Below you can find RisingStack's collection of the most important Node.js updates, projects, tutorials & Node related conferences from this week:
Passwords can be guessed, phone numbers can be spoofed, but using two-factor authentication essentially requires that user be in possession of a physical device with an app like Google Authenticator, loaded with a secret key for the given app, which provides an extra layer of security.
Since I use 2FA so often, I wanted to see how the process is managed by a developer for its users. That would include generating the secret key, creating its QR code representation, scanning the code into Google Authenticator (done by the user), and then validating that GA-given code against the user's key. I found an easy to use Node.js library, speakeasy, to do so!
Here are 8 habits for happy Node hackers updated for 2017. They're specifically for app developers, rather than module authors, since those groups have different goals and constraints.
- Lock Down Your Dependency Tree
- Hook Things Up
- Keep Your Promises
- Automate Your Code Formatting with Prettier
- Test Continuously
- Wear Your Helmet
- HTTPS all the things
Learn how you can build a Twilio Messaging Hub in only 7 Minutes with StdLib!
What You’ll Need Beforehand:
- 1x Twilio Account
- 1x Command Line Terminal
- 7x Minutes (or 420x Seconds)
In this article we summarize the insights we learned from our latest survey on developers problems with Node.js Debugging, Downtimes, Microservices & other pain-points.
Key Findings of the Node.js Survey:
- 29,27% of Node.js developers experience downtimes in production systems at least once a week, 54,02% at least once a month.
- 27,50% of Node developers responding to the survey never experience downtimes.
- 42,82% of the respondents spend more than 2 hours a week with debugging their Node.js applications, including the 17,09% who spends more than 5 hours.
- The developers building a microservices architecture with Node spend more time with debugging. The advantage of microservices + Node manifests in the form of fewer downtimes.
Interested in learning how Node.js can help streamline your digital processes and the latest trends with this application platform?
In this interactive online seminar, we’ll reveal how companies like Capital One, Slack, Skycatch, and NASA benefit from using Node.js, from enabling rapid data experimentation to building innovative experiences on connected devices.
In the live Q & A session, you will have the chance to ask questions about specific use cases and learn why Node.js is the platform of choice for building digital experiences.
The fourth annual conference will be held November 27th and 28th, 2017 in Nashville, TN.
Node Core Changes:
- Child processes
stderrare now available on the error output of a failed call to the
util.promisify()ed version of
- A regression that broke certain scenarios in which HTTP is used together with the
clustermodule has been fixed.
rejectUnauthorizedoption now works properly for unix sockets.
- A change that broke
npm initand other code which uses
readlinemultiple times on the same input stream is reverted.
process.release properties in 8.1.1 causing failure to compile native add-ons on platforms other than Windows. This is a fix in the Node.js build process so there are no additional code commits included on top of 8.1.1.
Node.js Related Conferences
- NodeFest Tokyo, Hosei University, Tokyo, Japan
- Node Summit, San Francisco (CA), United States
- dot Conferences, Paris, France
- JS Kongress Munich, Munich, Germany (June 18)
- Write/Speak/Code, Portland (OR), United States (June 20)
- NodeConf EU, Kilkenny, Ireland (June 30)
- Open Source Summit Europe, Prague, Czech Republic (July 8)
- Non Binary in Tech, London, UK (July 15 )
- CloudNativeCon + KubeCon North America 2017, Austin (TX), United States (August 21)
- CubaConf, Havana, Cuba (
Source: The Node Foundation Newsletter
Vulnerable npm Packages Discovered:
Cross-Site Scripting (XSS)
- next package, versions <2.4.3
- citypredict.whauwiller package, ALL versions
- dmmcquay.lab6 package, ALL versions
- byucslabsix package, ALL versions
- jikes package, ALL versions
- scott-blanch-weather-app package, ALL versions
- node-simple-router package, ALL versions
- wffserve package, ALL versions
- elding package, ALL versions
- next package, versions <2.4.1 || >=3.0.0-beta1 <3.0.0-beta7
- serve package, versions <5.2.0 || =5.2.1