Node Weekly Issue 619 covers several notable topics: social engineering attacks targeting high-impact Node.js maintainers and npm package owners, a technique for halting async functions by awaiting a never-resolving promise (used in production by Inngest), and the pause of Node.js's security bug bounty program due to loss of funding from the Internet Bug Bounty program. The issue also rounds up a batch of releases including ky 2.0, ESLint 10.2, Ink 7.0, Axios 1.8.0, Undici 8.0, pnpm v11.0 Beta 8, and several others.
Sort: