v to a string:
NaN, implicit radixes, and numbers vs Numbers, there are a lot of ways to shoot yourself in the foot. In this article, I'll cover the tradeoffs of
isNaN(). I'll also describe how to enforce these rules with eslint.
Mongoose 5.4 was released on December 14, with 13 new features. The overarching theme for 5.4 is making Mongoose SchemaTypes more configurable, but that isn't the whole story. Mongoose 5.4 has several new features that will help you make your apps more robust and concise. In this article, I'll cover the new
Model.events property and the new
count option for virtual populate.
The V8 team announced that they were making some major performance improvements to async/await, including adding a
--async-stack-traces option that will make debugging async functions easier. You can try out these new options with a nightly Node.js build. For example, here's the command I ran to download the January 8, 2019 nightly build of Node.js 12:
In August, the Semmle Security Research Team found a security vulnerability affecting all versions of Mongoose before 5.2.12 and 4.13.17. We released a fix on August 30 and encouraged everyone to upgrade via Twitter, our Slack channel, and our Gitter chat. HackerOne recently released a formal disclosure of this issue on November 30. This blog post constitutes Mongoose's full disclosure after a period of responsible disclosure. In this article, I'll describe the vulnerability and how Mongoose patched it.