Monthly Archives: January 2015

Complexity Analysis for Node.js Apps

In previous posts, I introduced style checking (linting) using jshint, integration testing using mocha and should, code test coverage using coverage, and vulnerability identification using retire. If you’re starting a new project, I strongly encourage you to integrate these packages … Continue reading

Posted in Software | Tagged | Leave a comment

Vulnerability Detection for Node.js Apps Using Retire

Eliminating from your application all code–include node modules–with known vulnerabilities is an essential part of secure coding. Retire is a node.js package that looks for reported vulnerabilities in your node modules and/or javascript code. It’s dirt simple to use–so there’s … Continue reading

Posted in Software | Tagged , | 1 Comment

Style Checking (linting) Node.js Apps

Style checking (aka linting) is a vital part of any application development process. Sloppy coding practices increase the chances of coding errors and other problems later on, and style checking can help flag many coding problems to keep your code … Continue reading

Posted in Software | Tagged , | Leave a comment

Node.js Tests using Mocha

In this post, I want to talk a little more about basic Mocha tests. Here are two tests in my mail.service.test file: var mail = require(‘app/services/mail.service’); var config = require(‘../../config/config’); var should = require(‘should’); describe(‘Send Mail’, function() { it(‘should send … Continue reading

Posted in Software, Uncategorized | Tagged , , , | Leave a comment

Creating Tests for a Node.js App After It’s Built

For some reason, you have a node.js app that’s built, but it has no tests or documentation. Maybe you inherited it. Maybe you were feeling exceptionally manly and didn’t think you needed tests. Maybe you’re now having second thoughts or … Continue reading

Posted in Software | Tagged , | Leave a comment

Node.js Secure Coding – Disabling Authentication

This is a snippet of a function that performs user authentication (login). What’s wrong here? module.exports.authenticate = function(req, res, next) { if (env !== ‘production’) { return next(); } … Give up? You want to default to a more secure … Continue reading

Posted in Software | Tagged , | Leave a comment

Writing Node.js Apps on Windows 8

Yeah, I know. Real men don’t program on Windows–let alone Windows 8. Whatever. Node runs fine in Windows, and I do build node apps on it, but there are few things I’ve had to deal with. If you’re using Windows, … Continue reading

Posted in Software | Tagged , | Leave a comment