Below you can find RisingStack's collection of the most important Node.js updates, projects, tutorials & Node related conferences from this week:

Passwords can be guessed, phone numbers can be spoofed, but using two-factor authentication essentially requires that user be in possession of a physical device with an app like Google Authenticator, loaded with a secret key for the given app, which provides an extra layer of security.

Since I use 2FA so often, I wanted to see how the process is managed by a developer for its users. That would include generating the secret key, creating its QR code representation, scanning the code into Google Authenticator (done by the user), and then validating that GA-given code against the user's key. I found an easy to use Node.js library, speakeasy, to do so!

Here are 8 habits for happy Node hackers updated for 2017. They're specifically for app developers, rather than module authors, since those groups have different goals and constraints.

Lock Down Your Dependency Tree Hook Things Up Modernize Your JavaScript Keep Your Promises Automate Your Code Formatting with Prettier Test Continuously Wear Your Helmet HTTPS all the things

Learn how you can build a Twilio Messaging Hub in only 7 Minutes with StdLib!

What You’ll Need Beforehand:

1x Twilio Account

1x Command Line Terminal

7x Minutes (or 420x Seconds)

In this article we summarize the insights we learned from our latest survey on developers problems with Node.js Debugging, Downtimes, Microservices & other pain-points.

Key Findings of the Node.js Survey:

29,27% of Node.js developers experience downtimes in production systems at least once a week, 54,02% at least once a month.

27,50% of Node developers responding to the survey never experience downtimes.

42,82% of the respondents spend more than 2 hours a week with debugging their Node.js applications, including the 17,09% who spends more than 5 hours.

The developers building a microservices architecture with Node spend more time with debugging. The advantage of microservices + Node manifests in the form of fewer downtimes.

Interested in learning how Node.js can help streamline your digital processes and the latest trends with this application platform?

In this interactive online seminar, we’ll reveal how companies like Capital One, Slack, Skycatch, and NASA benefit from using Node.js, from enabling rapid data experimentation to building innovative experiences on connected devices.

In the live Q & A session, you will have the chance to ask questions about specific use cases and learn why Node.js is the platform of choice for building digital experiences.

Nodevember is a two-day conference touching on all aspects of Node and JavaScript. The conference includes seminars, workshops, tutorials, code sprints, and lightning talks.

The fourth annual conference will be held November 27th and 28th, 2017 in Nashville, TN.

Node Core Changes:

Child processes

stdout and stderr are now available on the error output of a failed call to the util.promisify() ed version of child_process.exec .

and are now available on the error output of a failed call to the ed version of . HTTP

A regression that broke certain scenarios in which HTTP is used together with the cluster module has been fixed.

module has been fixed. HTTPS

The rejectUnauthorized option now works properly for unix sockets.

option now works properly for unix sockets. Readline

A change that broke npm init and other code which uses readline multiple times on the same input stream is reverted.

Fix broken process.release properties in 8.1.1 causing failure to compile native add-ons on platforms other than Windows. This is a fix in the Node.js build process so there are no additional code commits included on top of 8.1.1.

Node.js Related Conferences

Open CFP's

NodeFest Tokyo , Hosei University, Tokyo, Japan

, Hosei University, Tokyo, Japan Node Summit , San Francisco (CA), United States

, San Francisco (CA), United States dot Conferences, Paris, France

Upcoming Events

Source: The Node Foundation Newsletter

Vulnerable npm Packages Discovered:

Cross-Site Scripting (XSS)

next package, versions <2.4.3

Directory Traversal

In the previous Node.js Weekly Update we read about Node 8's util.promisify(), handling 100 gigabytes of data with MySQL & Node.js, understanding lock files in npm 5 and a comaprison of Node 6 & 8.

We help you to stay up-to-date with Node.js on a daily basis too. Check out our Node.js news page and its Twitter feed!