It’s great to know what your technologies and tools can do. But sometimes it is even more important to know what they cannot.
For the last few weeks I worked a lot with the dates, frequency and cron jobs. If you have tasks in same area next article could be very useful:
What Cron Can't Do and How To Do It Anyway
In it you’ll find ways to solve intervals and specific dates (for example holidays).
I’ve solved such issues with additional variables - interval names (“day”, “week”, “month”) and values.
To know more - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#cron
For the last few weeks I worked a lot with the dates, frequency and cron jobs. If you have tasks in same area next article could be very useful:
What Cron Can't Do and How To Do It Anyway
In it you’ll find ways to solve intervals and specific dates (for example holidays).
I’ve solved such issues with additional variables - interval names (“day”, “week”, “month”) and values.
To know more - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#cron
Cron To Go: Run scheduled tasks on your Heroku Apps
What Cron can't do and how to do it anyway
Cron can't handle week intervals, last day of month, every 40 minutes or every 2 days an annual Thanks giving job. Or can it?
In software development it is very important to keep the errors consistent.
You can check github repository that describes the way of handling Node.js apps errors:
Handle errors in a simple, stable, consistent way
For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #errors
You can check github repository that describes the way of handling Node.js apps errors:
Handle errors in a simple, stable, consistent way
For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #errors
GitHub
GitHub - ehmicky/modern-errors: Handle errors in a simple, stable, consistent way
Handle errors in a simple, stable, consistent way. Contribute to ehmicky/modern-errors development by creating an account on GitHub.
During application development you usually need to run some tasks at specific times or with some intervals. This means that sooner or later you’ll face the need to choose the scheduler.
Main criterias here are: Support for Persistence, Prevention of Duplicate Job Execution and Scaling.
In the blog post What is a Job Scheduler you’ll find the most common Node.js modules for this - Agenda, Bull, Bree, Node-Cron.
Among them I recommend Bull (anyway you probably use Redis in your app and don’t want to install additional db) or using separate (micro)service.
To get more interesting information - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #scheduler
Main criterias here are: Support for Persistence, Prevention of Duplicate Job Execution and Scaling.
In the blog post What is a Job Scheduler you’ll find the most common Node.js modules for this - Agenda, Bull, Bree, Node-Cron.
Among them I recommend Bull (anyway you probably use Redis in your app and don’t want to install additional db) or using separate (micro)service.
To get more interesting information - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #scheduler
Dead Simple Chat Blog
Best Node.JS Schedulers
Dead Simple Chat offers prebuilt Chat that can be added in minutes to any app or website. Can be completely customized and offers powerful JavaScript API and SDK. In this article, we will compare the top Node.JS Cron Scheduler libraries and we will go through…
Videos and animations become a more and more important part of web development. So the skill of rendering and automatic generation of this kind of content is essential for Node.js developers.
Good tutorial to start with is Video Rendering with Node.js and FFmpeg.
For more articles and tutorials subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #ffmpeg #video
Good tutorial to start with is Video Rendering with Node.js and FFmpeg.
For more articles and tutorials subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #ffmpeg #video
Creatomate
Video Rendering with Node.js and FFmpeg - Creatomate
This tutorial shows you how to render dynamic videos using pure JavaScript and Node.js, along with the help of FFmpeg for the encoding.
The JavaScript Promise Integration (JSPI) - Google V8 API that bridges WebAssembly and asynchronous web. The WebAssembly JSPI API suspends a Wasm application when it issues a synchronous API call and resumes it when the asynchronous I/O operation is completed.
Some time ago I’ve written an article Node.js: In Go We Trust where described generation of WASM file built with Golang.
But nothing stays the same and in article
Introducing the WebAssembly JavaScript Promise Integration API you’ll find the description of the new API and examples with Emscripten and C/C++.
So follow me on Medium and subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#webassembly #wasm
Some time ago I’ve written an article Node.js: In Go We Trust where described generation of WASM file built with Golang.
But nothing stays the same and in article
Introducing the WebAssembly JavaScript Promise Integration API you’ll find the description of the new API and examples with Emscripten and C/C++.
So follow me on Medium and subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#webassembly #wasm
Medium
Node.js: In Go We Trust
- Looks like we’re shy one horse. - You brought two too many. - Once Upon a Time in the West, 1968
Changes in 9th version of npm (released some time ago but anyway) you’ll be able to find in article Exploring New Features in npm 9.
As for me the most interesting is install-strategy - hoisted, nested and shallow.
For more info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#npm
As for me the most interesting is install-strategy - hoisted, nested and shallow.
For more info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#npm
Medium
Exploring New Features in npm 9
Changes in config, timing, loglevel, login, addUser, query, pack, access, and install, along with removals
Blue-green deployment is a release management technique that reduces risk and minimizes downtime. It uses two production environments, known as Blue and Green to provide reliable testing, continuous no-outage upgrades, and instant rollbacks.
If you for some reason don’t use Kubernetes you still are able to release this deployment strategy for the Node.js application with Nginx and pm2.
How? You’ll find instruction in article Blue Green Deployment for Node.js Without Kubernetes
And for more interesting articles - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #nginx #pm2 #deployment
If you for some reason don’t use Kubernetes you still are able to release this deployment strategy for the Node.js application with Nginx and pm2.
How? You’ll find instruction in article Blue Green Deployment for Node.js Without Kubernetes
And for more interesting articles - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #nginx #pm2 #deployment
Semaphore
Blue Green Deployment for Node.js Without Kubernetes - Semaphore
Discover how to perform Blue-Green deployments from scratch without Kubernetes. Along the way you'll learn CI/CD integration, Nginx, bash scripting, and the Linux permissions system.
If you are a JavaScript developer - check your code again.
Are you sure that you handled all the “unhandled rejections”?
If not - check the post of Jake Archibald The gotcha of unhandled promise rejections
Spoiler:sometimes you need to write something like “preventUnhandledRejections” specifically if you use old versions of Node.js (please update) for example (<12.9.0) .
Not to miss something useful - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#javascript #nodejs #promises
Are you sure that you handled all the “unhandled rejections”?
If not - check the post of Jake Archibald The gotcha of unhandled promise rejections
Spoiler:
Not to miss something useful - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#javascript #nodejs #promises
Jakearchibald
The gotcha of unhandled promise rejections
A rough edge with promises that can sneak up on you.
In article Middleware for web applications: it’s not just for enterprises you’ll find the reasons and ways to implement with middlewares such common functionalities as authentication/authorization (hope you know the difference) using 3 different languages - Golang, JavaScript and Python.
Additionally you’ll find a lot of useful links in the “Learn More” section.
Also a lot of useful links you can find in Tech Read channel so subscribe and enjoy.
Likes, shares and recommendations are welcome.
#middleware #javascript #golang #python
Additionally you’ll find a lot of useful links in the “Learn More” section.
Also a lot of useful links you can find in Tech Read channel so subscribe and enjoy.
Likes, shares and recommendations are welcome.
#middleware #javascript #golang #python
GitHub
Middleware for web applications: it’s not just for enterprises
Middleware for web applications is not just for enterprises, argues @echorand, and empowers you to write cleaner, more maintainable code. See how:
Let’s talk a little bit about Npm audit. It’s a great tool to protect you code in several ways:
- Generate and review security audit reports
- Verify the registry signatures of downloaded packages
- Checking and fixing of vulnerabilities
More - in NPM Audit: 5 Ways to Use it to Protect Your Code article and don’t forget to subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#npm
- Generate and review security audit reports
- Verify the registry signatures of downloaded packages
- Checking and fixing of vulnerabilities
More - in NPM Audit: 5 Ways to Use it to Protect Your Code article and don’t forget to subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#npm
www.jit.io
Read Jit Blog Post: NPM Audit: 5 Ways to Use it to Protect Your Code | Jit.io
NPM Audit is a comprehensive tool for dealing with your entire node module folder in one fell swoop. Learn more with Jit.
The Apache Kafka is a great instrument for event streaming used by thousands of big and small companies for complex architectures and simple applications. As for me it’s one of “need to know” tools in modern software engineering.
And it’s good to start learning about this technology with The Apache Kafka Handbook on FreeCodeCamp.
Also subscribe to Tech Read channel. In regular posts you’ll find a lot of info about other tools, technologies, languages etc.
As usual, shares and recommendations are welcome.
#kafka
And it’s good to start learning about this technology with The Apache Kafka Handbook on FreeCodeCamp.
Also subscribe to Tech Read channel. In regular posts you’ll find a lot of info about other tools, technologies, languages etc.
As usual, shares and recommendations are welcome.
#kafka
freeCodeCamp.org
The Apache Kafka Handbook – How to Get Started Using Kafka
By Gerard Hynes Apache Kafka is an open-source event streaming platform that can transport huge volumes of data at very low latency. Companies like LinkedIn, Uber, and Netflix use Kafka to process trillions of events and petabtyes of data each day. ...
Just a List of Enterprise Integration Patterns with small description, schema and details.
Will be useful and interesting for architects and engineers.
Hope as useful and interesting a Tech Read channel.
Likes, shares and recommendations are welcome.
#patterns
Will be useful and interesting for architects and engineers.
Hope as useful and interesting a Tech Read channel.
Likes, shares and recommendations are welcome.
#patterns
Telegram
Tech Read
Talks about #nodejs, #javascript, #architecture and #softwareengineering
This post is the selection of useful npm modules:
1. OTPAuth - One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.
HOTP (HMAC-based One-Time Password) and TOTP (Time-based One-Time Password) are two commonly used algorithms for generating one-time passwords (OTP) in two-factor authentication systems.
HOTP generates OTPs based on a counter value and a secret key using a hash-based message authentication code (HMAC) algorithm. Each time a new OTP is generated, the counter value is incremented.
TOTP, on the other hand, generates OTPs based on a combination of a secret key and the current time. A timestamp is used as the counter value, and the OTP changes every 30 seconds (default value).
2. Concurrent.js - Non-blocking Computation for JavaScript RTEs (Web Browsers, Node.js & Deno).
Non-blocking computation is a technique used to allow JavaScript runtime environments (RTEs) to perform computationally intensive tasks without blocking the main thread of execution. This is achieved by executing these tasks asynchronously, using features such as web workers or worker threads.
In JavaScript, blocking the main thread can lead to performance issues and a poor user experience, as the user interface may become unresponsive while the script is running. Non-blocking computation helps to mitigate this issue by allowing these tasks to be performed in the background, without affecting the responsiveness of the user interface.
3. Malibu - Framework-agnostic CSRF middleware for modern Node.js
CSRF (Cross-Site Request Forgery) is a type of web attack where an attacker tricks a user into performing an unintended action on a web application. The attack typically involves the attacker crafting a request to the application, and then tricking the user into submitting that request through some form of social engineering, such as by clicking on a malicious link or visiting a page with a hidden form.
One common example of a CSRF attack is when an attacker creates a malicious form on a website, which is designed to submit a request to a different website that the user is already logged in to. If the user is tricked into submitting the form, the attacker can execute a malicious action on the targeted website on behalf of the user.
To prevent CSRF attacks, developers can implement security measures such as using anti-CSRF tokens or implementing same-site cookies. These measures can help to ensure that a request is only processed if it originates from an authorized source, and can help to prevent unauthorized actions on the targeted website.
For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #deno #bun #npm #csrf
1. OTPAuth - One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.
HOTP (HMAC-based One-Time Password) and TOTP (Time-based One-Time Password) are two commonly used algorithms for generating one-time passwords (OTP) in two-factor authentication systems.
HOTP generates OTPs based on a counter value and a secret key using a hash-based message authentication code (HMAC) algorithm. Each time a new OTP is generated, the counter value is incremented.
TOTP, on the other hand, generates OTPs based on a combination of a secret key and the current time. A timestamp is used as the counter value, and the OTP changes every 30 seconds (default value).
2. Concurrent.js - Non-blocking Computation for JavaScript RTEs (Web Browsers, Node.js & Deno).
Non-blocking computation is a technique used to allow JavaScript runtime environments (RTEs) to perform computationally intensive tasks without blocking the main thread of execution. This is achieved by executing these tasks asynchronously, using features such as web workers or worker threads.
In JavaScript, blocking the main thread can lead to performance issues and a poor user experience, as the user interface may become unresponsive while the script is running. Non-blocking computation helps to mitigate this issue by allowing these tasks to be performed in the background, without affecting the responsiveness of the user interface.
3. Malibu - Framework-agnostic CSRF middleware for modern Node.js
CSRF (Cross-Site Request Forgery) is a type of web attack where an attacker tricks a user into performing an unintended action on a web application. The attack typically involves the attacker crafting a request to the application, and then tricking the user into submitting that request through some form of social engineering, such as by clicking on a malicious link or visiting a page with a hidden form.
One common example of a CSRF attack is when an attacker creates a malicious form on a website, which is designed to submit a request to a different website that the user is already logged in to. If the user is tricked into submitting the form, the attacker can execute a malicious action on the targeted website on behalf of the user.
To prevent CSRF attacks, developers can implement security measures such as using anti-CSRF tokens or implementing same-site cookies. These measures can help to ensure that a request is only processed if it originates from an authorized source, and can help to prevent unauthorized actions on the targeted website.
For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#nodejs #deno #bun #npm #csrf
GitHub
GitHub - hectorm/otpauth: One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.
One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers. - hectorm/otpauth
This post is the selection of short YouTube tech videos:
1. 8 Key Data Structures That Power Modern Databases
Data structures are an essential part of software engineering, providing a means of organizing and manipulating data in memory. They are used to store and manage data in an efficient and organized manner, enabling efficient access, insertion, deletion, and search operations. Choosing the appropriate data structure for a given task is an important decision for a software engineer, as it can have a significant impact on the performance and memory usage of the application. For example, a hash table may be a good choice for fast lookup operations, while a linked list may be more suitable for frequent insertions and deletions.
Understanding data structures and their properties is an important skill for software engineers, as it can help them design and implement efficient and scalable applications.
2. CAP Theorem Simplified
CAP theorem is a fundamental concept in distributed systems that states that it is impossible for a distributed system to simultaneously provide all three of the following guarantees: consistency, availability, and partition tolerance.
Consistency refers to the requirement that all nodes in a distributed system see the same data at the same time. Availability refers to the requirement that a request made to the system must receive a response, regardless of the state of the system. Partition tolerance refers to the ability of the system to continue operating in the presence of network failures or partitioning.
Understanding CAP theorem is important for software engineers designing and implementing distributed systems, as it can help them make informed trade-offs between consistency, availability, and partition tolerance based on the specific needs of their application.
3. What is OSI Model
The OSI (Open Systems Interconnection) model is a conceptual framework that describes how communication protocols interact in a networked system. It is divided into seven layers, each representing a different aspect of network communication.
The OSI model serves as a conceptual framework for understanding network communication, allowing engineers to design and implement communication protocols that are interoperable across different systems. It is a useful tool for troubleshooting network issues and understanding how different protocols work together to provide end-to-end communication.
To know more - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#datastructures #cap #osi
1. 8 Key Data Structures That Power Modern Databases
Data structures are an essential part of software engineering, providing a means of organizing and manipulating data in memory. They are used to store and manage data in an efficient and organized manner, enabling efficient access, insertion, deletion, and search operations. Choosing the appropriate data structure for a given task is an important decision for a software engineer, as it can have a significant impact on the performance and memory usage of the application. For example, a hash table may be a good choice for fast lookup operations, while a linked list may be more suitable for frequent insertions and deletions.
Understanding data structures and their properties is an important skill for software engineers, as it can help them design and implement efficient and scalable applications.
2. CAP Theorem Simplified
CAP theorem is a fundamental concept in distributed systems that states that it is impossible for a distributed system to simultaneously provide all three of the following guarantees: consistency, availability, and partition tolerance.
Consistency refers to the requirement that all nodes in a distributed system see the same data at the same time. Availability refers to the requirement that a request made to the system must receive a response, regardless of the state of the system. Partition tolerance refers to the ability of the system to continue operating in the presence of network failures or partitioning.
Understanding CAP theorem is important for software engineers designing and implementing distributed systems, as it can help them make informed trade-offs between consistency, availability, and partition tolerance based on the specific needs of their application.
3. What is OSI Model
The OSI (Open Systems Interconnection) model is a conceptual framework that describes how communication protocols interact in a networked system. It is divided into seven layers, each representing a different aspect of network communication.
The OSI model serves as a conceptual framework for understanding network communication, allowing engineers to design and implement communication protocols that are interoperable across different systems. It is a useful tool for troubleshooting network issues and understanding how different protocols work together to provide end-to-end communication.
To know more - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#datastructures #cap #osi
YouTube
8 Key Data Structures That Power Modern Databases
Weekly system design newsletter: https://bit.ly/3tfAlYD
Checkout our bestselling System Design Interview books:
Volume 1: https://amzn.to/3Ou7gkd
Volume 2: https://amzn.to/3HqGozy
LSM tree video: https://www.youtube.com/watch?v=I6jB0nM9SKU
Other things…
Checkout our bestselling System Design Interview books:
Volume 1: https://amzn.to/3Ou7gkd
Volume 2: https://amzn.to/3HqGozy
LSM tree video: https://www.youtube.com/watch?v=I6jB0nM9SKU
Other things…
“QUIC protocol: performance features”
In this article I want to describe main features of HTTP/3 and particularly QUIC protocol:
1. Connection Migration
2. 0-RTT Connection Set-Up
3. UDP And TLS Performance
4. Head-Of-Line Blocking Removal
5. Congestion Control
Medium link
If you liked the article and want to support the author:
Clap and follow me on Medium
Follow me on Linkedin
Subscribe to Tech Read channel
#http3 #quic #network #performance
In this article I want to describe main features of HTTP/3 and particularly QUIC protocol:
1. Connection Migration
2. 0-RTT Connection Set-Up
3. UDP And TLS Performance
4. Head-Of-Line Blocking Removal
5. Congestion Control
Medium link
If you liked the article and want to support the author:
Clap and follow me on Medium
Follow me on Linkedin
Subscribe to Tech Read channel
#http3 #quic #network #performance
Medium
QUIC protocol: performance features
There is more to life than simply increasing its speed. ― Mahatma Gandhi
Why does the search for the shortest route on the map take so fast?
One of the “secrets” is the A* algorithm is a pathfinding algorithm used to find the shortest path between two points on a graph or map. It uses a heuristic approach that estimates the distance between a given point and the destination to guide the search for the shortest path. The algorithm is widely used in video games and robotics for navigation. To use the A* algorithm on a map, we first represent the map as a graph, divide it into nodes, and create edges between them. Then, we assign a heuristic value to each node, estimating the distance between that node and the destination. The algorithm starts at the starting point, evaluates neighboring nodes, adds them to an open list, selects the node with the lowest cost, and explores its neighboring nodes. This process continues until the algorithm reaches the destination node.
More about this algorithm in YouTube video - The hidden beauty of the A* algorithm
For more info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#algorithms
One of the “secrets” is the A* algorithm is a pathfinding algorithm used to find the shortest path between two points on a graph or map. It uses a heuristic approach that estimates the distance between a given point and the destination to guide the search for the shortest path. The algorithm is widely used in video games and robotics for navigation. To use the A* algorithm on a map, we first represent the map as a graph, divide it into nodes, and create edges between them. Then, we assign a heuristic value to each node, estimating the distance between that node and the destination. The algorithm starts at the starting point, evaluates neighboring nodes, adds them to an open list, selects the node with the lowest cost, and explores its neighboring nodes. This process continues until the algorithm reaches the destination node.
More about this algorithm in YouTube video - The hidden beauty of the A* algorithm
For more info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.
#algorithms
YouTube
The hidden beauty of the A* algorithm
00:00 Intro
01:38 Change the lengths!
06:34 What is a good potential?
12:31 Implementation
16:20 Bonus
Tom Sláma's video: https://youtu.be/umszOeerdsU
Our Patreon: https://www.patreon.com/Polylog
Github: https://github.com/polylog-cs/Astar/tree/main
Blog:…
01:38 Change the lengths!
06:34 What is a good potential?
12:31 Implementation
16:20 Bonus
Tom Sláma's video: https://youtu.be/umszOeerdsU
Our Patreon: https://www.patreon.com/Polylog
Github: https://github.com/polylog-cs/Astar/tree/main
Blog:…
NPM Security best practices from OWASP Cheat Sheet Series
Short list:
1) Avoid publishing secrets to the npm registry
2) Enforce the lockfile
3) Minimize attack surfaces by ignoring run-scripts
4) Assess npm project health
5) Audit for vulnerabilities in open source dependencies
6) Use a local npm proxy
7) Responsibly disclose security vulnerabilities
8) Enable 2FA
9) Use npm author tokens
10) Understand module naming conventions and typosquatting attacks
Also a lot of useful links you can find in Tech Read channel so subscribe and enjoy.
Likes, shares and recommendations are welcome.
#npm #security #owasp
Short list:
1) Avoid publishing secrets to the npm registry
2) Enforce the lockfile
3) Minimize attack surfaces by ignoring run-scripts
4) Assess npm project health
5) Audit for vulnerabilities in open source dependencies
6) Use a local npm proxy
7) Responsibly disclose security vulnerabilities
8) Enable 2FA
9) Use npm author tokens
10) Understand module naming conventions and typosquatting attacks
Also a lot of useful links you can find in Tech Read channel so subscribe and enjoy.
Likes, shares and recommendations are welcome.
#npm #security #owasp
cheatsheetseries.owasp.org
NPM Security - OWASP Cheat Sheet Series
Website with the collection of all the cheat sheets of the project.
“JS (Browser + Node.js): Broadcast Channel API - How to Reduce Server Load”
In this article I described the use case of combining Broadcast Channel API and Shared Workers (or Worker Threads in Node.js) for reducing the number of server connections.
Broadcast Channel API is a JavaScript interface that allows communication between different browsing contexts, such as tabs or frames (or between Node.js Worker Threads, but about this at the end of the article), that share the same origin. It provides a simple publish-subscribe model for sending and receiving messages between these contexts.
Shared Worker - a special type of web worker that can be accessed by multiple instances of an application. Shared workers have a single thread of execution and a shared scope between all clients, allowing for efficient communication and synchronization between tabs.
To know how to combine them - check the article.
Medium link
If you liked the article and want to support the author:
Clap and follow me on Medium
Follow me on Linkedin
Subscribe to Tech Read channel
#javascript #nodejs #broadcastchannelapi #webapi #sharedworker
In this article I described the use case of combining Broadcast Channel API and Shared Workers (or Worker Threads in Node.js) for reducing the number of server connections.
Broadcast Channel API is a JavaScript interface that allows communication between different browsing contexts, such as tabs or frames (or between Node.js Worker Threads, but about this at the end of the article), that share the same origin. It provides a simple publish-subscribe model for sending and receiving messages between these contexts.
Shared Worker - a special type of web worker that can be accessed by multiple instances of an application. Shared workers have a single thread of execution and a shared scope between all clients, allowing for efficient communication and synchronization between tabs.
To know how to combine them - check the article.
Medium link
If you liked the article and want to support the author:
Clap and follow me on Medium
Follow me on Linkedin
Subscribe to Tech Read channel
#javascript #nodejs #broadcastchannelapi #webapi #sharedworker
Medium
JS (Browser + Node.js): Broadcast Channel API — How to Reduce Server Load
And he said to them, “Go into all the world and proclaim…” ― Mark 16:15
When Node.js is not enough
As a developer you should understand the importance of choosing the right programming language for a particular task. Node.js is a popular platform for building server-side applications using JavaScript, but sometimes we need to use other languages to take advantage of their unique features and capabilities.
Thankfully, Node.js provides several ways to integrate other programming languages into our applications. One popular approach is to use the Child Process module to spawn a child process and communicate with it through standard input/output streams. This allows us to execute external commands written in other languages and receive their output back in our Node.js application.
Another option is to use a native Node.js add-on written in another language, such as C++ or Rust, to access low-level system resources or improve performance-critical parts of our code. Node.js provides a well-documented API for building native add-ons, and there are also several community-driven tools like neon and node-ffi that simplify the process of writing and using native add-ons.
Lastly, we can also use WebAssembly, a low-level binary format designed to run in web browsers, to execute code written in other languages like C, Rust, or Go. Node.js supports WebAssembly, which allows us to load and execute WebAssembly modules directly in our Node.js applications.
Using other programming languages in Node.js can open up new possibilities and help us build more robust, performant, and scalable applications. However, it's important to choose the right approach based on our specific needs and requirements, and to carefully consider the trade-offs involved in integrating different programming languages.
To know more - subscribe to the Tech Read channel.
Also I’ll add a few links with articles about using Rust, Python and C languages with Node.js.
Likes, shares and recommendations are welcome.
#nodejs #webassembly
Links:
https://johns.codes/blog/exposing-a-rust-library-to-node-with-napirs
https://www.alxolr.com/articles/how-to-process-a-csv-file-five-times-faster-in-node-js-with-rust-and-napi-rs
https://github.com/bitair-org/linker.js
As a developer you should understand the importance of choosing the right programming language for a particular task. Node.js is a popular platform for building server-side applications using JavaScript, but sometimes we need to use other languages to take advantage of their unique features and capabilities.
Thankfully, Node.js provides several ways to integrate other programming languages into our applications. One popular approach is to use the Child Process module to spawn a child process and communicate with it through standard input/output streams. This allows us to execute external commands written in other languages and receive their output back in our Node.js application.
Another option is to use a native Node.js add-on written in another language, such as C++ or Rust, to access low-level system resources or improve performance-critical parts of our code. Node.js provides a well-documented API for building native add-ons, and there are also several community-driven tools like neon and node-ffi that simplify the process of writing and using native add-ons.
Lastly, we can also use WebAssembly, a low-level binary format designed to run in web browsers, to execute code written in other languages like C, Rust, or Go. Node.js supports WebAssembly, which allows us to load and execute WebAssembly modules directly in our Node.js applications.
Using other programming languages in Node.js can open up new possibilities and help us build more robust, performant, and scalable applications. However, it's important to choose the right approach based on our specific needs and requirements, and to carefully consider the trade-offs involved in integrating different programming languages.
To know more - subscribe to the Tech Read channel.
Also I’ll add a few links with articles about using Rust, Python and C languages with Node.js.
Likes, shares and recommendations are welcome.
#nodejs #webassembly
Links:
https://johns.codes/blog/exposing-a-rust-library-to-node-with-napirs
https://www.alxolr.com/articles/how-to-process-a-csv-file-five-times-faster-in-node-js-with-rust-and-napi-rs
https://github.com/bitair-org/linker.js
The Hidden Danger: Malware in NPM Modules
In today's interconnected world, where software development heavily relies on third-party libraries and frameworks, we must remain vigilant about the security of our codebases. One area that often goes unnoticed is the presence of malware in npm modules, posing a significant threat to our projects.
NPM (Node Package Manager) has revolutionized the JavaScript ecosystem by providing a vast collection of reusable modules. While most npm modules are developed and maintained by trustworthy individuals and organizations, the open nature of the ecosystem leaves room for potential vulnerabilities and malicious intent.
The proliferation of malware-infected npm modules has become a growing concern. Hackers have increasingly exploited this avenue to inject harmful code into unsuspecting projects. These malware-infected modules can take various forms, including hidden backdoors, data exfiltration mechanisms, crypto-mining scripts, or even ransomware.
So, how can we protect ourselves and our projects from such threats? Here are a few essential measures to consider:
1. Regularly Update Dependencies: Keeping your project's dependencies up to date is crucial. Developers often release security patches and bug fixes to address vulnerabilities. By updating your npm modules regularly, you ensure that you are using the latest, more secure versions.
2. Scrutinize Dependency Sources: When choosing npm modules, it's vital to review the module's source, maintainers, and the overall community engagement. Opt for modules that have an active developer community, reliable maintainers, and transparent code reviews. Additionally, check if the module has undergone security audits or has a history of security-related issues.
3. Analyze Module Popularity: The popularity of an npm module can be an indicator of trustworthiness. Highly popular modules usually have a larger user base and undergo more scrutiny, reducing the likelihood of malware infiltration. However, popularity alone is not a guarantee, and additional due diligence is necessary.
4. Implement Continuous Integration and Testing: Incorporating automated security checks into your development workflow is essential. Leverage tools like vulnerability scanners, static code analyzers, and dependency checkers to identify any potential security risks. Integrate these checks as part of your continuous integration (CI) and continuous deployment (CD) pipelines for maximum effectiveness.
5. Stay Informed: Stay updated with the latest news and reports on security vulnerabilities or malware incidents related to npm modules. Follow trusted sources, security forums, and advisory lists to receive timely information about emerging threats and recommended actions.
Remember, the responsibility for securing our projects lies with us as developers. By being proactive, vigilant, and implementing the best practices outlined above, we can mitigate the risks associated with malware-infected npm modules.
Stay safe, keep your codebase secure, and happy coding!
To know more - subscribe to the Tech Read channel in Telegram.
Also I’ll add a link with the article “Five Packages And Their Evil Install Scripts”.
Likes, shares and recommendations are welcome.
#npm #security #javascript
Links:
https://blog.sandworm.dev/dissecting-npm-malware-five-packages-and-their-evil-install-scripts
In today's interconnected world, where software development heavily relies on third-party libraries and frameworks, we must remain vigilant about the security of our codebases. One area that often goes unnoticed is the presence of malware in npm modules, posing a significant threat to our projects.
NPM (Node Package Manager) has revolutionized the JavaScript ecosystem by providing a vast collection of reusable modules. While most npm modules are developed and maintained by trustworthy individuals and organizations, the open nature of the ecosystem leaves room for potential vulnerabilities and malicious intent.
The proliferation of malware-infected npm modules has become a growing concern. Hackers have increasingly exploited this avenue to inject harmful code into unsuspecting projects. These malware-infected modules can take various forms, including hidden backdoors, data exfiltration mechanisms, crypto-mining scripts, or even ransomware.
So, how can we protect ourselves and our projects from such threats? Here are a few essential measures to consider:
1. Regularly Update Dependencies: Keeping your project's dependencies up to date is crucial. Developers often release security patches and bug fixes to address vulnerabilities. By updating your npm modules regularly, you ensure that you are using the latest, more secure versions.
2. Scrutinize Dependency Sources: When choosing npm modules, it's vital to review the module's source, maintainers, and the overall community engagement. Opt for modules that have an active developer community, reliable maintainers, and transparent code reviews. Additionally, check if the module has undergone security audits or has a history of security-related issues.
3. Analyze Module Popularity: The popularity of an npm module can be an indicator of trustworthiness. Highly popular modules usually have a larger user base and undergo more scrutiny, reducing the likelihood of malware infiltration. However, popularity alone is not a guarantee, and additional due diligence is necessary.
4. Implement Continuous Integration and Testing: Incorporating automated security checks into your development workflow is essential. Leverage tools like vulnerability scanners, static code analyzers, and dependency checkers to identify any potential security risks. Integrate these checks as part of your continuous integration (CI) and continuous deployment (CD) pipelines for maximum effectiveness.
5. Stay Informed: Stay updated with the latest news and reports on security vulnerabilities or malware incidents related to npm modules. Follow trusted sources, security forums, and advisory lists to receive timely information about emerging threats and recommended actions.
Remember, the responsibility for securing our projects lies with us as developers. By being proactive, vigilant, and implementing the best practices outlined above, we can mitigate the risks associated with malware-infected npm modules.
Stay safe, keep your codebase secure, and happy coding!
To know more - subscribe to the Tech Read channel in Telegram.
Also I’ll add a link with the article “Five Packages And Their Evil Install Scripts”.
Likes, shares and recommendations are welcome.
#npm #security #javascript
Links:
https://blog.sandworm.dev/dissecting-npm-malware-five-packages-and-their-evil-install-scripts
Server-Sent Events (SSE)
In one of my previous articles I’ve described the usage of BroadcastChannel API with Websockets. At the same time I’ve passed over another way of Server-Client communication. I should correct the situation.
Server-Sent Events (SSE) is a powerful technology that enables real-time communication between a server and a client. It allows the server to push data to the client over a single HTTP connection, making it an ideal choice for building interactive and event-driven applications. In this post, we will explore the concept of Server-Sent Events and how they can revolutionize the way we create real-time applications.
What are Server-Sent Events?
Server-Sent Events is a web API that enables server-initiated communication with the client. Unlike traditional request-response patterns, SSE allows the server to send data to the client without the need for the client to repeatedly poll the server for updates. This one-way communication channel opens up exciting possibilities for building real-time applications where information is delivered instantly to connected clients.
How do Server-Sent Events work?
SSE works by establishing a persistent connection between the client and the server. The server sends data to the client as a stream of events, and the client handles those events as they arrive. The connection remains open as long as both the client and the server desire, facilitating ongoing communication and real-time updates.
Benefits of Server-Sent Events:
1. Real-Time Updates: SSE provides a seamless way to deliver real-time updates to clients, enabling instant data synchronization and interaction. This is particularly useful for applications such as chat systems, social media feeds, live dashboards, and collaborative tools.
2. Simplicity and Efficiency: SSE is based on standard HTTP protocols and does not require additional dependencies or complex setup. It uses a single, long-lived connection, reducing overhead and improving efficiency compared to frequent polling or WebSocket-based approaches.
3. Compatibility: SSE is supported by most modern web browsers, making it widely accessible to a broad range of users. It can be used alongside existing web technologies, and server-side implementations can be achieved with various frameworks and languages.
4. Error Handling and Reconnection: SSE handles error conditions and reconnection automatically, ensuring robust communication. If the connection is lost, SSE attempts to reconnect, minimizing data loss and providing a seamless experience for clients.
Use Cases for Server-Sent Events:
- Real-time chat and messaging applications
- Live updates and notifications
- Collaborative document editing and shared whiteboards
- Stock tickers and financial data feeds
- Sports scores and live event updates
Conclusion:
Server-Sent Events offer a straightforward and efficient approach for building real-time applications. With its ability to push data from the server to the client, SSE simplifies the development of interactive and event-driven systems. Whether you're building chat applications, live dashboards, or collaborative tools, consider leveraging Server-Sent Events to deliver real-time updates and create engaging user experiences. Embrace the power of SSE to unlock a world of real-time possibilities in your web applications.
To know more - subscribe to the Tech Read channel in Telegram.
Also I’ll add a link to the article with SSE usage examples.
Likes, shares and recommendations are welcome.
#sse #websockets #javascript
Links:
https://javascript.plainenglish.io/js-browser-node-js-broadcastchannel-api-8d4ceb408a5
https://blog.endpts.io/server-sent-events-with-nodejs
In one of my previous articles I’ve described the usage of BroadcastChannel API with Websockets. At the same time I’ve passed over another way of Server-Client communication. I should correct the situation.
Server-Sent Events (SSE) is a powerful technology that enables real-time communication between a server and a client. It allows the server to push data to the client over a single HTTP connection, making it an ideal choice for building interactive and event-driven applications. In this post, we will explore the concept of Server-Sent Events and how they can revolutionize the way we create real-time applications.
What are Server-Sent Events?
Server-Sent Events is a web API that enables server-initiated communication with the client. Unlike traditional request-response patterns, SSE allows the server to send data to the client without the need for the client to repeatedly poll the server for updates. This one-way communication channel opens up exciting possibilities for building real-time applications where information is delivered instantly to connected clients.
How do Server-Sent Events work?
SSE works by establishing a persistent connection between the client and the server. The server sends data to the client as a stream of events, and the client handles those events as they arrive. The connection remains open as long as both the client and the server desire, facilitating ongoing communication and real-time updates.
Benefits of Server-Sent Events:
1. Real-Time Updates: SSE provides a seamless way to deliver real-time updates to clients, enabling instant data synchronization and interaction. This is particularly useful for applications such as chat systems, social media feeds, live dashboards, and collaborative tools.
2. Simplicity and Efficiency: SSE is based on standard HTTP protocols and does not require additional dependencies or complex setup. It uses a single, long-lived connection, reducing overhead and improving efficiency compared to frequent polling or WebSocket-based approaches.
3. Compatibility: SSE is supported by most modern web browsers, making it widely accessible to a broad range of users. It can be used alongside existing web technologies, and server-side implementations can be achieved with various frameworks and languages.
4. Error Handling and Reconnection: SSE handles error conditions and reconnection automatically, ensuring robust communication. If the connection is lost, SSE attempts to reconnect, minimizing data loss and providing a seamless experience for clients.
Use Cases for Server-Sent Events:
- Real-time chat and messaging applications
- Live updates and notifications
- Collaborative document editing and shared whiteboards
- Stock tickers and financial data feeds
- Sports scores and live event updates
Conclusion:
Server-Sent Events offer a straightforward and efficient approach for building real-time applications. With its ability to push data from the server to the client, SSE simplifies the development of interactive and event-driven systems. Whether you're building chat applications, live dashboards, or collaborative tools, consider leveraging Server-Sent Events to deliver real-time updates and create engaging user experiences. Embrace the power of SSE to unlock a world of real-time possibilities in your web applications.
To know more - subscribe to the Tech Read channel in Telegram.
Also I’ll add a link to the article with SSE usage examples.
Likes, shares and recommendations are welcome.
#sse #websockets #javascript
Links:
https://javascript.plainenglish.io/js-browser-node-js-broadcastchannel-api-8d4ceb408a5
https://blog.endpts.io/server-sent-events-with-nodejs