Read the most important Node.js weekly news & updates:
Computer vision with OpenCV, MongoDB & the importance of secure defaults, the state of package managers, transpiling ES5 code to ES6, npm security and many more..
The 7 must-read Node.js articles/projects of this Week:
With this OpenCV tutorial, you can learn how to work with computer vision in Node.js. The article explains the basic principles with real-life use cases.
Who knew you can do face detection with Node?!
There's a widespread attack on insecure MongoDB installs that has resulted in over 28,000 databases being held ransom. This post explains the hack, how to protect yourself and what can we learn from it.
Let's take a look at the state of Node.js package managers, what they can do for you, and when you should pick which one!
Lebab transpiles your ES5 code to ES6/ES7. It does exactly the opposite of what Babel does.
This post outlines ten tips to help you become a better Node developer in 2017.
Here’s what it covers:
- Avoid complexity - Organize your code into the smallest chunks possible
- Use asynchronous code & avoid synchronous code like the plague.
- Avoid blocking require - Put ALL your require statements at the top of the file.
- Know that require is cached - This could be a feature or a bug in your code.
- Always check for errors - Never throw errors and never skip the error check.
- Use try…catch only in sync code - it is useless for async code, plus V8 can’t optimize code in try...catch as well as plain code.
- Return callbacks or use if … else - Return a callback to prevent execution from continuing.
- Listen to the error events - Almost all Node classes/objects extend the event emitter (observer pattern) and emit the error event. Be sure to listen to that.
- Know your npm - Install modules with
- Use exact versions in package.json: Never trust semver in your apps, but do so in open-source modules.
- Use different dependencies. The more un-required dependencies you have, the greater the risk of vulnerability.
More details in the article.
In the new episode of The New Stack Makers podcast, Guy Podjarny, CEO of Snyk and Gergely Nemeth, CEO of Trace (the Node.js Debugging Tool) discussed Node.js module security during the latest Node Interactive conference.
Who is ultimately responsible for the security around these third-party modules?
Is it the original module creator? Or, if a project is open source, and since these contributions are created out of sheer goodwill for the betterment of the community, some argue that the burden of ensuring their security falls upon those using them.
Todd Moore, who is the Vice President of Open Technology at IBM and a member of the Node.js Foundation Board of Directors provides his perspective of the Node.js Foundation board and how it compares to others.
Previously in the Node.js Weekly Update