How to debug memory leaks in a Node.js application on Heroku
Vladimir
Debugging memory leaks is rarely a piece of cake, especially when they only happen in production. The best way I’ve found to debug memory leaks in a Node.js application on…
Single-page applications need better auditing
tl;dr Most web pentesting tools currently focus on backend exploitation (such as SQL injections, Reflected or Stored XSS, …). However, in recent years, frontend parts of applications have gained in…
WebAssembly vs. the world. Should you use WebAssembly?
WebAssembly is known for its speed capabilities and this article will put it to the test to better understand what are the best applications to start using WebAssembly today. We…
ESLint backdoor: revoke all the tokens
Tl;dr [EDIT 2018-07-16] The official ESLint post-mortem has been released. NPM already revoked all tokens at once so you probably don’t need to do this yourself. A backdoor was introduced…
Monitoring the performance of a Node.js web application
Tl;dr Building a tool to monitor how an application performs is not very difficult anymore. Two recent additions to Node.js, the Async Hooks API and the Performance Hooks API, allow…
Picking the best JS engine for your Node app’s performance
tl;dr Node.js is evolving right now. The recent Node.js v8 version (not to be mistaken with V8, the JavaScript engine) has just been published. In the meanwhile, the ChakraCore based…
Optimize your Node app by simply upgrading Node.js
tl;dr In January, I published an article on RisingStack’s blog. This article was an introduction to Node.js performance (and in V8 JavaScript Engine in general). Now it is time for…
Behind the Scenes: Building a Dynamic Instrumentation Agent for Node.js
TL;DR Building a dynamic instrumentation agent for Node.js is a complex challenge. At Sqreen, we provide a powerful security tool for development teams using Node.js. You will be able to…
How to prevent NoSQL injections in MongoDB in a Node.js app
The MongoDB Apocalypse cruelly reminded to MongoDB users that security should be a major concerns. But configuration is not the only weak spot in MongoDB’s armor. Here is the second…
MongoDB will not prevent NoSQL injections in your Node.js app
Edit: The follow-up on how to prevent NoSQL injections in MongoDB in a Node.js app can be found here. Tl;dr – Mongo $and Node.js $ne safe Using a NoSQL database…