14 Apr 2018

NPM acquires Lift, Node bounty Program, Bootstrap 4.1

Hey everyone, welcome to the first issue of ES Guy. Highlights of this week include the acquisition of Lift by Node.js, launch of Node.js bug bounty program and the release of Bootstrap 4.1

News from the Week

Node.js acquires ^Lift Security and Node Security Platform

Since it’s founding, npm has relied upon lift security to assess and catalog the security vulnerabilities on npm registry. Lift had also been managing “Node Security Platform” which is a catalog of valuable data about JavaScript vulnerabilities. Among the Lift customers are Netflix, Mozilla, Intuit, Redfin etc. Lift acquisition is the first in series of strategic security initiatives npm plans to announce. Here is the original announcement

Node.js Bug Bounty Program Launched

Node.js Security WG (Working group) team launched bug bounty program earlier this week, where you report vulnerabilities in the core of Node.js and get 500, 1000 or 1500 dollars depending upon the severity of the bug. Submit any bug reports on hackerone

Read and Watch

Here are some of the articles and talks to watch for the week


Here is the list of releases from this week with the links to changelogs

Did you know?

Here are some of the interesting things, quick tips that you might not be aware of. Submit the interesting things or your TILs to be featured in the next publication

Customize JSON Serialization

Change JSON.stringify output – You can hook into JSON.stringify() and modify the result as you like. All you have to do is implement the toJSON function in your object

let person = {
  firstName: "Kamran",
  lastName: "Ahmed",
  toJSON: () => {
    return  {
      fullName: `${person.firstName} ${person.lastName}`

// Output will include the fullname