#321 — January 16, 2020 | Read on the Web |
| ▶ Throw Me a Lifebuoy: Debugging Node in Production with Diagnostic Reports — Diagnostic Reports, recently added to Node, enables insight into Node processes running in production without needing to attach a debugger. Christopher Hiller |
| Execa 4.0: A Better child_process — A way to run external processes from your Node app. Has a Promise-based interface, better support for Windows, allows up to a 100MB max buffer (vs the 200KB child_process uses). Sindre Sorhus |
| Optimize Node.js Performance with Datadog APM — Debug and optimize your code by tracing requests across web servers, databases, and services in your environment. Then correlate between distributed request traces, metrics, and logs to troubleshoot issues without switching tools or contexts. Try Datadog APM free. Datadog APM sponsor |
| Understanding npm Filesystem Takeover Vulnerabilities — Last month, a security vulnerability affecting all JS package managers (npm, yarn and pnpm) was disclosed which allows malicious actors to use various arbitrary file overwrite tactics. Here’s what that means and why it matters. Liran Tal |
| Implementing an OAuth Server With Node and Express — How to build a minimal OAuth server with Node and Express – no OAuth modules allowed here! Valeri Karpov |
| Microsoft Spots Malicious npm Package Stealing Data From UNIX Systems — This malicious JavaScript package was only active on the npm repository for two weeks and downloaded ‘at least 32 times’ before it was spotted by Microsoft’s Vulnerability Research team. Catalin Cimpanu (ZDNet) |
| Find a Job Through Vettery — Vettery is completely free for job seekers. Make a profile, name your salary, and connect with hiring managers from top employers. Vettery |
| Node.js Developer at X-Team (Remote) — Work with the world's leading brands, from anywhere. Travel the world while being part of the most energizing community of developers. X-Team |
📚 Articles, Tutorials & Opinion |
| Array reduce vs Chaining vs for Loop — A comparison of different approaches to operating on an array. Kent C Dodds |
| 6 Lessons Learned from Optimizing a Node.js Service — The key has been to place their system under heavy load in a testing scenario to weed out any performance issues. Itamar (Klarna) |
| ▶ Enterprise-Grade Node.js on Azure — A talk from Microsoft Ignite aimed predominantly at non Node-using enterprise developers, but it covers a lot of useful high-level ground, particularly on using Node with Azure. Brian Holt |
| State of Microservices 2020 — How do you build microservices? Take part in the global survey and compare yourself with other developers. The Software House sponsor |
| Why I Avoid Nesting Closures — “A little tendency I have to reduce cognitive load for readers of my code.” Kent C Dodds |
| You Can Now Run A TensorFlow SavedModel in Node Directly Without Conversion The TensorFlow Blog |
| ▶ JS Party Chats with the Speakers at Node+JS Interactive — A bit of a mixed bag, but if you weren’t at last month’s Node+JS Interactive conference in Montreal, Canada, this could help you get a feel for the topics covered. JS Party Podcast podcast |
| Should You Get The Node.js Certification? — Highlights of some of the reasons for the Node.js certification’s existence, the principles, and some pros and cons. Though bear in mind NodeSource are one of its creators :-) Liz Parody |
🛠 Tools, Resources and Libraries |
| node-fzf: A 'Fuzzy' CLI List Selection Control — Inspired by the command line tool fzf, node-fzf brings you the same idea to your Node-based CLI apps. talmobi |
| npm 6.13.6 Released — A minor bug fix release (that quickly followed from 6.13.5). The npm Blog |
| open: Open Stuff Like URLs, Files, Executables, etc. Cross-Platform Sindre Sorhus |
| ▶ How to Improve Error Handling in Your Node.js Apps Heroku sponsorpodcast |
| Picomatch: A Fast and Accurate Glob Matcher — No dependencies and full support for standard and extended bash glob features, including braces, extended globs, POSIX brackets, and regexes. Jon Schlinkert |
| Node v10.18.1 (LTS) Released — A minor bug fix release. Node.js |
| array-back: Takes Any Input and Guarantees An Array Back — Or an “isomorphic arrayify function”, if you prefer :-) Lloyd Brookes |
| youtube-dl: Drive youtube-dl from Node — If you’re unfamiliar with youtube-dl, you’re missing out. It’s a fantastic tool for downloading content from YouTube and other similar sites. This library makes it possible to use it directly from Node code. Przemyslaw Pluta |
| Next.js 9.2 Released — The popular React-meets-server framework gains improved code splitting, CSS modularity, and new ‘catch-all’ dynamic routes. Neutkens, Haddad, Kasper and Alvarez |
|
