Below you can find RisingStack's collection of the most important Node.js news, projects, updates & security leaks from this week:
Since before the release of npm 2.0 in 2014, the company has encouraged developers using its' APIs to use token authentication instead of passing username and password in a basic auth header.
Over the next few weeks we will be turning the recommendation into a requirement: basic http authentication will no longer work for any of the npm registry endpoints that require authorization. Instead you should use bearer tokens.
Streams are Node’s best and most misunderstood idea. Node.js streams have a reputation for being hard to work with, and even harder to understand.
Over the years, developers created lots of packages out there with the sole purpose of making working with streams easier. But in this article, I’m going to focus on the native Node.js stream API.
Since the launch of AWS Lambda back in 2014, serverless (or FaaS - Function as a Service) computing became more and more popular. It lets you concentrate on your applications' functionality by not having to worry about your infrastructure.
In this article we will discuss what serverless programming is, and how to get started with AWS Lambda as a Node.js Developer.
Broken Authentication and Session Management attacks are anonymous attacks with the intention to try and retrieve passwords, user account information, IDs and other details.
This is a note about Node.js security, by reading the amazing book Securing Node Applications by @ChetanKarade, which explains couple of common vulnerabilities in very simple way, and provides relevant npm modules as solutions to protect Node.js Web Apps.
Jumping into an unfamiliar codebase (or any for that matter) for the first time can be scary. Plus, if it’s your first time contributing to open source, it can even be scarier!
at webpack believe:
- Any (even non-technical) individual should feel welcome to contribute.
- However you decide to contribute, it should be fun and enjoyable for you!
- Consequently, you could become a better developer, writer, designer, etc. along the way, and we are committed to helping foster this growth.
This detailed blogpost summarizes the challenges of creating a flexible and customizable MIDI controller mapping for the Mixxx DJ software.
I will focus on the technical aspects of using the scripting facilities of the platform, and tackling the difficulties encountered on the journey.
Argentina is among the first international Node.js conferences taking place in Latin American territory, and a not-for-profit community effort to push Node.js forward in Argentina and Latin America as a whole.
Node Interactive will cover everything from security, diagnostics, machine learning & more. The Full schedule is up now!
Node.js Interactive is the marquee event for Node.js developers, companies that rely on Node.js and the vendors that support both of these constituents with tools, training and other services.
Vulnerable npm Packages Discovered:
- Arbitrary Command Execution - windows-cpu package, ALL versions
Previously in the Node.js Weekly
In the previous Node.js Weekly Update we read about Ignition and Turbofan in V8, Packing a Kubernetes Node app with Helm, Developing Microservices & more..