#635 — April 20, 2023 Read on the Web JavaScript Weekly Introducing npm Package Provenance — As stewards of the official npm registry, GitHub has been keen to improve its security. As of this week, if you build npm packages through GitHub Actions, you can publish the provenance of a package which gives users a …
Read More “On the origin of packages”
In the world of Node.js, application development, speed, flexibility, and scalability are critical for modern software development. However, the risk of vulnerabilities and security breaches looms with the increasing reliance on open-source Node packages. NCM (NodeSource Certified Modules) is the next-generation security solution that empowers Node.js developers to safeguard their applications easily and confidently. This …
Read More “Unleashing the Power of NCM: Safeguarding Node.js Applications with Next-Generation Security in N|Solid”
#634 — April 13, 2023 Read on the Web JavaScript Weekly The JavaScript Equality Table Game — Minesweeper will feel like a walk in the park after this reminder of the horrors of JavaScript’s ==. If you need to go in depth, Section 7.2.14 of the ECMAScript spec will help, but otherwise? Stick to three …
Read More “The return of ECMAScript 2023 (and Angular)”
#633 — April 6, 2023 Read on the Web ❓ JavaScript Weekly on a Thursday? It’s true. As well as it being Good Friday tomorrow, we’ve decided to move to Thursday permanently going forward. We hope you have a good Easter, if you celebrate it, otherwise enjoy one fewer email on Fridays ????__Your editor, Peter Cooper JavaScript …
Read More “JavaScript on your schedule”
#632 — March 31, 2023 Read on the Web JavaScript Weekly JavaScript Import Maps Now Supported Cross-Browser — ES modules provide a modern way to include and reuse JavaScript code in web apps, and import maps provide the bridge between using module names in code and where those modules can actually be loaded from. Thomas Steiner …
Read More “Import maps go universal”
#631 — March 24, 2023 Read on the Web JavaScript Weekly Speeding Up the JavaScript Ecosystem: npm Scripts — The latest in what has been a fascinating series on finding ‘low hanging fruit’ when it comes to performance in the JavaScript world. The author explains it best himself: “‘npm scripts’ are executed by JavaScript developers …
Read More “Playwright now offers a UI mode”
#630 — March 17, 2023 Read on the Web JavaScript Weekly ???? Transformers.js: Running ML Models in the Browser — Transformers are a type of machine learning model often used for natural language or visual processing and while running such models directly in the browser is in its infancy, Transformers.js opens up some ML models …
Read More “Transformers: JavaScript in Disguise”
#629 — March 10, 2023 Read on the Web JavaScript Weekly JavaScript Features from the Past Few Years — Packed with examples, this post tackles the changes and tweaks to JavaScript and TypeScript over the past several years (some as far back as ES6/ES2015, like tagged template literals). Linus Schlumberger Astro’s 2023 Web Framework Performance Report — …
Read More “New JavaScript features of the past few years”
Introducing nsuv nsuv is a C++ wrapper around libuv with the main goal of supporting compile-time type safety when propagating data. You can find the open source package here: https://github.com/nodesource/nsuv Here at NodeSource we are focused on fixing issues for the enterprise. This includes adding functionality and features to Node.js that are useful for enterprise-level …
Read More “Introducing nsuv”
#628 — March 3, 2023 Read on the Web JavaScript Weekly Sandworm Audit: A New JS Auditing Tool — A command-line tool to scan a project and dependencies for vulnerabilities, license issues, and related problems. You get JSON reports, visualizations of dependency trees, and a CSV of all dependencies and license information. Sandworm Experiments with the JavaScript …
Read More “Garbage collector experiments”