Why Patching Globals Is Harmful
Level up your testing skills by learning directly from me! Read more Honestly, I'd never thought I'd be writing about this, but the matter of patching globals turned out to be one of those topics that a lot of engineers seem to misunderstand. Most of us don't do monkey-patching, and even fewer stay around those implementations long enough to witness their impact. All the more reason to talk about
JavaScriptの識別子に中黒が使えるようになった: Days on the Moon
JavaScriptの識別子(変数名、関数名、プロパティ名など)の2文字目以降に中黒「・」(U+30FB KATAKANA MIDDLE DOT)が使えるようになりました。以下のコードはChrome 124では構文エラーになりますが、Chrome 125では問題なく実行できます。 const シン・ゴジラ = 2016; JavaScriptの識別子 中黒が使えるようになったのは、JavaScript(ECMAScript)の仕様が変わったからではありません。変わったのはUnicodeの仕様のほうです。Unicode 15.1.0(2023年9月)においてOther_ID_Continueプロパティ(を持つ文字の集まり)に中黒が追加されました。 そもそもJavaScriptの識別子に使える文字は、Unicodeを参照して定義されています。ECMAScript 2023(2023年6月)では
ECMAScript 2024 features: resizing and transferring ArrayBuffers
ECMAScript 2024 features: resizing and transferring ArrayBuffers In this blog post, we examine ArrayBuffer features that were introduced in ECMAScript 2024: “In-place resizable ArrayBuffers”, proposed by Shu-yu Guo “ArrayBuffer.prototype.transfer and friends” proposed by Shu-yu Guo, Jordan Harband and Yagiz Nizipli What are ArrayBuffers? # The following classes provide an API for handling binary
Comprehensive guide to JavaScript performance analysis using Chrome DevTools
Comprehensive guide to JavaScript performance analysis using Chrome DevTools Let's see how to navigate the Chrome Devtools Performance tab to effectively analyse and improve the performance of your JavaScript while avoiding common errors. Our use case will be improving the rendering FPS of a real-world canvas library. A few weeks ago a colleague of mine and I were looking at the canvas engine comp
CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js — Codean Labs
This post details CVE-2024-4367, a vulnerability in PDF.js found by Codean Labs. PDF.js is a JavaScript-based PDF viewer maintained by Mozilla. This bug allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened. This affects all Firefox users (<126) because PDF.js is used by Firefox to show PDF files, but also seriously impacts many web- and Electron-based a
ECMAScript 2023 feature: symbols as WeakMap keys
In this blog post, we take a look at the ECMAScript 2023 feature “Symbols as WeakMap keys” – which was proposed by Robin Ricard, Rick Button, Daniel Ehrenberg, Leo Balter, Caridy Patiño, Rick Waldron, and Ashley Claymore. What are WeakMaps good for? # The key ability of a WeakMap is to associate data with a value: The value is the key of a WeakMap entry. The data is the value of that entry. Consi
ECMAScript 2024 feature: `Promise.withResolvers()`
In this blog post we take a look at the ECMAScript 2024 feature “Promise.withResolvers” (proposed by Peter Klecha). It provides a new way of directly creating Promises, as an alternative to new Promise(...). new Promise(...) – the revealing constructor pattern # Before Promise.withResolvers(), there was only one way to create Promises directly – via the following pattern: const promise = new Prom
HTML attributes vs DOM properties
Attributes and properties are fundamentally different things. You can have an attribute and property of the same name set to different values. For example: <div foo="bar">…</div> <script> const div = document.querySelector('div[foo=bar]'); console.log(div.getAttribute('foo')); // 'bar' console.log(div.foo); // undefined div.foo = 'hello world'; console.log(div.getAttribute('foo')); // 'bar' consol
How we built JSR | Deno
We recently launched the JavaScript Registry - JSR. It’s a new registry for JavaScript and TypeScript designed to offer a significantly better experience than npm for both package authors and users: It natively supports publishing TypeScript source code, which is used to auto-generate documentation for your package It’s secure-by-default, supporting token-less publishing from GitHub Actions and pa
Object Structure in JavaScript Engines
Object Structure in JavaScript EnginesFrom a developer's perspective, objects in JavaScript are quite flexible and understandable. We can add, remove, and modify object properties on our own. However, few people think about how objects are stored in memory and processed by JS engines. Can a developer's actions, directly or indirectly, impact performance and memory consumption? Let's try to delve i
JavaScript engine fundamentals: Shapes and Inline Caches · Mathias Bynens
This article describes some key fundamentals that are common to all JavaScript engines — and not just V8, the engine the authors (Benedikt and Mathias) work on. As a JavaScript developer, having a deeper understanding of how JavaScript engines work helps you reason about the performance characteristics of your code. Note: If you prefer watching a presentation over reading articles, then enjoy the
The V8 Sandbox · V8
After almost three years since the initial design document and hundreds of CLs in the meantime, the V8 Sandbox — a lightweight, in-process sandbox for V8 — has now progressed to the point where it is no longer considered an experimental security feature. Starting today, the V8 Sandbox is included in Chrome's Vulnerability Reward Program (VRP). While there are still a number of issues to resolve be
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
How we tamed Node.js event loop lag: a deepdive | Trigger.dev
GitHub - grucloud/bau: Reactive library and components for building web user interface
Digging for SSRF in NextJS apps
Home | Pintora
MoonBit adds JS backend, up to 25x faster than native JS | MoonBit
GitHub - LavaMoat/LavaDome: Secure DOM trees isolation and encapsulation leveraging ShadowDOM
GitHub - tinylibs/tinyspy: 🕵🏻♂️ minimal fork of nanospy, with more features
HTML Standard