ICYMI there's a vulnerability in React Server Components that allows one to achieve unauthenticated RCE via exploitation of React's http request payload deserialization. Actively being exploited in the wild. #javascipt #reactjs #react2shell

https://react2shell.com/

After the 3, yes, THREE! Dependency attacks using #npm,

1: please lock your version and run tools to figure out if you have vulnerabilities in you dependencies.

2: Maybe integrating the most used functionality in the language is a good thing instead of relying on a million deps like in #javascipt or #python.

Mastodon,
Algún experto de JavaScript en la sala que esté de bien en ayudarme con un tema de peticiones y promesas?

#javascipt #help

https://jsdate.wtf

#javascipt

So I'm working on this "little" project where I'm backing up YouTube videos that I'd miss if the internet were to implode (currently sitting at over 800 videos), and part of this is me going through and typing in the titles of the videos (because I didn't think ahead and store that info when made the script to download them), and by golly are there a lot of grammatical errors in some of these titles.

Also here's a lil peek of what it looks like so far...

#datahoarding #html #css #javascipt

#rust has tought me to rethink whatever idea I've got.
One of the lessons I learned is that #rust should be used wherever/whenever _needed_.
I'm starting to see where I really need #rust in my further work
- WebSocket farms (to be elaborated further)
- #tauri native apps

In the meantime, I'm continuing my research using a more lightweight language.
Instead of the (pretty) well known #javascipt, I'm choosing #typescript. The time is right.

Is #ReScript the future of #javascipt? A typed subset of JavaScript.

#Typescript is great but not all love it.

From the docs: "ReScript is the language for folks who don't necessarily love JavaScript, but who still acknowledge its importance."

https://rescript-lang.org