Getting under Node’s skin

June 20, 2023 By Mark Otto 0

Node.js Weekly

▶  Recreating a JS Runtime to Understand Node’s Magic — Popular speaker, educator, Microsoft MVP and Node.js core team member Erick gives a very enthusiastic talk on the latest ‘hello world’ in the JavaScript world: building a runtime 😏 Somehow, Erick manages to run through the key concepts involved in just 20 minutes.

Erick Wendel

Node.js Security Releases Due Imminently — Pencilled in for June 20, 2023 (today!), the Node.js 16.x, 18.x, and 20.x lines will all get fresh releases to fix a variety of medium and high severity security issues, as well as some OpenSSL related security updates. Keep an eye on this post if you want to upgrade ASAP.

Rafael Gonzaga

Transport Your Logs to AppSignal with Winston — Get access to all of your application’s performance logs and metrics in one place. With Winston transport, you can send your application’s logs directly to AppSignal with ease.


⏰ The OpenJS Foundation presents its latest Node.js security progress report, noting that their ‘first response time’ for processing security reports is down to a mere 8 hours (compared to their target of 48).

👿 The Register reports that malicious actors are exploiting expired AWS S3 buckets to inject harmful code into legitimate npm packages without needing to modify existing code.

🦡 The Mongoose object modelling library for MongoDB now has an online ‘playground’ – it’s still early days, but shows off Valeri’s 🐦 recent work in getting Mongoose to run in the browser using an experimental in-memory driver.

Packaging and Selling a Node.js App — The author sells an email automation tool built in Node using numerous libraries under the hood include Hapi, BullMQ and Nodemailer. There’s not a lot of depth here, but it’s interesting to see how someone brings together all the parts needed to sell such an app commercially.

Andris Reinman (EmailEngine)

🛠 Code & Tools

🙂  Node-Emoji: Simple Emoji Functions for Node — You get methods like emoji.emojify, unemojify and find to help you work with emojis and English representations of them. Supports ESM and recently rewritten to TypeScript.

Daniel Bugl

  • Nest 10.0 – Popular progressive framework for building scalable, enterprise-grade apps.

  • BBC SQS-Consumer 7.2 – Build AWS Simple Queue Service (SQS) based apps without the boilerplate.

  • Commander.js 11.0 – CLI app toolkit.

  • Limdu 1.0 – Machine learning for Node.

  • lru-cache 10.0
    ↳ A cache that deletes the least recently used items.

  • Mongoose 7.3
    ↳ Popular MongoDB object modeling library.

  • ssh2 1.14
    ↳ Pure JS SSH2 client and server modules.

  • ics 3.2
    ↳ iCalendar (ics) file generation.

Find Tech Jobs with Hired — Hired makes job hunting easy-instead of chasing recruiters, companies approach you with salary details up front. Create a free profile now.