#587 — July 22, 2025 |
|
![]() |
![]() |
Laravel and Node.js: PHP in Watt Runtime — In June we featured php-node, a new way to ‘bridge the gap’ between PHP and Node.js by being able to embed PHP into Node apps. Now they’ve gone a step further by using php-node and the Watt app server to enable the running of Laravel apps too. A curious meeting of ecosystems! Stephen Belanger (Platformatic) |
The Node.js July 15 Security Releases — Mentioned in passing last week, but landing hours after we sent the newsletter came the releases of Node.js v24.4.1 (Current), v22.17.1 (LTS) and v20.19.4 to resolve some security vulnerabilities (a path traversal issue on Windows, and an issue related to hashing in V8). The Node.js Project |
![]() Skip Building Auth from Scratch in Your Node.js App — FusionAuth integrates with Express, Fastify, and Node.js backends. Add enterprise-grade auth in minutes, not months. Download locally, test in CI/CD pipelines. API-first design lets you focus on your app logic. Start Building for free. FusionAuth sponsor |
IN BRIEF:
|
How to Create an NPM Package in 2025 — One of JavaScript’s most essential tasks, but one with numerous steps involved if you want to follow best practices, integrate useful tools, and get things just right. Matt Pocock rounds up the overall process and, notably, drops CommonJS in this 2025 update. Matt Pocock |
Endor: Add Services (Like Postgres) as Node Dependencies — A curious new effort to make it possible to spin up quick, sandboxed environments and servers, covering things like Postgres, MariaDB and Valkey, with a simple Angel M Miguel (Endor) |
📄 We Migrated Our Site to Eleventy and Increased Performance by 24% – Eleventy (11ty) is a popular Node-based static site generator. Dan Webb 📄 Build Your Own Font Search Engine – Using vision language models to index and search the fonts. Lúí Smyth 📄 A Full Code Agent in 200 Lines – Here’s How Clément Thiriet |
🛠 Code & Tools |
![]() |
npq: Safely Install Packages by Auditing Them Pre-Install — Liran Tal |
Announcing NAPI-RS v3: The Way to Build Node Addons in Rust — NAPI-RS is a framework for building compiled Node.js add-ons in Rust via Node-API. v3 adds support for targeting WebAssembly, which opens up some interesting possibilities shown in the post, along with numerous DX improvements including easier cross compilation. NAPI-RS Team |
Product for Engineers Newsletter — Build better products, not just better code. Learn how to build features users love. Subscribe for free. PostHog sponsor |
YouTube.js 15.0: A Very Unofficial YouTube API Client — ‘InnerTube’ is an API used by YouTube’s clients, and you can use it too, although YouTube might not be a fan of that.. Nonetheless, it runs on Node.js, Deno, and modern browsers, and v15.0 drops CommonJS support. LuanRT |
stripe-sync-engine: A Stripe-To-Postgres Sync Engine as a Standalone Library
|
|
📢 Elsewhere in the ecosystem |
A roundup of some other interesting stories in the broader landscape, in case you've missed them:
|