#509 — November 7, 2023
Awesome Node Security: A Curated List of Node Security Resources — Includes links to libraries like Helmet (which just had a new release a few hours ago), educational resources, tools, and even stories of incidents like the left-pad incident (which, somehow, was a whole seven years ago!)
Need to Offer SSO to Your Customers? Use WorkOS — WorkOS lets you quickly build enterprise features like SAML & SCIM. Integration is seamless with beautiful API docs and SDKs. Join hundreds of companies using WorkOS—including Vercel, PlanetScale & Webflow—and make your app Enterprise Ready today.
Building AI Apps with LangChain and Node.js — Discover the basics of building a Retrieval-Augmented Generation (RAG)-powered application using the LangChain framework (a popular framework for working with LLMs available in both Python and Node).
In other ‘runtimes that aren’t Node’ news, Bun v1.0.10 has just landed too, with a 14% faster node:http (a compatible wrapper around Bun.serve).
Node.js v20.x is now the default version on Heroku.
If you’re a VS Code user, get excited: support for moving editors into floating windows is on the way.
If you have any interest in making a Node app work as a Windows service, Jakob Wärnhjelm’s experimentation may save you a lot of time.
Node hasn’t got its new mascot yet, but the Eleventy static site generator does.
How to Build a Server-Side React App Using Vite and Express — A demo of server-side rendering and server-side data fetching without using a full-on framework — showing what React-powered frameworks actually do.
🛠 Code & Tools
Is Text or Binary? 7.0 — It first tries to determine from a filename if the contents of the file are likely to be binary or text. Failing that, it then looks at the actual data to figure it out.
Super Expressive: Build Regexes in a Fluent, ‘Natural Language’ Style — A library for building regular expressions using an ‘almost natural language’ approach. It feels a little too verbose for me, but it’s certainly readable. There’s also an online playground where you can experiment.
You Look Like You Could Use a T-Shirt. And a Better Auth Provider — Spin up a local instance of FusionAuth in just 5 minutes. Send us a screenshot and we’ll send you a t-shirt. It’s free.
log-update 6.0: Logging by Overwriting the Previous Output — Imagine a console.log that just overwrites itself on the same line each time. Perhaps for rendering progress bars, animations, etc.
node-datachannel 0.5: libdatachannel Bindings for Node — libdatachannel is a standalone C++17-based implementation of various WebRTC standards, as well as WebSockets, for use on POSIX platforms.
Google Cloud SQL Node.js Connector 1.1 – Work with Cloud SQL instances from Node.
setup-node 4.0 – Set up a GitHub Actions workflow with a specific Node version.
unix-permissions 6.0 – Helper library for working with POSIX file permissions.
node-llama-cpp 2.8 – Run AI models locally with Node.js llama.cpp bindings.
temporary-path 1.0 – Get a random temporary path / directory.
Nightwatch.js 3.3 – Integrated end-to-end testing framework.
file-type 18.6 – Detect the file type of a buffer.
📢 See if you qualify for $2,400 in Temporal Cloud credits and access to support and services with our new Temporal Cloud for Startups program.
“Maintaining an open-source project is like being a flight attendant for an airline where all tickets are free and the majority of customer surveys offer suggestions on how to fly the airplane.”
Kelsey Hightower #