#341 — June 4, 2020

Read on the Web

🖤 It's time to speak up, donate or even just stream a fundraising video, because Black lives matter.

Node Weekly

Serverless Express: Easy APIs on AWS Lambda and AWS HTTP API — A component for Serverless Framework focused on deploying Node Express.js-powered APIs to AWS Lambda and serving them up via API Gateway’s new HTTP API approach. Seems pretty slick. GitHub repo.

Austen Collins (Serverless Inc)

Several June 2020 Security Releases Now Out — Up to 4 separate vulnerabilities (3 rated ‘high’, 1 rated ‘low’) are fixed in these releases of Node 10.21.0, Node 12.18.0, and Node 14.4.0, including a memory corruption issue in a N-API function, an HTTP/2 DoS issue, and a TLS session reuse issue.

Sam Roberts

Troubleshoot Node.js App Performance with Datadog APM — Inspect detailed flame graphs to identify bottlenecks, latency and other issues. Pivot seamlessly to related logs and metrics without switching tools for fast troubleshooting. Try Datadog APM free.

Datadog sponsor

How to Substantially Reduce a Node App's Docker Image Size — In an attempt to create the smallest Docker image of carbon.now.sh (a popular code screenshotting service), Julien went from an image of 2.43GB(!) and went step by step to under 100MB for deployment. Here’s how.

Julien Lengrand-Lambert.

Best Practices for REST API Design — Best practices on how to design REST APIs to be easy to understand, future-proof, and secure and fast, explained from a Node.js perspective.

John Au-Yeung (Stack Overflow)

⚡️ Quick bits:

  • I just noticed it was only a year ago this week since GitHub launched its own npm-supporting package repository. How things change(!)
  • Prolific Node and Mongoose blogger Valeri Karpov (a.k.a. The Code Barbarian) has released Mastering Mongoose, a new e-book for users of the popular MongoDB ODM for Node. (It does cost money though.)

💻 Jobs

Find A Job Through Vettery — Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.


Senior Software Engineer — Save Lives & Make an Impact — We use Node/TS/React & ML to provide crisis support via SMS. Help us scale globally with a focus on privacy and security.

Crisis Text Line

ℹ️ If you're interested in running a job listing in this newsletter, there's more info here.

📚 Articles & Opinions

Building APIs with GraphQL in Your Node App — Learn how to build a fully functional GraphQL API designed to provide queries and mutations in a secure manner.

Diogo Souza

How-to Normalize Home Volume Levels with Node-REDNode-RED is a JavaScript-powered ‘low code’ visual programming environment frequently used with hardware/IoT use cases. I rarely see tutorials about it, so this is pretty neat.

Blake Niemyjski

Announcing CockroachDB 20.1: Build Fast, and Build to Last — Meet the resilient, scalable SQL database with ActiveRecord compatibility. Try CockroachCloud free for 30 days →

Cockroach Labs sponsor

▶  Let's Build an Image Classifier with Node, Tensorflow and React — The chilled out background music makes this feel like a spa experience but.. there is something genuinely quite nice about this screencast.

Tim Tam

▶  Verify 'Sign In With Apple' Logins from Node — Apparently this isn’t the most straightforward thing to figure out.


Avoiding CSRF Attacks with API Design

Jason Walton

Choosing Between 4 Different Node File Upload Libraries — A quick, opinionated rundown of when you might choose Formidable, Busboy, Multer or Multiparty for processing file uploads given that they all take different approaches.

Panu Pitkamaki

🛠 Tools, Resources and Libraries

tslog: 'Beautiful' Logging for Node with TypeScript Support — Featured packed, fully typed, can do stack traces via the native V8 API, show code frames, and more. Worth checking out.

Eugene Terehov

Denoify: For NPM Module Authors That Would Like to Support Deno — A build tool that takes as input a TypeScript codebase that was meant to target Node and/or the web and outputs a modified version ready to be deployed as a Deno module. We need more tooling like this.

Garrone Joseph

GraphQL2REST: Automatically Generate a RESTful API From a GraphQL One — Reads your GraphQL schema and a user-provided manifest file and automatically generates an Express router with fully RESTful HTTP routes.


Node.js Security Checklist

Sqreen sponsor

DOM Testing Library: Simple and Complete DOM Testing Utilities That Encourage Good Testing Practices — For when you want to query DOM nodes in a way that’s similar to how users would find elements on a page. Check out the example.

Testing Library

Discord.js: A Library for Interacting with Discord's API — A way to write bots or similar tools for the wildly popular Discord chat system.

Amish Shah

Omelette: Template Based Autocompletion Tool for Node and Deno — A simple autocompletion tool with bash, zsh and fish support.

Fatih Kadir Akın