Tag
The article discusses the TC39 ShadowRealm proposal, which aims to allow JavaScript execution in isolated environments (realms) without using iframes or web workers, improving code sandboxing and performance.
A new npm package called safe-install is introduced to enhance supply chain security by allowing developers to disable install scripts by default and block exotic sub-dependencies, addressing ongoing vulnerabilities.
A high-severity supply-chain compromise affected 42 TanStack npm packages, exfiltrating cloud credentials and SSH keys. Users are advised to rotate credentials and reinstall from clean lockfiles if they installed packages during the attack window.
A developer reports a real UUID v4 collision in a database with only 15,000 records, raising questions about the randomness of the uuid npm package.
This article explores the technical challenges of generating text-selectable PDFs on the client side, introducing SDocs as a solution and providing installation instructions for its CLI tool.
Aube is introduced as a new, high-performance Node.js package manager that is significantly faster than pnpm and bun while using less disk space by utilizing a global store for dependencies.
OpenAI released version 6.36.0 of the openai-node library, which provides TypeScript and JavaScript access to the OpenAI REST API and introduces workload identity authentication features for secure cloud environments.
srvx is a new runtime-agnostic server framework that lets the same code run on Node.js, Deno, Bun and Cloudflare Workers while using native Web APIs and achieving ~97% native performance.
A developer shares their GitHub Actions setup for testing a Gleam monorepo with separate BEAM and JavaScript runtimes, using matrix strategies and strict formatting checks.
Qwen 3.6 35B achieves near-perfect 283/285 line recall on a 108 k-token JS file, outperforming Gemma 4 27B (6/16 passes) and fixing long-context weaknesses of earlier Qwen versions.
Developer Matt Smith explains why he now favors step-by-step code over long method chains in JavaScript for easier debugging and performance.
An analysis of how modern frontend development became increasingly complex, tracing the evolution from static HTML documents through AJAX to Single Page Applications (SPAs) with frameworks like React, Vue, Angular, and Svelte, examining whether this complexity is essential or accidental.
Anthropic releases v0.89.0 of the Claude SDK for TypeScript, providing developers with updated access to the Claude API for server-side TypeScript and JavaScript applications.
OpenAI Node.js SDK v6.33.0 release providing TypeScript/JavaScript access to OpenAI APIs with support for the new Responses API and workload identity authentication across Kubernetes, Azure, and GCP.
OpenAI Node.js SDK v6.31.0 release - TypeScript/JavaScript library for accessing OpenAI's REST API with support for Chat Completions and Responses APIs, featuring workload identity authentication for cloud environments.
Wasmer used OpenAI Codex to build a C++ JavaScript runtime for edge WebAssembly in two weeks—work they estimate would have taken a year—turning the model into an autonomous teammate that debugs and largely replaces traditional IDE use.