Below you can find RisingStack‘s collection of the most important Node.js news, updates & tutorials from this week:
On July 12th, 2018, an attacker compromised the npm account of an ESLint maintainer and published malicious versions of the
eslint-config-eslint packages to the npm registry. On installation, the malicious packages downloaded and executed code from pastebin.com which sent the contents of the user’s
.npmrc file to the attacker. An
.npmrc file typically contains access tokens for publishing to npm.
We, the ESLint team, are sorry for allowing this to happen. We hope that other package maintainers can learn from our mistakes and improve the security of the whole npm ecosystem.
The malicious package versions are
email@example.com, both of which have been unpublished from npm. The
pastebin.com paste linked in these packages has also been taken down.
Setting up a good test framework can be tricky regardless of what language you’re using. In this post, we’ll uncover the hard parts of testing with Node.js, the various tooling we decided to utilize in Winds 2.0, and point you in the right direction for when it comes time for you to write your next set of tests.
REPL stands for read-eval-print-loop, or just an interactive session (usually in your terminal), where you can enter some expression and immediately evaluate it, seeing the result. After evaluating, the whole flow repeats, and it works until you exit the process. So,
R stands for reading your command,
E stands for evaluating it,
P stands for printing the result of the execution, and
L means to run the whole process again, “in the loop”.
Building websites with user authentication and management (login, registration, password reset, etc.), can be a huge pain. As a developer there are a million little things you need to worry about:
- Storing the users in your database
- Making sure you have the right user attributes defined
- Forcing users to be logged in to view a page
- Building registration and login forms
- Creating password reset workflows that email users a link
- Verifying new users when they sign up via email
Node.js can be very useful when it comes to building Command-line Interfaces also known as CLI’s. This post teaches you how to build a CLI that asks some questions and creates a file, based on the answers.
Indreed is a Rest API for scraping jobs from Indeed and around the web. It is powered by my personal web scraping project and layered on a rest API. Its a real Rest API and can be used from any platform using any programming language.
Viriciti, a company focused on electric vehicle fleet monitoring, orchestrates hundreds of thousands of messages per second into real-time dashboards using Node.js, microservices, and serverless. They use Express Gateway, an open source API gateway built on Express.js, to make data available through their API tier.
Hackable and configurable to the core, signale can be used for logging purposes, status reporting, as well as for handling the output rendering process of other node modules and applications.
Previous Node.js Updates:
From the previous Weekly Node.js Update:
- Node v10.6.0 (Current) Released. Update now!
- Multi-server Chat in Node Without a Database
- The Art of Node: An introduction to Node.js
- Case Study: How Bustle uses Node.js to Speed Up App Development