Mongoose Prototype Pollution Vulnerability Disclosure

Most Recent

10 Lessons from My 20's

November 29, 2018

This post is very different from my usual JavaScript beat. I recently turned 30, so I wanted to write some reflections for myself. I wasn't going to publish this post at first, I'm usually not the kind of person who shares this much in a public forum. But then I thought it would be fun to put this out there and see what people who stumble across it think. Maybe someone out there will find this sort of straight-from-the-heart advice helpful. I benefitted from similar advice, perhaps you will to. Without further ado:

Accepting Credit Cards with Stripe Elements and Preact

November 14, 2018

Stripe's v3 API introduced a controversial change: you can no longer use Stripe with custom payment forms, you must use the new Stripe Elements interface. This change is brutal from a developer experience perspective, because you need to figure out how to rewrite your app to use the new API, and the existing docs are written for vanilla JavaScript. There is a React library, but it is heavy and there's no information as to whether it actually works with Preact. In this article, I'll present a basic proof of concept of using the vanilla Stripe Elements library and Preact.

Static Properties in JavaScript Classes with Inheritance

November 07, 2018

Since ES6, JavaScript enjoys support for classes and static functions akin to static functions in other object-oriented languages. Unfortunately, JavaScript lacks support for static properties, and recommended solutions on Google fail to take into account inheritance. I ran into this problem when implementing a new Mongoose feature that requires a more robust notion of static properties. Specifically, I need static properties that support inheritance via setting prototype or via extends. In this article, I'll describe a pattern for implementing static properties in ES6.

Building a Form with Preact

November 02, 2018

Preact is a simplified alternative to React that focuses on bundle size. A minified bundle with Preact and a minimal Webpack config ends up being around 10KB. A minimal unbundled React bundle ends up being around 100KB because of react-dom. Because Preact bundles are comparatively tiny, Preact is a great choice for making sure your app feels snappy.

Creating and Reading QR Codes with Node.js

October 25, 2018

A QR Code is a 2-dimensional bar code. They're generally used to encode a URL so someone can just scan the code and visit a site. QR codes can encode all sorts of data beyond just URLs, I used a QR code to pay for my lunch today. In this article, I'll walk you generating and reading QR codes in Node.js using 2 separate libraries.

What's New in Mongoose 5.3: Async Iterators

October 11, 2018

Mongoose 5.3.0 was shipped on September 28. This minor release includes 17 new features and improvements, including support for JavaScript's new async iterator feature. Async iterators were introduced in ECMAScript 2018 and are natively supported in Node.js 10.x.