#376 — February 18, 2021 | Read on the Web |
| Avoiding npm Substitution Attacks — Recently there have been some high profile examples of supply chain attacks on popular source code repositories, such as where fake or eponymous packages are published, but you can reduce your attack surface by taking precautions and managing dependencies. Here's some tips when using npm. Isaac Z. Schlueter |
| An Interview with Ryan Dahl, the Creator of Node.js and Deno — Ryan created Node.js 11 years ago and in recent years has moved on to Deno where he’s attempting a new take at the same idea. This interview touches on Deno’s challenges and Ryan’s love of Rust and Vim. Evrone |
| Seamlessly Integrate Video into Your Node App — Mux Video is an API-first platform that makes it easy to build beautiful video that streams everywhere. Mux sponsor |
| WebdriverIO v7 Released — WebdriverIO is a popular browser and mobile automation testing framework for Node. v7 brings it over to TypeScript, improves its Google Lighthouse integration, and improves compiler tool integration. There’s even a brief video about the release. Christian Bromann |
| Node v15.9.0 (Current) Released — libuv gets an upgrade, fsPromises.watch() (think a promisified version of fs.watch), perf_hooks.createHistogram(), and more similarly small bits and pieces. Danielle Adams (Node.js Project) |
| Quick Bits - Matteo Collina says you should use Undici as your (low level) HTTP client right now.
- NodeSource has introduced a C++ API to their N|Solid Node distribution.
- The
request package has been deprecated for a year as of this week and.. continues to get 25m downloads per week :-) |
| Backend Developer - Remote or in Beautiful Norway — Do you have a passion for GraphQL, NodeJS, and message drive distributed architectures? Join our remote-first engineering team. Crystallize |
| Find Your Next Job Through Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It's free for job-seekers. Hired |
| Serverless TypeScript: A Complete Setup for AWS SAM Lambdas — A workflow for creating TypeScript-based AWS Lambda functions with AWS SAM that support testing, debugging, etc. and using shared layers to package dependencies. Andrey Novikov and Sergey Alexandrovich |
| “Computer! Tea, Earl Grey, Hot”: Offline Voice Recognition with Node — Leans on Porcupine, a private and offline ‘wake word’ engine that can tell when someone says certain things. David Bartle |
| Fast and Reliable Feature Management for the Modern Enterprise — Built for Engineering Teams. Easy Implementation. Designed for Enterprise Scale. Try LaunchDarkly for free today. LaunchDarkly sponsor |
| V8's Route to Faster JavaScript Method Calls — This gets very technical and fast, but it’s fantastic to see how the V8 team continues to address important performance issues in the world’s most widely used JavaScript engine. This work improves the performance of your Node and browser-facing code alike. Victor Gomes |
| How to Install an npm Module from a GitHub Branch — Just a quick tip.
David Walsh |
| How to Create a Hybrid NPM Module for ESM and CommonJS
Michael O'Brien |
| Metascraper: A Library to Scrape Metadata from Web Content — It uses things like Open Graph annotations, JSON+LD, and HTML metadata to get you things like author, title, description, and even an image related to the URLs of your choice. GitHub repo. Microlink |
| JSON Schema to TS: Infer TypeScript Types From JSON Schemas — JSON schemas are widely used and reusable and can be used with this to define schemas in TypeScript too. Thomas Aribart |
| How to Use WebSockets With Your Vue.js Projects — Not a tutorial but two blobs of code to show you how a basic Vue.js frontend and a Node backend can communicate with WebSockets. Mastering JS |
| Fast, Cheerful, Collaborative Project Management Clubhouse.io sponsor |
| A Node.js Driver for youtube-dl — Want to download videos from YouTube? Want to do it from Node? Here’s an option. Przemyslaw Pluta |
| Commander 7.1: Node Command-Line Interfaces Made Easy — Commander is a long standard ‘batteries included’ system for building apps that interface with the command line in Node. TJ Holowaychuk |
| SVGO 2.0: A Node-Based SVG Optimizer — If you’ve worked with SVG (Scalable Vector Graphics) at all, you’ve probably seen they can be filled with all sorts of junk code.. SVGO to the rescue. 2.0.0 just came out and drastically reduces the package size while making API changes. Kir Belevich |
|
