#536 — June 18, 2024 |
|
Node v22.3.0 (Current) Released — One of those releases where lots of tiny things have occurred, but little of broad significance, except… for snapshot testing! Snapshot tests serialize arbitrary values into string values to be compared against a set of pre-built known ‘good’ values (stored as a ‘snapshot’ representing a desired state). Rafael Gonzaga |
Researchers Uncover npm Registry Vulnerability to Cache Poisoning — The basic idea is that specific versions of target packages can be targeted to appear as if they are no longer available for brief periods of time. This isn’t a huge vulnerability, but still an important one that GitHub is fixing. Sarah Gooding (Socket) |
WorkOS: Modern Identity Platform for B2B SaaS — Start selling to enterprise customers with just a few lines of code. WorkOS provides flexible, easy-to-use APIs to integrate SSO, SCIM, and RBAC in minutes. It's used by some of the hottest startups in the world including Perplexity, Vercel, & Webflow. WorkOS sponsor |
Dual Publishing ESM and CJS Modules with John Reilly |
What Happens When a Major npm Library Goes Commercial? — The ua-parser-js library is commonly used to parse user agent strings and gets over 12 million downloads a month, but it has recently switched to AGPL+commercial licensing. Matteo Collina |
|
📄 How to Create WebVTT Files for Videos in Node (with AssemblyAI) – The Web Video Text Tracks Format (WebVTT) is a common standard for subtitles/closed captioning. AssemblyAI’s platform does the hard work here. Niels Swimberghe 📄 UUIDv7 Implemented in 20 Languages – Surprisingly short and sweet. Anton Zhiyanov 📄 Writing Your First Visual Regression Check in Playwright Nočnica Mellifera 📄 Capturing Garbage Collection Traces in Node Apps CoderOasis 📄 Using JSON Schema When Calling Google Gemini Raymond Camden |
🛠 Code & Tools |
super-regex: Timeout Long Running Regular Expressions — Many regular expression implementations suffer from so-called ReDoS vulnerabilities, where certain regexes can cause an excessively long evaluation time. Sindre Sorhus |
💡 |
Transformational Auth & Identity | Userfront — "Compared to our previous experiences in the security/auth space, Userfront is an order of magnitude simpler to use." Userfront sponsor |
Electron 31.0.0: The Cross Platform Desktop App Framework — Chromium gets bumped to v126, V8 to v12.6, and Node.js to v20.14.0. WebSQL support finally gets removed. OpenJS Foundation |
Eicrud: A CRUD/Authorization Framework Based on NestJS — Extends NestJS / Fastify, and works with MikroORM, CASL and class-validator. GitHub repo. Antoine Crosetti |
|