fidzu : javascript

#​763 - November 28, 2025

Read on the Web

JavaScript Weekly

Over 150 Algorithms and Data Structures Demonstrated in JS - Examples of many common algorithms (e.g. bit manipulation, Pascal's triangle, Hamming distance) and data structures (e.g. linked lists, tries, graphs) with explanations. Available in eighteen other written languages too.

Oleksii Trekhleb et al.

TypeScript: From First Steps to Professional - Learn TypeScript step-by-step with Anjana Vakil, and gain confidence writing code you can trust! Add strong types, reuse interfaces, and apply type safety throughout your app with hands-on projects converting JavaScript to TypeScript.

Frontend Masters sponsor

⚠️ The Shai-Hulud 2.0 npm Worm: Analysis, and What You Need to Know - The next generation of a 'worm' we've previously encountered is back infecting more packages, exfiltrating developers' credentials, then republishing yet more packages to spread further. This is a good writeup of how it works.

Tafani-Dereeper and Obregoso (Datadog)

IN BRIEF:

• Tanner Linsley tells the tale of two years running TanStack (well known for TanStack Start, Query, and Form, among others) as an open source organization.

• The Piccalilli team has made the Introduction to Asynchronous JavaScript chapter of their JavaScript for Everyone course free to read online.

• There's a variety of Black Friday deals offered by well-known members of the frontend community on courses and similar resources.

• Node.js 24 is now a supported runtime on AWS Lambda (as nodejs24.x) and won't be deprecated until April 30, 2028.

RELEASES:

• Prettier 3.7 - The popular opinionated code formatter.

• pnpm 10.24 - The fast, efficiency-focused package manager gets even faster with adaptive network concurrency.

• Bun 1.3.3 - The popular JS runtime adds CompressionStream and DecompressionStream, upgrades to SQLite 3.51.0, and other minor enhancements.

• Playwright 1.57 - Microsoft's browser/Web automation library now has a 'speedboard' tab in its HTML reports to show you your tests sorted by slowness. It also switches from Chromium to Chrome for Testing.

• Valibot 1.2, Storybook 10.1, Next.js v16.0.5, Immer 11.0

📖 Articles and Videos

The Performance Inequality Gap in 2026 - Esteemed browser and Web standards expert Alex Russell looks at the state of client-side Web performance, what sort of bandwidth you should be taking into account, what devices people are using, and warns against ever-growing JavaScript bundle sizes. A lot of data here.

Alex Russell

Why Use React? (On the Frontend) - Jeremy asks some big, potentially uncomfortable questions, but notes how React's modern server-side powers are a real boon, while questioning React's role on the frontend, where Preact might well suit you better.

Jeremy Keith

Breakpoints and console.log Is the Past, Time Travel Is the Future - 15x faster JavaScript debugging than with breakpoints and console.log, supports Vitest, Jest, Karma, Jasmine, and more.

Wallaby Team sponsor

▶ What are 'Invokers': Interactivity without JavaScript? - The Invoker Commands API lets you assign behaviors to buttons. You can use JavaScript to create custom commands, however.

Scott Tolinski

How Vercel Built Its First Mobile App with React Native - Vercel has built an iOS app for its v0 AI-powered app development tool using React Native and Expo. This is a detailed look at how they tackled certain issues to make the UX smooth and responsive.

Fernando Rojo (Vercel)

Wrangling My Email with Claude Code - James shows how you can use Claude's 'agent skills' to run a JavaScript app that fetches your email from Gmail for Claude Code to analyze.

James Long

📄 How a Summer in Abruzzo Helped Bring Type Stripping to Node.js - It's neat to get some background to the story. Marco Ippolito

📄 Taking Down Next.js Servers for 0.0001 Cents a Pop - A vulnerability that has been fixed, if you're on Next.js 15.5.5 or 16+. Alex Browne

📄 Tinyglobby: A Success Story in Modernization and Performance Madeline Gurriarán

📄 Managing Side Effects: A JavaScript Effect System in 30 Lines or Fewer Aycan Gulez

📄 How to Build Cinematic 3D Scroll Experiences with GSAP and Three.js Joseph Santamaria

📄 Migrating 6000 React Tests Using AI Agents and ASTs Elio Capella Sánchez

🛠 Code & Tools

FullCalendar: A Full Sized JavaScript Calendar Control - Get a Google Calendar-style experience in your own apps. Has connectors for React, Vue and Angular, but can be used with plain JavaScript too. The base version is MIT licensed, but there's a commercial version too with extra features.

Adam Shaw

Better Auth: A Comprehensive Authentication Framework for TypeScript - A framework agnostic authentication and authorization framework that provides email and password-based auth, OAuth and social sign-in, account and session management, 2FA, and more. v1.4 was just released with stateless/database-free session management support.

Better Auth

Tiger Data Taught AI to Write Real Postgres Code. Try it Today - pg-aiguide brings real DB expertise to Claude Code, or any other MCP-enabled tool.

Tiger Data sponsor

Heat.js 4.5: A Heat Map Visualization Library - Think the GitHub contributions heat map. No dependencies, small, responsive, and theme-able. There's a live demo or its GitHub repo.

William Troup

Ant Design 6.0: The React UI Design Language and UI Library - One of the bigger, more 'corporate' looking React component suites. v6 provides a smooth migration for v5 users and is focused on optimizations and React 19 compatibility.

Ant Design Team

• 🎨 Chroma.js 3.2 - Color mixing, conversion and manipulation library.

• 🔎 Node File Trace (NFT) 1.1 - Vercel's tool for determining which files are necessary for an app to run.

• Cedar 1.0 - Full-stack React framework forked from the former RedwoodJS.

• swc4j 2.0 - JVM-based JavaScript and TypeScript compilation and bundling.

• 📺 React Lite YouTube Embed v3.2 - A faster, cleaner YouTube embedding component. (Demo.)

• cron-schedule 6.0 - Zero-dependency cron parser and scheduler.

• Vuetify 3.11 - Vue component framework.

• Fable 4.28.0 - F# to JavaScript compiler.

TSDiagram: Diagrams as Code with TypeScript - Draft diagrams quickly with TypeScript. Define your data models through top-level type aliases and interfaces and it automatically lays out the nodes in an efficient way. GitHub repo.

Andrei Neculaesei

📢 Elsewhere in the ecosystem

Some other interesting tidbits in the broader landscape:

• If you've not yet played with CSS's "subgrid" feature (now supported in all major browsers), Josh W Comeau has a fantastic introduction to the new possibilities subgrids offer your layouts.

• ⚠️ GitHub reports secrets/tokens leaked in Git repos to the service providers so they can be revoked, but now it's reporting secrets in unlisted GitHub Gist posts too (so be careful when using it as a 'private' pastebin).

• The RetroGameCoders IDE is a JavaScript and WebAssembly-powered online IDE/playground for coding against retro machines, now including the C64, Apple II, MSX, Atari 800, and others.

• 🤖 Addy Osmani has written a neat roundup of what's new in Gemini 3.0, the latest version of Google's leading LLMs. He touches on Nano Banana Pro image generation, Google's new Antigravity dev tool, and how the updates benefit developers. Not keen to be left behind, however, Anthropic released Claude Opus 4.5 earlier this week.

• The team behind the Zig language isn't happy with GitHub and so is migrating from GitHub to Codeberg.

#​762 - November 21, 2025

Read on the Web

JavaScript Weekly

Google Announces Angular v21 - The Google team has gone all out with this significant release of its popular JavaScript framework. They've put together a retro game-themed adventure-based tour of what's new, along with top notch videos showing off features like its new signal-based approach to forms, MCP server for AI-powered workflows, library of headless components focused on accessibility, and even a new 'Angular AI Tutor' to get up to speed.

Google

Authentication. Complete, Not Complex -

FusionAuth sponsor

IN BRIEF:

• Devographics' annual State of React survey is now open to take again. Here's last year's results.

• 🎤 TypeScript's Daniel Rosenwasser and Jake Bailey went on the TypeScript.fm podcast to talk about what's coming up in TypeScript 6 and 7.

• 📗 TC-39 member James M. Snell is working on a book called JavaScript in Depth for Manning. Final publication is expected in mid 2026 but four chapters are already available in early access.

• CSS Grid support should be coming to React Native soon.

RELEASES:

• Prisma 7.0 - Popular ORM for Node.js and TypeScript. The Rust-free Prisma Client is now the default.

• pnpm 10.23 - Fast, space efficient package manager.

• Node.js v25.2.1 (Current), Astro 5.16

📖 Articles and Videos

This week's TC39 meeting: The Ecma TC39 committee (the group behind the design of ECMAScript / JavaScript) met up for the 111th time this week (seen above) to discuss language proposals. The meeting notes won't be published for a few weeks, but several proposals did see some progress:

• Iterator Sequencing progressed to stage 4.

• Joint Iteration, Iterator Join, and Await dictionary of Promises go stage 2.7.

• Error.captureStackTrace, import .. with {type: "text"}, and Object.keysLength all progressed to stage 2.

• The Intl Unit Protocol also reached stage 1 to provide a way to annotate quantities with the units being measured.

• Typed Array Find Within progressed to stage 1. Think a native indexOf-type method for TypedArrays.

Note: Learn more about what the TC39 stages mean here.

Tooltip Components Should Not Exist - Dominik challenges some common wisdom in his typically erudite fashion. Stand-alone tooltip components are the wrong abstraction when separated from the underlying UI features that use them. This thinking can apply to many other UI affordances too, so the broad idea is well worth considering.

Dominik Dorfmeister (AKA TkDodo)

Agentic Postgres: Let Your Agents Cook - Build AI apps faster: Postgres with built-in memory, search, and free forkable DBs. Try it free on Tiger.

Tiger Data sponsor

Implementing Wordle in LibreOffice with JavaScript Macros - One of those fun things where the real value is in learning that you can script LibreOffice with JavaScript.

Bojidar Marinov

Automated NPM Secret Rotation in GitHub Actions - If you've built a system to automatically publish to npm, you may have had to change things due to this month's npm security changes. Here's a way to keep things ticking if you're not ready to switch to trusted publishing.

Michael Heap

Six Things I Bet You Didn't Know You Could Do With Chrome's DevTools - Part one here covers the first three, with part two covering the last three. Covers time functions, DOM observation, user action replays, and more.

Rachel Kaufman

📄 An Experiment in Making TypeScript Immutable-by-Default - "I wondered: is it possible to make TypeScript values immutable by default?" Evan Hahn

📄 How to Build Cinematic 3D Scroll Experiences with GSAP Joseph Santamaria

📄 How We Migrated 76,000 Tests from Enzyme to React Testing Library - HubSpot's tale of a big React testing migration. Charley Pugmire (HubSpot)

📄 How to 'Officially' Deprecate Methods in Node.js Code - Did you know of Node's deprecate method? Stefan Judis

🛠 Code & Tools

Webpack Bundle Analyzer 5.0: A Visual Look at Webpack's Output - An official Webpack plugin and CLI tool that shows bundle content in the form of an interactive zoomable treemap so you can dig in and see what's taking up space in your bundle (and then optimize it, ideally).

Webpack Project

TanStack DB 0.5, Now with Query-Driven Sync - TanStack DB is a client‑first reactive data store that uses differential dataflow to power live, relational queries, sub‑ms incremental updates, and seamless optimistic writes. In v0.5, a component's query becomes the API call too. "Just write your query and TanStack DB figures out exactly what to fetch."

Willis, De Parre, and Matthews

Still Writing Tests Manually? - See why modern engineering teams like Dropbox, Notion and Lattice rely on Meticulous to run E2E UI tests.

Meticulous AI sponsor

Brimstone: A New JavaScript Engine Written in Rust - Joining the hundreds of JS engines available, Brimstone has strong language support (97% of the spec), is very small, but remains a work in progress.

Hans Halverson

VueFinder: File Management Component for Vue 3 - Provides a reactive, native-like file explorer interface for users to organize, preview, and manage files.

Yusuf Özdemir

is-online 12.0: Check if the Internet Connection Is Up - Works in both Node and the browser and uses various approaches to check if the Internet is really available.

Sindre Sorhus

• PlayCanvas glTF Viewer 5.7 - 3D model viewer supporting glTF 2.0 and PLY.

• Wasp 0.19 - Wasp is a Rails-like framework built on Node, React & Prisma.

• Neo.mjs 11.7 - Multi-threaded framework for fast, desktop-like webapps.

• Inquirer.js 13.0 - Popular interactive CLI controls library for Node.js.

• Plotly.js 3.3 - Standalone data visualization library.

• Rockpack 7.0 - React app starter/generator.

• Fresh 2.2 - Deno-powered Web framework.

📢 Elsewhere in the ecosystem

Some other interesting tidbits in the broader landscape:

• Were you affected by Cloudflare's extended outage on Tuesday? If so, you might be keen to learn all the details of what happened (it was code-related). This is a fantastic example of an incident report, despite the inconvenience.

• 📗 WebAssembly from the Ground Up is a new (paid) book that walks you through building a compiler in JavaScript. There's a sample PDF showing off thirty pages of the content - it looks very promising.

• A well-presented account of how a well-known typeface company pursued another company for nonexistent license violations.

• Josef Strzibny has looked at Reddit's newly unveiled 'engagement' numbers for various programming subreddits. Redditors clearly like to be niche, as /r/node, /r/react and /r/nextjs all easily beat /r/javascript's engagement numbers.

• The above autocorrect-fuelled headline on Hacker News gave me a chuckle. If you like Bach or organ music in general, ▶️ listen to the 'new' pieces here.

• Amazon RDS for PostgreSQL now supports Postgres 18.

#​761 - November 14, 2025

Read on the Web

JavaScript Weekly

JavaScript Engines Zoo: Learn About Over 100 JS Engines - I'm a sucker for a big table of data and this is about as big as it gets when it comes to JavaScript engines. See how various engines compare, sort them by performance, or click on an engine's name to learn more about its development, history, and end users. The project's repo also has Dockerfiles for trying each of them out.

Ivan Krasilnikov

💡 Sticking with a theme, I've always enjoyed this ECMAScript compatibility table where you can see cross-browser and runtime support for different JavaScript features.

FlexGrid by Wijmo: The Industry-Leading JavaScript Datagrid - A fast and flexible datagrid for building modern web apps. Key features and virtualized rendering are included in the core grid module. Pick & choose special features to keep your app small. Built for JavaScript, extended to Angular, React, and Vue.

Wijmo From MESCIUS sponsor

Valdi: Snap's Newly-Open Cross-Platform UI Framework - The team behind Snapchat has open sourced this cross-platform UI framework that it's used in its production apps for eight years: "Write your UI once in declarative TypeScript, and it compiles directly to native views on iOS, Android, and macOS-no web views, no JavaScript bridges."

Snap

💡 Valdi's FAQ answers several questions you might have, including how it works and why you might pick Valdi over React Native.

IN BRIEF:

• The TC39 committee behind ECMAScript is meeting for the 111th time next week and has a packed agenda to discuss. (Thanks to Rob Palmer for the heads up.)

• For Stack Overflow, Tanya Janca shares several tips for writing more secure JavaScript.

• The co-founder of the fantastic Val Town online JavaScript platform shares a retrospective of its past three years, as well as two roles they're hiring for.

• Visual Types is a handy visually-oriented guide/tour of what types are and how they work, with a focus on TypeScript.

RELEASES:

• Bun v1.3.2 - Isolated package installs, introduced as the default in v1.3, were causing issues with some existing projects, so now hoisted installs are back as the default for those. bun install also gets even faster and you can do CPU profiling by running with --cpu-prof.

• Node.js v25.2.0 (Current) - Now with type stripping marked as stable.

• esbuild 0.27 - Popular bundler. A notable release for having breaking changes (so you're reminded to pin esbuild appropriately).

• TanStack DB 0.5, Node.js v24.11.1 (LTS), MikroORM 6.6

📖 Articles and Videos

▶ The State of Node.js in 2025, Explained - A thirty-minute talk from JSNation earlier this year where TSC member Matteo Collina presented an update on Node's still-growing popularity, release schedule, security, recent performance enhancements, the permissions system, and more.

GitNation

V8's Garbage Collector Developments in Recent Years - Andy, who's worked on both V8 and JavaScriptCore in the past, reviews the major developments in the V8 engine's garbage collector over the past couple of years. Very technical, but a valuable piece of history.

Andy Wingo

Build Type-Safe APIs for Your JS Apps: Protobuf Workshop with Buf Team - Learn how Protobuf brings type safety across your stack from Node.js APIs to frontend clients. Live Q&A with Buf engineers.

Buf sponsor

Comparing Electron vs. Tauri for Building and Distributing a Desktop App - A team working on an open-source desktop app built using JavaScript and Electron took a look into the Rust-based Tauri instead, with mixed, but mostly positive, results.

Eric Richardson

Using Expo for React Native Development in 2025: A Perspective - Expo has essentially become to React Native what Next.js became to React. But is it well suited for you? Jack weighs the pros and cons.

Jack Rosa

📄 How We Catch UI Bugs Early with Visual Regression Testing - Using Playwright and its visual comparisons feature. Tommaso Ruscica

📺 Learn JavaScript by Building 'Mario' - One of Ania's typically easy to follow, comprehensive tutorials. Ania Kubow

📄 Building a 3D Infinite Carousel with Reactive Background Gradients Clément Grellier

📄 Error Chaining in JS: Cleaner Debugging with Error's cause Matt Smith

🛠 Code & Tools

imgui-react-runtime: React + Dear ImGui + Static Hermes - When the author teased a demo of this on X a few weeks ago, I wasn't sure if it would get released, but here it is. A new way to put together native apps using React and the popular lightweight GUI library Dear ImGui.

Tzvetan Mikov

ESLint Plugin for Baseline JavaScript - The winner of last month's Baseline Tooling Hackathon is an ESLint plugin that flags code that's using features newer than your configured Baseline target (features broadly supported by modern browsers).

Ryuya Hasegawa

Customizable JavaScript Libraries for Forms & Surveys - Create branded, dynamic forms with full control over design, logic, and data storage.

SurveyJS sponsor

pnpm 10.21: Safer Installs and Smarter Runtime Management - Now installs the Node version required by a dependency, declared in its engines.runtime field, meaning CLI apps and postinstall scripts will run with the specified version. The trustPolicy setting also adds protection against supply-chain attacks by failing to install a package if its trust level drops.

Zoltan Kochan

Ink 6.5: Build Interactive CLI Apps using React - A very widely used terminal-based React renderer for building reactive terminal apps using components. v6.5 is notable for adding an incremental rendering option.

Vadim Demedes

• vis-timeline 8.4 - Interactive control to visualize data across time, as shown above. Numerous examples here.

• rasterizeHTML.js 1.4 - Renders HTML into a canvas element. Now supporting OffscreenCanvas too.

• file-type 21.1 - Detect the file type of a file, stream, or data in both Node and the browser.

• Svelte SEO 2.0 - Optimize your Svelte app for search engines and social media.

• isomorphic-git 1.35 - Pure JS implementation of git for Node & browsers.

📢 Elsewhere in the ecosystem

Some other interesting tidbits in the broader landscape:

• 🔒 OWASP (Open Worldwide Application Security Project) has released its list of the top ten web application security threats in 2025.

• 🤖 An ardent critic of LLMs spent a month doing 'chat oriented programming' and while he found the experience "infuriating", he concedes it has merit and is a viable option "if your tolerance for pain is high enough.".

• 🧊 Ever fancied implementing a voxel-based engine for that Minecraft-esque experience? Uses (very Rust-y) pseudocode in order to remain timeless and let you enjoy doing the implementation yourself.

• An explanation of the differences between monorepos, multi-repo, submodule and subtree setups in Git.

• 💻 If you like collecting stickers from conferences, you might enjoy this gallery of hundreds of people's stickered-up laptops or even want to submit your own. It took me a while to find any JavaScript stickers, but they're there..

🎂 P.S. JavaScript Weekly turned fifteen years old this week! Thanks to all of you for reading, and particularly anyone still subscribed from the first issue. We haven't looked at the stats in a while, but we know there are some of you! :-)