#​454 — September 15, 2022

Read on the Web

Best Practices for Creating a Modern npm Package — A step-by-step “as of 2022” walkthrough of creating your own npm package using current best practices. It’s very thorough and certainly worth revisiting, even if you’ve built a package already. As always, though, there’s more than one way to do it, and other tools like np can be brought into the mix as needed.

Brian Clark (Snyk)

🧈 ButterCMS Melts into Your Node App. #1 Rated Headless CMS — ButterCMS is your content backend. Enable your marketing team to update website + app content without needing you. Try the #1 rated Headless CMS for Node today. Free for 30 days.

🧈 ButterCMS sponsor

On Automatically Finding Bugs in the Node.js Ecosystem — A quick look at a recent USENIX paper ‘Mining Node.js Vulnerabilities via Object Dependence Graph and Query‘ (direct PDF link) about the creation of a system that creates dependency graphs and uses them to find bugs in other systems (an enterprise which resulted in 70 CVE identifiers being issued to the team so far!)

Paul Ducklin (Sophos)

Node.js 18.9.0 has been released, but it’s a relatively minor release with no headline features.

✉️ Did you know we have a React newsletter too? This week’s issue is packed with neat stuff, including why useSyncExternalStore is so useful.

Christoph Nakazawa, well known for his work on Jest and Yarn, shares how he sets up his new Macs.

The Basics of RemixRemix is the up and coming full stack Web framework with a lot of neat ideas. This introduction covers all the basics of handling routing, form handling, headers, meta tags and links to get you up and running.

Brittney Postma

Scraping Google Scholar Results with Node and Cheerio — Google may well block you from doing this, but the technique applies elsewhere too.

Darshan Khandelwal

📅  Unblock – A CI/CD Conference by Buildkite

Buildkite sponsor

Reddit OAuth: Let Users Sign into Your App with a Reddit Login
↳ Quick tutorial oriented around a Next.js app.

Using Private GitHub npm repositories in AWS CodeBuild
↳ Not even AWS fans necessarily use CodeBuild.. 🙂

git diff and .. vs …
↳ It’s not Node specific, but if you’re unaware of the difference between git diff a..b and git diff a…b – you’ll find this useful.

Secure Your Node.js App with JSON Web Tokens

🛠 Code & Tools

SafeQL: An ESLint Plugin for Your SQL Queries — Clever idea. It hooks into your database and then guides you as to mistakes you might make when writing SQL queries in your JavaScript code. Postgres only for now, but supports any client.. whether Prisma, pg, Sequelize, or whatever.

ts-safeql

Favicons 7.0: A Favicon Generation Library — Major release for a long standing library. Sharp is now used instead of Jimp, you can create maskable icons, and TypeScript has been adopted.

itgalaxy inc.

Code Capsules: The Simplest Way to Deploy Your Code

Code Capsules sponsor

zig-napigen: Automatic Node-API Bindings for Any Zig ProjectZig is a modern C-a-like language you may have heard of recently for forming the foundation of the Bun JS runtime.

Kamil Tomšík

Fastify 4.6
↳ Fast Node Web framework.

Hexo 6.3
↳ Popular Node.js blog framework.

llnode 4.0
↳ Inspect Node processes or core dumps in LLDB.

Generic Pool 3.9
↳ Resource pool with Promise based API.

cacheable-request 10.0
↳ Wrap native HTTP requests with RFC compliant cache support.

Light My Request 5.6
↳ Fake HTTP request injection library.

💻 Jobs

Full-Stack Engineer (NYC / Remote) — 100M+ devices, 100B+ API calls. Radar is looking for Product Engineers to build geospatial dev tools.

Radar

Find Tech Jobs with Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It’s free for job-seekers.

Hired

Leave a comment

Your email address will not be published. Required fields are marked *