Codepolice -

A significant supply chain attack on the npm ecosystem

#592 — September 9, 2025 Read on the Web A Major Supply Chain Attack Hits the npm Ecosystem — In July, Socket warned us about a phishing campaign targeting npm package publishers. Sadly, a prolific package author (among others, like DuckDB, who explain how the attack worked on them) fell victim to the scam, resulting

Why browsers throttle JavaScript timers (and what to do about it)

#751 — September 5, 2025 Read on the Web JavaScript Weekly Mediabunny: A Complete Media Toolkit for JavaScript — Supporting both browsers and Node.js, this library lets you read, write and convert popular media file formats (e.g. MP4, MP3, and more) without needing to lean on dependencies like FFmpeg. You can make thumbnails, extract metadata,

The latest on Oracle’s hold on JavaScript

#750 — August 29, 2025 Read on the Web JavaScript Weekly An Illustrated Guide to Big O and Time Complexity — A fantastic JavaScript-oriented, interactive, visual essay about Big O notation and its role in describing algorithmic complexity. This is a beautiful bit of work, even if you’re already wise to O(log n) and O(n^2).

The productivity benefits from type stripping

#591 — August 26, 2025 Read on the Web How We Migrated Our Rush.js Monorepo to Node Type Stripping — Since v23.6 (and in LTS since v22.18.0), Node has supported running (most) TypeScript code by stripping the types out first. The Calm team was excited about the potential for improving productivity and DX, and set

We still love jQuery

#749 — August 22, 2025 Read on the Web ☀️ We’re back after a week off, though I’m starting to think we should have taken two weeks off as it’s been quite quiet in JavaScript-land this August! Nevertheless, we still have a full issue for you today, so let’s get on to it.. 😉__Peter Cooper, your

Express support coming to Cloudflare Workers?

#590 — August 19, 2025 Read on the Web ☀️ I’m back from a week’s vacation to find that the biggest Node story on social media is something we featured two weeks ago, namely that Node.js v22.18.0 (LTS) can now run TypeScript (sort of! – it uses type stripping) without a flag 😅 Nonetheless, we

How JavaScript really evolves, the inside story

#748 — August 8, 2025 Read on the Web ☀️ We’re taking next week off, so this will be the last issue until Friday, August 22. Just a little summer vacation.__Peter Cooper, your editor JavaScript Weekly Apache ECharts 6.0: The Powerful Data Visualization Library — 12 years on from its first release, ECharts takes another

How JSON.stringify is about to get much faster

#589 — August 5, 2025 Read on the Web ☀️ We’re taking next week off, so this will be the last issue until Tuesday, August 19. Just a little summer vacation.__Peter Cooper, your editor How V8 is Making JSON.stringify More Than Twice as Fast — The V8 team has made JSON.stringify over twice as fast,

Jumbo-sized JavaScript for issue 747

✈️ #747 — August 1, 2025 Read on the Web JavaScript Weekly Observable Notebooks 2.0 Technology Preview — The Observable Framework and the new Notebook Kit are just two parts of a rich ecosystem of reactive JavaScript ‘notebook’-style tools for creating data visualizations (example) and dashboards, originally created by Mike Bostock. This v2 release previews a

An epic rundown of JavaScript engines and runtimes

#588 — July 29, 2025 Read on the Web The Many, Many, Many JavaScript Runtimes of the Last Decade — A meaty article (which took a year to put together) covering the myriad of JavaScript runtimes and engines both past and present, from obvious picks like Node.js to cloud platforms and lesser known ‘honorable mentions’.