<ul><li>Next.js recently patched a critical security vulnerability affecting self-hosted applications with output: 'standalone'. The vulnerability allowed attackers to bypass middleware-based authorization checks by using a spoofed header.</li><li>OpenAI has integrated its advanced image generator into the GPT-4o language model, allowing for the generation of images through simple conversation. Though currently not available through the API, this feature is expected to be rolled out gradually.</li><li>The latest Vue.js report reveals impressive growth and ecosystem shifts. It shows an increased developer loyalty to Vue.js, dominance of Pinia in the state management landscape, a decline in Vuex usage, and a significant surge in TypeScript adoption.</li><li>Recent updates in the JavaScript ecosystem include Bun v1.2.7 with simplified cookie handling, pnpm 10.7 allowing patching dependencies by version ranges, Babel 7.27.0 with improved import attributes syntax, Babylon.js 8.0 introducing new rendering features, and Lexical 0.29, a minimalist text editor framework.</li></ul>

Next.js Locks the Back Door, OpenAI Unlocks Image Generation, and Vue Steals the Spotlight

Discover more