Deno Land has published Deno 2.9, an update of the company’s JavaScript/TypeScript/WebAssembly runtime that features deno desktop, a mechanism for building native desktop applications from the web stack developers already know.
Introduced June 25, Deno 2.9 also improves startup time, memory use, and HTTP throughput, the company said. Deno installation instructions can be found at docs.deno.com.
With Deno 2.9, users can point deno desktop at a script or a web framework project to produce a native and self-contained desktop application where the UI runs in a webview and the logic runs in Deno. Because deno desktop is built on the same machinery as deno compile, the output is a single, distributable binary with code and assets embedded, Deno Land said.
Also in Deno 2.9, a hello-world program now cold-starts in about half the time it took in 2.8 (34ms down to 17ms), the company said. This improvement results from a combination of factors including lazy-loadingnode: globals out of the snaps
Alibaba's Page Agent runs as client-side JavaScript inside the webpage. It reads the live DOM as text, then clicks and types from natural-language commands. No screenshots, no multimodal model, and no backend rewrite are required.
The post Meet Alibaba’s Page Agent: A JavaScript In-Page GUI Agent That Controls Web Interfaces With Natural Language Through the DOM appeared first on MarkTechPost.
Microsoft has announced a release candidate (RC) of TypeScript 7.0. A port of JavaScript-based TypeScript that is based on the Go language, TypeScript 7.0 is often about 10 times faster than TypeScript 6.0, Microsoft said, thanks to native code speed and shared memory parallelism.
Developers can get the new compiler by installing it from the typescript package on npm:
npm install -D typescript@rc
Unlike TypeScript 6.0, TypeScript 7.0 performs many steps in parallel, including parsing, type checking, and emitting, Microsoft said. Some of these steps, such as parsing and emitting, can mostly be done independently across files. For that reason, parallelization automatically scales well with larger codebases with relatively little overhead. However, not every step in a TypeScript build is easily parallelizable, Microsoft said.
With TypeScript 7.0 RC now available, Microsoft plans to release TypeScript 7.0 within the next month. The company said it will focus on release coordination and
A widely used JavaScript implementation of Google’s Protocol Buffers format is placing too much trust in untrusted data, exposing affected applications to remote code execution and other attacks.
Researchers at Cyera have disclosed six vulnerabilities affecting “protobuf.js,” all stemming from the library’s handling of schema and metadata. Attackers could exploit an input validation oversight to insert malicious data and influence an application’s behavior.
Protocol Buffers is a technology for packaging data in a compact, structured format to streamline the exchange of information between different applications. The protobuf.js library reportedly receives more than 50 million weekly downloads. It is commonly pulled into applications indirectly through dependencies such as gRPC tooling, Google Cloud libraries, and other frameworks, making it difficult for organizations to track.
Researchers disclosed six CVEs covering remote code execution, denial-of-service (DoS) conditions, prototype
Kimi Code CLI is Moonshot AI's open-source terminal coding agent, written in TypeScript with subagents and MCP configuration.
The post Moonshot AI Releases Kimi Code CLI: A Terminal AI Coding Agent Built in TypeScript for Next-Gen Agents appeared first on MarkTechPost.
I got tired of copying files into an AI chat just to get feedback. So I built a pure Python MCP server that gives AI tools direct access to my local project—no frameworks, no dependencies. It runs over stdio for local use and switches to HTTP/SSE for concurrent clients with a single flag. The result: 5 clients, under 50ms, and a design that stays simple without sacrificing capability.
The post My AI Couldn’t See My Files — I Built a Zero-Dependency MCP Server appeared first on Towards Data Science.
As AI coding assistants accelerate software development, one OWASP-backed open-source project is arguing that dependency security tooling still arrives too late to be truly useful.
CVE Lite CLI, a JavaScript and TypeScript dependency vulnerability scanner focused on local lockfile analysis, is positioning itself around a simple idea. Developers should see dependency risks while they are still writing code, not hours later inside a failing CI pipeline.
“What developers are missing is early feedback at the point where the dependency decision is made,” Sonu Kapoor, creator and maintainer of the project, told CSO. According to Kapoor, traditional CI-centric workflows often disconnect developers from the dependency choices that introduced risk in the first place.
CVE Lite CLI scans npm, pnpm, and Yarn lockfiles using OSV vulnerability data and claims to focus heavily on remediation guidance, including separating direct and transitive vulnerabilities, validating upgrade targets, and recommen
Anthropic has acquired Stainless, a startup that generates SDKs, command-line tools, and MCP servers from API specifications, in a move analysts say targets the “last mile” of developer experience.
Founded in 2022 by former Stripe engineer Alex Rattray, Stainless converts API specifications into production-ready SDKs across languages, including Python, TypeScript, Kotlin, Go, and Java.
Stainless does not sell primarily to enterprises, but its tools form part of the software development chain that enterprise teams may rely on. They help generate SDKs, documentation, and MCP servers that developers can use to connect AI models, cloud services, and APIs to business applications.
In a statement, Stainless said it will wind down all hosted products, including its SDK generator, as the team shifts focus to Claude Platform capabilities and connecting agents to APIs. Existing customers will retain the right to modify and extend SDKs they have already generated.
This could have competitive impl
Compiling and running C code with Emscripten and GitHub Codespaces — no local installation required.
The post Your First WebAssembly Program and Web App (Written, Tested, and Deployed Entirely in the Web Browser) appeared first on Towards Data Science.