🎉 Node.js 25 Released with V8 14.1, New Permissions / Linuxiac
「 Node.js 25 also finalizes the removal of many long-deprecated APIs. This includes the complete end-of-life of SlowBuffer, deprecated crypto options, and outdated fs and assert methods. These removals help simplify the codebase and reduce potential security risks stemming from legacy features 」
https://linuxiac.com/node-js-25-released-with-v8-14-1-new-permissions/
Box464
boosted
Exciting news for #Fedify developers! We've just landed a major milestone for Fedify 2.0—the #CLI now runs natively on #Node.js and #Bun, not just #Deno (#456). If you install @fedify/cli@2.0.0-dev.1761 from npm, you'll get actual JavaScript that executes directly in your runtime, no more pre-compiled binaries from deno compile. This is part of our broader transition to Optique, a new cross-runtime CLI framework we've developed specifically for Fedify's needs (#374).
This change means a more natural development experience regardless of your #JavaScript runtime preference. Node.js developers can now run the CLI tools directly through their familiar ecosystem, and the same goes for Bun users. While Fedify 2.0 isn't released yet, we're excited to share this progress with the community—feel free to try out the dev version and let us know how it works for you!
Exciting news for #Fedify developers! We've just landed a major milestone for Fedify 2.0—the #CLI now runs natively on #Node.js and #Bun, not just #Deno (#456). If you install @fedify/cli@2.0.0-dev.1761 from npm, you'll get actual JavaScript that executes directly in your runtime, no more pre-compiled binaries from deno compile. This is part of our broader transition to Optique, a new cross-runtime CLI framework we've developed specifically for Fedify's needs (#374).
This change means a more natural development experience regardless of your #JavaScript runtime preference. Node.js developers can now run the CLI tools directly through their familiar ecosystem, and the same goes for Bun users. While Fedify 2.0 isn't released yet, we're excited to share this progress with the community—feel free to try out the dev version and let us know how it works for you!
just small circles 🕊
and 1 other
boosted
Ω🪬Ω
#FediAlgo (the customizable timeline algorithm / filtering system for your Mastodon feed) v1.2.2 is deployed now. Has a switch that makes sure any #hashtags / users / etc. that you follow are displayed as filter options even if they don't meet the minimum number of recent toots threshold.
Also a bunch of bug fixes and small improvements.
* Try it here: https://michelcrypt4d4mus.github.io/fedialgo_demo_app_foryoufeed/
* Code: https://github.com/michelcrypt4d4mus/fedialgo_demo_app_foryoufeed
* Video of FediAlgo in action (slightly outdated): https://universeodon.com/@cryptadamist/114395249311910522
#activitypub #algorithm #algorithmicFeed #algorithmicTimeline #Fedi #FediTips #FediTools #Fediverse #Feed #FOSS #GoToSocial #hashtag #hashtags #javascript #MastoAdmin #Mastodon #MastodonApi #mastohelp #mastojs #node #nodejs #opensource #socialmedia #SocialWeb #timeline #TL #typescript #webdev
Ω🪬Ω
#FediAlgo (the customizable timeline algorithm / filtering system for your Mastodon feed) v1.2.2 is deployed now. Has a switch that makes sure any #hashtags / users / etc. that you follow are displayed as filter options even if they don't meet the minimum number of recent toots threshold.
Also a bunch of bug fixes and small improvements.
* Try it here: https://michelcrypt4d4mus.github.io/fedialgo_demo_app_foryoufeed/
* Code: https://github.com/michelcrypt4d4mus/fedialgo_demo_app_foryoufeed
* Video of FediAlgo in action (slightly outdated): https://universeodon.com/@cryptadamist/114395249311910522
#activitypub #algorithm #algorithmicFeed #algorithmicTimeline #Fedi #FediTips #FediTools #Fediverse #Feed #FOSS #GoToSocial #hashtag #hashtags #javascript #MastoAdmin #Mastodon #MastodonApi #mastohelp #mastojs #node #nodejs #opensource #socialmedia #SocialWeb #timeline #TL #typescript #webdev
David Gerard
boosted
2/ i wrote a short-ish "note" over on The Blogging Site That Shall Not Be Named in an attempt to explain to the less technologically sophisticated people in the audience what just happened with the #nx / #npm supply chain attack.
* my simplified explanation: https://substack.com/profile/96801203-michel-de-cryptadamus/note/c-149738571
* for the trve heads with opinions on things like linux distros and the Rust programming language, Wiz wrote a much more thorough explanation: https://www.wiz.io/blog/s1ngularity-supply-chain-attack
#crypto #cryptocurrency #nodejs #node #threatintel #northkorea #lazarusgroup#DPRK #hackers #hacking #ethereum #claude #gemini
David Gerard
boosted
everyone calm down, the enormous #NPM supply chain attack of the incredibly popular (27,000 #github stars) #nx#AI build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.
my fact free, completely unsupported by evidence hunch is that we will find this came from #NorthKorea (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).
https://universeodon.com/@cryptadamist/115102035321832152
#crypto #cryptocurrency #ethereum #npm #nodejs #node #js#javascript#webdev#DPRK#LazarusGroup #cybersecurity #infosec #threatintel #claude #gemini
just small circles 🕊
boosted
We're excited to announce the release of BotKit 0.3.0! This release marks a significant milestone as #BotKit now supports #Node.js alongside #Deno, making it accessible to a wider audience. The minimum required Node.js version is 22.0.0. This dual-runtime support means you can now choose your preferred #JavaScript runtime while building #ActivityPub #bots with the same powerful BotKit APIs.
One of the most requested features has landed: poll support! You can now create interactive polls in your #bot messages, allowing followers to vote on questions with single or multiple-choice options. Polls are represented as ActivityPub Question objects with proper expiration times, and your bot can react to votes through the new onVote event handler. This feature enhances engagement possibilities and brings BotKit to feature parity with major #fediverse platforms like Mastodon and Misskey.
// Create a poll with multiple choicesawait session.publish(textWhat's your favorite programming language?, { class: Question, poll: { multiple: true, // Allow multiple selections options: ["JavaScript", "TypeScript", "Python", "Rust"], endTime: Temporal.Now.instant().add({ hours: 24 }), },});// Handle votesbot.onVote = async (session, vote) => { console.log(</span><span>${</span><span>vote</span><span>.</span><span>actor</span><span>}</span><span> voted for "</span><span>${</span><span>vote</span><span>.</span><span>option</span><span>}</span><span>");};The web frontend has been enhanced with a new followers page, thanks to the contribution from Hyeonseo Kim (@gaebalgom)! The /followers route now displays a paginated list of your bot's followers, and the follower count on the main profile page is now clickable, providing better visibility into your bot's audience. This improvement makes the web interface more complete and user-friendly.
For developers looking for alternative storage backends, we've introduced the SqliteRepository through the new @fedify/botkit-sqlite package. This provides a production-ready SQLite-based storage solution with ACID compliance, write-ahead logging (WAL) for optimal performance, and proper indexing. Additionally, the new @fedify/botkit/repository module offers MemoryCachedRepository for adding an in-memory cache layer on top of any repository implementation, improving read performance for frequently accessed data.
This release also includes an important security update: we've upgraded to #Fedify 1.8.8, ensuring your bots stay secure and compatible with the latest ActivityPub standards. The repository pattern has been expanded with new interfaces and types like RepositoryGetMessagesOptions, RepositoryGetFollowersOptions, and proper support for polls storage through the KvStoreRepositoryPrefixes.polls option, providing more flexibility for custom implementations.
We're excited to announce the release of BotKit 0.3.0! This release marks a significant milestone as #BotKit now supports #Node.js alongside #Deno, making it accessible to a wider audience. The minimum required Node.js version is 22.0.0. This dual-runtime support means you can now choose your preferred #JavaScript runtime while building #ActivityPub #bots with the same powerful BotKit APIs.
One of the most requested features has landed: poll support! You can now create interactive polls in your #bot messages, allowing followers to vote on questions with single or multiple-choice options. Polls are represented as ActivityPub Question objects with proper expiration times, and your bot can react to votes through the new onVote event handler. This feature enhances engagement possibilities and brings BotKit to feature parity with major #fediverse platforms like Mastodon and Misskey.
// Create a poll with multiple choicesawait session.publish(textWhat's your favorite programming language?, { class: Question, poll: { multiple: true, // Allow multiple selections options: ["JavaScript", "TypeScript", "Python", "Rust"], endTime: Temporal.Now.instant().add({ hours: 24 }), },});// Handle votesbot.onVote = async (session, vote) => { console.log(</span><span>${</span><span>vote</span><span>.</span><span>actor</span><span>}</span><span> voted for "</span><span>${</span><span>vote</span><span>.</span><span>option</span><span>}</span><span>");};The web frontend has been enhanced with a new followers page, thanks to the contribution from Hyeonseo Kim (@gaebalgom)! The /followers route now displays a paginated list of your bot's followers, and the follower count on the main profile page is now clickable, providing better visibility into your bot's audience. This improvement makes the web interface more complete and user-friendly.
For developers looking for alternative storage backends, we've introduced the SqliteRepository through the new @fedify/botkit-sqlite package. This provides a production-ready SQLite-based storage solution with ACID compliance, write-ahead logging (WAL) for optimal performance, and proper indexing. Additionally, the new @fedify/botkit/repository module offers MemoryCachedRepository for adding an in-memory cache layer on top of any repository implementation, improving read performance for frequently accessed data.
This release also includes an important security update: we've upgraded to #Fedify 1.8.8, ensuring your bots stay secure and compatible with the latest ActivityPub standards. The repository pattern has been expanded with new interfaces and types like RepositoryGetMessagesOptions, RepositoryGetFollowersOptions, and proper support for polls storage through the KvStoreRepositoryPrefixes.polls option, providing more flexibility for custom implementations.
everyone calm down, the enormous #NPM supply chain attack of the incredibly popular (27,000 #github stars) #nx#AI build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.
my fact free, completely unsupported by evidence hunch is that we will find this came from #NorthKorea (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).
https://universeodon.com/@cryptadamist/115102035321832152
#crypto #cryptocurrency #ethereum #npm #nodejs #node #js#javascript#webdev#DPRK#LazarusGroup #cybersecurity #infosec #threatintel #claude #gemini
2/ i wrote a short-ish "note" over on The Blogging Site That Shall Not Be Named in an attempt to explain to the less technologically sophisticated people in the audience what just happened with the #nx / #npm supply chain attack.
* my simplified explanation: https://substack.com/profile/96801203-michel-de-cryptadamus/note/c-149738571
* for the trve heads with opinions on things like linux distros and the Rust programming language, Wiz wrote a much more thorough explanation: https://www.wiz.io/blog/s1ngularity-supply-chain-attack
#crypto #cryptocurrency #nodejs #node #threatintel #northkorea #lazarusgroup#DPRK #hackers #hacking #ethereum #claude #gemini
everyone calm down, the enormous #NPM supply chain attack of the incredibly popular (27,000 #github stars) #nx#AI build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.
my fact free, completely unsupported by evidence hunch is that we will find this came from #NorthKorea (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).
https://universeodon.com/@cryptadamist/115102035321832152
#crypto #cryptocurrency #ethereum #npm #nodejs #node #js#javascript#webdev#DPRK#LazarusGroup #cybersecurity #infosec #threatintel #claude #gemini
Box464
boosted
Introducing #Upyo!
A simple, cross-runtime email library that works seamlessly on #Deno, #Node.js, #Bun, and edge functions. Zero dependencies, unified API, and excellent testability with built-in mock transport.
Switch between #SMTP, #Mailgun, #SendGrid without changing your code. Available on #JSR & #npm!
Introducing #Upyo!
A simple, cross-runtime email library that works seamlessly on #Deno, #Node.js, #Bun, and edge functions. Zero dependencies, unified API, and excellent testability with built-in mock transport.
Switch between #SMTP, #Mailgun, #SendGrid without changing your code. Available on #JSR & #npm!
Box464
and 1 other
boosted
We're pleased to announce that #Node.js support has been merged and will be available in #BotKit 0.3.0.
Now you can build your #ActivityPub bots with both #Deno and Node.js, giving you more flexibility in choosing your preferred runtime environment.
Stay tuned for BotKit 0.3.0!
We're pleased to announce that #Node.js support has been merged and will be available in #BotKit 0.3.0.
Now you can build your #ActivityPub bots with both #Deno and Node.js, giving you more flexibility in choosing your preferred runtime environment.
Stay tuned for BotKit 0.3.0!
npm error code EBADPLATFORM
npm error notsup Unsupported platform for @shopify/create-app@3.80.7: wanted {"os":"darwin,linux,win32"} (current: {"os":"freebsd"})
npm error notsup Valid os: darwin,linux,win32
npm error notsup Actual os: freebsd
We fought for years supporting Linux because we wanted to be "free to choose our OS", and now we've reached the point where you're forced to choose it.
Many people simply don't understand the concept of freedom.
Anyway, happy Wednesday!