community work on the project, but npm’s Isaac Z. Schlueter has stepped up, got a release out, and says there’ll be another release soon.

npm forum

npm Inc. Secures Funding to Take It Into 2020? — The story itself is behind a paywall, but allegedly the CEO of npm Inc. has emailed employees saying they’ve secured funding to reduce any cashflow risk until ‘early 2020’.

JavaScript Daily on Twitter

V8 Release v7.6 — Another day, another branch of V8 is on the boil and headed to a Chrome 76 and future version of Node near you soon 😄 This time, the heavily used JSON.parse gets some significant performance improvements, BigInt now has better API support, we gain Promise.allSettled, and more.

Adam Klein

Just: A JavaScript Task Library from Microsoft — If you’re familiar with Ruby’s rake, it’s a bit like that. Define tasks in JavaScript, run them with just (which works fine without installation using npx) and you get a bunch of nice features like logging and task composition.


💻 Jobs

Senior Node.js API Engineer - Exodus (Remote) — Do you live for beautiful APIs? We're looking for a meticulous, obsessive leader to focus on our backend API services.


Find a Node Job on Vettery — Vettery specializes in tech roles and is completely free for job seekers.


📚 Opinion & Tutorials

The Secret of Good Electron Apps — Without being too spoilery, the ‘secret’ to making better Electron apps is to take as much of the processing local to the app itself rather than relying entirely upon remote services (i.e. just being a glorified Web browser).

James Long

Object.fromEntries — The new Object.fromEntries API performs the inverse of Object.entries. This makes it easy to reconstruct an object based on its entries. It’s supported in Node 12 and above.

Mathias Bynens

Product Announcements: MongoDB 4.2, Auto Scale, Full-Text Search, Data Lake & more — Explore new MongoDB product announcements and watch the product keynote delivered by CTO & Co-Founder Eliot Horowitz.

MongoDB sponsor

How to Deploy a Node App to DigitalOcean with HTTPS — A beginner level tutorial that takes you through every tiny step.

Coder Rocket Fuel

▶  Discussing TypeScript and Linters with Adam Argyle

Fun Fun Function

🛠 Code and Tools

Grant: OAuth Middleware for Express, Koa and Hapi — Supports 180 different OAuth providers.

Simeon Velichkov

registry-js: A Library for Working with the Windows Registry — Built by the GitHub Desktop team for use with the GitHub client and Atom.


AutoServer: Create A Full REST/GraphQL API from a Config File


Manifold Launches Marketplace-as-a-Service

Manifold sponsor

password-leak: A Library to Check for Compromised Passwords — It checks against the popular Have I Been Pwned API.

J.R. Mathis

log-with-statusbar: A Logger with a Status Bar That Doesn't Disappear — Lets you run a regular log alongside an unshifting status bar.


FarmHash 3.0: A Node Implementation of Google's High Performance Hash FunctionsFarmHash is a family of non-cryptographic hash functions built by Google mostly for quickly hashing strings.

Lovell Fuller

Simple Git: A Lightweight Interface for Running Git Commands in Any Node App

Steve King