QR Code
OWT Web Services       http://owtweb.com
[Skip to Content]

Industry News

10/16/2025
A Bun-believable release that isn't half-baked





















#​757 — October 17, 2025

Read on the Web




JavaScript Weekly








Bun 1.3: The Full-Stack JavaScript Runtime — Arriving a few hours after last week’s issue (natch!) Bun 1.3 remains the big news of the past week. Bun is a performance and DX-focused JavaScriptCore-powered runtime which, with v1.3, balances being a drop-in Node.js replacement with becoming a ‘full-stack runtime’ among other exciting developments:



It also wouldn't be a big Bun release without ▶️ the obligatory release video.

The Bun Team






AI Agents? Meet External Tools — Launching an AI-powered app? Make sure your agent is securely connecting with all of your external tools and APIs. Learn more about how Auth0’s Token Vault can secure your logins and agents so your users aren’t left vulnerable and exposed.


Auth0 sponsor






Announcing Vite+ / VitePlus — Originally announced at last week's ViteConf, Evan shares more details about what this extended, unified Vite-based toolchain (now in ‘early access’) is, and the motivation behind it. Unlike regular Vite, it has a commercial angle but “will be free for individuals, open source projects, and small businesses” as well as “source available.”


Evan You






Node.js v25.0.0 (Current) Released — The latest cutting edge version of Node has arrived with Web Storage enabled by default, JSON.stringify perf improvements, a new --allow-net option in the permission model, built-in Uint8Array base64/hex conversion, and WebAssembly and JIT optimizations.


Rafael Gonzaga




IN BRIEF:





RELEASES:




📖  Articles and Videos





Improving the Trustworthiness of JavaScript on the Web — A look at WAICT (Web Application Integrity, Consistency, and Transparency), an early-stage W3C-backed effort to bring stronger ‘app store-like’ security guarantees to the Web by ensuring the code a browser runs hasn’t been modified by attackers.


Michael Rosenberg (Cloudflare)






▶  Beyond Signals — A half-hour talk from the creator of SolidJS, exploring how signals (once pioneering, now mainstream) are shaping web development, their architectural implications, but why we’re only “at the beginning of the journey” and what comes next.


Ryan Carniato






Build Smarter Web Apps with AI-Powered JavaScript UI Controls — Build enterprise apps faster with 145+ AI-ready, high-performance JS components. Start your free trial today.


Syncfusion sponsor






Lazy Fields for 30x Speedup Without Decorators or Transforms — Some clever work from the creators of the Joist ORM.


Stephen Haberman (Joist)






🌿 A Quick Tutorial on the Barnsley Fern Fractal — The Barnsley fern is a fractal that represents a plant-like fern structure.


Slicker




💡 Slicker has other examples of implementing effects in (somewhat old school) JavaScript, including the Julia set fractal, plasma, and a fire effect.



📄 Find Where a Specific Object Was Allocated in JavaScript with DevTools – A slightly convoluted Chrome DevTools trick for tracking down where a specific object was allocated. Joona Heikkilä


📄 A Modern Guide to Reading and Writing Files in Node.js – A comprehensive guide to a variety of approaches. Luciano Mammino


📄 Refactoring a Form to a Signal Form in Angular Tim Deschryver


📄 How to Get Started with GitHub Copilot CLI Andrea Griffiths (GitHub)



🛠 Code & Tools





DOMPurify 3.3: A Fast, Tolerant XSS Sanitizer for HTML — Supports all modern browsers (as well as Node.js) and is heavily tested. There’s a live demo here.


Cure53






python-node: Integrate Python ASGI Apps with Node.js — Several months ago Platformatic unveiled php-node, a way to embed PHP directly within Node apps. Now they’re tackling Python with @platformatic/python-node, a Node-native bridge that embeds a Python interpreter and speaks ASGI.


Stephen Belanger and Matteo Collina






Tiger Lake: Real-Time Data for Dashboards, Agents & Analytics — Unify Postgres and your lakehouse for live, full-context data—no pipelines, no lag.


TigerData sponsor






jsonriver: A Simple, Fast Streaming JSON Parser — A library to parse JSON incrementally as it streams in, such as from a network request or an LLM, returning a sequence of ‘increasingly complete’ values.


Peter Burns (Google)






Kaluma 1.3: A Tiny JS Runtime for the Raspberry Pi Pico 2 — Can a JavaScript runtime squeeze onto an RP2350-based Raspberry Pi Pico 2? Kaluma can, all while offering some Node.js-like niceties. v1.3 is powered by the latest version of JerryScript, a lightweight JS engine for constrained environments.


Kaluma Project






Triplex: A Visual Workspace for Building React Components — Originally a commercial tool for laying out components in 3D scenes rendered with React Three Fiber, Triplex is now open source. Its scope has increased with a VS Code extension and support for regular React DOM elements and components too.


Mike Douges and Pmndrs






  • 🗓️ Schedule-X 3.3 – Event calendar control. MIT licensed, but with a premium version with added features.




  • json-joy v17.55.0 – Real-time, collaborative editing algorithms and utilities for JSON data models.




  • Ky 1.12 – Simple HTTP client based upon Fetch for browsers, Node & Deno.




  • 🗓️ React Date Picker 8.8 – Simple date picker component. (Demo.)




  • Faker 10.1 – Generate fabricated data to your heart's content.









📰 Classifieds




Meticulous writes and maintains your E2E UI tests. Built on Chromium with a deterministic engine, it’s the only testing tool that eliminates flakes.



🚀 Unlock 2× Team Efficiency in Just 30 Days. JS Weekly readers: Claim your free Audit by Fractional CTO and resolve your toughest SaaS issues—fast.



🕳️ 🥊 Hiring Now: Build P2P apps for mobile & desktop. Ditch servers, empower users, protect privacy. Open source. Remote EU.






📢  Elsewhere in the ecosystem



A roundup of some other interesting stories in the broader landscape:











10/09/2025
Vite gets its own documentary





















#​756 — October 10, 2025

Read on the Web




JavaScript Weekly








▶  Vite: The Documentary — From the same creators of the fantastic ▶️ Node.js, ▶️ Angular and ▶️ React documentaries comes an up to date look at Vite, the build tool that has taken the JavaScript ecosystem by storm in recent years. Many luminaries make an appearance to tell their stories, including Evan You, Rich Harris, and Ryan Carniato. (39 minutes.)


CultRepo




💡 In related news, Vite+ (VitePlus) has appeared, a future, more commercial offering of the Vite toolchain aimed at teams. More news on this next week.





Go from Monolith to Monorepo — Join Mike North for this course on architecting maintainable, fast and light codebases. You'll learn how to refactor a codebase into a TypeScript monorepo using tools like Nx and Lerna — covering dependencies, formatting, linting, performance and more.


Frontend Masters sponsor






Introducing the React Foundation — At React Conf 2025 this week, it was announced that control of React and React Native is to be moved from Meta to an independent foundation supported by the Linux Foundation and initially backed by corporate members including Amazon, Expo, Meta, and Microsoft.


Webster, Carroll, Savona and Alpert




📺 If you'd like to catch up with React Conf, you can now watch the ▶️ day one and ▶️ day two livestream recordings on YouTube.



IN BRIEF:



RELEASES:




📖  Articles and Videos








The Birth of Prettier — The author takes us back ten years to the genesis of Prettier, the popular opinionated, deterministic code formatter he co-created with James Long. Prettier effectively introduced and popularized the practice of fully-automated AST-based code formatting in the JavaScript ecosystem.


Christopher Chedeau (Vjeux)






15 Recent Node.js Features That Can Replace Popular npm Packages — Many features that once required third-party packages are now built into the runtime itself.


Lizz Parody






⚡ Supercharge Postgres: 2PB Scale & 1.5T Metrics/Day — TigerData makes Postgres the fastest database for modern workloads: 2PB scale, 1.5T metrics/day, no black boxes.


TigerData sponsor






How to Group Arrays Without reduce() — A look at using Object.groupBy() and Map.groupBy()


Matt Smith






The History of Core Web Vitals — Addy tells the story behind Core Web Vitals, a popular set of metrics for measuring Web performance and its impact on user experience.


Addy Osmani




📄 How to Add Fast, Client-Side Search to Astro Static Sites – JavaScript to the rescue! Ivan Chepurin


📄 Shipping Node.js Packages in 2025 – A dense and helpful slidedeck from a talk given at last week's NordicJS event. Joyee Cheung


📄 How to Animate WebGL Shaders with GSAP: Ripples, Reveals, and Dynamic Blur Effects Andrea Biason


📄 Vue Basics: State Management in Vue David Adeneye Abiodun



🛠 Code & Tools








Viz.js 3.20: Work with Graphviz in the BrowserGraphviz is a suite of open source graph drawing tools of over 30 years’ vintage. Viz.js is a WebAssembly Graphviz build that brings its functionality into the browser. GitHub repo.


Michael Daines






EmbedPDF: A PDF Viewer That Integrates with Any JavaScript Project — No dependencies, supports any framework, and has features like themes, annotations, redaction, search, smooth scrolling, and more – all available via a dev-friendly API. See the docs or try a live demo.


EmbedPDF






🎸 AI Agent Builder with All the Features, None of the Overhead — Shipping an agent-first web app? Use our template with all premium diagramming features and cut your dev time to days.


JOINTJS sponsor






The Coinbase Design System (CDS) React Components Library — The team behind Coinbase has open sourced its component library for React and React Native. There are lots of neat effects in the components, such as this ‘rolling number’ component.


Coinbase






Icebird: Read Apache Iceberg Tables in JavaScriptIceberg is a high performance open-source format for large analytic tables.


Hyperparam






resolve-lexicon: Resolve AT Lexicons Over the NetworkLexicon is a schema definition language used in the AT Protocol world.


Dan Abramov










📰 Classifieds




HIRING NOW🕳️ 🥊: At Holepunch we maintain 2000+ OSS npm packages, make the JS runtime Bare to build the P2P Internet. Real tech, Real impact. Join us!



Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort. Relied on by Notion, Dropbox, Wiz, Lattice, etc.






📢  Elsewhere in the ecosystem



A roundup of some other interesting stories in the broader landscape:
















10/02/2025
React 19.2 is in the building





















#​755 — October 3, 2025

Read on the Web




JavaScript Weekly








The State of JavaScript 2025 Survey — Each year, Devographics runs an epic survey of as many JavaScript community members as it can and turns the results into an interesting report on the state of the ecosystem – here’s the results from 2024. If you have the time, fill it in, especially as they format it in a way where you can actually learn about stuff as you go.


Devographics






React 19.2 Released — The third release in a year for React, this time introducing new features like <Activity /> (a way to hide and restore the UI and internal state of its children), useEffectEvent, and improvements to Chrome DevTools' performance profiles so you can see more about React’s scheduling and the tree of components it’s working with. Oh, and how about partial pre-rendering?


The React Team






Don’t miss The AI Security Developers Challenge at DevSecCon on Oct 22, 2025 — Participate in the hands-on developer challenge workshop 💻at DevSecCon and get a chance to team up with industry experts from around the globe 🌎. Register for free and walk away with practical tips you can apply directly to your projects 🚀.


Snyk sponsor




IN BRIEF:



RELEASES:




📖  Articles and Videos








How Deno Protects Against npm Exploits — The maintainers of the Deno runtime reflect on the recent npm ecosystem security issues and show off how Deno’s non-permissive explicit ‘secure by default’ model can help.


Andy Jiang






Cleaning House in Nx Monorepo: How I Removed 120 Unused Deps Safely — Another win (mostly) for Knip, a tool that helps you declutter projects by finding unused dependencies.


John James






Tests Are Dead. Meticulous Is Here — Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort.


Meticulous sponsor






You Can Now Make PS2 Games in JavaScript — Last week we mentioned running JavaScript in MS-DOS but you can take it to Sony’s Playstation 2 as well using a system built upon QuickJS.


JSLegendDev






How to Detect Safari and iOS Versions from JavaScript — Naturally, progressive enhancement is the best policy, but if you need to..


Evgeniy Valyaev






Mastering npx: A Cheatsheet for npm and Node Power Users — You’ve almost certainly used the npx command to easily run a command from an npm package (either local or remote) – it’s easy to use, but npx has a couple of other features and options to keep in mind.


Liran Tal




📄 Why Next.js Falls Short on Software Engineering Harshal Patil


📄 @ts-ignore is Almost Always the Worst Option – Prefer any and @ts-expect-error, says the author. Evan Hahn


📄 I Want to Intercept Boolean Coercion for Objects in JavaScript Zach Leatherman



🛠 Code & Tools





qjs: Run JavaScript in Go using QuickJS and Wazero — A new Cgo-free JavaScript runtime option for integrating JavaScript into apps written in Go. It uses a fork of QuickJS that’s compiled to WebAssembly and then run using Wazero.


Nguyen Ngoc Phuong and Contributors




💡 If you happen to be a Go developer, we have a sister newsletter for that!





Diagramming Library for the Enterprise? Use JointJS — Cut dev time 12x with JointJS, the most feature-rich diagramming library trusted by Fortune 100 companies.


JointJS sponsor






SpaceTime 7.11: A Lightweight Timezone Library — Use this to calculate times in other timezones. Has a Moment-like API but is immutable. No dependencies. GitHub repo.


Spencer Kelly






Jeasx: A Lightweight SSR Framework That Uses JSX — A server side rendering framework built on top of JSX and Fastify. It doesn’t use React, but if you want to keep using JSX while keeping your server side lightweight, it’s an option. The JSX functionality is provided by the author’s jsx-async-runtime package. v1.9 was just released.


Maik Jablonski






📊 Vue ECharts 8.0: Vue.js Component for Apache EChartsApache ECharts is a popular, powerful JavaScript charting library we’ve linked many times and this project makes it easier to use in Vue.js apps. v8.0 upgrades to ECharts 6.0. GitHub repo.


GU Yiling and ECOMFE






modern-tar: Zero-Dependency Streaming tar Parser and Writer — As in the classic tar archive format.


Ayuhito










📰 Classifieds




🚀 FastCI: How to double the speed of your Continuous Integration with a 2-minute setup.



At Holepunch we maintain 2000+ OSS npm packages, make the JS runtime Bare to build the P2P Internet. Real tech, Real impact. Join us!







🕰  ICYMI (Some older stuff that may catch your eye...)



🛣️ Sean C Davis runs through strategies for managing routes in JavaScript projects — good, practical advice for establishing a consistent workflow and improve overall maintainability.


🦆 Remember Duck Hunt for the NES? Well, ▶️ here's a lengthy video looking at how to recreate it in TypeScript.


🛠️ Chizaram Ken runs through a handful of reasons why your Next.js app may be slow, along with some possible fixes.





😗  And a weird note to end on..



Have you ever wanted to program by whistling? Now you can. Velato is a JavaScript-inspired esoteric language designed to be written entirely by whistling and you can give it a go in your browser right now. I struggled with it, but you might have more luck (it doesn't seem to like Safari, for starters).


Velato was built by Daniel Temkin, the author of Forty-Four Esolangs, a new book, published by MIT Press, about an artist's take on creating esoteric programming languages.










09/25/2025
The first browser with JavaScript landed 30 years ago





















#​754 — September 26, 2025

Read on the Web




JavaScript Weekly








Give Your AI Eyes: Introducing Chrome DevTools MCP — The Chrome team has released an MCP server for Chrome DevTools, enabling agents like Claude Code or OpenAI Codex to use the DevTools to debug and analyze the performance and behavior of your webapps (or even just to automate the use of Chrome generally). Addy does a great job of explaining the potential here.


Addy Osmani






AI Code Reviews Meet CLI Coding Agents — CodeRabbit CLI brings instant code reviews directly to your terminal, integrating with Claude Code, Cursor CLI, and other AI agents. While they generate code, CodeRabbit ensures it's production-ready - catching bugs, security issues, and hallucinations before they hit your codebase.


CodeRabbit sponsor






GitHub's Plan for a More Secure npm Supply Chain — In direct response to the recent npm ecosystem supply chain attacks of recent weeks, GitHub’s senior director of security research has outlined steps GitHub is taking, including blocking the upload of packages featuring the patterns of the recent malware, hardening package publication, and promoting the use of trusted publishing.


Xavier René-Corail (GitHub)




IN BRIEF:



RELEASES:




📖  Articles and Videos





From Steam to Floppy: Porting Modern TypeScript to Run on DOS — The creator of a DOS-inspired programming game (available on Steam) wanted to try and get the game running on real DOS. Thanks to jSH, a JavaScript engine for DOS, it was kinda do-able.


Jimbly / Dashing Strike






NPM Security Best Practices — An extensive list of best practices, techniques, and ideas to consider for making your use of the npm packaging ecosystem and its tooling more secure.


Boda






Implementing Authentication and Session Management in Next.js — Learn how to integrate user sign-up, sign-in, and protected routes into your Next.js app with modern auth practices.


Clerk sponsor






JSON is Not JSON Across Languages — If you use JSON to communicate between systems built in different languages, beware. Different libraries with varying opinions can cause “some of the most soul-crushing debugging experiences in software development.”


Dochia CLI




📄 Stop Using .reverse().find(): Meet findLast() Matt Smith


📄 Storing Unwise Amounts of Data in JavaScript BigInts Jonathan Frere


🎤 Making Desktop Frameworks More Accessible with Electron – A 20 minute chat with a long-time Electron maintainer. The GitHub Podcast


📄 Create 'Sick' Web Animations in Three.js with GSAP – A very simple example. Michael Li


📄 How to Test the New ARIA Notify API with Cypress Mark Noonan



🛠 Code & Tools








🤖 GitHub Copilot CLI Now in Public Preview — Not content to let Claude Code and OpenAI Codex dominate the CLI-based dev agent scene, GitHub has released a CLI-based version of Copilot, built using Node.


GitHub






TanStack Start v1 Release Candidate — TanStack’s attempt at a full-stack TanStack Router-powered framework has reached a v1.0 release candidate that’s expected to be largely the same as its eventual 1.0 release. “It’s the next chapter in building type-safe, high-performance React apps without the heavy abstractions.”


Tanner Linsley






Roles Get Messy Fast. WorkOS RBAC Keeps Access in Check — Define roles, group permissions, and sync with SSO and SCIM. Manage access with clean APIs and a powerful dashboard.


WorkOS sponsor






Cap'n Web: A New RPC System for Browsers and Web Servers — A ‘spiritual sibling’ to Cap’n Proto, an RPC protocol created by one of the same authors. However, Cap’n Web’s underlying serialization is human-readable, focused on integrating well with JS runtimes, and works over HTTP, WebSocket, and postMessage() out-of-the-box.


Varda and Faulkner (Cloudflare)






eslint-plugin-react-you-might-not-need-an-effect — What a project name! It’s an ESLint plugin to help React developers catch unnecessary useEffects which are quite commonly overused.


Nick van Dyke










  • 📊 Billboard.js 3.17.0 (above) – The popular charting library adds image label support for charts, label border styling, and dynamic control of label colors.




  • PythonMonkey 1.3 – Embed the SpiderMonkey JS engine into Python's VM. Now with Python 3.14 support.




  • pretty-bytes 7.1 – Convert a size in bytes into a human readable equivalent (e.g. 1337 becomes '1.34 kB').




  • Docusaurus 3.9 – The popular React + MDX-powered content/docs site generator.




  • Neo.mjs 10.9 – Multi-threaded framework for fast, desktop-like webapps.




  • eslint-plugin-vue 10.5 – Official ESLint plugin for Vue.js. (Homepage.)




  • VanJS 1.6 – The small but sweet reactive UI framework. (Homepage.)




  • Milkdown 7.16 – Plugin-driven WYSIWYG Markdown editor framework.









📰 Classifieds




Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort. Relied on by Dropbox, Wiz, Lattice, Bilt Rewards, etc.



🚀 Next week: JetBrains JavaScript Day 2025! A free online event full of talks & live Q&A with experts from the JS community. Don’t miss it!






🧐 Learning web development with Dr. Axel




Over the past couple of months the esteemed Dr. Axel Rauschmayer has been working on a valuable series of beginner-friendly posts on a range of web development topics, with a heavy focus on JavaScript. He pitches the series as a way to teach people "who have never programmed how to create web apps with JavaScript".


These are all excellent primers/refreshers, and ideal for sharing with those early in their web development journey. Here are some of the highlights so far:






P.S. Don't go JSON waterfalls..