Due to insufficient certificate verification the European Commission eIDAS-Node accepted manipulated SAML messages, allowing an attacker to bypass eIDAS authentication and assuming someone else’s identity. This is a technical vulnerability description of ... (more…)

Since version 12, Node.js is supposed to print all of the callers in a stack trace, even if some calls are made asynchronously with the await keyword. Such a stack trace should make debugging a breeze, but unfortunately I have found this to work very poor... (more…)

Understanding the basics of package.json is core to development with Node.js and npm. Learn the basic properties to understand and use package.json. (more…)

This blog is brought to you by the Executive Director of the Node.js Foundation Mark R. Hinkle. (more…)

Node 8 is out, did you hear? And it’s faster, or so they say. (more…)