Node.js Weekly Update - 26 May, 2017

By Gergely Németh

Node.js Weekly Update - 26 May, 2017

Below you can find RisingStack‘s collection of the most important Node.js news, projects, updates & security leaks from this week:

1. npm: basic http authentication to be limited soon

Since before the release of npm 2.0 in 2014, the company has encouraged developers using its’ APIs to use token authentication instead of passing username and password in a basic auth header.

Node.js Weekly Update - 26 May, 2017

Over the next few weeks we will be turning the recommendation into a requirement: basic http authentication will no longer work for any of the npm registry endpoints that require authorization. Instead you should use bearer tokens.

2. Node.js Streams: Everything you need to know

Streams are Node’s best and most misunderstood idea. Node.js streams have a reputation for being hard to work with, and even harder to understand.

Node.js Weekly Update - 26 May, 2017

Over the years, developers created lots of packages out there with the sole purpose of making working with streams easier. But in this article, I’m going to focus on the native Node.js stream API.

3. Getting Started with AWS Lambda & Node.js

Since the launch of AWS Lambda back in 2014, serverless (or FaaS – Function as a Service) computing became more and more popular. It lets you concentrate on your applications’ functionality by not having to worry about your infrastructure.

Node.js Weekly Update - 26 May, 2017

In this article we will discuss what serverless programming is, and how to get started with AWS Lambda as a Node.js Developer.

4. Node.js Security: Broken Authentication

Broken Authentication and Session Management attacks are anonymous attacks with the intention to try and retrieve passwords, user account information, IDs and other details.

Node.js Weekly Update - 26 May, 2017

This is a note about Node.js security, by reading the amazing book Securing Node Applications by @ChetanKarade, which explains couple of common vulnerabilities in very simple way, and provides relevant npm modules as solutions to protect Node.js Web Apps.

5. The Contributors Guide to webpack — Part 1

Jumping into an unfamiliar codebase (or any for that matter) for the first time can be scary. Plus, if it’s your first time contributing to open source, it can even be scarier!

Node.js Weekly Update - 26 May, 2017

at webpack believe:

  • Any (even non-technical) individual should feel welcome to contribute.
  • However you decide to contribute, it should be fun and enjoyable for you!
  • Even after your first commit, you will walk away understanding more about webpack or JavaScript.
  • Consequently, you could become a better developer, writer, designer, etc. along the way, and we are committed to helping foster this growth.

6. Using ES6 and modern language tools to program a MIDI controller

This detailed blogpost summarizes the challenges of creating a flexible and customizable MIDI controller mapping for the Mixxx DJ software.

Node.js Weekly Update - 26 May, 2017

I will focus on the technical aspects of using the scripting facilities of the platform, and tackling the difficulties encountered on the journey.

7. NodeConf Argentina Announced

Argentina is among the first international Node.js conferences taking place in Latin American territory, and a not-for-profit community effort to push Node.js forward in Argentina and Latin America as a whole.

Node.js Weekly Update - 26 May, 2017

This year’s conference will be a three–day event in sunny Buenos Aires, Argentina, held during October 26th, 27th & 28th. Both action-packed days will be comprised of internationally acclaimed, regional, and local speakers. We are expecting Noders, JavaScripters, front-enders, and other programmers from all over the world.

8. Node Interactive North America: Full Schedule Announced

Node Interactive will cover everything from security, diagnostics, machine learning & more. The Full schedule is up now!

Node.js Weekly Update - 26 May, 2017

Node.js Interactive is the marquee event for Node.js developers, companies that rely on Node.js and the vendors that support both of these constituents with tools, training and other services.

Vulnerable npm Packages Discovered:

High severity

Previously in the Node.js Weekly

In the previous Node.js Weekly Update we read about Ignition and Turbofan in V8, Packing a Kubernetes Node app with Helm, Developing Microservices & more..

We help you to stay up-to-date with Node.js on a daily basis too. Check out our Node.js news page and its Twitter feed!