JS.weekly() => #58: Cloud Native is Serverless-First
Frankenstein Migration, securing npm lockfiles and CSS Camera.
Frankenstein Migration: Framework-Agnostic Approach
In this article, the author is putting all the theory to the test by performing step-by-step migration of an application, following the recommendations from the previous part. To make things straightforward, reduce uncertainties, unknowns, and unnecessary guessing, for the practical example of migration, he decided to demonstrate the practice on a simple to-do application.
Cloud Native is Serverless-First
“Cloud Native is lean and one of the lean principles is to defer commitment as long as possible. I certainly won’t tell you that you can’t build your cloud-native system with containers. But in most cases you probably don’t need to. First, you may not even know for certain if your value proposition is even worth building. Second, you probably don’t know which services will actually benefit from containers and which will not. So let’s experiment with real users before we commit to a decision.”
Why npm lockfiles can be a security blindspot for injecting malicious modules
“A lockfile injection could attack in a similar fashion, and so you should have proper practices in place to mitigate this issue, or at least reduce the risk. Consider the following:
- Carefully review changes to lockfiles (lockfile-lint can help with that).
- Allow lockfile changes from core maintainers and not sporadic contributors.
- Avoid the use of lockfiles entirely for libraries.”
We are adding new libraries to JavaScripting.com every week. Here is one worth checking out:
Css Camera
New way to see a web page with CSS3 3D transform
JS.weekly() is a weekly digest of the best JavaScript articles, hand-picked by our experts in the JavaScripting community, sponsored by Salsita Software. Don’t forget to follow us on Twitter.
