What's New in Mongoose 5.4: Model Events and Populate Count

Most Recent

Async Stack Traces in Node.js 12

January 08, 2019

The V8 team announced that they were making some major performance improvements to async/await, including adding a --async-stack-traces option that will make debugging async functions easier. You can try out these new options with a nightly Node.js build. For example, here's the command I ran to download the January 8, 2019 nightly build of Node.js 12:

What's New in Mongoose 5.4: Global SchemaType Configuration

January 03, 2019

Mongoose 5.4 was released on December 14, with 13 new features. The overarching theme for the most important new features is making Mongoose SchemaTypes configurable at the level of individual types. Before digging in to the new features, let's first review what a SchemaType is.

Mongoose Prototype Pollution Vulnerability Disclosure

December 03, 2018

In August, the Semmle Security Research Team found a security vulnerability affecting all versions of Mongoose before 5.2.12 and 4.13.17. We released a fix on August 30 and encouraged everyone to upgrade via Twitter, our Slack channel, and our Gitter chat. HackerOne recently released a formal disclosure of this issue on November 30. This blog post constitutes Mongoose's full disclosure after a period of responsible disclosure. In this article, I'll describe the vulnerability and how Mongoose patched it.

10 Lessons from My 20's

November 29, 2018

This post is very different from my usual JavaScript beat. I recently turned 30, so I wanted to write some reflections for myself. I wasn't going to publish this post at first, I'm usually not the kind of person who shares this much in a public forum. But then I thought it would be fun to put this out there and see what people who stumble across it think. Maybe someone out there will find this sort of straight-from-the-heart advice helpful. I benefitted from similar advice, perhaps you will to. Without further ado:

Accepting Credit Cards with Stripe Elements and Preact

November 14, 2018

Stripe's v3 API introduced a controversial change: you can no longer use Stripe with custom payment forms, you must use the new Stripe Elements interface. This change is brutal from a developer experience perspective, because you need to figure out how to rewrite your app to use the new API, and the existing docs are written for vanilla JavaScript. There is a React library, but it is heavy and there's no information as to whether it actually works with Preact. In this article, I'll present a basic proof of concept of using the vanilla Stripe Elements library and Preact.

Static Properties in JavaScript Classes with Inheritance

November 07, 2018

Since ES6, JavaScript enjoys support for classes and static functions akin to static functions in other object-oriented languages. Unfortunately, JavaScript lacks support for static properties, and recommended solutions on Google fail to take into account inheritance. I ran into this problem when implementing a new Mongoose feature that requires a more robust notion of static properties. Specifically, I need static properties that support inheritance via setting prototype or via extends. In this article, I'll describe a pattern for implementing static properties in ES6.