Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

The first major update in nearly 10 years, jQuery 4.0.0 follows a long development cycle and several pre-releases.

An update to a tiny JavaScript library has thrown a large part of the JavaScript ecosystem into chaos on Saturday, with millions of projects believed to have been impacted. Making the entire situation ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Standard, a JavaScript style guide, linter, and automatic code fixer, has implemented what appears to be the first advertising system for JavaScript libraries. The ads are powered by a new project ...

JavaScript's standard library could eventually grow to reduce reliance on third-party packages -- but it'll happen slowly, says Eich A recent incident where software was removed from the NPM package ...

Potentially helping developers more quickly build cross-platform applications, Microsoft is releasing as open source its WinJS JavaScript library for building Windows-styled controls. Now that the ...

A quick note before we start: I have covered top 20 libraries below. It might get little confusing when you try to pick one for your project as there are many factors to consider. So here is something ...

Dataviz site Plotly has released a version of their JavaScript library for free use, as long as “all links and references to Plotly remain visible and unmodified.” Plotly.js JavaScript Graphing ...

A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, ...