#​461 — November 3, 2022

Read on the Web

Together with 

Node Security Releases Expected.. Today? — Releases of Node 14.x, 16.x, 18.x and 19.x are expected imminently to address three security vulnerabilities. The good news is when they do appear, they’ll update the post we’re linking to, so by the time you see this, they might already be here..

Juan José Arboleda (Node.js Team)

On Rust and Its Relationship with Node — A brief interview with a developer about the growing and symbiotic relationship between Rust and Node.js, as well as NodeAPI vs WebAssembly.

Alberto Esposito

🔨 Fancy a go? Learn how to build a native Node module in Rust with Peter Czibik, or just jump straight into Neon.

Don’t DIY Your Notifications: Send SMS, Email, and Push with One Call — Send notifications from right within your application using the Courier API. One call, that’s all, and send any template to any channel. Include routing logic and customizable preferences.

Courier.com sponsor

The Remix Project is Joining Shopify — Shopify is known as a Ruby shop but also does a lot of front-end work, including building the React-powered Hydrogen framework. They saw Remix’s full-stack approach (which isn’t exclusively for Node, but is currently most commonly used with it) as a good way forward and have brought the team and technology in-house.

Dion Almaer (Shopify, not Spotify)

How to Build, Test, and Publish a TypeScript npm Package in 2022 — The bare basic steps in a short and sweet walkthrough.

Ianis Triandafilov

IN BRIEF:

Node v14.21.0 (LTS) has been released (separately from the security releases, above) with an upgrade to Corepack and a new –openssl-shared-config option.

As of this week, high-impact npm package maintainers now require 2FA to publish those packages.

npm signature verification using PGP keys is now deprecated. No new packages will be signed with PGP keys from March 31, 2023 onward.

▶  Looking at the Brand New Node.js Watch Mode — Node 18.11.0 and 19.0 have a new –watch feature that provides a nodemon-esque ability to reload code when underlying files change. Kelvin takes a practical look at using it. (6 minutes.)

Kelvin Omereshone

TypeScript and ECMAScript Modules in Node.js — An official docs page focusing on the use of ESM with Node.js in TypeScript projects, something that has become viable in recent releases.

Microsoft

Walkthrough: Add SSO & Access Control to Your Node.js App

Userfront sponsor

Oracle Says ‘Hello TypeScript’ in its MySQL 8 Client — Support for TypeScript has landed in Oracle’s official MySQL 8 driver for Node.js and the maintainer shows off what it brings to the table.

Rui Quelhas (Oracle)

Don’t Be Afraid of Reverting Code in Git

Daniela Matos de Carvalho

🛠 Code & Tools

directory-serve: Serve a Local Directory over HTTP — This is really neat. Just run npx directory-serve . and this spins up an HTTP server that presents the files in your current directory in a nice Web-based interface. You even get a QR code to make it easy to load on your other devices.

Cube-Root

Zip It And Ship It 8.0: Prepare Node.js Lambda Functions for Deployment — We love the name of this. One way to deploy AWS Lambda functions is by uploading a ZIP file and this will create such archives from Node, Go, or Rust programs. v8.0 converts to using ESM and vitest and drops Node 12 support.

Netlify

Choosing the Best Node.js Docker Image — Read about the benefits of choosing an ideal Node.js Docker image and ways you can protect your CI/CD pipeline.

Snyk sponsor

Sharp: High Performance Node.js Image Processing — A long standing package that continues to go from strength to strength.

Lovell Fuller and contributors

Eleven: Code Sandboxes with Automatic HTTPS — A tool for spinning up VMs running atop AWS or Hetzner to quickly run apps on runtimes including Node, Python, Ruby, and Go.

Eleven

neon-env: A Typed Environment Variable Parserenv-schema is another option in this space we’ve featured recently.

Superchupu

pgdump-aws-lambda: Stream pg_dump Output to S3 via AWS Lambda — There are other ways to do this sort of thing on AWS, but this is a pretty direct and flexible way to take database backups.

James H

Jasmine 4.5
↳ Simple testing framework for browsers and Node.

Medusa 1.6
↳ Open-source Shopify-esque ecommerce platform.

node-deep-equal 2.1
↳ assert.deepEqual(), faster, as a standalone module.

AdminJS 6.6 – Automatic admin interfaces.

easy-soap-request 5.2 – Small SOAP client.

npm 9.1.0

💻 Jobs

Full-Stack Engineer (NYC / Remote) — 100M+ devices, 100B+ API calls. Radar is looking for Product Engineers to build geospatial dev tools.

Radar

Find Tech Jobs with Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It’s free for job-seekers.

Hired

🤔 A brief aside..

Glitch is an online JavaScript app development and hosting platform that emerged from the remnants of Fog Creek Software (of FogBugz and Stack Overflow fame). I’ve been keeping an eye on it since it came out in 2018.

Unlike most platforms, Glitch has a light-hearted, whimsical approach where users are encouraged to play, ‘remix’ other people’s apps, and generally focus on smaller (often communual) apps. It was acquired by Fastly earlier this year.

I’ve been playing a little more with it recently and while it’s not the best known or most production focused platform, if you want to build small experiments, teach other people to code, or even just throw up a quick Eleventy-built static site or blog, it’s fantastic and worth checking out. You even get some persistent storage and can use SQLite behind your apps which is a neat touch.

(Replit is another player in this space that I’m also keen on. It’s a bit more serious but also offers extra features, scale, and official support for other languages.)

Leave a comment

Your email address will not be published. Required fields are marked *