proposal-shadowrealm
cli
proposal-shadowrealm | cli | |
---|---|---|
19 | 72 | |
1,376 | 8,024 | |
1.2% | 0.8% | |
6.0 | 9.6 | |
12 days ago | about 18 hours ago | |
HTML | JavaScript | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
proposal-shadowrealm
-
Updates from the 98th TC39 meeting
ShadowRealm: ECMAScript Proposal, specs, and reference implementation for Realms [Stage 3 -> 2].
-
Should you use jest as a testing library?
You can't out of the box. There is an open issue on the Node.js repositoryto let the node:vm module to use the vm's context, but it is still open. It seems that the Node.js core team is interested in fixing this problem by implementing the new ShadowRealm spec, and I think we will make some progress during 2023.
-
Building an Extension System on the Web
ShadowRealms — a successor of the Realms proposals, this API is intended for use cases exactly like plugins or extension systems, providing an option for creating distinct global environments to run the code in. While not entirely secure on its own, this API could provide a strong foundation to build actual extension systems on the Web. That said, 4 years later, the TC39 proposal is currently only at stage 3, not implemented by any browser;
-
Vitest vs Jest benchmarks on a 5 year old real work SPA
With --no-isolate it was 2.8x faster than vitest and 1.7x faster than Jest, but 19 tests failed (see table above). Some people report issues with watch mode when using --no-isolate. So I decided to not pursue it any further. Once the vm module that Vitest relies on supports ESM, or when the amazingly named Shadow Realms are added to JavaScript, we will likely get this performance boost for free without the downsides.
-
Improving Vitest Performance
If ShadowRealms are ever added to EcmaScript (and implemented into V8/Node) they'll allow for a different approach to isolating code that would be faster without the downsides of sharing global.
- Virtualization is not an important enough use case for the web platform to tradeoff ergonomics and possible confusion for web devs, who by and large […] do not understand the separation between the specs. More to the point, they really shouldn't need to.
-
Is there an npm package for perchance?
Eventually I will get around to creating a "proper" package by just grabbing all the JS that is loaded by the code in the iframe, and bundling it up. We really need the ShadowRealm proposal to go through because the perchance engine messes with a lot of JS internals, so it would mess up the rest of your app. Could do it in a WebWorker, but then everything would have to be async.
-
Show HN: Run unsafe user generated JavaScript in the browser
The upcoming JavaScript Shadow Realms proposal looks like it solves a similar problem: https://github.com/tc39/proposal-shadowrealm/blob/main/expla...
- Named Element IDs Can Be Referenced as JavaScript Globals
-
Running user code in the browser (for a leetcode clone)
Browser-based JavaScript doesn't yet have a way to isolate code fully in this manner though there is a new JavaScript feature on the way that would provide this capability. Its called ShadowRealm and would basically give you a new global context to execute code that's completely separate from your main document code.
cli
-
'everything' blocks devs from removing their own NPM packages
Because sometimes I make idiotic mistakes and I really don't want that embarrassing stuff out there where people can see. I ran head first into an npm bug once when I tried to symlink the README file which resulted in the thing getting published without a README.
https://github.com/npm/cli/issues/6746
Embarrassing. And then they slapped me with a stupid 24 hour count down on top of it. I seriously hate this thing.
-
Ledger's NPM account has been hacked
This is the same NPM that made a change causing the `integrity` field to go silently missing from `package-lock.json` [0] when installing packages, and then also not complaining at any other time in the future.
[0] https://github.com/npm/cli/issues/4460
-
What's New in Node.js 21
Node.js v21 includes npm v10.2.0, which notably introduces a new sbom command that allows you to generate a Software Bill of Materials (SBOM) for the current project. You can read more about the changes in recent NPM releases on GitHub.
-
Gatsby instalación con problemas recurrentes al conflictuar con cersión de NPM (aparentemente)
npm ERR! This is an error with npm itself. Please report this error at: npm ERR! https://github.com/npm/cli/issues
- Unable to connect to the NPM Registry
-
Quick full-stack app deployment using AWS and Ember.js
You'll need an AWS account and AWS credentials configured locally. We'll use pnpm but you could also use npm or yarn. The finished app is available on github.
-
Building and Launching a Serverless GraphQL React Application with AWS Amplify: A Step-by-Step Guide
~/Documents/amplify-hackathon/amplify-react-graphql-demo main !5 ?3 npm install -g @aws-amplify/cli 1 ✘ 4s 22:11:35 changed 26 packages in 25s 7 packages are looking for funding run `npm fund` for details npm notice npm notice New minor version of npm available! 9.4.0 -> 9.6.5 npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.6.5 npm notice Run npm install -g [email protected] to update! npm notice
-
Multi stage docker build failing due to some error in bcrypt, how to fix it?
10 18.95 npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.6.4
-
Question about CS2s demo viewer and movie features/capabilities
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated npm WARN deprecated [email protected]: This SVGO version is no longer supported. Upgrade to v2.x.x. added 1692 packages, and audited 1699 packages in 23s 211 packages are looking for funding run `npm fund` for details 27 vulnerabilities (1 low, 7 moderate, 18 high, 1 critical) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force Run `npm audit` for details. npm notice npm notice New minor version of npm available! 9.5.1 -> 9.6.2 npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.6.2 npm notice Run npm install -g [email protected] to update! npm notice
- Everything about package.json
What are some alternatives?
wtfjs - 🤪 A list of funny and tricky JavaScript examples
gluetun - VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
Pentive - Collaborative Spaced Repetition
octo.nvim - Edit and review GitHub issues and pull requests from the comfort of your favorite editor
vm2-process - Execute unsafe javascript code in a sandbox
nvm for Windows - A node.js version management utility for Windows. Ironically written in Go.
vrite - Open-source developer content platform
yarn.build - Build 🛠 and Bundle 📦 your local workspaces. Like Bazel, Buck, Pants and Please but for Yarn Berry. Build any language, mix javascript, typescript, golang and more in one polyglot repo. Ship your bundles to AWS Lambda, Docker, or any nodejs runtime.
caja - Caja is a tool for safely embedding third party HTML, CSS and JavaScript in your website.
vscode-dev-containers - NOTE: Most of the contents of this repository have been migrated to the new devcontainers GitHub org (https://github.com/devcontainers). See https://github.com/devcontainers/template-starter and https://github.com/devcontainers/feature-starter for information on creating your own!
LavaMoat - tools for sandboxing your dependency graph
enquirer - Stylish, intuitive and user-friendly prompts, for Node.js. Used by eslint, webpack, yarn, pm2, pnpm, RedwoodJS, FactorJS, salesforce, Cypress, Google Lighthouse, Generate, tencent cloudbase, lint-staged, gluegun, hygen, hardhat, AWS Amplify, GitHub Actions Toolkit, @airbnb/nimbus, and many others! Please follow Enquirer's author: https://github.com/jonschlinkert