“Working weaponized” POC exploit now available…https://www.rapid7.com/blog/post/etr-react2shell-cve-2025-55182-critical-unauthenticated-rce-affecting-react-server-components/ #react

I will never understand the urge the use a library designed to provide reactive DOM updates as a server framework. Here I am, wasting time parametrising my queries while some are shipping unprotected “eval()” in what looks like a very abstracted gRPC service.

https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp

#WebDev #React #NextJS

🚨 React disclosed a critical (CVSS 10.0) RCE in React Server Components. If you use RSC (often via frameworks like Next.js), upgrade react-server-dom-* to patched versions ASAP.

Details → https://socket.dev/blog/critical-security-vulnerability-in-react-server-components #NodeJS #React

Reactのサーバーコンポーネント（RSC）に脆弱性（CVE-2025-55182）が発見されたらしいので記事を書きました。

（高く見積もられがちではありますが）CVSS10と極めて危険ですので、速やかなアップデートが必要となります。
19.0.0・19.1.0・19.1.1・19.2.0の4バージョンに影響があるとされていますので、確認を行うことをおすすめします。

また、Next.js等のReactに依存しているフレームワークにも影響があります。
Akamaiによればこの脆弱性による攻撃はまだ確認されていないようですが、いつこの脆弱性をついた攻撃が始まるかは不明です。早めの対策をおすすめします。

ReactにCVSS10の脆弱性、サーバーサイドでのデシリアライズに欠陥が存在し攻撃者はHTTPリクエストのみで任意のコードを実行可能 - osumiakari.jp
www.osumiakari.jp/articles/20251204-react2shell-cvss10/ #React #ReactJS #Nextjs #React2Shell #CVE202555182

Reactのサーバーコンポーネント（RSC）に脆弱性（CVE-2025-55182）が発見されたらしいので記事を書きました。

（高く見積もられがちではありますが）CVSS10と極めて危険ですので、速やかなアップデートが必要となります。
19.0.0・19.1.0・19.1.1・19.2.0の4バージョンに影響があるとされていますので、確認を行うことをおすすめします。

また、Next.js等のReactに依存しているフレームワークにも影響があります。
Akamaiによればこの脆弱性による攻撃はまだ確認されていないようですが、いつこの脆弱性をついた攻撃が始まるかは不明です。早めの対策をおすすめします。

ReactにCVSS10の脆弱性、サーバーサイドでのデシリアライズに欠陥が存在し攻撃者はHTTPリクエストのみで任意のコードを実行可能 - osumiakari.jp
www.osumiakari.jp/articles/20251204-react2shell-cvss10/ #news #ニュース #React #ReactJS #Nextjs #React2Shell #CVE202555182

RCE Vulnerability in React and Next.js

Link: https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp
Discussion: https://news.ycombinator.com/item?id=46136026

#react

Critical RCE Vulnerabilities in React and Next.js

Link: https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182
Discussion: https://news.ycombinator.com/item?id=46136067

#react

Why use #React? "This isn’t a rhetorical question. I genuinely want to know why devs choose to build using React. There are many reasons. Alas, none of them relate directly to user experience, other than productive devs will make better websites. (Citation needed.)" https://adactio.com/journal/22265

React and Remix Choose Different Futures

Link: https://laconicwit.com/react-and-remix-choose-different-futures/
Discussion: https://news.ycombinator.com/item?id=46111449

#react

#django #rails #phoenix

I should also note that I will be shopping for something as fantastic as #phoenix 's @LiveView . This is one of the things that keeps my day job in phoenix camp.

I know I can use #React just find with #django, but i just can't force myself to sit down and learn #react.

#react

@ehmatthesEric Matthes

One question I do have. We settled on #Phoenix / #Elixir for our projects at my day job. The big reason we went that direction was to allow use to use #LiveView rather than have bog juniors down with #React .

Is there such a think in the #Django world?

Thanks!

😅 So I did not fully appreciate the power of hashtags on this place when I wrote my #introduction, so I'm giving it a second go.

• I'm a front-end web developer in Spokane, WA. I work for Red Hat on Ansible Controller using #react, #javascript, #typescript. I don't write so much #CSS here as I have at previous gigs, but, I'm okay at that too…

• I'm the author of CSS in Depth 📘 https://www.manning.com/books/css-in-depth

• I enjoy mixing #cocktails and have my recipes available in a #PWA : https://sidecar.us

Launch HN: JSX Tool (YC F25) – A Browser Dev-Panel IDE for React

Discussion: https://news.ycombinator.com/item?id=45903161

#react

UIs Are Not Pure Functions of the Model – React.js and Cocoa Side by Side (2018)

Link: https://blog.metaobject.com/2018/12/uis-are-not-pure-functions-of-model.html
Discussion: https://news.ycombinator.com/item?id=45704216

#react

React vs. Backbone in 2025

Link: https://backbonenotbad.hyperclay.com/
Discussion: https://news.ycombinator.com/item?id=45702558

#react

React Flow, open source libraries for node-based UIs with React or Svelte

Link: https://github.com/xyflow/xyflow
Discussion: https://news.ycombinator.com/item?id=45688836

#react

and don't get me started with people testing their massive React SPAs on their iPhone 17 Pros and literally nothing else.

#WebDev #Web #React

Penning a blog post on #React. I have a lot of criticism (https://jsx.lol) but I’m lacking the other side. Who are the top React superspreaders worth reading?

New instance, (mostly) same intro, because writing intros is hard.

👋 I'm Megan. she/her

#FL ➡️ #NYC ▶️ #Queens

Work: Started out in #journalism, now slinging #JavaScript (and friends, #React, #ReactNative, #TypeScript). I'm most interested in projects pursuing a positive impact.

Fun: Volunteering in my neighborhood with an urban #gardening group and a #cat shelter. Building community any way I can.

#introduction

Ask HN: How does one build large front end apps without a framework like React?

Discussion: https://news.ycombinator.com/item?id=45615193

#react

5 React State Management Tools Developers Actually Use in 2025

https://www.syncfusion.com/blogs/post/react-state-management-libraries?utm_source=alvinashcraft&utm_medium=email&utm_campaign=alvinashcraft_blog_edmoct25

#react #webdev #javascript #frontend #ref #syncfusion

React Compiler v1.0

https://react.dev/blog/2025/10/07/react-compiler-1

#react #javascript #frontend #webdev #webdevelopment

The React Foundation: The New Home for React and React Native

Link: https://engineering.fb.com/2025/10/07/open-source/introducing-the-react-foundation-the-new-home-for-react-react-native/
Discussion: https://news.ycombinator.com/item?id=45524624

#react

React 19.2 Released

https://react.dev/blog/2025/10/01/react-19-2

#react #webdev #javascript #frontend

TypeScript와 React에 File-based App 서버를 부착하여 단순하지만 완결성있는 풀 스택 개발 환경을 구축할 수 있습니다. 여기에 AGENTS.md 파일이나 mcp.json을 추가한다면 풀 스택 프로젝트에 바이브코딩까지 얹을 수 있겠습니다.

#풀스택 #React #닷넷 #바이브코딩 #Node

https://forum.dotnetdev.kr/t/typescript-react-file-based-app-c-api/13812

Create Stunning UIs with Just a Prompt – Syncfusion Code Studio UI Builder

https://www.syncfusion.com/blogs/post/syncfusion-code-studio-ui-builder?utm_source=alvinashcraft&utm_medium=email&utm_campaign=alvinashcraft_blog_edmsep25

#ai #ux #ref #javascript #dotnet #dotnetmaui #react #windowsdev #webdev

👋 Heading to Plone Conference 2025 in Jyväskylä this October?

🍂 October can be crisp and colorful in Finland! 🇫🇮

🧥 Pack a jacket, gloves & comfortable shoes – mornings & evenings can be chilly (or not, it will be a surprise!)

☕ Inside it’s cozy, outside stay comfy & enjoy the autumn colors (like pitch black 😜 )!

🎟️ To get your tickets at: https://2025.ploneconf.org/tickets

#ploneconf2025 #plone #PyConFinland #OpenSource #Python #webdevelopment #conference #IT #React #Jyväskylä #Autumn

🚀 The Plone Conference 2025 in Jyväskylä on October 13–19, 2025 – hosted by the University of Jyväskylä, Finland 🇫🇮

👉 A week full of learning, networking & inspiration

👉 International and Finnish IT professionals from experienced to new

👉 Talks & workshops on Plone, Python, web development & open source innovation 🤯

👉 Special one-day event: PyCon Finland on Oct 17, dedicated to Python 🐍

🎟️ Tickets: https://2025.ploneconf.org/tickets

#ploneconf2025 #PyConFinland #plone #OpenSource #React

Migrating to React Native's New Architecture

Link: https://shopify.engineering/react-native-new-architecture
Discussion: https://news.ycombinator.com/item?id=45225217

#react

React is winning by default and slowing innovation

Link: https://www.lorenstew.art/blog/react-won-by-default/
Discussion: https://news.ycombinator.com/item?id=45252715

#react

ReactJS Essentials Every Developer Should Know.

https://www.syncfusion.com/blogs/post/reactjs-concepts?utm_source=alvinashcraft&utm_medium=email&utm_campaign=alvinashcraft_blog_edmsep25

#react #webdev #javascript #ref #ux #syncfusion #reactjs

Ripple – A TypeScript UI framework that takes the best of React, Solid, Svelte

Link: https://github.com/trueadm/ripple
Discussion: https://news.ycombinator.com/item?id=45063176

#react #typescript

#react #webdev

PyCon Finland 2025 Schedule Published! 🎉
Join us on Friday, October 17th in Jyväskylä for a full day of Python talks and networking.

Featured talks include:
- Keynote: "Muuttolintujen Kevät - Automatic Bird Sound Classifier" by Patrik Lauha
- "Building RAG AI Applications with MariaDB Vector and Python" by Robert Silén
- "Using Python with Satellites, Lessons from a Staff Engineer" by Jeremy Mayeres

https://2025.ploneconf.org/schedule/pycon-finland-2025-schedule

#pyconfinland #PyCon #ploneconf2025 #Python #React #AI #opensource

Custom Formulas in Spreadsheet: A Practical Guide for React Developers.

https://www.syncfusion.com/blogs/post/custom-formulas-in-spreadsheet?utm_source=alvinashcraft&utm_medium=email&utm_campaign=alvinashcraft_blog_edmaug25

#webdev #react #javascript #ref #syncfusion #ux #reactjs

Show HN: Turn Markdown into React/Svelte/Vue UI at runtime, zero build step

Link: https://markdown-ui.com/
Discussion: https://news.ycombinator.com/item?id=45024532

#react

Building a Full-Stack App with React and Aspire: A Step-by-Step Guide | by Sayed Ibrahim Hashimi.

https://devblogs.microsoft.com/dotnet/new-aspire-app-with-react/?hide_banner=true

#react #webdev #cloud #aspire #cloudnative #dotnetaspire #javascript

Do you have a story to tell? Plone Conference 2025 and PyCon Finland 2025 Call for Papers ends soon! https://2025.ploneconf.org/call-for-papers
Topics may range from Plone, Volto and websites to Python, React, AI and many more!
#plone #ploneconf2025 #pyconfinland2025 #cfp #Python #React #AI #webdesign #CMS

React UI for Native Apps | by Sam Basu.

https://www.telerik.com/blogs/react-ui-native-apps

#react #hybridapps #nativeapps #dotnetmaui #javascript #dotnet #appdev

Just moved over from mastodon.design, so it's time for another #introduction!

I'm Toni 👋

I’m a software #designer, though I’m spending more and more time writing code, mostly in #swiftui and #react

When I'm not heads down at work, you'll catch me #cycling, eating my weight in oranges, walking with my dog Xenon, or just getting lost in a new #book, #anime, or #manga.

I’m also a passionate #yugioh collector, #nba fan and I play #guitar occasionally.

More🍊 → https://www.toni.li/about

The project I joined in January just went public. XMLUI aims to empower developers who aren't React and CSS pros to create and maintain effective browser-based user interfaces.

#XMLUI #React #CSS

https://blog.jonudell.net/2025/07/18/introducing-xmlui/

Since I've moved to a new instance - one I'm running myself - I though I might re-introduce myself.

I'm Jeff Markel (see profile for pronunciation) - he/him. I'm kinda old, kinda not - born on the cusp of Baby Boom I and Baby Boom 2, aka Generation Jones (1955).

I can schmooze, but am basically very shy - f2f, anyway - and very introverted. More than a few hours of f2f interaction are exhausting.

I had one sibling - a sister - who died of pancreatic cancer in 1997, at 45. I lost my dad to bladder cancer in 1991 (age 67), and my mom to breast cancer in 2006 (age 80). So the big-C is ever-looming; my odds aren't so good. But I've lived longer than my sister and my father. Hopefully the string will continue.

My wife and I have been married to each other since 1982. We have 3 "children" (in quotes only because they're long-past childhood), and 4 grandchildren. Two are in NYC and one is in LA. The oldest of the grands is 15 and in full-fledged teenager mode.

I'm Jewish, but also an atheist - if that makes sense. The ethnicity does mean a lot to me. I have always felt a sense of 'other'ness and, although I know that I benefit from white privilege, I no longer really think of myself as "white" because the people for whom that matters most do not - and that's perfectly fine with me.

I get obsessed with things. I bake sourdough. I make cocktails. I walk long distances. I develop websites - using Drupal mostly, though I'm now learning React and a few other Javascript frameworks like Sveltekit and Astro - and of course those all have adjacent, and necessary, technologies that I also want to learn. As I used to say in my Twitter profile, when I was still there, I try to learn something new every day.

I've been a software person since the late 1970's. I started out on mainframes - but that's become a distinction without a difference. I've written code in many languages, from Algol to YAML (I tried to think of one starting with Z but Zend is all I could come up with, but that's a company, not a language 🤷‍♂️). Still working, but I do plan to "retire" in the next 18 months or so - in quotes because I will certainly need to do something after that besides sleeping in.

#introduction #introductions #drupal #react #svelte #sveltekit #astro #mainframe #baking #sourdough #cocktails #walking #retirement #website #cancer #fuckcancer #generationjones

Still true #webdev #javascript #react

5 Best React Data Grid Libraries Every Developer Should Know in 2025.

https://www.syncfusion.com/blogs/post/top-react-data-grid-libraries-2025?utm_source=alvinashcraft&utm_medium=email&utm_campaign=alvinashcraft_blog_edmjul25

#react #javascript #webdev #ux #syncfusion

GitHub Copilot Vibe Coding Workshop - Free resources to build a social media website with GitHub Copilot.

https://techcommunity.microsoft.com/blog/azuredevcommunityblog/github-copilot-vibe-coding-workshop/4430440

#githubcopilot #vibecoding #ai #python #javascript #react #blazor #dotnet #springboot

I'm a #programming dude who works in #javascript, #react, and #sql by day and #jellyfin and #roku by night.

I love #horror #movies, #punk #music, playing #bass #guitar and #drums, #reading #books, #skateboarding, #vinyl #records, and #opensource #software

I love #popculture and frequently speak in #movie quotes.