Below you can find RisingStack's collection of the most important Node.js news, projects, updates & security leaks from this week:
The new pipeline is built upon Ignition, V8’s interpreter, and TurboFan, V8’s newest optimizing compiler. These technologies should be familiar to those of you who have followed the V8 blog over the last few years, but the switch to the new pipeline marks a big new milestone for both.
This post shows how we packed our Kubernetes microservices app with Helm and made them easy to reproduce in various environments.
At RisingStack we use Kubernetes with tens of microservices to provide our Node.js monitoring solution for our SaaS customers. During the last couple of months, we were asked by many enterprises with strict data compliance requirements to make our product available as an on-premises solution. So we had to find a solution that makes easy for them to install Trace as a single piece of software and hides the complexity of our infrastructure.
Our situation was different. Everyone on the GitHub Desktop team is a native developer by trade—three from the .NET world and one from Cocoa. We knew how to make native apps, so how and why did we end up here?
In this post you will learn how to quickly spin up a reproducible development environment with Docker to manage a number of Node.js microservices.
The end goal of this post is to organize the technologies from the above image into the following containers and services:
The typical use case for this high speed Node.js module is to convert large images in common formats to smaller, web-friendly JPEG, PNG and WebP images of varying dimensions.
npm install sharp
Resizing an image is typically 4x-5x faster than using the quickest ImageMagick and GraphicsMagick settings. Colour spaces, embedded ICC profiles and alpha transparency channels are all handled correctly. Lanczos resampling ensures quality is not sacrificed for speed.
This is an introduction to snapcraft.io and electron-builder, tools that enable you to deliver your Node and Electron applications to millions of Linux users.
Packaging for Linux used to be hard, but that has changed: the Snapcraft team have built a platform that makes it simple to build and publish your applications so they run on all the major Linux distributions. It gives you tools to deliver updates at a high frequency without compromising stability. Push a commit and it will automatically build for free in the store for your users.
Vulnerable npm Packages Discovered:
- Regular Expression Denial of Service (ReDoS) - amqp-match package, ALL versions
- Regular Expression Denial of Service (ReDoS) - ms package, versions <2.0.0
Previously in the Node.js Weekly
In the previous Node.js Weekly Update we read about Writing Secure Node Code, Project Glimpse, Post-Mortem Diagnostics, using Docker Compose & more..