Posts Tagged ‘security’

PHP 7.3’s First Release Candidate is Here

PHP 7.3 is inching closer to general release (planned for December), with todays announcement of the first PHP 7.3 release candidate: The PHP team is glad to announce the release of the next PHP 7.3.0 pre-release, PHP 7.3.0RC1. The rough outline of the PHP 7.3 release cycle is specified in the PHP Wiki: https://wiki.php.net/todo/php73 Heres the remaining timeline leading up to the general release of PHP 7.3: Along with the new release candidate, releases for all minor versions of PHP 7 are available as of September 13th.

Posted in php

Continue Reading

Ryan Dahl’s Node.js regrets lead to Deno

What might the Node.js server-side JavaScript runtime look like today if founder Ryan Dahl could build it all over again? With his Deno project, a secure TypeScript runtime built on the same Google V8 JavaScript engine as Node.js, we get an idea.

Posted in nodejs

Continue Reading

May 2018 Git Security Vulnerability

CVE 2018-11235 is a new industry-wide security vulnerability in Git that can lead to arbitrary code execution when a user operates in a malicious repository. In the announcement, Edward Thomson describes the vulenerability: A remote repository may contain a definition for a submodule, and also bundle that submodules repository data, checked in to the parent repository as a folder.

Posted in php

Continue Reading

Node.js 8 brings sanity to native module dependencies

Node.js, the popular server-side JavaScript platform, has been upgraded with improvements related to the runtime, buffer security, URL parsing, and preserving dependencies on native modules across major Node.js upgrades. On the module dependencies front, Node.js 8.0.0, released today by the Node.js Foundation, introduces the Node.js API, or N-API, albeit still behind an experimental flag.

Posted in nodejs

Continue Reading

Composer v1.6.4 is Released With a Security Fix

Today, the Composer team released v1.6.4 and it includes a security fix so all users are encouraged to upgrade. According to Jordi Boggiano, it also includes triaging/merging/fixing for almost 200 issues and you can see everything that changed from the release page on Github.

Posted in php

Continue Reading

Yarn 1.0 simplifies JavaScript dependency management

Facebooks Yarn, an alternative JavaScript package manager to NPM, has reached a 1.0 release, which features a workspaces capability to ensure the latest code is being used on engineering projects. With workspaces, users transition their code base into a mono-repository to ensure that the most recent code gets used.

Posted in nodejs

Continue Reading