Analysis of an Exploited NPM Package

Node’s npm carries over 210,000 packages from over 60,000 contributors. This wealth of open source functionality is awesome, but it also carries risk. You’re running a stranger’s code inside your applications. Do you know which packages you’re running? Do you know if their authors understand or care about security? Do you know if they have vulnerabilities?

Announcing React Native 0.60

After months of hard work from hundreds of contributors, the React Native Core team is proud to announce the release of version 0.60. This release handles significant migrations for both Android and iOS platforms, and many issues are resolved too. This blog post covers the highlights of the release. As always though, refer to the changelog for more detailed information. Finally, thank you contributors for helping us to make this milestone!

12 Tips for Improving JavaScript Performance

One of the most important aspects when creating a webpage or an app, is performance. Nobody wants an app that crashes or a webpage that doesn’t load, and the waiting time of the users is not very long. According to Kissmetrics, 47% of visitors expect a website to load in less than 2 seconds, and 40 percent of visitors will leave the website if the loading process takes more than 3 seconds.

Babel 7.5.0 Released

This release includes improved support for a few ECMAScript proposals: the F# variant of the Stage 1 pipeline operator and an official plugin for the Stage 4 dynamic import() proposal (along with preset-env support). It also has support for TypeScript namespaces (experimental) and for Browserslist’s default query in preset-env.