(g+) Immutable.js: Ein Klassiker für unveränderliche Datenstrukturen
Immutable.js zeigt, wie sich komplexer State kontrollierter modellieren lässt und warum persistente Datenstrukturen immer noch mehr sind als ein theoretisches Konzept. Von Fabian Deitelhoff ( Spannendes Web, Javascript)
Attacken auf Javascript-Engine: Unzählige Nutzer durch Chrome-Lücke gefährdet
Ein Klick auf einen Link genügt, um in Google Chrome Schadcode zur Ausführung zu bringen. Angreifer machen davon bereits Gebrauch. ( Sicherheitslücke, Google)
(g+) Blazor 2026: Warum C# im Web stärker wird - aber Javascript bleibt
Blazor verspricht Webentwicklung ohne ständigen Wechsel zwischen C# und Javascript. Doch wie weit trägt das, wenn React, Angular und Vue das Web weiter prägen? Ein Ratgebertext von Fabian Deitelhoff ( Softwareentwicklung, .Net)  serial devices using JavaScript, including USB and Bluetooth devices with virtual serial ports. And this week’s Firefox 151 release introduced support for the Web Serial API on desktop.
“Most folks won’t use this API,” acknowledges Mozilla’s blog, “but for our community … ⌘ Read more
White House App Is a Terrifying Security Mess
New submitter spazmonkey writes: From a hidden GPS tracker polling your location every 4.5 minutes to JavaScript loaded from a random GitHub account, no SSL certificate pinning, and an in-app browser that silently strips cookie consent dialogs and paywalls from every page you visit, the new White House app seems to have a little bit of everything. A security researcher pulled the APK a … ⌘ Read more
Firefox vs. Chrome: Which Performs Better on a Linux Laptop?
Phoronix staged “a showdown” between Firefox and Chrome, testing them both on an Intel Panther Lake laptop running Ubuntu 26.04.
JetStream 3.0 was announced at the end of March as the latest major web browser benchmark. This updated version of JetStream is focused on intensive portions of modern JavaScript and WebAssembly web applications… Google Chrome … ⌘ Read more
Google Proposes JSIR As A High-Level IR For JavaScript
Google engineers have been developing JSIR as a high-level intermediate representation (JSIR) for JavaScript that they are already using in production at the company code code analysis and transforming other code/bytecode to JavaScript as well as for deobfuscating JavaScript code… ⌘ Read more
Hmm I think it’s a bug in the Javascript. It’s meant to be 
↳
In-reply-to
»
@prologic so...
⤋ Read More
@bender@twtxt.net Correctamundo! In this case, it’s available for the browser as a single (optionally-minified) JavaScript file, or for Node via NPM (as JS) and JSR.io (as “native” TypeScript).
I had to do it that way because I wanted a library I could use in both an Express server (for TwtKpr and TwtStrm) and the browser (for my website and… TwtStrm).
Hopefully, I’ll have more to share about those other projects soon…
↳
In-reply-to
»
New library alert => Last night, I published
⤋ Read More
twtxt-lib, a new isomorphic TypeScript library for parsing and interacting with twtxt.txt files. Check out the demo at https://twtxt-lib.itsericwoodward.com/!
An isomorphic TypeScript library is a codebase, written in TypeScript, that can run in multiple JavaScript environments, most commonly both the web browser (client-side) and a server (like Node.js). The core idea is to share the exact same code across the frontend and backend, avoiding duplication and improving efficiency.
Is AI Impacting Which Programming Language Projects Use?
“In August 2025, TypeScript surpassed both Python and JavaScript to become the most-used language on GitHub for the first time ever…” writes GitHub’s senior developer advocate.
They point to this as proof that “AI isn’t just speeding up coding. It’s reshaping which languages, frameworks, and tools developers choose in the first place.”
Eighty percent of … ⌘ Read more
Fake Job Recruiters Hid Malware In Developer Coding Challenges
“A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks,” reports the Register.
Researchers at software supply-chain security company ReversingLabs say that the threat actor creates fake companies in the blockchain and crypto-trading sectors and publ … ⌘ Read more
Cloudflare Acquires Team Behind Open Source Framework Astro
Cloudflare has acquired the core team behind the open source JavaScript framework Astro, bringing its creators in-house while pledging to keep Astro fully open source. The New Stack reports: Astro is used by major brands like IKEA, Unilever, Visa and OpenAI to build fast, content-driven websites. Search engines prioritize fast-loading and clean pages, the … ⌘ Read more
44% Of GNOME Core Apps Are Written In C, 13% In JavaScript & 10% In Rust
GNOME developer Sophie Herold has shared some interesting end-of-year code stats for the GNOME project. The “GNOME” codebase is up to 6,692,516 lines of code at the end of 2025 with 1,611,526 lines of that being from GNOME apps. Where the data gets interesting is on the programming language breakdown in different areas… ⌘ Read more
Micro QuickJS Engine Compiles & Runs JavaScript With As Little As 10kB Of RAM
Very talented open-source developer Fabrice Bellard who already is well known for his work on QEMU, the Tiny C Compiler, and FFmpeg, has another accomplishment: Micro QuickJS. The Micro QuickJS JavaScript engine can compile and run JavaScript programs with as little as 10 kB of RAM… ⌘ Read more
I’ve rebuilt ntfy with the web interface, though it took me an hour or so of JavaScript dependency hell and a certain library whose native interface doesn’t have support for NetBSD
On Linux:Step 1. Clone ntfy repository as usual
Step 2.
export NODE_ENV=productionStep 3.
make web-buildStep 4. Make a tarball with the generated assets and copy it over
Step 5. Repeat the above mentioned first step
Step 6. Unpack the assets into
server/Step 7. Build backend with
make cli-linux-serverStep 8. Done
↳
In-reply-to
»
Working on day 3 of the Advent of Code 2025: https://adventofcode.com/
⤋ Read More
@itsericwoodward@itsericwoodward.com So you’re found for Javascript eh? 🧐
↳
In-reply-to
»
One day I'll like to elaborate why I'm against the usage of Anubis (and its derivatives) for the rampant crawlers
⤋ Read More
@shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.
ProcessOne: Stop Telling Us XMPP Should Use JSON
We hear this too often: “XMPP uses XML. It should use JSON—it’s more modern.”
The logic seems straightforward: JSON came later, so it must be better. But better for what, exactly?
JSON became successful because it’s the standard serialization format for JavaScript. That made it convenient for browser-based applications.
Does that m … ⌘ Read more
eureka v2.7.0, javascript degeneracy | https://nilfm.cc/eureka.html
How to Identify Sensitive Data in JavaScript Files: (JS-Recon)
A complete guide to uncovering hidden secrets, API keys, and credentials inside JavaScript files
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/h … ⌘ Read more
@arne@uplegger.eu Yeah SSE + HTMX is basically all you need really. The whole complicated/complex JavaScript ecosystem is overkill.
A Beginner’s Guide to Finding Hidden API Endpoints in JavaScript Files
How to discover what others miss in plain sight
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-beginners-guide-to-finding-h … ⌘ Read more
** JavaScript Notebook **
Kartik recently reminded me of my own project playground that I do use from time to time, but that I’ve always been a little frustrated with.
That reminder paired with that frustration lead me to revisit something similar that I’d started a while ago, but hadn’t finished. Notebook is kinda my take on Jupyter Notebooks minus a ton of features and capabilities.
Here is … ⌘ Read more
I finally resolved my issues with hashing twts… with REGEX!
Dates in JavaScript are truly strange creatures.
Working on a project that does Augmented Reality and computer vision object detection and QR code and image recognition inside a Web application. Pretty neat what can be done today with a few thousand lines of JavaScript.
** Answering some questions about Baba Yaga **
My previous post found its way to Hacker News; I don’t have an account there, but a commenter asked a few questions that I thought I could answer in a follow up post.
Baba Yaga uses call-by-value evaluation, not call-by-need (aka“lazy”).
From the interpreter,
”`hljs javascript
function visitFunctionCall(node) {
const callee = visit(node.callee);
// Arguments ar … ⌘ Read more”`
go-nanoid:Go 短 ID 生成庫
“An amazing level of senseless perfectionism, which is simply impossible not to respect.“go-nanoid (github.com/matoous/go-nanoid) 是 JavaScript 知名庫 ai/nanoid (github.com/ai/nanoid) 的 Go 語言實現版本。原版 nanoi ⌘ Read more
go-nanoid:Go 短 ID 生成庫
“An amazing level of senseless perfectionism, which is simply impossible not to respect.“go-nanoid (github.com/matoous/go-nanoid) 是 JavaScript 知名庫 ai/nanoid (github.com/ai/nanoid) 的 Go 語言實現版本。原版 nanoi ⌘ Read more
Nginx 正式擁抱現代 JavaScript!
說起 Nginx,大多數人的印象的可能是:高性能、穩定、省資源、配置簡單。確實,這個用 C 語言寫出來的服務器工具,十幾年來一直在互聯網基礎設施中扮演着 “守門員” 的角色。但話說回來,Nginx 雖然快,但 “太靜態” 也是它的一個老問題。隨着前後端分離、邊緣計算、接口鑑權、灰度路由等需求變多,越來越多開發者發現,僅靠傳統的配置語法已經不夠用了。我們需要在轉發請求前 “想一想”、攔截一下、判斷一 ⌘ Read more
使用 Zig 開發 Nodejs 原生模塊
Node-API[1](前身爲 N-API)是 Nodejs 提供的用於構建原生插件的 API。它獨立於底層 JavaScript 運行時(例如 V8),並作爲 Node.js 自身的一部分進行維護。該 API 在不同版本的 Node.js 中具有穩定的應用二進制接口 (ABI)。其目的是使附加組件不受底層 JavaScript 引擎變化的影響,並允許爲一個主要版本編譯的模塊在以後的主要 Node ⌘ Read more
TypeScript 推出原生 Go 編譯器,速度提升 10 倍
微軟 TypeScript 宣佈推出 TypeScript Native 原生預覽版,使用原生語言 Go 重寫編譯器,替代原有 Node.js 版的編譯器,編譯速性能高達到了 10 倍以上。TypeScript 相當於 JavaScript 的超集,加入了靜態類型檢查,大大提高了代碼安全和可維護性,現在很多桌面應用都是用 TypeScript 開發的,包括 VScode。隨着很多項目都是雲原生、A ⌘ Read more
↳
In-reply-to
»
@kat I don’t like Golang much either, but I am not a programmer. This little site, Go by example might explain a thing or two.
⤋ Read More
One of the nicest things about Go is the language itself, comparing Go to other popular languages in terms of the complexity to learn to be proficient in:
- Go:
25keywords (Stack Overflow); CSP-style concurrency (goroutines & channels)
- Python 2:
30keywords (TutorialsPoint); GIL-bound threads & multiprocessing (Wikipedia)
- Python 3:
35keywords (Initial Commit); GIL-bound threads,asyncio& multiprocessing (Wikipedia, DEV Community)
- Java:
50keywords (Stack Overflow); threads +java.util.concurrent(Wikipedia)
- C++:
82keywords (Stack Overflow);std::thread, atomics & futures (en.cppreference.com)
- JavaScript:
38keywords (Stack Overflow); single-threaded event loop &async/await, Web Workers (Wikipedia)
- Ruby:
42keywords (Stack Overflow); GIL-bound threads (MRI), fibers & processes (Wikipedia)