Best Practices for Creating a Modern npm Package — A step-by-step “as of 2022” walkthrough of creating your own npm package using current best practices. It’s very thorough and certainly worth revisiting, even if you’ve built a package already. As always, though, there’s more than one way to do it, and other tools like np can be brought into the mix as needed.
Brian Clark (Snyk)
On Automatically Finding Bugs in the Node.js Ecosystem — A quick look at a recent USENIX paper ‘Mining Node.js Vulnerabilities via Object Dependence Graph and Query‘ (direct PDF link) about the creation of a system that creates dependency graphs and uses them to find bugs in other systems (an enterprise which resulted in 70 CVE identifiers being issued to the team so far!)
Paul Ducklin (Sophos)
Node.js 18.9.0 has been released, but it’s a relatively minor release with no headline features.
✉️ Did you know we have a React newsletter too? This week’s issue is packed with neat stuff, including why useSyncExternalStore is so useful.
The Basics of Remix — Remix is the up and coming full stack Web framework with a lot of neat ideas. This introduction covers all the basics of handling routing, form handling, headers, meta tags and links to get you up and running.
Brittney Postma
🛠 Code & Tools
SafeQL: An ESLint Plugin for Your SQL Queries — Clever idea. It hooks into your database and then guides you as to mistakes you might make when writing SQL queries in your JavaScript code. Postgres only for now, but supports any client.. whether Prisma, pg, Sequelize, or whatever.
ts-safeql
Find Tech Jobs with Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It’s free for job-seekers. Hired
