The JavaScript blog.


functional node modules csv

Node Roundup: 0.8.12, Node CSV, Memoize

Posted on .

You can send in your Node projects for review through our contact form or @dailyjs.

Node 0.8.12

Node 0.8.12 is out, which has some fixes for Windows, the Buffer and HTTP modules, and the REPL. I upgraded as soon as this release came out, and it's running all of my stuff fine as far as I can tell.

Node CSV

Node CSV (GitHub: wdavidw / node-csv-parser, License: New BSD, npm: csv) by David Worms is a streaming CSV parser. By implementing stream readers and writers, this module can parse CSV with less memory overheads when compared to reading the entire file into memory.

It can be used with fs.createReadStream like this:


Alternatively, David has added a more convenient property-based API:

  .to.string(function(data) { console.log(data); });

To set options, from.options({ option: 'value' }) can be used. This supports the usual CSV parser settings, like field delimiters and quoting. The project has Mocha tests, and there's a growing list of contributors.


Memoize (License: MIT, npm: memoize) by Mariusz Nowak is a memoize module that implements pretty much everything related to memoization that I can think of. It works in both Node and browsers, works with function arguments without serialising arguments, supports asynchronous functions, and has cache management features.

The "primitive mode" is interesting because it's optimised for large amounts of data. In fact, it made me think back to Map and WeakMap from Monday's article on ES6 for Node. It seems like caching would get a boost from these ES6 features.


JSON games webgl security csv

Microsoft's WebGL Concerns, csonv, Same Game Gravity

Posted on .

Microsoft's WebGL Concerns

Microsoft's Security Research & Defense
recently published a post about
serious concerns over WebGL security, with the rather damning title
WebGL Considered Harmful.

Our analysis has led us to conclude that Microsoft products supporting WebGL would have difficulty passing Microsoft’s Security Development Lifecycle requirements.

They cite low-level hardware access as a serious issue, along with
reliance on third-party security and problematic DoS scenarios

Modern operating systems and graphics infrastructure were never designed to fully defend against attacker-supplied shaders and geometry.

As a fan of WebGL I balked at these claims, but there's definitely
something to them. However, I don't think refusing to support WebGL is
the right choice; couldn't a compromise be reached through the use of
UAC or other Windows/IE security features?

Meanwhile, Chris Marrin (a WebKit reviewer) had this to say about iOS 5

WebGL will not be publicly available in iOS 5. It will only be available to iAd developers.

This makes sense from Apple's perspective because they'll be able to
review content before it hits browsers. Sadly it's more frustration for
those of us who enjoy working with WebGL and iOS devices.


If the world was made of JSON and CSS selectors we'd be the most
powerful wizards in the universe! Anyway...
csonv.js (GitHub: archan937 / csonv.js, License: MIT) by
Paul Engel is a library that fetches CSV files and translates it to
JSON. I always find extracting CSV headers to be extremely tedious, so
getting more convenient JSON data sets may appeal to those of us who
have to work with CSV.

One particularly useful feature of this library is the ability to
process relational data by nesting it. Paul includes an example of how
this works based on books and authors.

Same Game Gravity

Same Game Gravity is a HTML5/CSS3/etc. game that uses CSS transforms to rotate a Canvas that contains a
tile-matching game. The game itself is similar to something like
Bejeweled, except whenever the board is rotated the tiles fall down and
rearrange themselves.