Best of NPM — July 2024

1. 1
   Article

   Community Picks·2y

   jagenjo/litegraph.js: A graph node engine and editor written in Javascript similar to PD or UDK Blueprints, comes with its own editor in HTML5 Canvas2D. The engine can run client side or server side u

   LiteGraph.js is a Javascript library for creating graph nodes similar to Unreal Blueprints that can run in the browser or on the server. It includes an editor with features like zooming, panning, customizable themes, and live mode. Nodes for various interfaces, math operations, audio, and 3D graphics are pre-built. The library supports TypeScript and integrates easily into any JS application. Instructions for installation via npm or direct download are provided.

   201

   6
2. 2
   Article

   Community Picks·2y

   Mastering npm: A Comprehensive Guide to Package Management

   npm (Node Package Manager) is a vital tool in the JavaScript ecosystem for managing dependencies, running scripts, and ensuring version control. Despite npm not being the sole package manager (with alternatives like Yarn, pnpm, and Bun), it is widely used and offers a vast ecosystem. Key files like `package.json` and lock files ensure dependency consistency. Tools such as `npm-check-updates` and `npm-check` help maintain and update dependencies smoothly. Choosing the right package manager and using these tools judiciously can help developers navigate the complexities of package management.

   191

   7
3. 3
   Article

   Community Picks·2y

   szimek/signature_pad: HTML5 canvas based smooth signature drawing

   Signature Pad is a JavaScript library for drawing smooth signatures using HTML5 canvas and Bézier curve interpolation. It supports all modern browsers and offers features like erase and undo, along with various customization options for elements such as pen color, min/max width, and background color. Installation can be done via npm, Yarn, or directly with a script tag. The library also handles high DPI screens and provides various methods for converting and manipulating the signature data in different formats.

   72

   2
4. 4
   Article

   Docker·2y

   How to Create Dockerfiles with GenAI

   The post explores the use of generative AI (GenAI) for generating Dockerfiles, highlighting how AI tools like ChatGPT can analyze projects and create Dockerfiles with improved best practices. By providing specific functions and prompts, the AI can automate Dockerfile creation, employing advanced techniques like multi-stage builds and cache mounts, aimed at enhancing efficiency and adaptability. The content emphasizes practical examples and ongoing evaluation of AI's role in developer workflows.

   72
5. 5
   Article

   Community Picks·2y

   metafloor/bwip-js: Barcode Writer in Pure JavaScript

   bwip-js is a JavaScript library that translates code from Barcode Writer in Pure PostScript to generate barcodes in modern browsers or JavaScript-based server frameworks. It supports over 100 barcode types and can render images as PNG, SVG, or to a canvas. The library version 4.5.0 introduces four platform-specific packages to address build chain issues. Users can install bwip-js via npm and use various rendering interfaces across platforms. It includes extensive options for customization and supports both synchronous and asynchronous operations with Promises.

   54
6. 6
   Article

   Auth0·2y

   Secure Node.js Applications from Supply Chain Attacks

   The post offers comprehensive strategies to secure Node.js applications against supply chain attacks. It emphasizes the significance of blocking installation scripts, dynamic scripts, and child processes while ensuring dependencies are constantly updated and audited. The article advocates for using lockfiles, enforcing unprivileged modes, and running applications in read-only filesystems. Additionally, network traffic filtering, distroless Docker images, and protecting developer environments are recommended practices to enhance security.

   35