codeminer42 (@codeminer42@mastodon.social)
The important part: in most cases, the fix is simple and can be done in just a few minutes with a small configuration or update.
Here are some helpful resources:
🔗 https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components#update-instructions
🔗 https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components
🔗 https://vercel.com/kb/bulletin/react2shell
If you have questions, need a second opinion, or want to validate the fix, our team is happy to help.
Security issues are stressful enough — no one should deal with them alone.
Show Original Post
codeminer42 (@codeminer42@mastodon.social)
Recently, a critical vulnerability affecting React-based applications was disclosed.
React is widely used across the industry. Many well-known companies — and likely many teams reading this — have at least one project built with it.
In short, this vulnerability can allow attackers to fully compromise servers, potentially exposing passwords, personal data, and databases.
Show Original Post
post (@post@programming.dev)
Vite vs. Webpack for React Apps in 2025: A Senior Engineer’s Perspective
https://programming.dev/post/42623050
Show Original Post
jobsfordevelopers (@jobsfordevelopers@mastodon.world)
Hull is hiring Senior Engineer
🔧 #csharp #typescript #react #node #aws #mongodb #sql #seniorengineer
🌎 London, United Kingdom
⏰ Full-time
🏢 Hull
Job details https://jobsfordevelopers.com/jobs/senior-engineer-at-hull-com-may-19-2025-f9f3df?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring
Show Original Post
jos1264 (@jos1264@social.skynetcloud.site)
React2Shell is the Log4j moment for front end development https://www.csoonline.com/article/4109221/react2shell-is-the-log4j-moment-for-front-end-development-2.html #LibrariesandFrameworks #SoftwareDevelopment #Vulnerabilities #WebDevelopment #Security #React
Show Original Post
devto_vn_bot (@devto_vn_bot@mastodon.maobui.com)
Tailwind CSS v4 đã ra mắt với nhiều thay đổi lớn: không còn bắt buộc file `tailwind.config.js`, cấu hình trực tiếp trong CSS bằng `@theme`, và tích hợp sẵn container queries, 3D transforms. Sử dụng CSS variables thay vì `@apply` được khuyến khích. Build nhanh hơn với Oxide engine. Dễ dàng nâng cấp dần từ v3.
#TailwindCSS #v4 #Frontend #WebDev #CSS #Tailwind #React #Vue #JavaScript
#CSS #PhátTriểnWeb #JavaScript #Frontend
https://dev.to/odada-o/tailwind-css-v4-migration-guide-26cb
Show Original Post
links (@links@gts.lmorchard.com)
Please Just Fucking Try HTMX
"Look. I'm not going to call you a fucking moron every other sentence. That's been done. It's a whole genre now. And honestly? HTMX doesn't need me to scream at you to make its point."
https://pleasejusttryhtmx.com/
#html #htmx #js #react #web #webdev
Show Original Post
CuratedHackerNews (@CuratedHackerNews@mastodon.social)
Show HN: Composify – Open-Source Visual Editor / Server-Driven UI for React
https://github.com/composify-js/composify
Show Original Post
post (@post@programming.dev)
Introducing RSC Explorer
https://programming.dev/post/42592052
Show Original Post
feedrahq (@feedrahq@mastodon.social)
Why "developer-first"?
Because feedback should flow directly into your workflow. Not force you into a new tool with its own UI, notifications, and mental overhead.
Widget or SDK → Your dashboard → GitHub issue. Done.
#devtools #github #typescript #rust #golang #flutter #react #reactnative
Show Original Post
blainsmith (@blainsmith@snac.rblgk.sh)
I posted this (https://pleasejusttryhtmx.com) in an engineering chat and I got responses from folks who literally do not believe in CRUD apps and have never seen jobs where folks are paid to build them. I really did offend these folks by offering another option to SPA-frameworks. It was wild how much they lashed out.
#HTMX #CRUD #React #SPA
Show Original Post
jnpn (@jnpn@mastodon.social)
react top down tree reactivity is crippling..
one thing i often need to have is a protocol between parent and child, so that both can agree on something. yet i don't want the child view to encode that.. which mean i need to lift the state out and bind logic to this.. am i writing smalltalk by then ?
seems like stores don't solve that either unless every component comes with a store (which bring back objects protocols again)
#react #system #object #protocols #smalltalk
Show Original Post