| npm Security Update: What GitHub's Learnt About April's Attack — Last month, GitHub, the stewards of the npm registry, reported that stolen OAuth tokens were used to access certain private repositories, private package manifests & metadata, as well as npm user account data. Here's an update. Notably: “GitHub discovered a number of plaintext user credentials for the npm registry that were captured in internal logs following the integration of npm into GitHub logging systems.” Ouch. Don't store secrets or credentials in version control (or logs). Greg Ose (GitHub) |
| Making TypeScript 'Stick' — Test your knowledge through quizzes, challenges, and even a TypeScript gameshow in this new course by Mike North! Frontend Masters |
| TypeScript 4.7 Released — The headline feature for the typed JavaScript superset is ES module support for Node.js – a feature that has been infamously difficult to implement, and whose reliance on file extensions continues to provoke debate – plus CommonJS interoperability (from ES modules), improved function inference, control-flow analysis for bracketed element access, and more. Daniel Rosenwasser |
| Next.js's Layouts RFC: Big Changes Ahead for Next.js — If you’re a Next.js user, you’ll want to read this as some significant updates are on the way, particularly around routing, app structure, and layouts (including nested layouts). Neutkens, Markbage, et al. (Vercel) |
| IN BRIEF: DigitalOcean has launched a new serverless functions-as-a-service platform – yes, you can run your JS code on it. Angular 14 (currently in RC phase) is due imminently – a look at what's new. Netlify has hired Ryan Carniato, the founder of the SolidJS project, to work on it full-time – here's his story. Node 17 goes 'end of life' next week, joining Node 12 which went EOL in April. GitHub Actions can now use Node 16 – Node 12 support remains for now. Ghost is a Node.js-built CMS and blogging platform that has become an ecosystem and business all of its own, and there's a new major version out now: Ghost 5.0 RELEASES: Electron 19 – Gets Chromium 102, V8 10.2, and Node 16.14.2. Neutralino.js 4.6 – Lightweight cross-platform desktop app framework. fast-check 3.0 – Property based testing framework. Knex 2.1.0 – SQL builder for Node.js. Cypress 9.7.0 – Testing for anything in a browser. Storybook 6.5 – UI component dev tool. |
| Software Engineers — Sticker Mule is the Internet's most "kick ass" brand. Our software team operates from 17 countries, and we're always looking for more exceptional engineers.
Sticker mule |
| Find JavaScript Jobs with Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It's free for job-seekers.
Hired |
|
| Dark Patterns in UX — Higher-order functions are an important feature that cannot be overlooked in functional programming, allowing for easy nesting of functions to archive a specific task. Learn more about them from this article. Kendo UI for Angular |
| The Balance Has Shifted Away From SPAs — “how the context has changed in recent years to give MPAs more of an upper hand against SPAs”. (MPAs are Multi-Page Apps. Or just ‘apps’ to me.) Nolan Lawson |
|
