October 11, 2021
Security, Security, Security... and other Adventures in Nodeland - Issue #30
Hey Noders! Last week have been dedicated to Security work and the finalization of pino@7.. as well as reading a few very interesting articles! Thanks for following along.. and let me know what you think of this issue!
Node.js® is a JavaScript runtime built on Chrome’s V8 JavaScript engine.
|
I’m starting this edition of Adventures in Nodeland by reminding you to upgrade your Node.js on Wednesday 13th.. as a set of vulnerability fixes will be released for all LTS lines. I’m running point for this release train.. let’s see how it is going!
|
You don’t need me to tell you that open source software is… kind of a big deal in the month of October.
|
|
You don’t need me to tell you that open source software is… kind of a big deal in the month of October.
|
Thursday 14th of October I will speak at the Open Source Symposium by Hashnode about my early days in OSS and what made a difference!
After almost a year in development, pino@7 is ready for prime time. All known transports have been updated and shipped, ready for v7.0.0 to hit npm. If things go according to plan, I’ll ship it next week, ready for my talk on pino@nodeconf!
|
🌲 super fast, all natural json logger. Contribute to pinojs/pino development by creating an account on GitHub.
|
|
🌲 super fast, all natural json logger. Contribute to pinojs/pino development by creating an account on GitHub.
|
Last week I shipped a new security release of fastify-static, fixing an Open Redirect problem in certain conditions. Update!
|
Plugin for serving static file as fast as possible - Release v4.2.4 · fastify/fastify-static
|
|
Plugin for serving static file as fast as possible - Release v4.2.4 · fastify/fastify-static
|
Unfortunately, not all fixes are well planned and we had to introduce another fix for the same problem as the fix introduced more problems:
|
Plugin for serving static file as fast as possible - Release v4.4.1 · fastify/fastify-static
|
|
Plugin for serving static file as fast as possible - Release v4.4.1 · fastify/fastify-static
|
Last week we shipped Mercurius v8.6.0 and v8.5.0, adding two small features to the “messenger of the gods”: Mercurius. You might wonder why two minor release in a short timeframe… I tend to release as soon as I merge a change, in a form of continuous delivery (otherwise it’s very likeky that I would forget to ship!). Check them out:
|
Implement GraphQL servers and gateways with Fastify - Release v8.6.0 · mercurius-js/mercurius
|
|
Implement GraphQL servers and gateways with Fastify - Release v8.6.0 · mercurius-js/mercurius
|
|
Implement GraphQL servers and gateways with Fastify - Release v8.5.0 · mercurius-js/mercurius
|
|
Implement GraphQL servers and gateways with Fastify - Release v8.5.0 · mercurius-js/mercurius
|
I have found the following twitter thread incredibly fascinating. I have often worked in the aftermath of “10x engineers” and I can confirm: the result of their software is full of major flaws as they leave the teams and products they have created just to not fix them.
I have been using the new release feature of GitHub for a few months now… and it’s awesome and a true time saver. I release a new version of a module each day and this help me quite significantly! Try it out!
|
GitHub is where developers come to learn and celebrate what’s new in open source, and where maintainers share, collaborate and celebrate their community’s work. One of the most important parts of the software development life cycle is delivering your software to those who use it.
|
|
GitHub is where developers come to learn and celebrate what’s new in open source, and where maintainers share, collaborate and celebrate their community’s work. One of the most important parts of the software development life cycle is delivering your software to those who use it.
|
Flow is one of the most important concept a developer must learn to harness to be great at their job. While in Flow, we can code much better. Read up an article from Sarah Drasner:
|
Your description for this link…
|
|
Your description for this link…
|
Last week all Facebook went down for a while. The following article explains in great detail what happened and what went wrong… and how all the Internet of today relies on a spec done in 1989!
|
“Facebook can’t be down, can it?”, we thought, for a second. Today at 1651 UTC, we opened an internal incident entitled “Facebook DNS lookup returning SERVFAIL” because we were worried that something was wrong with our DNS resolver 1.1.1.1.
|
|
“Facebook can’t be down, can it?”, we thought, for a second. Today at 1651 UTC, we opened an internal incident entitled “Facebook DNS lookup returning SERVFAIL” because we were worried that something was wrong with our DNS resolver 1.1.1.1.
|
