October 10, 2023
Turn on loading images 😉- Logo ECMAScript News

Speeding up the JavaScript ecosystem: the barrel file debacle

marvinh.dev @marvinh@infosec.exchange

“Many projects are littered with files that just re-export other files. These so called ‘barrel files’ are one of the key reasons why JavaScript tooling is slow in bigger projects.”

This could be your ad

ecmascript.news Sponsor

With an ad or a job offer in ECMAScript News, you reach a select, tech-savvy audience of over 16,000 subscribers for a reasonable price. More information on our ads.

A comprehensive guide to the dangers of regular expressions in JavaScript

www.sonarsource.com @philnash@mastodon.social

“I first heard about regular expression denial of service (ReDoS) vulnerabilities from GitHub's Dependabot. Several of my projects over the years have had dependencies that suffered from ReDoS vulnerabilities, and I would bet that if you've built any JavaScript project with dependencies, you've also come across this.”

[...]

“In this article, we are going to look deeper into ReDoS and show what can go wrong. We'll investigate real-life examples of vulnerable regular expressions from outage reports and open source. We'll see what can go wrong with seemingly innocent regular expressions like /\s*,\s*/ or /^(.+\.)*localhost$/. We'll understand what causes expressions like these to be vulnerable and see ways to fix and avoid ReDoS issues.”

Using the Intl segmenter API

polypane.app @kilian@mastodon.social

“The Intl API in browsers has a ton of functionality around editing and formatting of text and numbers. [The segmenter API] allows you to break up text into segments based on the language of the text.”

JS Party podcast: Reflecting on Bun’s big launch with Jarred Sumner [54-minute audio]

changelog.com github.com/Jarred-Sumner @jerod@changelog.social @jsparty@changelog.social

“Fresh off Bun’s big 1.0 launch, Jarred Sumner goes one-on-one with Jerod to discuss the all-in-one JavaScript runtime that’s captured the interest of many. We get into it all: what problem he’s solving, how it’s so fast, why no Windows support, answering the critics, the (not real) beef between Bun and Node, how the VC-backed startup will sustain and more.”

Invitation to Ecma TC53 [ECMAScript modules for embedded systems] workshop

www.ecma-international.org github.com/EcmaTC53

Workshop for embedded JavaScript in Cupertino, USA, on 2023-12-06:
  • “[…] participants will discuss proposals and consider options for embedded JavaScript standardization […]”
  • “You will learn about the current state of the art in developing embedded systems with JavaScript […]”
  • “You can help ensure the standard meets your products needs by participating in the workshop […]”

This email was sent to {{ email | default }}. You can unsubscribe from this list here or update your preferences.