HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Rauchg

no profile record

comments

Rauchg
·10 dni temu·discuss
This is super fast. Great job!
Rauchg
·2 miesiące temu·discuss
R2S was a painful one, but Lachlan was a dream of a security researcher to partner with. Not just from a responsible disclosure POV, but things like hopping on multiple calls with Meta and our team to help us validate remediations. Thank you Lachlan for helping make the internet safer (and great job on figuring out this 'labyrinth' of a vulnerability)
Rauchg
·6 miesięcy temu·discuss
This was a pivotal project for me as a young lad learning Linux and software engineering back in the day. Can't recommend it enough. So many little frustrations and painpoints to overcome, wasn't easy , and shows you the ropes of what's to come.
Rauchg
·7 miesięcy temu·discuss
We collaborated with many industry partners to proactively deploy mitigations due to the severity of the issue.

We still strongly recommend everyone to upgrade their Next, React, and other React meta-frameworks (peer)dependencies immediately.
Rauchg
·10 miesięcy temu·discuss
Heard and appreciate the feedback. We’re well aware of the DX papercuts in Middleware. With 15.5 we made a big step in supporting Node runtime[1] which addresses a slew of issues people have reported over time.

If I went back in time, I would have called it Routing Middleware or Routing Handler. A specific hook to intercept during the routing phase, which can be delivered to the CDN edge for specialized providers. It’s also a somewhat advanced escape hatch.

Since OP mentions logging, it’s worth noting that for instrumentation and observability we’ve embraced OpenTelemetry and have an instrumentation.ts convention[2]

[1] https://nextjs.org/blog/next-15-5#nodejs-middleware-stable

[2] https://nextjs.org/docs/app/api-reference/file-conventions/i...