#​757 — October 17, 2025

Read on the Web

JavaScript Weekly

Bun 1.3: The Full-Stack JavaScript Runtime — Arriving a few hours after last week’s issue (natch!) Bun 1.3 remains the big news of the past week. Bun is a performance and DX-focused JavaScriptCore-powered runtime which, with v1.3, balances being a drop-in Node.js replacement with becoming a ‘full-stack runtime’ among other exciting developments:

• Full‑stack dev server with hot reloading built into Bun.serve
  


• Improved GC with lower idle CPU and memory usage.


• Built-in MySQL and Redis clients (alongside Postgres and SQLite).


• The ability to bundle both frontend and backend apps into a single build.


• 
  Code signing for Windows and macOS executables you build.


• 
  Isolated pnpm-esque package installs are now the default.

The Bun Team

AI Agents? Meet External Tools — Launching an AI-powered app? Make sure your agent is securely connecting with all of your external tools and APIs. Learn more about how Auth0’s Token Vault can secure your logins and agents so your users aren’t left vulnerable and exposed.

Auth0 sponsor

Announcing Vite+ / VitePlus — Originally announced at last week's ViteConf, Evan shares more details about what this extended, unified Vite-based toolchain (now in ‘early access’) is, and the motivation behind it. Unlike regular Vite, it has a commercial angle but “will be free for individuals, open source projects, and small businesses” as well as “source available.”

Evan You

Node.js v25.0.0 (Current) Released — The latest cutting edge version of Node has arrived with Web Storage enabled by default, JSON.stringify perf improvements, a new --allow-net option in the permission model, built-in Uint8Array base64/hex conversion, and WebAssembly and JIT optimizations.

Rafael Gonzaga

IN BRIEF:

• 
  

  Cloudflare Sandboxes is a new service for running untrusted JavaScript (and Python) code in a safe container-based 'sandbox' environment.

  
  


• 
  

  The Remix project's Remix Jam event took place last week, and you can now ▶️ watch the full livestream. If you want to see the reveal and demo of Remix 3, jump to 03:24:30 in the video.

  
  


• 
  

  Why is typeof null === 'object'? Piotr Zarycki goes much deeper into the history than you might expect.

  
  


• 
  

  The Lit project is joining the OpenJS Foundation.

  
  

RELEASES:

• 
  

  React Native 0.82 – It's a 'new era' as React Native now runs entirely on the New Architecture.

  
  


• 
  

  Graffle 7.3 – GraphQL client library formerly known as graphql-request. v7.3 adds CommonJS support for compatibility with Jest and non-ESM systems.

  
  


• 
  

  Skeleton v4.0 – Adaptive design system powered by Tailwind CSS. See the homepage for a preview and more.

  
  

📖  Articles and Videos

Improving the Trustworthiness of JavaScript on the Web — A look at WAICT (Web Application Integrity, Consistency, and Transparency), an early-stage W3C-backed effort to bring stronger ‘app store-like’ security guarantees to the Web by ensuring the code a browser runs hasn’t been modified by attackers.

Michael Rosenberg (Cloudflare)

▶  Beyond Signals — A half-hour talk from the creator of SolidJS, exploring how signals (once pioneering, now mainstream) are shaping web development, their architectural implications, but why we’re only “at the beginning of the journey” and what comes next.

Ryan Carniato

Build Smarter Web Apps with AI-Powered JavaScript UI Controls — Build enterprise apps faster with 145+ AI-ready, high-performance JS components. Start your free trial today.

Syncfusion sponsor

Lazy Fields for 30x Speedup Without Decorators or Transforms — Some clever work from the creators of the Joist ORM.

Stephen Haberman (Joist)

🌿 A Quick Tutorial on the Barnsley Fern Fractal — The Barnsley fern is a fractal that represents a plant-like fern structure.

Slicker

💡 Slicker has other examples of implementing effects in (somewhat old school) JavaScript, including the Julia set fractal, plasma, and a fire effect.

📄 Find Where a Specific Object Was Allocated in JavaScript with DevTools – A slightly convoluted Chrome DevTools trick for tracking down where a specific object was allocated. Joona Heikkilä

📄 A Modern Guide to Reading and Writing Files in Node.js – A comprehensive guide to a variety of approaches. Luciano Mammino

📄 Refactoring a Form to a Signal Form in Angular Tim Deschryver

📄 How to Get Started with GitHub Copilot CLI Andrea Griffiths (GitHub)

🛠 Code & Tools

DOMPurify 3.3: A Fast, Tolerant XSS Sanitizer for HTML — Supports all modern browsers (as well as Node.js) and is heavily tested. There’s a live demo here.

Cure53

python-node: Integrate Python ASGI Apps with Node.js — Several months ago Platformatic unveiled php-node, a way to embed PHP directly within Node apps. Now they’re tackling Python with @platformatic/python-node, a Node-native bridge that embeds a Python interpreter and speaks ASGI.

Stephen Belanger and Matteo Collina

Tiger Lake: Real-Time Data for Dashboards, Agents & Analytics — Unify Postgres and your lakehouse for live, full-context data—no pipelines, no lag.

TigerData sponsor

jsonriver: A Simple, Fast Streaming JSON Parser — A library to parse JSON incrementally as it streams in, such as from a network request or an LLM, returning a sequence of ‘increasingly complete’ values.

Peter Burns (Google)

Kaluma 1.3: A Tiny JS Runtime for the Raspberry Pi Pico 2 — Can a JavaScript runtime squeeze onto an RP2350-based Raspberry Pi Pico 2? Kaluma can, all while offering some Node.js-like niceties. v1.3 is powered by the latest version of JerryScript, a lightweight JS engine for constrained environments.

Kaluma Project

Triplex: A Visual Workspace for Building React Components — Originally a commercial tool for laying out components in 3D scenes rendered with React Three Fiber, Triplex is now open source. Its scope has increased with a VS Code extension and support for regular React DOM elements and components too.

Mike Douges and Pmndrs

• 
  

  🗓️ Schedule-X 3.3 – Event calendar control. MIT licensed, but with a premium version with added features.

  
  


• 
  

  json-joy v17.55.0 – Real-time, collaborative editing algorithms and utilities for JSON data models.

  
  


• 
  

  Ky 1.12 – Simple HTTP client based upon Fetch for browsers, Node & Deno.

  
  


• 
  

  🗓️ React Date Picker 8.8 – Simple date picker component. (Demo.)

  
  


• 
  

  Faker 10.1 – Generate fabricated data to your heart's content.

  
  

📢  Elsewhere in the ecosystem

A roundup of some other interesting stories in the broader landscape:

• 
  

  The React team has shipped v1.0 of React Compiler, a tool for automating the optimization of React apps by way of auto-memoization applied based upon analysis of their code.

  
  


• 
  

  Sebastian Lague's ▶️ Simulating Smoke video presents a fascinating look at how you might model and code a fluid simulation to emulate the behavior of smoke. It's not in JavaScript but is mostly math anyway.

  
  


• 
  

  With this week's release of Firefox 144, all major browsers now support view transitions, a neat front-end feature.

  
  


• 
  

  PostgreSQL 18 was released recently and its new asynchronous I/O subsystem yields immediate performance benefits for certain workloads, as seen in these benchmarks of Postgres 17 vs Postgres 18 performed by PlanetScale.

  
  


• 
  

  Ever heard of HTML's <output> tag?

  
  


• 
  

  🐈 Cat cams! Nothing to do with programming, but meow.camera charmed me. You might need to switch cameras to actually find a cat. Not a fan of cats? Check out the Namib Desert for some bigger critters..

  
  

#​756 — October 10, 2025

Read on the Web

JavaScript Weekly

▶  Vite: The Documentary — From the same creators of the fantastic ▶️ Node.js, ▶️ Angular and ▶️ React documentaries comes an up to date look at Vite, the build tool that has taken the JavaScript ecosystem by storm in recent years. Many luminaries make an appearance to tell their stories, including Evan You, Rich Harris, and Ryan Carniato. (39 minutes.)

CultRepo

💡 In related news, Vite+ (VitePlus) has appeared, a future, more commercial offering of the Vite toolchain aimed at teams. More news on this next week.

Go from Monolith to Monorepo — Join Mike North for this course on architecting maintainable, fast and light codebases. You'll learn how to refactor a codebase into a TypeScript monorepo using tools like Nx and Lerna — covering dependencies, formatting, linting, performance and more.

Frontend Masters sponsor

Introducing the React Foundation — At React Conf 2025 this week, it was announced that control of React and React Native is to be moved from Meta to an independent foundation supported by the Linux Foundation and initially backed by corporate members including Amazon, Expo, Meta, and Microsoft.

Webster, Carroll, Savona and Alpert

📺 If you'd like to catch up with React Conf, you can now watch the ▶️ day one and ▶️ day two livestream recordings on YouTube.

IN BRIEF:

• 
  

  Ready for a bit of experimental fun? Here's an implementation of pipeline-style composition (using |) in pure JavaScript thanks to Symbol.toPrimitive and some rather clever code.

  
  


• 
  

  🕹️ The JS13KGames gamedev event recently ended and here are 2025's winners for you to play or dig through the code for.

  
  


• 
  

  ⚖️ Deno, currently embroiled in a fight with Oracle over the JavaScript trademark, has served Oracle the first request for documents.

  
  


• 
  

  🤖 Mastra, a fast-growing TypeScript-based AI framework initially created by members of the Gatsby team, has raised a $13m seed round.

  
  


• 
  

  Nicholas C. Zakas shares what's coming up in ESLint v10.0.

  
  

RELEASES:

• 
  

  Next.js 16 Beta – Turbopack support is now stable and the default bundler for Next.js apps, React 19.2 support is also baked in, React Compiler support is now stable, and more.

  
  


• 
  

  Playwright 1.56 – Microsoft's browser/Web automation library – now with ▶️ Playwright Agents.

  
  


• 
  

  ESLint v9.37.0, VS Code September 2025

  
  

📖  Articles and Videos

The Birth of Prettier — The author takes us back ten years to the genesis of Prettier, the popular opinionated, deterministic code formatter he co-created with James Long. Prettier effectively introduced and popularized the practice of fully-automated AST-based code formatting in the JavaScript ecosystem.

Christopher Chedeau (Vjeux)

15 Recent Node.js Features That Can Replace Popular npm Packages — Many features that once required third-party packages are now built into the runtime itself.

Lizz Parody

⚡ Supercharge Postgres: 2PB Scale & 1.5T Metrics/Day — TigerData makes Postgres the fastest database for modern workloads: 2PB scale, 1.5T metrics/day, no black boxes.

TigerData sponsor

How to Group Arrays Without reduce() — A look at using Object.groupBy() and Map.groupBy()

Matt Smith

The History of Core Web Vitals — Addy tells the story behind Core Web Vitals, a popular set of metrics for measuring Web performance and its impact on user experience.

Addy Osmani

📄 How to Add Fast, Client-Side Search to Astro Static Sites – JavaScript to the rescue! Ivan Chepurin

📄 Shipping Node.js Packages in 2025 – A dense and helpful slidedeck from a talk given at last week's NordicJS event. Joyee Cheung

📄 How to Animate WebGL Shaders with GSAP: Ripples, Reveals, and Dynamic Blur Effects Andrea Biason

📄 Vue Basics: State Management in Vue David Adeneye Abiodun

🛠 Code & Tools

Viz.js 3.20: Work with Graphviz in the Browser — Graphviz is a suite of open source graph drawing tools of over 30 years’ vintage. Viz.js is a WebAssembly Graphviz build that brings its functionality into the browser. GitHub repo.

Michael Daines

EmbedPDF: A PDF Viewer That Integrates with Any JavaScript Project — No dependencies, supports any framework, and has features like themes, annotations, redaction, search, smooth scrolling, and more – all available via a dev-friendly API. See the docs or try a live demo.

EmbedPDF

🎸 AI Agent Builder with All the Features, None of the Overhead — Shipping an agent-first web app? Use our template with all premium diagramming features and cut your dev time to days.

JOINTJS sponsor

The Coinbase Design System (CDS) React Components Library — The team behind Coinbase has open sourced its component library for React and React Native. There are lots of neat effects in the components, such as this ‘rolling number’ component.

Coinbase

Icebird: Read Apache Iceberg Tables in JavaScript — Iceberg is a high performance open-source format for large analytic tables.

Hyperparam

resolve-lexicon: Resolve AT Lexicons Over the Network — Lexicon is a schema definition language used in the AT Protocol world.

Dan Abramov

• 
  

  react-map-gl 8.1 – React friendly API wrapper around MapboxGL JS. (Demo.)

  
  


• 
  

  🔮 Tarot.js 1.0 – Library for creating and managing tarot cards and decks.

  
  


• 
  

  PlayCanvas glTF Viewer 5.6 – 3D model viewer supporting glTF 2.0 and PLY.

  
  


• 
  

  Vue-multiselect 3.4 – Select/multiselect/tagging component for Vue.

  
  


• 
  

  Reactylon 3.2 – Babylon.js-powered XR framework for React.

  
  


• 
  

  Marked 16.4 – Fast Markdown compiler / parser.

  
  


• 
  

  Pixi.js 8.14 – Fast, flexible 2D WebGL renderer.

  
  


• 
  

  Javet 5.0 – Embed Node.js and V8 into Java.

  
  

📢  Elsewhere in the ecosystem

A roundup of some other interesting stories in the broader landscape:

• 
  

  👍 The Firefox team has put together a way for you to give input on which Interop proposals matter the most to you (above). Go to the Interop Feature Ranking site (GitHub account required) and drag the web platform features that matter most for you to the top.

  
  


• 
  

  🔒 JavaScript security expert Liran Tal has put together a list of npm security best practices to consider adopting.

  
  


• 
  

  🖼️ Mirrow is an interesting way to create and animate SVGs using a custom CSS-esque DSL in an attempt to promote SVGs from merely being static assets to something you can manage in a more code-like way. Check out the Mirrow playground to experiment.

  
  


• 
  

  We've all heard of vibe coding but Simon Willison wonders if LLMs used properly to produce code that someone confidently stand behind could be considered 'vibe engineering'?

  
  


• 
  

  Talking of vibes, Heroku is taking a step into the world of AI-powered app building with Heroku Vibes.

  
  


• 
  

  Caden Parker presents a look at parallelizing cellular automata using WebGPU compute shaders.

  
  

#​755 — October 3, 2025

Read on the Web

JavaScript Weekly

The State of JavaScript 2025 Survey — Each year, Devographics runs an epic survey of as many JavaScript community members as it can and turns the results into an interesting report on the state of the ecosystem – here’s the results from 2024. If you have the time, fill it in, especially as they format it in a way where you can actually learn about stuff as you go.

Devographics

React 19.2 Released — The third release in a year for React, this time introducing new features like <Activity /> (a way to hide and restore the UI and internal state of its children), useEffectEvent, and improvements to Chrome DevTools' performance profiles so you can see more about React’s scheduling and the tree of components it’s working with. Oh, and how about partial pre-rendering?

The React Team

Don’t miss The AI Security Developers Challenge at DevSecCon on Oct 22, 2025 — Participate in the hands-on developer challenge workshop 💻at DevSecCon and get a chance to team up with industry experts from around the globe 🌎. Register for free and walk away with practical tips you can apply directly to your projects 🚀.

Snyk sponsor

IN BRIEF:

• 
  

  Monthly roundups aplenty from the Svelte project, team Astro, and Viteland!

  
  


• 
  

  It was recently discovered that Electron-based apps were causing system-wide lag on macOS 26/Tahoe due to changes in a private API. Electron 38.2, 37.6 and 36.9.2 fix the bug.

  
  


• 
  

  📺 The creators of popular documentaries ▶️ about Vue.js, ▶️ React, and ▶️ Node.js are about to release a new one about Vite. It lands next week; ▶️ here's a 1-minute teaser trailer.

  
  


• 
  

  The newly relaunched JSConf event returns to Maryland on October 14-16. Tickets are still available and they gave us a JSCONF25NEWSLETTER code which gives a discount. (Note: We have no financial relationship with the event.)

  
  


• 
  

  🤖 Google AI Studio has added the ability to generate Angular apps.

  
  


• 
  

  The release of Bun 1.3, expected yesterday, has been pushed back to next Monday.

  
  

RELEASES:

• 
  

  Anime.js 4.2 – Powerful JavaScript animation engine.

  
  


• 
  

  npm-check-updates 19.0 – Find newer versions of packages dependencies than your package.json allows.

  
  


• 
  

  pnpm 10.18, Oxlint 1.19, Bun 1.2.23, Deno 2.5.3

  
  

📖  Articles and Videos

How Deno Protects Against npm Exploits — The maintainers of the Deno runtime reflect on the recent npm ecosystem security issues and show off how Deno’s non-permissive explicit ‘secure by default’ model can help.

Andy Jiang

Cleaning House in Nx Monorepo: How I Removed 120 Unused Deps Safely — Another win (mostly) for Knip, a tool that helps you declutter projects by finding unused dependencies.

John James

Tests Are Dead. Meticulous Is Here — Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort.

Meticulous sponsor

You Can Now Make PS2 Games in JavaScript — Last week we mentioned running JavaScript in MS-DOS but you can take it to Sony’s Playstation 2 as well using a system built upon QuickJS.

JSLegendDev

How to Detect Safari and iOS Versions from JavaScript — Naturally, progressive enhancement is the best policy, but if you need to..

Evgeniy Valyaev

Mastering npx: A Cheatsheet for npm and Node Power Users — You’ve almost certainly used the npx command to easily run a command from an npm package (either local or remote) – it’s easy to use, but npx has a couple of other features and options to keep in mind.

Liran Tal

📄 Why Next.js Falls Short on Software Engineering Harshal Patil

📄 @ts-ignore is Almost Always the Worst Option – Prefer any and @ts-expect-error, says the author. Evan Hahn

📄 I Want to Intercept Boolean Coercion for Objects in JavaScript Zach Leatherman

🛠 Code & Tools

qjs: Run JavaScript in Go using QuickJS and Wazero — A new Cgo-free JavaScript runtime option for integrating JavaScript into apps written in Go. It uses a fork of QuickJS that’s compiled to WebAssembly and then run using Wazero.

Nguyen Ngoc Phuong and Contributors

💡 If you happen to be a Go developer, we have a sister newsletter for that!

Diagramming Library for the Enterprise? Use JointJS — Cut dev time 12x with JointJS, the most feature-rich diagramming library trusted by Fortune 100 companies.

JointJS sponsor

SpaceTime 7.11: A Lightweight Timezone Library — Use this to calculate times in other timezones. Has a Moment-like API but is immutable. No dependencies. GitHub repo.

Spencer Kelly

Jeasx: A Lightweight SSR Framework That Uses JSX — A server side rendering framework built on top of JSX and Fastify. It doesn’t use React, but if you want to keep using JSX while keeping your server side lightweight, it’s an option. The JSX functionality is provided by the author’s jsx-async-runtime package. v1.9 was just released.

Maik Jablonski

📊 Vue ECharts 8.0: Vue.js Component for Apache ECharts — Apache ECharts is a popular, powerful JavaScript charting library we’ve linked many times and this project makes it easier to use in Vue.js apps. v8.0 upgrades to ECharts 6.0. GitHub repo.

GU Yiling and ECOMFE

modern-tar: Zero-Dependency Streaming tar Parser and Writer — As in the classic tar archive format.

Ayuhito

• 
  

  🗓️ Color Calendar 2.0 – Add interactive events calendars to a page.

  
  


• 
  

  Skia Canvas 3.0 – GPU-powered 2D vector canvas graphics for Node.

  
  


• 
  

  CKEditor5 47.0 – Popular commercial rich text editor framework.

  
  


• 
  

  Verdaccio 6.2 – Lightweight local private npm registry.

  
  


• 
  

  BlockNote 0.40 – 'Notion-style' block-based editor.

  
  


• 
  

  NodeBB 4.6 – Node.js based forum system.

  
  

🕰  ICYMI (Some older stuff that may catch your eye...)

🛣️ Sean C Davis runs through strategies for managing routes in JavaScript projects — good, practical advice for establishing a consistent workflow and improve overall maintainability.

🦆 Remember Duck Hunt for the NES? Well, ▶️ here's a lengthy video looking at how to recreate it in TypeScript.

🛠️ Chizaram Ken runs through a handful of reasons why your Next.js app may be slow, along with some possible fixes.

😗  And a weird note to end on..

Have you ever wanted to program by whistling? Now you can. Velato is a JavaScript-inspired esoteric language designed to be written entirely by whistling and you can give it a go in your browser right now. I struggled with it, but you might have more luck (it doesn't seem to like Safari, for starters).

Velato was built by Daniel Temkin, the author of Forty-Four Esolangs, a new book, published by MIT Press, about an artist's take on creating esoteric programming languages.

#​754 — September 26, 2025

Read on the Web

JavaScript Weekly

Give Your AI Eyes: Introducing Chrome DevTools MCP — The Chrome team has released an MCP server for Chrome DevTools, enabling agents like Claude Code or OpenAI Codex to use the DevTools to debug and analyze the performance and behavior of your webapps (or even just to automate the use of Chrome generally). Addy does a great job of explaining the potential here.

Addy Osmani

AI Code Reviews Meet CLI Coding Agents — CodeRabbit CLI brings instant code reviews directly to your terminal, integrating with Claude Code, Cursor CLI, and other AI agents. While they generate code, CodeRabbit ensures it's production-ready - catching bugs, security issues, and hallucinations before they hit your codebase.

CodeRabbit sponsor

GitHub's Plan for a More Secure npm Supply Chain — In direct response to the recent npm ecosystem supply chain attacks of recent weeks, GitHub’s senior director of security research has outlined steps GitHub is taking, including blocking the upload of packages featuring the patterns of the recent malware, hardening package publication, and promoting the use of trusted publishing.

Xavier René-Corail (GitHub)

IN BRIEF:

• 
  

  Netscape Navigator 2.0 Beta was released 30 years ago – it was notable as the first browser to include JavaScript support.

  
  


• 
  

  The agenda of this week's TC39 meeting where several proposals were advanced, including Import Bytes, Iterator Chunking, and Array.prototype.pushAll.

  
  


• 
  

  The Chrome team expects Chrome/Chromium's support for the Temporal API to land in Chromium 144 (the current stable version is 140).

  
  


• 
  

  InfoQ shares an update on the features of Preact 11 beta, the recently released update to the popular lightweight React alternative.

  
  


• 
  

  The IEEE has released its list of the top programming languages of 2025 with JavaScript and TypeScript coming in at #6 and #7 respectively.

  
  

RELEASES:

• 
  

  pnpm 10.17 – The new minimumReleaseAgeExclude now supports patterns to exclude groups of packages from minimum release age checks.

  
  


• 
  

  Astro 5.14 - Boasts "a bumper harvest of features and DX improvements to warm the cockles of your heart."

  
  


• 
  

  Node.js v24.9.0 (Current) and v22.20.0 (LTS)

  
  


• 
  

  Nuxt UI 4.0, PostgreSQL 18.0, ESLint v9.36.0

  
  

📖  Articles and Videos

From Steam to Floppy: Porting Modern TypeScript to Run on DOS — The creator of a DOS-inspired programming game (available on Steam) wanted to try and get the game running on real DOS. Thanks to jSH, a JavaScript engine for DOS, it was kinda do-able.

Jimbly / Dashing Strike

NPM Security Best Practices — An extensive list of best practices, techniques, and ideas to consider for making your use of the npm packaging ecosystem and its tooling more secure.

Boda

Implementing Authentication and Session Management in Next.js — Learn how to integrate user sign-up, sign-in, and protected routes into your Next.js app with modern auth practices.

Clerk sponsor

JSON is Not JSON Across Languages — If you use JSON to communicate between systems built in different languages, beware. Different libraries with varying opinions can cause “some of the most soul-crushing debugging experiences in software development.”

Dochia CLI

📄 Stop Using .reverse().find(): Meet findLast() Matt Smith

📄 Storing Unwise Amounts of Data in JavaScript BigInts Jonathan Frere

🎤 Making Desktop Frameworks More Accessible with Electron – A 20 minute chat with a long-time Electron maintainer. The GitHub Podcast

📄 Create 'Sick' Web Animations in Three.js with GSAP – A very simple example. Michael Li

📄 How to Test the New ARIA Notify API with Cypress Mark Noonan

🛠 Code & Tools

🤖 GitHub Copilot CLI Now in Public Preview — Not content to let Claude Code and OpenAI Codex dominate the CLI-based dev agent scene, GitHub has released a CLI-based version of Copilot, built using Node.

GitHub

TanStack Start v1 Release Candidate — TanStack’s attempt at a full-stack TanStack Router-powered framework has reached a v1.0 release candidate that’s expected to be largely the same as its eventual 1.0 release. “It’s the next chapter in building type-safe, high-performance React apps without the heavy abstractions.”

Tanner Linsley

Roles Get Messy Fast. WorkOS RBAC Keeps Access in Check — Define roles, group permissions, and sync with SSO and SCIM. Manage access with clean APIs and a powerful dashboard.

WorkOS sponsor

Cap'n Web: A New RPC System for Browsers and Web Servers — A ‘spiritual sibling’ to Cap’n Proto, an RPC protocol created by one of the same authors. However, Cap’n Web’s underlying serialization is human-readable, focused on integrating well with JS runtimes, and works over HTTP, WebSocket, and postMessage() out-of-the-box.

Varda and Faulkner (Cloudflare)

eslint-plugin-react-you-might-not-need-an-effect — What a project name! It’s an ESLint plugin to help React developers catch unnecessary useEffects which are quite commonly overused.

Nick van Dyke

• 
  

  📊 Billboard.js 3.17.0 (above) – The popular charting library adds image label support for charts, label border styling, and dynamic control of label colors.

  
  


• 
  

  PythonMonkey 1.3 – Embed the SpiderMonkey JS engine into Python's VM. Now with Python 3.14 support.

  
  


• 
  

  pretty-bytes 7.1 – Convert a size in bytes into a human readable equivalent (e.g. 1337 becomes '1.34 kB').

  
  


• 
  

  Docusaurus 3.9 – The popular React + MDX-powered content/docs site generator.

  
  


• 
  

  Neo.mjs 10.9 – Multi-threaded framework for fast, desktop-like webapps.

  
  


• 
  

  eslint-plugin-vue 10.5 – Official ESLint plugin for Vue.js. (Homepage.)

  
  


• 
  

  VanJS 1.6 – The small but sweet reactive UI framework. (Homepage.)

  
  


• 
  

  Milkdown 7.16 – Plugin-driven WYSIWYG Markdown editor framework.

  
  

🧐 Learning web development with Dr. Axel

Over the past couple of months the esteemed Dr. Axel Rauschmayer has been working on a valuable series of beginner-friendly posts on a range of web development topics, with a heavy focus on JavaScript. He pitches the series as a way to teach people "who have never programmed how to create web apps with JavaScript".

These are all excellent primers/refreshers, and ideal for sharing with those early in their web development journey. Here are some of the highlights so far:

• Working with numbers, variables, and functions, and strings and methods.
  


• 
  Booleans, comparisons and if statements and loops.
  


• Digging into plain objects, Arrays, Maps, and exceptions.
  


• An introduction to frontend frameworks using Preact.


• Installing npm packages and bundling.


• Promises and async functions.

P.S. Don't go JSON waterfalls..