The official npm site gets a code explorer

#​466 — December 8, 2022 Read on the Web New npm Features for Secure Publishing and Safe Consumption — GitHub continues its work in making the npm ecosystem more secure. Two new things this time: granular access tokens to help package owners control access to publishing workflows, and a new code explorer to look directly

Lots of Electron news

#​465 — December 1, 2022 Read on the Web The Advent of Code 2022: 25 Days of Code Challenges — If you have a little time each day to do some programming puzzles, the Advent of Code is always fantastic and now in its eighth year. There’s a sub-Reddit where people share and discuss their

An npm package naming pitfall

#​464 — November 24, 2022 Read on the Web Hyperstack: A New Rails-Inspired Node.js Web Framework — I often hear people say they wished Node had a ‘full’ Web framework akin to Ruby on Rails, here’s a fresh attempt to do just that. Tread carefully; the paint is still fresh. Dotan Nahum 💡 While we like to

Now npm fans can walk the Deno-saur

#​463 — November 17, 2022 Read on the Web Deno 1.28 Released (Now with 1.3 Million New Modules..?) — Yes, we know Deno isn’t Node (it is an anagram of it, though 😏) but given its shared provenance and now that Deno now officially supports using npm modules in a ‘stable’ way, this is newsworthy.

It’s all about security

#​462 — November 10, 2022 Read on the Web Node.js Security Best Practices — A new official document from the Node.js team providing guidelines on securing your Node apps by looking at what the main threats are and how to mitigate them. Node.js Project And.. Node Security Releases: 19.0.1, 18.12.1, 16.18.1 and 14.21.1 — Three security issues

Getting Rusty with Node, but in a good way

#​461 — November 3, 2022 Read on the Web Together with  Node Security Releases Expected.. Today? — Releases of Node 14.x, 16.x, 18.x and 19.x are expected imminently to address three security vulnerabilities. The good news is when they do appear, they’ll update the post we’re linking to, so by the time you see this,

Node 18 goes LTS

#​460 — October 27, 2022 Read on the Web Together with  route-list: CLI Tool to Display Express/Koa/Hapi/Fastify Routes — If you’ve got a Node-based webapp and you want to see all of its endpoints in an elegant way, here’s an option. Vladimir Mikulic Node 18 Becomes Active LTS with v18.12.0 — Formerly a ‘current’ release getting

Node 19 released

#​459 — October 20, 2022 Read on the Web Together with  Node.js 19 Released As an odd-numbered release, Node 19 will never become an ‘active LTS’ version, but sits as the ‘current’ release that gets all the tastiest new features until early 2023. It then reaches ‘end of life’ on June 1, 2023. “If you’re

✂️ Cutting away the unused parts of your project

#​458 — October 13, 2022 Read on the Web Together with  njt: Quick Navigation to npm Package Resources — Provides a rapid way to jump to various destinations related to npm packages (such as a project’s homepage, repo, issues, or even a package cost estimation). You can install it for use in your terminal, as

Digging into dependencies with npm query

#​457 — October 6, 2022 Read on the Web Together with  An Active Typosquatting Campaign Targeting npm Users — Security supply chain company Phylum detected a campaign to ‘typosquat’ against a variety of high profile packages. The idea behind typosquatting is that you claim package names similar to others, such as ‘expresss’ for express or