Pulumi 宣布，Bun 现在已经成为 Pulumi 完全支持的运行时环境，不再像之前那样只是作为包管理器的角色。随着 Pulumi 3.227.0 的发布，开发人员可以在 Pulumi.yaml 文件中设置 runtime: bun，然后由 Bun 执行整个基础设施程序，而不需要安装 Node.js。 在 2022 年首次发布时，Bun ...

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...

But perhaps most important is the attention to memory issues in this release. Bun inventor Jared Sumner claims that the ...

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...

The teams that succeed with Node.js migration are not the ones who moved fastest. They are the ones who spent the most time ...

The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign. After inviting Saayman to a Slack ...

热门Node.js库vm2被曝出严重沙箱逃逸漏洞CVE-2026-22709，CVSS评分9.8分。该漏洞源于Promise处理程序的不当清理，攻击者可利用此漏洞逃脱沙箱并在底层操作系统执行任意代码。漏洞已在3.10.2版本中修复，但这是该库近年来遭遇的一系列沙箱逃逸漏洞之一。维护者建议用户及时更新并考虑使用isolated-vm等更安全的替代方案。

Node.js 24 has officially arrived, and it’s bringing a rather tasty selection of improvements to the table. If you’re a developer knee-deep in web apps or wrestling with asynchronous code, this ...

Community driven content discussing all aspects of software development from DevOps to design patterns. The art of the file upload is not elegantly addressed in languages such as Java and Python. But ...