Lodash Vulnarabilities, V8 New Release, JS Getters, and more
Snyk research team discovers severe prototype pollution security vulnerabilities affecting all versions of lodash
The popular npm library is used by 4.35 million projects on GitHub alone. Just shy of 40k GitHub project stars, the library is downloaded over 80 million times each month. Needless to say, a high severity vulnerability in a library as popular as lodash affects a large proportion of npm users.
NPM Inc settles union-busting complaints on third try – after CEO trolled for ordering internal mole hunt
Today we’re pleased to announce our newest branch, V8 version 7.6, which is in beta until its release in coordination with Chrome 76 Stable in several weeks. V8 v7.6 is filled with all sorts of developer-facing goodies. This post provides a preview of some of the highlights in anticipation of the release.
In this blog post, we talk about the utility of getters and setters in modern web development. Are they useless? When does it make sense to use them?
This blog post is first in a series of posts on fields in classes. Fields are about creating properties and similar constructs from inside the bodies of classes.
“Higher-order function” is one of those phrases people throw around a lot. But it's rare for anyone to stop to explain what that means. Perhaps you already know what a higher-order function is. But how do we use them in the real world? What are some practical examples of when and how they're useful? Can we use them for manipulating the DOM? Or, are people who use higher-order functions showing off? Are they over-complicating code for no good reason?
Countless hours have to be spent worrying about malicious users, secure p2p networking, security, and even governance when it comes towards building a Dapp. To combat this, we at Perlin have created…
Randomness is a hard problem for computers. For this reason most functions that generate randomness are not considered cryptographically secure. That means that it is possible that an attacker can take a good guess at what number a non-secure randomness generator generated.
Back in 2016, we were tasked with showcasing the newest Chrome version that supports the WebVR spec. WebVR is a technology that allows you to connect VR devices to your Browser and experience VR…
Visual Studio Code (Vs-Code) is a source code editor developed by Microsoft that can be run on all major OS’s in the world (Windows, MacOS, and Linux). It is free, open-source, and provides support for debugging as well as built-in Git version control, syntax highlights, snippets, and so on. The UI of Vs-code is highly customizable, as users can switch to different themes, keyboard shortcuts, and preferences.