July 4, 2023  |
Ecma International approves three new ECMAScript standardswww.ecma-international.org The 125th General Assembly held in Geneva on 27 June 2023 approved the following documents that are relevant to the JavaScript community:
- ECMA-262 14th edition – ECMAScript 2023 Language Specification
- ECMA-402 10th edition – ECMAScript 2023 Internationalization API specification
- ECMA-419 2nd edition – ECMAScript embedded systems API specification
|
|
|
|
ESLint v8.44.0 releasedeslint.org github.com/mdjermanovic @eslint@fosstodon.org Highlights [quoting the blog post]:
- The
no-extra-parens rule has a new option ternaryOperandBinaryExpressions.
eslint.config.js configuration files can now also export a promise that resolves to the configuration array. This can be useful for using ESM dependencies in CommonJS configuration files.- The
context.parserServices property is now deprecated in favor of SourceCode#parserServices. This change is part of the implementation of language plugins.
- ESLint’s default parser
espree now supports RegExp v flag with set notation + properties of strings ES2024 syntax. Please note that the core rules have not yet been updated to support this syntax.
|
|
The massive bug at the heart of the npm ecosystemblog.vlt.sh github.com/darcyclarke The blog post summarizes a new “manifest confusion” supply chain attack as follows:
- a npm package’s manifest is published independently from its tarball
- manifests are never fully validated against the tarball’s contents
- the ecosystem has broadly assumed the contents of the manifest & tarball are consistant
- any tools or insights using the public registry are succeptible to exploitation/likely inaccurate
- bad actors can hide malware & scripts in direct or transitive dependencies that go undetected
|
|
| |
This email was sent to {{ email | default }}. You can unsubscribe from this list here or update your preferences. |
| |