OpenJS Foundation
Open main menu
About
About
Training
Training
Blog
Blog
Community
Community
Become a member
Category: Node.js
Posts in the Node.js category.
January 16, 2024
Node.js Security Progress Report – Progress on Permission Model, Fuzzer and Connections with Community
Check out what we've been up to in this edition of our Node.js Security Progress Report.
Node.js
December 7, 2023
Node.js Security Progress Report – Active Outreach to a Growing Node.js Security Community
Check out what we've been up to in this edition of our Node.js Security Progress Report.
Node.js
November 16, 2023
Node.js Security Progress Report – Security Release and Node.js 21
October was busy due to the latest security release affecting Node.js 18 and Node.js 20. Usually, we lock in the Continuous Integration (CI) cycle at least 5 days before a release. This time, however, due to the recent changes to the CITGM (Canary In The Gold Mine: a simple tool for pulling down an arbitrary module from npm and testing it using a specific version of the node runtime) and changes to the automation of the security release proposal, it was just 3 days.
Node.js
October 17, 2023
Node.js 21 Available Now!
The release of Node.js 21 is available now! Node.js 21 replaces Node.js 20 as our current release line, and Node.js 20 is being promoted to long-term support (LTS).
Node.js
September 21, 2023
Node.js Security Progress Report - September Community Engagement
Read our progress report on Node.js security in the month of August.
Node.js
August 17, 2023
Node.js Security Progress Report – Fewer Steps and More Releases
In July, we continued our regular work triaging and fixing Node.js security issues
Node.js
August 17, 2023
Node.js Security Progress Report – Fewer Steps and More Releases
In July, we continued our regular work triaging and fixing Node.js security issues. We also welcomed a new contributor to the Node.js Security Working Group team, and increased the number of security releases, which improves security by making updates available more quickly. We have also continued to evaluate the Permission Model including adding a startup benchmark, adding support for V8 HeapSnapshot and Node.js reports, and cut down the number of steps it takes to create a security release.
Node.js
July 17, 2023
Node.js Security Progress Report – 17 Reports Closed
In June, we saw all of our Node.js security metrics trending in the right direction.
Node.js
June 16, 2023
Node.js Security Progress Report – First Response Time Down to 8 Hours, New Security Release Announced
Last month, we reported that the first response time in April was down to 18 hours.
Node.js
May 24, 2023
Node.js Security Progress Report – Automation, Automation and more Automation
Last month, the Security Working Group initiatives focused on the Permission Model and Automated Update Dependencies.
Node.js
April 26, 2023
Node.js Security Progress Report – More Community Participation Leads to Security Sustainability Progress
We continue to see more participation and momentum from the Node.js community.
Node.js
April 18, 2023
Node.js 20 Now Available
Node.js 20 includes new Node.js experimental permission model for improved security
Node.js
March 13, 2023
Node.js Security Progress Report – Permission Model Merged
February included several major steps forward in improving Node.js security.
Node.js
February 21, 2023
Node.js Security Progress Report – OpenSSF Grant Renewed for 2023, New Ecosystem Focus
January was busy with HackerOne reports, vulnerability fixes for OpenSSL and Node.js and security updates due to the upcoming Node.js security release.
Node.js
January 18, 2023
Node.js Security Progress Report – More Successful December Outcomes
December was a busy month! We handled more reports and more fixes than ever. In fact, we spent most of our time working on fixes, which is exactly as it should be.
Node.js
December 15, 2022
Node.js Security Progress Report – Looking Forward to 2023
This month, we launched the Node.js Security Best Practices and the Node.js Threat Model – both are already getting good visibility and feedback.
Node.js
December 13, 2022
Welcoming FlowForge to the OpenJS Foundation
A low-coding development platform fit for the enterprise, started by the Node-RED co-founder, now a part of the OpenJS Foundation
Node.js
November 17, 2022
Node.js Security Progress Report – Improving Security Processes
October saw steady improvements to Node.js security in multiple areas, assisted by the Open Source Security Foundation (OpenSSF) grant to the OpenJS Foundation.
Node.js
October 18, 2022
Node.js 19 is now available!
The release of Node.js 19 is now available! Node.js 19 replaces Node.js 18 as our current release line, with Node.js 18 being promoted to long-term support (LTS) next week.
Node.js
October 14, 2022
Node.js Security Progress Report – Collab Summit Highlights Increased Focus On Security for Node.js
There was good progress in September aimed at improving Node.js security, assisted by the Open Source Security Foundation (OpenSSF) grant to OpenJS.
Node.js
September 15, 2022
Node.js Security Progress Report – Threat Model and Dependency Analysis Improvements
August was a big month for improving Node.js security, assisted by the Open Source Security Foundation (OpenSSF) grant to OpenJS.
Node.js
August 5, 2022
Node.js Security Progress Report – Permission System Gets Its First Pull Request
July was a busy month for improving Node.js security, with reinforcements from the Open Source Security Foundation (OpenSSF) grant to OpenJS!
Node.js
April 29, 2022
Using AbortSignal in Node.js
Dave Clements is an open source advocate and is the tech lead and primary author of OpenJS Foundation Node.js training and certification programs.
Node.js
April 19, 2022
Node.js 18 Released With Improved Security, Fetch API, and Next-10 Strategic Initiatives
Node.js 18 is available now!
Node.js
April 18, 2022
Open Source Security Foundation (OpenSSF) Selects Node.js as Initial Project to Improve Supply Chain Security
Today, we’re excited to announce that Node.js is the first open source community to be supported by OpenSSF’s Alpha-Omega Project.
Node.js
February 14, 2022
Node.js Trademarks Transferred to OpenJS Foundation
OpenJS Foundation had previously been granted free, perpetual license to use Node.js trademarks and logo for the past 6 years
Node.js
October 25, 2021
OpenJS World 2021 Keynote Recap: Node.js: The New and the Experimental
Bethany Griggs, Node.js Technical Steering Committee member, and Senior Software Engineer at Red Hat, describes in detail how new and experimental features are added to the Node.js project.
Node.js
October 19, 2021
Node.js 17 is here!
This blog was written by Bethany Griggs, with additional contributions from the Node.js Technical Steering Committee and project collaborators.
Node.js
October 8, 2021
Retiring the Node.js Community Committee
This blog was originally authored by Tierney Cyren and posted on the nodejs.org blog on October 7, 2021.
Node.js
September 17, 2021
OpenJS Foundation Opens New Node.js Certification and Training Scholarship
Today, the OpenJS Foundation is launching a new scholarship fund to increase access to the OpenJS and Linux Foundation Training (LiFT) Node.js training and certification and help expand diversity in technology.
Node.js
Previous
1
2
Next