BxJS Weekly Episode 65 - javascript news podcast

Hey dev.to community!

BxJS Weekly Episode 65 is now out! 🚀
Listen to the best javascript news of the week in a podcast form right here.

Here's all the mentioned links (also found on github):

Getting started:

• React component lifecycle with Hook§
• Handling Errors in Vue.js
• Vue.js And SEO: How To Optimize Reactive Websites For Search Engines And Bots
• Unit Testing in Angular
• How to migrate from HOCs to Hooks
• Typescript interface vs. type
• Testing with Svelte and Ava
• React for Vue developers
• Functional javascript: five ways to calculate an average with array reduce
• You don't need passport.js - Guide to node.js authentication
• 5 Programming Patterns I Like
• 12 tips for writing clean and scalable JavaScript
• Creating Your Own React Validation Library
• Four patterns for global state with React hooks: Context or Redux

Articles & News:

• Transducers - a Generalized Concept for Data Transformations
• Compiling C to WebAssembly without Emscripten
• Enabling Modern JavaScript on npm
• Building a Multi Streaming Alexa Skill with the Alexa Skills Kit
• Better apps with react server-side rendering
• Front-End Documentation, Style Guides and the Rise of MDX

Tips, tricks & bit-sized awesomeness:

• Pointcloud effect in Three.js
• Why I'm still using jQuery in 2019
• Run WebAssembly Outside The Sandbox at 95% Native Speed
• CKEditor 4 - Integrate WYSIWYG editor with React
• JavaScript and evidence-based language design
• What's New In DevTools (Chrome 76)
• Urql, Grown Up
• Upcoming VSCode Feature: Inspect element
• Node.js is 10 years old!

Releases:

• Angular 8
• TypeScript 3.5
• GraphiQL Explorer 2.0
• Verdaccio 4
• PapaParse v5.0
• Node v10.16.0
• Ember 3.10
• Nuxt v2.8.0
• Preact 10.0.0 beta 2

Libs & demos:

• MDsveX
• react-vertex
• Left
• xstyled
• codespeak
• rayo.js
• zdog
• tosin
• Royalbox
• FunctionScript
• fabulous
• luda
• scenejs
• fullstackopen
• medium-to-own-blog
• trash
• node-bluetooth-serial-port
• tedious
• normalizr
• MQTT.js
• react-physics-dragger
• reaptcha
• react-div-100vh

Interesting & silly stuff:

• You’re Not Praised For The Bugs You Didn’t Create

Any feedback is appreciated 😁

Additional stuff:

• Youtube channel
• Twitch channel
• Discord server
• BxJS Weekly github repo

Social media links:

• Twitter
• Medium
• Github

If you enjoy my content, please consider supporting me 😉

Comments

[ZaneHannanAU]

Just saying -- storing the salt alongside the hash is very common. It's used just about everywhere (/etc/shadow, bcrypt in general…).

The alternative is: how are you to be able to log in? If the salt isn't stored, then the hash becomes useless. If it is stored, but is constant across the database; then what point does the salt have? It would be a problem were it sha1 or similar, but it isn't.

Other than that… argon2 is quite strong so far at least.

[Tim Ermilov]

But if your DB is leaked - wouldn't that make decrypting password easier? 🤔
Having one common salt that's not in DB would mean that attacked upon acquiring that DB would have to first figure out what that salt was.
Or am I just misunderstanding something here? 🤔

Edit: Just did some googling, and apparently I totally confused salt with encryption keys used in a different set of algos all this time. I am a bit of an idiot 🤦‍♂️

[ZaneHannanAU]

Yeah. Main difference is between initialization vector/key (you keep the initialization vector and remember the key) and a randomness adder (salt). A salt and an IV are similar, in that they introduce uniqueness into place there might not be otherwise.