View profile and other Adventures in Nodeland - Issue #67

Matteo Collina
Matteo Collina
Hi Folks, how are you doing? I’m starting to plan the launch of some new OSS in the fall… I can’t wait to share it all with you. Anyway, here are my notes for last week!

Matteo Collina
I've recently set up a new Node.js project with @GitHub actions and @npmjs workspaces. Here are my insights (🧶):
readable-stream v4.1.0 makes abort-controller lazy-required.
  1. HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213)
  2. HTTP Request Smuggling - Improper Delimiting of Header Fields (Medium)(CVE-2022-32214)
  3. HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215)
  4. DNS rebinding in –inspect via invalid IP addresses (High)(CVE-2022-32212)
  5. DLL Hijacking on Windows (High)(CVE-2022-32223)
  6. Attempt to read openssl.cnf from /home/iojs/build/ upon startup (Medium)(CVE-2022-32222)
  7. OpenSSL - AES OCB fails to encrypt some bytes (Medium)(CVE-2022-2097)
I’ve been following Jarred journey in building Bun for the last year or so. Bun is a delight.. and it plans to have Node.js and NPM compatibility! I can’t wait to see what you all will build with it.
Bun is a fast all-in-one JavaScript runtime
My ex-colleague Paolo Insogna wrote a great piece on [email protected], summing up all the updates and improvements we shipped in Node.js streams in the last few years. Check it out.
What if you could run the VS Code UI locally but develop remotely? I’m really excited for all the possibility that VS Code Server will bring!
The VS Code Server
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.