12 May 2018

Google IO/18. New NPM Security Features. ES Modules in Firefox 60

Hey everyone, welcome to the fifth issue of ES Guy.

Alongside the release of Firefox 60 which introduces pre-enabled ES Modules, this week comes with the introduction to some of the new security features in npm and npm registry to help you write more secure code.

News from the Week

New NPM Security Features – Starting in [email protected], npm has introduced a new command that can perform a security review of your projects. Simply type npm audit to analyze your code and its dependencies against the Node Security Platform database of JavaScript vulnerabilities. Learn more about using npm audit: How to run a security audit

Apart from that, when you install a package from the npm Registry, npm now analyzes the requested code. If any insecure code is detected, npm will display a postinstall warning message.

Firefox 60 has been released this week, which comes with several new features including ES Modules being enabled by default, Web authentication API, More secured cookies and text-stroke (non-standard property to add strokes to text). Read more about the launch here.

Read and Watch

Here are some of the articles and talks to watch for the week

Open Source


Here is the list of releases from this week with the links to changelogs

Did you know

Did you know that length property on a function refers to the argument count of the function

function callMe(arg1, arg2, arg3) { }

// Output: 3


And that’s it for this issue. Stay tuned for the next week. Plus if you don’t already know, the source of the website can be found at github. If you have any feedback, suggestions or things to share, feel free to Submit a PR or open an issue