Node.js Icon

Node.js

Node.js is a tool for executing JavaScript in a variety of environments.
178 Stories
All Topics

JS Party JS Party #103

You're probably using streams

This week we chat with Matteo Collina, Technical Director at NearForm and member of the Node.js Technical Steering Committee, about his upcoming Node+JS Interactive talk on Node Streams. We talk about their creation before any standards and how they are one of the bedrock APIs used throughout the Node ecosystem. We also talk about WHATWG streams and some of their key differences, and how streams have gotten easier to work with thanks to the addition of async iterators and generators to the language.

read more

Node.js github.com

The largest Node.js best practices list

With 35k+ stars, I might be the last one to the party on this awesome repo. It is the largest compilation, and it is growing every week - currently, more than 80 best practices, style guides, and architectural tips are presented. New issues and pull requests are created every day to keep this live book updated. We’d love to see you contributing here, whether that is fixing code mistakes, helping with translations, or suggesting brilliant new ideas.

read more

Node.js github.com

Jsfuzz – a coverage-guided fuzzer for testing JavaScript/Node packages

Fuzzing for safe languages like nodejs is a powerful strategy for finding bugs like unhandled exceptions, logic bugs, security bugs that arise from both logic bugs and Denial-of-Service caused by hangs and excessive memory usage. As we recently learned on Go Time: pessimists write tests, fuzz functions, and sleep well at night. 💤

read more

JS Party JS Party #96

Performant Node desktop apps with NodeGui

What if you could have an Electron-like app framework without the Chromium dependency and resulting performance woes? Well, now you can. NodeGui is a Qt5-powered, cross-platform, native app GUI framework for JavaScript with CSS-like styling. In this episode, Jerod and Nick sit down with Atul –author of NodeGUI and NodeGUI React– to learn about this exciting framework. We ask him a zillion and one questions about it.

read more

The Changelog The Changelog #364

Maintainer spotlight! Valeri Karpov

In this episode we’re shining our maintainer spotlight on Valeri Karpov. Val has been the solo maintainer of Mongoose since 2014. This episode with Val continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

read more

JavaScript levelup.gitconnected.com

Moving beyond console.log() — 8 console methods you should use when debugging JS and Node

When talking about the Console API, newbies usually use only some functions like 👌console.log(), ⚠️ console.warn(), or ❌ console.error() to debug their application, while often there are many other methods which can perfectly implement our requirements and improve debugging efficiency. Guilty! ✋ This article is made to expose some of the most interesting console methods with related examples that I use while teaching at Codeworks. So let’s see a list of the 8 best functions from the Console module! I have used console.table a few times (totally rad), but there’s plenty of functions here that I haven’t been using (and definitely should be).

read more

Liran Tal Snyk

Sequelize ORM found vulnerable to SQL injection

SQL injection is a serious vulnerability, effectively allowing an attacker to run roughshod over your entire database. If you’re using Sequelize, drop everything (pun unintended) and get patched up. As a testament for Sequelize’s commitment to security and protecting their users as fast as possible, they promptly responded and released fixes in the 3.x and 5.x branches of the library, remediating the vulnerability and providing users with an upgrade path for SQL injection prevention.

read more

ehmicky github.com

A simpler, faster alternative to `nvm run`

nve differentiates itself from nvm run because it: can be run programmatically is 10 times faster does not need a separate installation step for each Node version works on Windows does not require Bash is installed as a Node module Worth noting: this is not a full-on replacement for nvm or any other version manager. It only executes a single command with the specified Node version. But sometimes, that’s all you need. 😄

read more

SQLite github.com

Sqlite To Rest

LGTM, but why? Mostly because I wanted to dig deeper into node web server code, but also because I haven’t jumped onto the NoSQL bandwagon and think that web APIs are extremely useful. The result is a modest attempt at automating the CRUD boilerplate that every developer hates, while following the specs to make API consumption intuitive. I chose sqlite to keep the database side of things simple, with the intent that the API isn’t serving heavy loads.

read more

Liran Tal DEV.to

How to securely build Docker images for Node.js

Liran Tal: Developers, often lacking insights into the intricacies of Docker, may set out to build their Node.js-based docker images by following naive tutorials which lack good security approaches in how an image is built. One of these nuances is the use of proper permissions when building Docker images. To minimize exposure, opt-in to create a dedicated user and a dedicated group in the Docker image for the application; use the USER directive in the Dockerfile to ensure the container runs the application with the least privileged access possible.

read more

Chi Wang deskgap.com

Deskgap — build cross-platform desktop apps with web technologies

Stop me if you’ve heard this one before…the difference is DeskGap leverages the operating system‘s webview instead of baking a browser in with it (like Electron). DeskGap is a framework for building cross-platform desktop apps with web technologies (JavaScript, HTML and CSS). To enable native capabilities while keeping the size down, DeskGap bundles a Node.js runtime and leaves the HTML rendering to the operating system‘s webview.

read more

Evan You github.com

Build your own Mint (finance analytics) with Plaid, Google Sheets, and CircleCI

Mint is super cool, but handing over your precious financial information to a 3rd-party is always a bit nerve-racking. Evan You’s new Node app builds a bridge between Plaid (for bank access) and Google Sheets (for data storage) so you can roll your own system. Now you only have to trust your precious financial information to two 3rd-parties 😉. But! This is open source so at least you don’t have to trust the application code.

read more

Eran Hammer Medium

Why you should consider hapi

Eran Hammer makes the case for hapi as your Node web framework of choice. We’ve been talking about dependencies a lot lately due to recent events. In light of that, think about this: hapi was the first (and still the only) framework without any external code dependencies… I personally (and manually) review every single line of code that goes into hapi (excluding node itself). I review every pull request on every dependency regardless if I am the lead maintainer. That’s quite the selling point! He has a lot of great reasons why hapi is worthy of your consideration. Click through for the hard pitch.

read more

0:00 / 0:00