We have 11 links for you - the latest on JavaScript and tools

‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏ ‌‍‎‏

June 11, 2025

Subject: Configuring Node.js; analyzing JS & CSS bundles; May TC39 meeting; JS directives; optional chaining; date day periods; pnpm v10.12; Vitest 3.2

The easiest security tool you will ever install.

socket.dev Sponsor

Socket’s developer-first platform detects and blocks malicious packages in real time. Our tools help developers quickly evaluate open source risk, automating the majority of dependency reviews to drastically reduce manual security engineering work. Socket analyzes the actual code of your dependencies to alert you to supply chain attacks and 70+ indicators of risk. Install our free GitHub app today.

Stop losing sleep over Node.js config: Here’s how to get it right

blog.platformatic.dev @lirantal@infosec.exchange github.com/lucamaraschi @platformatic@fosstodon.org

“Raise your hand if you’ve ever pushed a Node.js app to production, only to realize too late that a critical environment variable was missing or misconfigured. Don’t worry; we’ve all been there.”

“But why exactly is configuration so deceptively tricky? And how can you ensure your team isn’t quietly planting security vulnerabilities or hidden bugs in plain sight?”

Sonda: universal visualizer and analyzer for JavaScript and CSS bundles

sonda.dev github.com/filipsobol

“Sonda is a universal visualizer and analyzer for JavaScript and CSS bundles. It generates an interactive HTML report that is more accurate and detailed than some alternatives. The accuracy is achieved by analyzing source maps and showing the size of each module after tree-shaking and minification.”

JavaScript features

ECMAScript proposal updates at the 2025-05 TC39 meeting

ecmascript-daily.github.io @azu_re@mstdn.jp

Pragmas, magic comments and directive prologues in JavaScript and TypeScript

macwright.com @tmcw@mastodon.social

Write more reliable JavaScript with optional chaining

allthingssmitty.com github.com/allthingssmitty

Intl.DateTimeFormat: format dates as day periods such as "in the morning", "noon", etc.

www.raymondcamden.com @raymondcamden@mastodon.social

New versions

pnpm v10.12: global virtual stores for faster installation, new catalog features, and more

github.com @pnpm@fosstodon.org

Vitest 3.2: improvements to Browser Mode and TypeScript support

vitest.dev @vitest@webtoo.ls

“Vitest 3.2 focuses on improvements to Browser Mode and TypeScript support. This release also includes some new useful methods, config options and deprecates the workspace config in favour of projects.”

‍

This email was sent to {{ email | default }}. You can unsubscribe from this list here or update your preferences.

‍