habr (@habr@zhub.link)
[Перевод] Убийцы иммутабельной производительности — Zustand/Redux в связке с React
В этой статье мы разберем основные причины деградации производительности иммутабельных сторов в связке с React и рассмотрим подходы к написанию высоконагруженного кода, включая неочевидные и многим не знакомые .
https://habr.com/ru/articles/984654/
#react #redux #zustand #оптимизация #производительность #иммутабельность #стор #immutablejs #typescript #функциональная_парадигма
Show Original Post
threatresearch (@threatresearch@infosec.exchange)
I had a chance last week to chat with Benjamin Read of #Wiz. Last month, Read and other members of his team published a deep dive into the #React2Shell
(CVE-2025-55182) vulnerability, and I was curious to see what has been hitting my honeypot, so I took a closer look.
This is doing some weird stuff, friends.
As is normally the case with exploits targeting internet-facing devices, once the exploit becomes known, it ends up in the automated scanners used by threat actors and security researchers. What I've seen over the past week is a combination of both.
In just a few hours of operation, I identified a small number of source IP addresses exploiting React2Shell by pointing the vulnerable system at URLs hosting BASH scripts. These scripts are really familiar to anyone who routinely looks at honeypot data - they contain a series of commands that pull down and execute malicious payloads.
And as I've seen in the past, some of these payloads use racially inflammatory language in their malware. It's weird and gross, but unfortunately, really common.
But while most of these payloads were "the usual suspects" - remote shells, cryptocurrency miners - there was one payload that stuck out.
It's an exploit file, based on this proof-of-concept [https://github.com/iotwar/FIVEM-POC/blob/main/fivem-poc.py] designed to DDoS a modded server running "FiveM," a popular version of the game Grand Theft Auto V.
Let that one sink in: among the earliest adopters of a brand new exploit are...people trying to mess with other people's online game servers.
I've long said that exploits like these are the canaries in the datacenter coal mine. After all, if an attacker can force your server to run a cryptominer (or a game DDoS tool), they can force it to run far more malicious code.
I guess someone, or a group of someones, just want to ruin everyone's good time, no matter how or what form that takes. And they'll do it in the most offensive way possible.
Anyway, patch your servers, please, if only to stick it to these people who want to be the reason we can't have nice things.
#PoC #exploit #CVE_2025_55182 #DDoS #FiveM #REACT #Bash #cryptominer #malware
Show Original Post
qiita (@qiita@rss-mstdn.studiofreesia.com)
【Crank.js】リアクティブという欠陥を完全解決したJavaScriptフレームワーク、Crank.jsの思想と信条
https://qiita.com/rana_kualu/items/d16ad3a0b271924013ec?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
#qiita #JavaScript #リアクティブ #React #日本語訳 #Crank_js
Show Original Post
nevin (@nevin@ruhr.social)
2026-#Frontend-Entwickelnde sein wie
npx create-legacy-internet-explorer-app@latest
Show Original Post
p (@p@pixelfed.social)
Doesn't matter how we travel, we always find our ways.
#reactperformances #publicspace #performance #react #sweden #streetperformance #sitespecific #insitu #dance #dans #movingcity #kickbike #transport #tyreso #sweden #memories #moments #reactmoments #syncronized
Show Original Post
works (@works@1a23.com)
Font coverage analyzer
A web tool to check codepoint / glyph coverages of a font. Capable of checking coverage of the following collections:#HTML #JavaScript #OpenType #React
https://1a23.com/works/open-source/font-coverage-analyzer/
Show Original Post
klappradla (@klappradla@ruby.social)
Finally back on writing about Rails on the @bitcrowd blog 🔩
https://bitcrowd.dev/getting-react-on-rails-to-work-with-turbo-streams
Show Original Post
thejvmbender (@thejvmbender@techhub.social)
I have been writing typescript for generating PDF (#pdfmake) from front end, I must say, testing is really nice in UI world, save the file then click the link, sometimes it reloads the full page but still easier than full server restart 🤓
Show Original Post
jobsfordevelopers (@jobsfordevelopers@mastodon.world)
Braze is hiring Senior Full-stack Engineer, Product Partnerships
🔧 #ruby #react #rubyonrails #api #nosql #sql #seniorengineer
🌎 San Francisco, California
⏰ Full-time
🏢 Braze
Job details https://jobsfordevelopers.com/jobs/senior-full-stack-engineer-product-partnerships-at-braze-com-nov-24-2025-b65596?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring
Show Original Post
habr (@habr@zhub.link)
Подходы к state management в React
У React-разработчика две беды: 1. Целевые данные изменились, а ререндера нет. 2. Целевые данные не изменились, а ререндер есть. Есть много вариантов подружить данные с интерфейсом, в рамках данной статьи я пройдусь по самым популярным из них. Выясним, как они устроены и для чего каждый из них подойдет лучше, обсудим конкретные реализации разных паттернов.
https://habr.com/ru/articles/984424/
#React #redux #zustand #mobx #valtio #jotai #state_management
Show Original Post
Oam_Gui (@Oam_Gui@piaille.fr)
🗓️ Samedi - 12H : Allo Terra 🌍 / Réact ⏯️
Au programme :
👉 Analyses ou Réacts autour du vivant et de l'écologie
#alloterra #react #vulgarisation #discussion
Show Original Post
qiita (@qiita@rss-mstdn.studiofreesia.com)
Next.js 16 の重要な新機能をまとめて紹介します(第2回)
https://qiita.com/TOMOSIA-HieuNT/items/f6a466a8b4ea959e9e93?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
Show Original Post