Introducing “safe npm”, an npm wrapper by Socket
socket.dev
@bmeck,
@SocketDev
“Safe npm” by Socket transparently wraps the npm command and protects users when they execute npm install , from “malware, typosquats, install scripts, protestware, telemetry, and more – 11 issues in all”.
Vite 4.2.0
github.com
@vitejs
Highlights:
- Support env variables replacement in HTML files
- Sourcemaps improvements
- ESM subpath imports
- TypeScript 5 support
- esbuild 0.17
- Use Rollup types from the vite package
RunJS - The JavaScript Playground for your Desktop
runjs.app
Sponsor
Write and run JavaScript and TypeScript with instant results, see runtime values, experiment with NPM packages. Available for Mac, Windows and Linux.
Turbowatch: fast file change detector and task orchestrator for Node.js
github.com
@gajus
Turbowatch is similar to Nodemon, but provides a few additional features such as a Node.js API. It is written in TypeScript.
Quoting the project’s readme:
If you are working on a very simple project, i.e. just one build step or just one watch operation, then you don't need Turbowatch.
Turbowatch is designed for monorepos or otherwise complex workspaces where you have dozens or hundreds of build steps that depend on each other (e.g. building and re-building dependencies, building/starting/stopping Docker containers, populating data, sending notifications, etc).
Time for a change? Emerging cybersecurity startup seeks JavaScript talent
defendify.breezy.hr
Sponsor
Defendify is an award-winning, all-in-one cybersecurity platform developer, looking for a senior full stack engineer to join full-time. This is a unique and exciting opportunity as Defendify continues to rapidly expand its groundbreaking platform, especially designed for the non-enterprise.
Node.js security progress report: permission model merged
openjsf.org
@openjs-foundation
Quote: “February included several major steps forward in improving Node.js security. We merged the Permission Model which we built over the past 8 months. This will make Node.js more secure by allowing the user to restrict machine resources, such as file system. More information will be provided on Node.js v19.9.0 release.”
Speeding up the JavaScript ecosystem – npm scripts
marvinh.dev
@marvinhagemeister
Quote: “npm scripts are executed by JavaScript developers and CI systems all around the world all the time. Despite their high usage they are not particularly well optimized and add about 400ms of overhead. In this article we were able to bring that down to ~22ms.”
|