Skip to content
The Nexus
DossierENTITY

JavaScript

Coverage of JavaScript in the Nexus archive.

Earliest in view: Apr 10 · 18:39 UTCMost recent: Jul 5 · 21:32 UTC
Co-mentioned in this coverage
Recent coverage
  • TECHNOLOGYJul 5 · 21:32 UTCHACKER NEWS
    Show HN: Homegames. An open-source game platform I've been making for 8 years

    Homegames is an open-source game platform developed over 8 years, featuring JavaScript-based games with accessible source code and an in-browser editor for creating and publishing games. The project's code is hosted on GitHub, and the creator seeks feedback on games, studio features, and the platform.

  • TECHNOLOGYJun 14 · 12:38 UTCHACKER NEWS
    The Birth and Death of JavaScript (2014)

    The article titled 'The Birth and Death of JavaScript (2014)' discusses the origins and challenges of JavaScript. It references a talk available on Destroy All Software's website and includes Hacker News comments and engagement metrics.

  • SECURITYJun 10 · 05:08 UTCTHE HACKER NEWS
    Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

    Cybersecurity researchers identified six vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers, which could allow remote code execution (RCE) and denial-of-service (DoS) attacks in Node.js applications through malicious schemas or payloads.

  • TECHNOLOGYJun 7 · 07:35 UTCHACKER NEWS
    Show HN: Kyushu – A self-hostable WASM sandbox for JavaScript workers

    Kyushu is a self-hostable WebAssembly (WASM) sandbox designed for JavaScript workers, showcased on Hacker News. The project provides a secure execution environment for running JavaScript code in isolated environments.

  • TECHNOLOGYJun 2 · 15:48 UTCTHE VERGE
    Ableton is letting musicians build browser-style extensions for Live

    Ableton introduces an Extensions SDK that allows users to build features for Live using JavaScript, expanding beyond its existing Max for Live tool which focuses on MIDI and audio processing. The new system enables modifications to nearly any part of the DAW via right-clicking, with example extensions for tasks like bulk track renaming, song arrangement sketching, and sample slicing.

  • SECURITYJun 1 · 09:30 UTCWIRED
    Websites Can Now Spy on You Through Your Hard Drive

    Websites can now track SSD activity through browsers using the FROST technique, which employs JavaScript to measure telltale drive behavior.

  • SECURITYMay 23 · 16:07 UTCTHE HACKER NEWS
    Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

    A coordinated supply chain attack has compromised eight packages on Packagist, injecting malicious code that executes a Linux binary hosted on GitHub Releases. The attack targeted JavaScript projects by inserting malicious content into package.json, bypassing composer.json in Composer packages.

  • TECHNOLOGYMay 22 · 11:23 UTCHACKER NEWS
    Deno 2.8

    Deno released version 2.8, a JavaScript and TypeScript runtime. The release announcement was posted on the official Deno blog with minimal initial engagement on Hacker News.

  • SECURITYMay 21 · 18:13 UTCBLEEPING COMPUTER
    Google accidentally exposed details of unfixed Chromium flaw

    Google accidentally disclosed details about an unfixed security vulnerability in Chromium that allows JavaScript to execute in the background after the browser is closed, enabling remote code execution on affected devices. The leaked information about this critical flaw poses a significant security risk to users until a patch is developed and released.

  • TECHNOLOGYMay 15 · 12:54 UTCR/SOLANA
    Anza - Solana Kit 6.9 Is Out

    Anza has released Solana Kit 6.9, which adds support for fixed-point numbers and a first-class Sol type, enabling exact decimal and binary math in JavaScript. This release also includes updates such as Agave v3.x vote-account and simulateTransaction fields. The kit is available at solanakit.com.

  • SECURITYMay 7 · 04:15 UTCTHE HACKER NEWS
    vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

    A dozen critical security vulnerabilities have been found in the vm2 Node.js library, which could allow bad actors to escape the sandbox and execute arbitrary code on susceptible systems. The vm2 library is used to run untrusted JavaScript code inside a secure sandbox. This vulnerability puts systems using the library at risk of arbitrary code execution.

  • TECHNOLOGYMay 7 · 00:47 UTCHACKER NEWS
    How I made $350K from an open-source JavaScript library using dual licensing

    The article discusses how an individual made $350K from an open-source JavaScript library using dual licensing, a strategy that allows for both free and paid usage of the software. The library was shared on platforms like GitHub, allowing for widespread adoption and revenue generation. This approach highlights the potential for monetizing open-source projects.

  • TECHNOLOGYApr 24 · 14:31 UTCHACKER NEWS
    Show HN: Browser Harness – Gives LLM freedom to complete any browser task

    Browser Harness is a new tool that grants LLMs maximum freedom to perform browser tasks by removing restrictive frameworks. It uses Chrome's CDP websocket with self-correction and dynamic tool creation, enabling LLMs to handle edge cases like file downloads and cross-origin iframes autonomously. Examples include playing Stockfish, setting Tetris records, and generating JavaScript to draw a heart.

  • TECHNOLOGYApr 10 · 18:39 UTCHACKER NEWS
    Show HN: FluidCAD – Parametric CAD with JavaScript

    FluidCAD is a parametric CAD tool developed using JavaScript, designed to streamline 3D modeling with features like live rendering, interactive modes, and implicit coding. The project, still in early development, aims to reduce mental effort for CAD designers while maintaining familiar workflows.