Mastodon en masto.es

SirWumpus 👾🍁Message in a bottle time again <a href="https://tilde.zone/tags/GetFediHired" class="mention hashtag" rel="nofollow noopener" target="_blank">#GetFediHired</a> (not a peep from anyone yet).Growing desperate in search for (remote) software developer work in the <a href="https://tilde.zone/tags/Ottawa" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ottawa</a> <a href="https://tilde.zone/tags/Montreal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Montreal</a> areas. <a href="https://tilde.zone/tags/C" class="mention hashtag" rel="nofollow noopener" target="_blank">#C</a> C# <a href="https://tilde.zone/tags/Erlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#Erlang</a> <a href="https://tilde.zone/tags/Java" class="mention hashtag" rel="nofollow noopener" target="_blank">#Java</a> <a href="https://tilde.zone/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://tilde.zone/tags/Shell" class="mention hashtag" rel="nofollow noopener" target="_blank">#Shell</a> <a href="https://tilde.zone/tags/SQL" class="mention hashtag" rel="nofollow noopener" target="_blank">#SQL</a> <a href="https://tilde.zone/tags/BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#BSD</a> <a href="https://tilde.zone/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://tilde.zone/tags/English" class="mention hashtag" rel="nofollow noopener" target="_blank">#English</a> <a href="https://tilde.zone/tags/French" class="mention hashtag" rel="nofollow noopener" target="_blank">#French</a> and more. Very versatile, adaptable, experienced.<a href="http://www.snert.com/resume/" rel="nofollow noopener" translate="no" target="_blank">http://www.snert.com/resume/</a>Hey! If its remote, its possible to work world wide too!

Inautilo<a href="https://mastodon.social/tags/Development" class="mention hashtag" rel="nofollow noopener" target="_blank">#Development</a> <a href="https://mastodon.social/tags/Overviews" class="mention hashtag" rel="nofollow noopener" target="_blank">#Overviews</a> JavaScript’s runtime decade · Running JavaScript beyond the browser and Node.js <a href="https://ilo.im/165oqw" rel="nofollow noopener" translate="no" target="_blank">https://ilo.im/165oqw</a>_____ <a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://mastodon.social/tags/Devices" class="mention hashtag" rel="nofollow noopener" target="_blank">#Devices</a> <a href="https://mastodon.social/tags/Cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cloud</a> <a href="https://mastodon.social/tags/Browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#Browser</a> <a href="https://mastodon.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.social/tags/Deno" class="mention hashtag" rel="nofollow noopener" target="_blank">#Deno</a> <a href="https://mastodon.social/tags/Bun" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bun</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a> <a href="https://mastodon.social/tags/Frontend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Frontend</a> <a href="https://mastodon.social/tags/Backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Backend</a>

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸I suppose an alternative would be to keep using <a href="https://mastodon.social/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ubuntu</a> but use a <a href="https://mastodon.social/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#Docker</a> container that matches <a href="https://mastodon.social/tags/Lambda" class="mention hashtag" rel="nofollow noopener" target="_blank">#Lambda</a>, but I generally try to avoid <a href="https://mastodon.social/tags/containers" class="mention hashtag" rel="nofollow noopener" target="_blank">#containers</a> unless the project requires them just for ergonomics sake (again, I'm rarely using anything that's not a <a href="https://mastodon.social/tags/NodeJs" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJs</a> dependency)

🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸I mean, I'm never really compiling binaries, unless they are <a href="https://mastodon.social/tags/NodeJs" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJs</a> dependencies (some might be) so it's never *really* mattered, but the obsessive compulsive part of me just wants my dev environment to be as much like production as possible.. <a href="https://mastodon.social/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#cloud</a> <a href="https://mastodon.social/tags/serverless" class="mention hashtag" rel="nofollow noopener" target="_blank">#serverless</a> <a href="https://mastodon.social/tags/lambda" class="mention hashtag" rel="nofollow noopener" target="_blank">#lambda</a> <a href="https://mastodon.social/tags/softwareDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#softwareDevelopment</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://mastodon.social/tags/javaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javaScript</a>

ReynardSecA grumpy ItSec guy walks through the office when he overhears an exchange of words.Dev0: Hey, this isn't working, I hate containers... Dev1: Maybe just add the --privileged flag!ItSec: Just… no. Simply no. No privileged mode - the grumpy fellow interjects as he walks away.Dev0: Jesus, fine - no privileged mode. Dev1: Okay, but… why?Here's why (one, simple example): Docker's --privileged flag lifts almost all restrictions from your container - exactly the opposite of --cap-drop=ALL. Let's demo the difference. 1) Start two containers. docker run -itd --privileged --name ubuntu-privileged ubuntu docker run -itd --name ubuntu-unprivileged ubuntu2) Inspect /dev in the unprivileged container.docker exec -it ubuntu-unprivileged bash ls /dev exitYou'll only see a limited set of devices. No disk access. 3) Now inspect /dev in the privileged container.docker exec -it ubuntu-privileged bash ls /dev/dev/sda exposed! Sometimes you may see /dev/mapper when LVM is in place. Then "apt update && apt install -y lvm2" and "lvscan" may help during next phase. 4) Exploitation part (inside the privileged container) - simply mount /dev/sda to any writable path in container.mkdir /tmp/whatever mount /dev/sda1 /tmp/whatever5) You can now enumerate - and access - the Docker host's logical volume.ls -la /tmp/whatever6) If you wish, you can even chroot into the host:chroot /tmp/whatever /bin/bashThe moral of the story is to avoid privileged mode, because in the event of an incident (e.g. an attacker compromising an app running inside a container), you significantly increase the likelihood of successful lateral movement from the container to the Docker host - and from there into the rest of your infrastructure.Usually the grumpy guy means well. He just doesn't know how to explain it properly.<a href="https://infosec.exchange/tags/devops" class="mention hashtag" rel="nofollow noopener" target="_blank">#devops</a> <a href="https://infosec.exchange/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://infosec.exchange/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdev</a> <a href="https://infosec.exchange/tags/java" class="mention hashtag" rel="nofollow noopener" target="_blank">#java</a> <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/php" class="mention hashtag" rel="nofollow noopener" target="_blank">#php</a> <a href="https://infosec.exchange/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a>

Greg Slepak<a class="hashtag" href="https://crib.social/tag/javascript" rel="nofollow noopener" target="_blank">#JavaScript</a> developers: do not use `npx`, ever. Use <a class="u-url mention" href="https://fosstodon.org/@deno_land" rel="nofollow noopener" target="_blank">@deno_land</a>'s `deno run` instead with appropriate sandboxing flags. Example: <a href="https://github.com/okTurtles/chel/pull/58/files" rel="nofollow noopener" target="_blank">https://github.com/okTurtles/chel/pull/58/files</a> <a class="hashtag" href="https://crib.social/tag/nodejs" rel="nofollow noopener" target="_blank">#nodejs</a> <a class="hashtag" href="https://crib.social/tag/npx" rel="nofollow noopener" target="_blank">#npx</a> <a class="hashtag" href="https://crib.social/tag/infosec" rel="nofollow noopener" target="_blank">#infosec</a> <a class="hashtag" href="https://crib.social/tag/security" rel="nofollow noopener" target="_blank">#security</a>

Socket🚨 A critical vulnerability in the widely used npm form-data package could allow HTTP Parameter Pollution, potentially impacting millions of projects. The package sees 100M+ downloads weekly.Details → <a href="https://socket.dev/blog/critical-vulnerability-in-popular-npm-form-data-package" rel="nofollow noopener" translate="no" target="_blank">https://socket.dev/blog/critical-vulnerability-in-popular-npm-form-data-package</a> <a href="https://fosstodon.org/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://fosstodon.org/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a>

SocketBun 1.2.19 introduces isolated installs for monorepos, smarter package management, and 5x faster Bun.sql. 🎉 Congrats to <a href="https://hachyderm.io/@jarredsumner" class="u-url mention" rel="nofollow noopener" target="_blank">@jarredsumner</a> and all the <a href="https://bird.makeup/users/bunjavascript" class="u-url mention" rel="nofollow noopener" target="_blank">@bunjavascript</a> contributors: <a href="https://socket.dev/blog/bun-1-2-19-adds-isolated-installs-for-better-monorepo-support" rel="nofollow noopener" translate="no" target="_blank">https://socket.dev/blog/bun-1-2-19-adds-isolated-installs-for-better-monorepo-support</a> <a href="https://fosstodon.org/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a>

#:idle: Don T3rr0r :antifa:Pues ayer después de algunas recomendaciones que me hicistéis por aquí. Me monté un nodo de Navidrome en mi Proxmox y lo estuve probando. Va bastante bien, la última vez que probé algo con Subsonic no fue muy bien.Total, que ayer monté una APP en <a href="https://xarxa.cloud/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> para descargar discos directamente de Youtube Music (que para algo que sirve, que sea para descargar) y de momento con poner enlaces de discos se descarga la musica!

Socket🚨 npm phishing alert! Attackers are sending emails from spoofed support@npmjs.org addresses linking to a typosquatted clone site (npnjs.com) to steal credentials. This attack is designed to hijack npm accounts. <a href="https://socket.dev/blog/npm-phishing-email-targets-developers-with-typosquatted-domain" rel="nofollow noopener" translate="no" target="_blank">https://socket.dev/blog/npm-phishing-email-targets-developers-with-typosquatted-domain</a> <a href="https://fosstodon.org/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://fosstodon.org/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a>

Nube ColectivaHow to Use Node JS and Axios. Cómo Usar Node JS y Axios. 👉 <a href="https://nubecolectiva.com/blog/como-usar-node-js-y-axios/" rel="nofollow noopener" translate="no" target="_blank">https://nubecolectiva.com/blog/como-usar-node-js-y-axios/</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://mastodon.social/tags/coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#coding</a> <a href="https://mastodon.social/tags/programaci%C3%B3n" class="mention hashtag" rel="nofollow noopener" target="_blank">#programación</a> <a href="https://mastodon.social/tags/webdevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdevelopment</a> <a href="https://mastodon.social/tags/devs" class="mention hashtag" rel="nofollow noopener" target="_blank">#devs</a> <a href="https://mastodon.social/tags/softwaredevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#softwaredevelopment</a> <a href="https://mastodon.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://mastodon.social/tags/axios" class="mention hashtag" rel="nofollow noopener" target="_blank">#axios</a>

洪民憙 (Hong Minhee)Upyo 0.2.0 Release Notes <a href="https://hackers.pub/@hongminhee/2025/upyo-020" rel="nofollow noopener" translate="no" target="_blank">https://hackers.pub/@hongminhee/2025/upyo-020</a>

Mathias PanzenböckSoftware developers really need to have more empathy with their fellow developers and not completely and utterly break all APIs on a structural level all the time so that you have to rewrite everything for at least a week when you upgrade dependencies because `npm audit` found some critical issues. <a href="https://chaos.social/tags/Shopify" class="mention hashtag" rel="nofollow noopener" target="_blank">#Shopify</a> <a href="https://chaos.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a>

Mauve 👁💜<a href="https://mastodon.mauve.moe/tags/til" class="mention hashtag" rel="nofollow noopener" target="_blank">#til</a> I don't need to import the delay module or write little helpers every time I want to wait a bit in a <a href="https://mastodon.mauve.moe/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> test.``` import {setTimeout} from 'node:timers/promises'; await setTimeout(1000); ```So much cleaner!

Ducky FellaIs your company looking for a keen self-hoster with plenty of <a href="https://cupoftea.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> experience? I grew up with <a href="https://cupoftea.social/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#RaspberryPi</a> and have picked up many skills along the way including <a href="https://cupoftea.social/tags/React" class="mention hashtag" rel="nofollow noopener" target="_blank">#React</a>, backend JavaScript (<a href="https://cupoftea.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a>) and <a href="https://cupoftea.social/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#Docker</a>. My current obsession is monitoring all the things with <a href="https://cupoftea.social/tags/Grafana" class="mention hashtag" rel="nofollow noopener" target="_blank">#Grafana</a>, <a href="https://cupoftea.social/tags/PRTG" class="mention hashtag" rel="nofollow noopener" target="_blank">#PRTG</a> and <a href="https://cupoftea.social/tags/Prometheus" class="mention hashtag" rel="nofollow noopener" target="_blank">#Prometheus</a>. I’m based in the UK but open to primarily English-speaking roles in Germany, too. Currently wrapping up my Advanced Software Development degree but eager to continue learning! Boosts appreciated :D<a href="https://cupoftea.social/tags/GetFediHired" class="mention hashtag" rel="nofollow noopener" target="_blank">#GetFediHired</a>

TuxAcademyToday's Poll.... 👇Which framework do you prefer for web development?<a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevelopment</a> <a href="https://mastodon.social/tags/Django" class="mention hashtag" rel="nofollow noopener" target="_blank">#Django</a> <a href="https://mastodon.social/tags/Flask" class="mention hashtag" rel="nofollow noopener" target="_blank">#Flask</a> <a href="https://mastodon.social/tags/React" class="mention hashtag" rel="nofollow noopener" target="_blank">#React</a> <a href="https://mastodon.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.social/tags/WebDevPoll" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevPoll</a> <a href="https://mastodon.social/tags/TuxAcademy" class="mention hashtag" rel="nofollow noopener" target="_blank">#TuxAcademy</a>

Felipe 🐁Don't forget to update Node tomorrow! :blobfoxcomputer: 🛡️ <a href="https://nodejs.org/en/blog/vulnerability/july-2025-security-releases" rel="nofollow noopener" translate="no" target="_blank">https://nodejs.org/en/blog/vulnerability/july-2025-security-releases</a><a href="https://hachyderm.io/tags/software" class="mention hashtag" rel="nofollow noopener" target="_blank">#software</a> <a href="https://hachyderm.io/tags/dev" class="mention hashtag" rel="nofollow noopener" target="_blank">#dev</a> <a href="https://hachyderm.io/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://hachyderm.io/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://hachyderm.io/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://hachyderm.io/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

AskUbuntuNVM just hangs and and does nothing when installing node . Not even showing any errors <a href="https://ubuntu.social/tags/commandline" class="mention hashtag" rel="nofollow noopener" target="_blank">#commandline</a> <a href="https://ubuntu.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a><a href="https://askubuntu.com/q/1552709/612" rel="nofollow noopener" translate="no" target="_blank">https://askubuntu.com/q/1552709/612</a>

plague-of-grackles 😷🍉🐈‍⬛Partypeople we have to kill <a href="https://toot.cat/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> before it kills us

🏳️‍🌈🎃🇧🇷Luana🇧🇷🎃🏳️‍🌈Any good resources out there on building secure (but easy for someone who’s messing with javascript/typescript for the 1st time) login systems with nodejs and postgresql?I think I’ve seen someone on fedi mention that bcrypt wasn’t really safe a while ago?<a href="https://wetdry.world/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a>

Búsquedas recientes

Opciones de búsqueda

Administrado por:

Estadísticas del servidor:

#NodeJS