node-v0.x-archive VS cli

On 16 February 2009, a GitHub commit was made. By a person who would later turn out to be the creator of two of the most successful, impactful, and standard tech platforms the world has ever seen. Who is he? Let's explore.

Based on several issues in the Node repository (nodejs/node-v0.x-archive#7729, nodejs/node-v0.x-archive#5488, nodejs/node#5436) this error can occur when a DNS server fail to respond, perhaps due to it rate-limiting requests. Reducing DNS lookups can reduce or eliminate these errors.

I don't know how node is processing the stream and buffering or not buffering. I just invested the past few hours into researching Node.js buffering and not buffering read(). There are more than one issue regarding the subject-matter, e.g., https://github.com/nodejs/node/issues/2972, https://github.com/nodejs/node-v0.x-archive/issues/4000, https://github.com/nodejs/node/issues/6379. From what I gather Node.js blames the process itself. However, I run the same algorithm using Python, C++, C, QuickJS JavaScript engine where the RSS does not exponentially increase during usage.

setTimeout implementation: https://github.com/nodejs/node-v0.x-archive/blob/master/lib/timers.js

...or something similar to that. I mean, it's pretty close to that. You can see for yourself if you want. These lines there are exactly what they do: They set thisValueto point to module.exports and then they execute your file/module with that as the value of this. (Only they have some additional helper stuff like ReflectApply because there are some additional complexities now with modules. In the older versions of the code you could see the apply call directly there.

I was referring to node <0.1.30[1] which did have promises for a while. largely from jQuery deferred, which were ungood in a couple ways I don't remember. but also remarkably similar.

I still largely think kris kowal building the "Q" promise library is what made promises interesting, what surfaced the idea that we might want to first-class our completeablea/futures. I know kris had some specific inspirations but I forget what.

pains me somewhat to this day that promises ultimately became somewhat un-value like, that handlers don't get to see what it was resolving. all the chain/spawn discussion, the functional promise folk: they got rolled by those insisting we had to target only the lowest rings of the developership, and that allowing more potent systems was unacceptable. wish I could find those es-discusa threads, for the powerful sorrow of the afteath, what we are stuck with, in it's so lites form, haunts me. especially as we double back a decade latter & invent controllers & signals toanage our promises. which we would have had for free.

way off topic now. forgive me my late night ramblings.

[1] https://github.com/nodejs/node-v0.x-archive/blob/v0.1.30/Cha...

We are pleased to introduce Semantic Versioning and release channels to Snyk CLI from v.1.1291.0 onwards. In this blog post, we will share why we are introducing these changes, what problems these changes solve for our customers, and how our customers can opt-in according to their needs.

You can use tools such as Snyk to generate your reports. Snyk also powers the docker scan command that's integrated into Docker's CLI.

Scan your projects for vulnerabilities regularly More development platforms add features to check if the dependencies of your application contain a vulnerable packages. In modern ASP.NET you can use dotnet list package --vulnerable and in NPM you can use npm audit. It's even better to automatically scan your dependencies regularly. You can use tools like snyk or mend.io (formerly Whitesource) to help you with that. Those tools are expensive but have some advanced features.

Snyk

Hi folks, I'm diving into Snyk this time. This is a platform for developer security that helps protect infrastructure as code, dependencies, containers, and code. Snyk includes the following products and mostly focuses on security and dependency monitoring:

In this article, you learned all about how SQL injections manifest in Node.js applications and discovered multiple strategies to help prevent them. From updating your ORM and SQL libraries, sanitizing user inputs, and using query placeholders to leveraging the Snyk IDE extension for Visual Studio Code, you have a whole host of measures to secure your Node.js applications against SQL injection attacks.

Snyk is one of the most popular tools to work with security stuff and helps you to find vulnerabilities in your not just codebase but infrastructure.

So you've just bought a new platform tool? Maybe it's Hashicorp Vault? Snyk? Backstage? You’re excited about all of the developer experience, security and other benefits you're about to unleash on your company—right? But wait…

Snyk can also be used as an IDE extension to find insecure code in React codebases and can help you fix any security vulnerabilities in open source dependencies.