当地时间12月2日，AI巨头Anthropic宣布收购备受瞩目的JavaScript全栈工具平台Bun。这笔被业内广泛解读为“天价”的交易，远非一次简单的人才或技术并购。它清晰地传递出一个信号：在AI时代，谁能掌控高效、稳定的代码生成、分发与运行基础架构，谁就可能在下一代开发者生态中占据制高点。这不仅是Claude与其竞品间的较量，更可能撼动以Node.js为核心的庞大JavaScript世界。

Even with competition from newer runtimes Deno and Bun, Node.js remains the flagship JavaScript platform on the server. Server-side Node frameworks like Express, build-chain tools like Webpack, and a ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

WebStorm, Visual Studio 2017, Visual Studio Code, NetBeans, Komodo, and Eclipse pull out the stops for JavaScript, Node.js, and friends. JavaScript is used for many different kinds of applications ...

近期，聚铭安全攻防实验室监测发现了一项与React Server Components相关的远程代码执行漏洞， 该漏洞已被披露，编号为 CVE-2025-55182，CVSS 评分为 10.0 。 该漏洞主要波及react-server-dom-webpack的Server Actions功能。由于在处理客户端提交的表单数据时，系统未能实施充分的安全性校验，导致攻击者能够通过精心设计的恶意表单请求 ...

Thousands of applications were broken on Tuesday after a programmer unpublished a critical module in npm, a package manager for widely-used JavaScript projects. Countless projects were left in limbo ...

Node.js has been the delight of San Francisco hackers for the past couple years now, but startups and indie developers aren’t the only ones using JavaScript on the server side. At Node Summit today, ...

Support rolled out for up to 10 node.js web apps on Cloud Startup plans in early December and then up to 5 node.js web apps on the Business hosting plan. To host an app you can manually upload files ...

EtherRAT与C2服务器建立联系后，会进入每500毫秒执行一次的轮询循环，将任何超过10个字符的响应解释为要在受感染机器上运行的JavaScript代码。该恶意软件通过五种不同方法实现持久化： ...

A major attack on the supply chain for software packages for the widely used JavaScript runtime environment node.js was discovered on Monday. The attacker has injected obfuscated malicious code into ...