The Node.js Ecosystem Is Chaotic and Insecure
The Node.js Ecosystem Is Chaotic and Insecure – Casper Beyer – Medium
It seems like only yesterday we had the “left-pad” fiasco where Azer Koçulu ended up pulling his packages after a name dispute.
The danger from that wasn’t really that the code was deleted, that only breaks the build and anyone worth one’s salt would catch that during the build process before deploying it live on the web.
The danger was that it was a small redundant package that no one would ever actually bother to audit before deploying, so anyone could have jumped in and published a package with the same functionality but also stick some malicious code into it and get a free ride to get deployed essentially anywhere that ran JavaScript.
... read the whole story at medium.com.Node by Numbers 2017 — NodeSource
Node by Numbers 2017
117
100+
1
179
details
Share on
Facebook,
Twitter or
Google+
presents
For the third year in a row, we’ve analyzed a large set of adoption, growth, and success metrics for the Node.js project. The annual numbers tell the story of continued evolution of the Node.js project.
By all measures, 2016 was a fantastic year for Node.js - and 2017 was even better. Metrics across the board show growth and expansion of the platform.
Download PDF View 2016 ReportDownloads by Version
Download ChartDownloads by OS
Download ChartDownloads Per Month 2014-2017
Download ChartTotal Recorded Downloads
Total Amount Downloaded
Using Source Maps to Debug Errors
Using JavaScript source maps to debug errors
Some of the most common questions we get here at Rollbar deal with source maps:
- What are source maps and what do they do?
- How can you enable source mapping?
- Why aren't your source maps working properly?
Let's explore Javascript source maps together, starting with the basics.
As web developers, we have two major goals. First, we want a highly performant website. Second, we want that website to be easy to debug and maintain. Unfortunately, these goals are often at odds with one other. If we minimize our JavaScript, we can achieve some of these goals. Minimizing JavaScript reduces the download size, and the smaller the payload for our website users, the better. If we combine our JavaScript files, we can also reduce the number of http requests.
... read the whole story at rollbar.com."The `font-display` property defines how font files are loaded and displayed by the browser"
font-display
The font-display
property defines how font files are loaded and displayed by the browser. It is applied to the @font-face
rule which defines custom fonts in a stylesheet.
@font-face { font-family: 'MyWebFont'; /* Define the custom font name */ src: url('myfont.woff2') format('woff2'), url('myfont.woff') format('woff'); /* Define where the font can be downlaoded */ font-display: fallback; /* Define how the browser behaves during download */ }
The font-display
property accepts five values:
auto
(default): Allows the browser to use its default method for loading, which is most often similar to the
New Web Features in Safari 10.1
New Web Features in Safari 10.1
A new version of Safari shipped with the release of iOS 10.3 and macOS Sierra 10.12.4. Safari on iOS 10.3 and Safari 10.1 on macOS adds many important web features and improvements from WebKit that we are incredibly excited about.
While this release makes the web platform more capable and powerful, it also makes web development easier, simplifying the ongoing maintenance of your code. We’re excited to see how web developers will translate these improvements into better experiences for users.
Read on for quick look at the features included in this release:
FetchFetch is a modern replacement for XMLHttpRequest
Safari finally supports the "download" attribute! Example:
HTML5 download Attribute
I tend to get caught up on the JavaScript side of the HTML5 revolution, and can you blame me? HTML5 gaves us awesome "big" stuff like WebSockets, Web Workers, History, Storage and little helpers like the Element classList collection. There are, however, smaller features in HTML5 that we can appreciate; one of those would be the new download
attribute. The download
attribute allows you to set a separate file download name than the actual link endpoint itself.
Place the download
attribute on a link...
<!-- will download as "expenses.pdf" --> <a href="/files/adlafjlxjewfasd89asd8f.pdf" download="expenses.pdf">Download Your Expense Report</a>... read the whole story at davidwalsh.name.
Collection of HTML and CSS loader animation. Demo and download code (*zip).
Preloader With Anime.js (demo image)Preloader With Anime.js
HTML/CSS preloader with Anime.js.
Made by Kevin Konrad
February 25, 2017
See the Pen Preloader with Anime.js by Kevin Konrad (@kkhenriquez) on CodePen.
Jelly Box
Pure CSS jelly box loader.
Made by Fabrizio Bianchi
February 6, 2017
See the Pen Loader #6 - Jelly Box by Fabrizio Bianchi (@fbrz) on CodePen.
Spring Loader
HTML and CSS spring loader.
... read the whole story at freefrontend.com.State of Responsive Images 2017
State of Responsive Images 2017
26
100+
6
1
12
details
Share on
Facebook,
Twitter or
Google+
Tomorrow I’m speaking at ImageCon. It’s been over a year since I last gave my talk. As I dusted off my presentation and updated it, it seemed like a good time to assess the state of the responsive images.
To start with, we should acknowledge that we’re in fantastic shape compared to where we were in 2010 when I first wrote about responsive images.
The new responsive images standards are available in all current browsers with the exception of Opera Mini. And if your fallback image is optimized for small screens—which it should be—Opera Mini’s lack of support isn’t a problem.
I still get questions from designers and developers who find different behavior from browser to browser. Some of this is by design. We want
... read the whole story at cloudfour.com.