[B! JavaScript] YassLabã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

YassLab id:YassLab

JavaScriptã«é–¢ã™ã‚‹YassLabã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (62)

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

Next.jsã®è„†å¼±æ€§ã‚’æ•°æ—¥æ”¾ç½®ã—ãŸã‚‰æš—å·é€šè²¨ãƒžã‚¤ãƒŠãƒ¼ã‚’ä»•è¾¼ã¾ã‚ŒãŸè©± - Qiita
ã‚„ã£ãŸã‚‰å‹•ä½œãŒé…ã„ãªã¨æ€ã£ãŸã‚‰ã€ã„ã¤ã®é–“ã«ã‹ CPU ä½¿ç”¨çŽ‡ãŒ100%ã«ã€‚ ã“ã‚Œã¯ã‚‚ã—ã‚„...ã¨æ€ã£ãŸã‚‰ã€ã¾ã•ã«ã§ã—ãŸã€‚ PM2ã«ãƒã‚°ãŒæ®‹ã£ã¦ã„ãŸã®ãŒæ•‘ã„ã€‚ å¾Œã¯ã€Claude Code ã«ãŠã¾ã‹ã›ã—ã¾ã—ãŸã€‚ ä»¥ä¸‹ã€å‚™å¿˜éŒ²ï¼š ã¯ã˜ã‚ã« 2025å¹´12æœˆã€é‹ç”¨ã—ã¦ã„ãŸè¤‡æ•°ã®Next.jsã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã‚’å—ã‘ã€æš—å·é€šè²¨ãƒžã‚¤ãƒŠãƒ¼ã‚’ä»•è¾¼ã¾ã‚Œã¾ã—ãŸã€‚CVE-2025-55182ãŒå…¬é–‹ã•ã‚Œã¦ã‹ã‚‰2æ—¥å¾Œã®ã“ã¨ã§ã—ãŸã€‚ Note: ã“ã®è¨˜äº‹ã¯ã‚¤ãƒ³ã‚·ãƒ‡ãƒ³ãƒˆèª¿æŸ»ãƒ¬ãƒãƒ¼ãƒˆã‚’åŸºã«ã€Claude CodeãŒåŸ·ç†ã—ã¾ã—ãŸã€‚ TL;DR CVE-2025-55182å…¬é–‹ã‹ã‚‰2æ—¥å¾Œã«æ”»æ’ƒã‚’å—ã‘ãŸ Next.js 15.x / 16.x ã®Server Actionsè„†å¼±æ€§ã§RCEï¼ˆãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œï¼‰ã•ã‚ŒãŸ æš—å·é€šè²¨ãƒžã‚¤ãƒŠãƒ¼ï¼ˆMoneroï¼‰ã¨è¤‡æ•°ã®ãƒãƒƒã‚¯ãƒ‰ã‚¢ã‚’ä»•è¾¼ã¾ã‚ŒãŸ ã‚µãƒ¼ãƒãƒ¼å†…éƒ¨ã®èªè¨¼æƒ…å ±ãŒæ¼æ´©ã—ãŸå¯
YassLab 2025/12/21
â€œ2025å¹´12æœˆã€é‹ç”¨ã—ã¦ã„ãŸè¤‡æ•°ã®Next.jsã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒã‚µã‚¤ãƒãƒ¼æ”»æ’ƒã‚’å—ã‘ã€æš—å·é€šè²¨ãƒžã‚¤ãƒŠãƒ¼ã‚’ä»•è¾¼ã¾ã‚Œã¾ã—ãŸã€‚CVE-2025-55182ãŒå…¬é–‹ã•ã‚Œã¦ã‹ã‚‰2æ—¥å¾Œã®ã“ã¨ã§ã—ãŸã€‚â€

Security

CVE

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

JavaScript

Next.js

React
ãƒªãƒ³ã‚¯
Over 644,000 Domains Exposed to Critical React Server Components Vulnerability
Home Cyber Security Over 644,000 Domains Exposed to Critical React Server Components Vulnerability The Shadowserver Foundation has released alarming new data regarding the exposure of web applications to CVE-2025-55182, a critical vulnerability affecting React Server Components. Following significant improvements to their scanning methodologies, researchers have identified a massive attack surface
YassLab 2025/12/21
â€œFollowing significant improvements to their scanning methodologies, researchers have identified a massive attack surface comprising over 165,000 unique IP addresses and more than 644,000 domains hosting vulnerable code as of December 8, 2025.â€

JavaScript

React

Security

CVE

è„†å¼±æ€§
ãƒªãƒ³ã‚¯
React Server Componentsã®è„†å¼±æ€§ CVE-2025-55182ï¼ˆReact2Shellï¼‰ã«ã¤ã„ã¦ã¾ã¨ã‚ã¦ã¿ãŸã€‚ - piyolog
2025å¹´12æœˆ3æ—¥ã€JavaScriptãƒ©ã‚¤ãƒ–ãƒ©ãƒª Reactã‚’é–‹ç™ºã™ã‚‹The React Teamã¯ã€React Server Componentsã«æ·±åˆ»ãªè„†å¼±æ€§ãŒç¢ºèªã•ã‚ŒãŸã¨ã—ã¦è„†å¼±æ€§æƒ…å ±ã‚’å…¬é–‹ã—ã€ä¿®æ£ç‰ˆã¸ã®æ›´æ–°ã‚’æ¡ˆå†…ã—ã¾ã—ãŸã€‚ã“ã“ã§ã¯é–¢é€£ã™ã‚‹æƒ…å ±ã‚’ã¾ã¨ã‚ã¾ã™ã€‚ ã©ã‚“ãªè„†å¼±æ€§ãŒç¢ºèªã•ã‚ŒãŸã®ï¼Ÿ React Server Function ã®Flightãƒ—ãƒãƒˆã‚³ãƒ«ã«ãŠã„ã¦ã€ä¿¡é ¼ã§ããªã„ãƒ‡ãƒ¼ã‚¿ã®ãƒ‡ã‚·ãƒªã‚¢ãƒ©ã‚¤ã‚ºã«é–¢ã™ã‚‹è„†å¼±æ€§ ãŒç¢ºèªã•ã‚ŒãŸã€‚ã“ã®è„†å¼±æ€§ã¯èªè¨¼ä¸è¦ã§ãƒªãƒ¢ãƒ¼ãƒˆã‹ã‚‰æ‚ªç”¨ãŒå¯èƒ½ã§ã‚ã‚Šã€ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œï¼ˆRCEï¼‰ ã«è‡³ã‚‹æã‚ŒãŒã‚ã‚‹ã€‚æ·±åˆ»åº¦ã¯ ç·Šæ€¥ï¼ˆCVSS åŸºæœ¬å€¤ 10.0ï¼‰ ã¨è©•ä¾¡ã•ã‚Œã¦ãŠã‚Šã€é–‹ç™ºå…ƒã¯åˆ©ç”¨è€…ã«å¯¾ã—ã¦é€Ÿã‚„ã‹ãªå¯¾å¿œã‚’å‘¼ã³ã‹ã‘ã¦ã„ã‚‹ã€‚ React ã¯ã‚¨ãƒ³ã‚¿ãƒ¼ãƒ—ãƒ©ã‚¤ã‚ºç’°å¢ƒã‚’å«ã‚€å¹…åºƒã„ã‚·ã‚¹ãƒ†ãƒ ã§æŽ¡ç”¨ã•ã‚Œã¦ãŠã‚Šã€æ—¥æœ¬å›½å†…ã§ã‚‚ React ã‚’ç”¨ã„ãŸã‚·ã‚¹ãƒ†ãƒ ã‚’å…¬é–‹ã—ã¦ã„ã‚‹ãƒ›ã‚¹ãƒˆãŒå¤šæ•°
YassLab 2025/12/20
â€œæ˜Žç¤ºçš„ã«React Server Function ã‚’ä½¿ç”¨ï¼ˆå®Ÿè£…ï¼‰ã—ã¦ã„ã‚‹ã‹ã«ã‹ã‹ã‚ã‚‰ãšå½±éŸ¿ã‚’å—ã‘ã‚‹ ... ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®è¨å®šã§æ§‹ç¯‰ã•ã‚ŒãŸç’°å¢ƒï¼ˆcreate-next-appã§ä½œæˆã•ã‚Œæœ¬ç•ªç”¨ã«ãƒ“ãƒ«ãƒ‰ã•ã‚ŒãŸæ¨™æº–çš„ãª Next.jsã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ç‰ï¼‰ãŒå½±éŸ¿ã‚’å—ã‘ã‚‹â€

React

CVE

Security

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

è„†å¼±æ€§

Next.js

JavaScript
ãƒªãƒ³ã‚¯
ãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰ã‚¨ã‚ã‚¹ãƒ‘ãƒ¼ãƒˆãƒãƒ¼ãƒ ã®è§£æ•£ã¯ ã€Œã„ã„è©±ã€ãªã®ã‹ï¼Ÿ
YassLab 2025/12/20
â€œFEEã®å˜åœ¨ãŒæž·ã«ãªã‚‹éƒ¨åˆ†ã‚‚ â€¢ ãã‚‚ãã‚‚èª°ã‹ãŒãƒªãƒ¼ãƒ‰ã›ãšã¨ã‚‚ã‚„ã‚Œã‚‹äººãŒãŸãã•ã‚“ã„ã‚‹ã¯ãš / æž ã‚’è¶…ãˆãŸãƒˆãƒ©ã‚¤ã‚’ã™ã‚‹ã«ã‚‚ ã€ŒFEEãŒã„ã‚‹ã‹ã‚‰ãªâ€¦ã€ã€ŒFEEãŒâ—¦â—¦ã‚„ã£ã¦ã‚‹ã—ãªâ€¦ã€ ã¨ã„ã†ç™ºæƒ³ã«ãªã‚Šã‚„ã™ã„â€

SPA

JavaScript

Frontend
ãƒªãƒ³ã‚¯
Node.js â€” Wednesday, January 7, 2026 Security Releases
Commercial support for versions past the Maintenance LTS phase is available through our OpenJS Ecosystem Sustainability Program partners (Update 17-Dec-2025) Security Release target January 7th We have decided to delay the release further to Wednesday, January 7th, 2026. Many of the downstream projects and users are on holiday break at the end of the year, and the security release will disclose th
YassLab 2025/12/18
â€œ(Update 17-Dec-2025) Security Release target January 7th - We have decided to delay the release further to Wednesday, January 7th, 2026 to ensure the team has enough time to properly prepare the patches and releases. We also prefer not to disrupt the holiday season with a security release.â€

Security

è„†å¼±æ€§

Node.js

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

JavaScript
ãƒªãƒ³ã‚¯
ä¸€é€£ã®RSCè°è«–ã«ã¤ã„ã¦
ä¸€é€£ã®RSC/Server Functionsè°è«–ã«ã¤ã„ã¦ ä»¥ä¸‹ã®äº‹è±¡ã®ã©ã‚Œã‚’ãƒ¨ã‚·ã¨ã—ã¦ã€ã©ã‚Œã‚’ãƒ¨ã‚·ã¨ã—ãªã„ã‹ã«ã¤ã„ã¦ã‚¹ã‚¿ãƒ³ã‚¹ã‚’æ˜Žç¢ºã«ã—ã¦ã‹ã‚‰è°è«–ã‚’è¡Œã†å¿…è¦ãŒã‚ã‚Šã¾ã™ ã‚µãƒ¼ãƒå´ã§è¦‹ãŸç›®ã‚’ãƒ¬ãƒ³ãƒ€ãƒªãƒ³ã‚°ã™ã‚‹ã“ã¨ (Server Componentsã‚’ç”¨ã„ãŸUIãƒ¬ãƒ³ãƒ€ãƒªãƒ³ã‚°) ã‚µãƒ¼ãƒå´ã®ãƒ‡ãƒ¼ã‚¿ã‚’é”æ³•ã®ã‚ˆã†ã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«æ¸¡ã›ã¦ã—ã¾ã†ã“ã¨ (SCã‹ã‚‰CCã¸ã®propså—ã‘æ¸¡ã—) ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒã‚µãƒ¼ãƒã®é–¢æ•°å‘¼ã³å‡ºã—ã‚’æ„è˜ã›ãšé”æ³•ã®ã‚ˆã†ã«è¡Œãˆã¦ã—ã¾ã†ã“ã¨ (Server Functionsã¸ã®å¼•æ•°æ¸¡ã—) è‡ªåˆ†ã¯ä¸€ç•ªç›®ã¯æ˜¯éžã¨ã‚‚è¨±å®¹ã—ã¦ã„ããŸãã¦(ã“ã‚Œã«é–¢ã—ã¦ã¯MPAã‚„HTML on the Wire/HotWire ã®ãƒ¡ãƒªãƒƒãƒˆã¨åŒã˜)ã€ 2ã¨3ã¯ã†ã¾ãç«‹ã¡å›žã‚‰ãªã„ã¨è‡ªåˆ†ã®è¶³ã‚’è‡ªåˆ†ã§ã¶ã¡æŠœã„ã¦ã—ã¾ã†å±é™ºãªä»•çµ„ã¿ãªã®ã§é¿ã‘ã€ SPA + Backend APIã¨åŒæ§˜ã«APIã‚¹ã‚ãƒ¼ãƒžã‚’å®šç¾©ã—ã€æ„å›³ã—ãªã„å€¤ã®
YassLab 2025/12/17
â€œReact2Shellæ”»æ’ƒã«ãŠã„ã¦ã€JavaScriptã®äº’æ›æ€§ã‚’ç†ç”±ã«ç¶™ç¶šã•ã‚Œã¦ã„ã‚‹ä»•æ§˜ãŒã„ãã¤ã‹ç‹™ã‚ã‚Œã¦ã„ã‚‹ / ç§é”ã«å‡ºæ¥ã‚‹ã“ã¨ã¯ã€ã—ã£ã‹ã‚Šã¨ãƒãƒªãƒ‡ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¡Œã„ã€æ”»æ’ƒãŒè„†å¼±ãªä»•æ§˜ã«çµã³ã¤ãå‰ã«ã¡ã‚ƒã‚“ã¨æ–ã¡åˆ‡ã‚‹ã“ã¨â€

JavaScript

React

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

Security

è„†å¼±æ€§
ãƒªãƒ³ã‚¯
New PCPcat Exploiting React2Shell Vulnerability to compromise 59,000+ Servers
YassLab 2025/12/16
"admin can detect this activity by monitoring connections to the command server IP addr 67.217.57.240 on ports 666, 888, and 5656, looking for systemd services with names containing pcpcat, and checking for unusual outbound connections carrying JSON data containing environment vars or credentials."

JavaScript

React

Next.js

Security

Incident
ãƒªãƒ³ã‚¯
Lessons from React2Shell
DEV Community Follow A space to discuss and keep up software development and manage your software career Future Follow News and discussion of science and techno logy such as AI, VR, cryptocurrency, quantum computing, and more. Open Forem Follow A general discussion space for the Forem community. If it doesn't have a home elsewhere, it belongs here
YassLab 2025/12/15
â€œThe vulnerability wasn't an implementation bug that slipped through code review. It was the predictable consequence of violating a fundamental security principle: complex deserialization of untrusted data leads to remote code execution. If you can't do it perfectly don't do it at all.â€

Next.js

JavaScript

React

CVE

è„†å¼±æ€§

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£
ãƒªãƒ³ã‚¯
å€‹äººé–‹ç™ºã®EC2ãŒä¹—ã£å–ã‚‰ã‚Œã¦Moneroã‚’æŽ˜ã‚‰ã‚Œã¦ã„ãŸè©±ã€CVE-2025-55182ã€‘ï½œãã“ã‚ã“
ã¯ã˜ã‚ã«ã€Œã‚ã‚Œã€CPUã‚¯ãƒ¬ã‚¸ãƒƒãƒˆãŒã‚¼ãƒã«ãªã£ã¦ã‚‹â€¦ï¼Ÿã€ 12æœˆ9æ—¥ã€AWSã‚³ãƒ³ã‚½ãƒ¼ãƒ«ã‚’é–‹ã„ãŸçž¬é–“ã€è¡€ã®æ°—ãŒå¼•ã„ãŸã€‚t2.microã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã®CPUã‚¯ãƒ¬ã‚¸ãƒƒãƒˆãŒå®Œå…¨ã«æž¯æ¸‡ã—ã¦ã„ã‚‹ã€‚ ã†ã¡ã®ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã¯æ¯Žæ—¥å¤œä¸ã«å†èµ·å‹•ã™ã‚‹ã®ã ãŒã€å†èµ·å‹•ç›´å¾Œã€ã‚¯ãƒ¬ã‚¸ãƒƒãƒˆãŒå›žå¾©ã—å§‹ã‚ãŸé€”ç«¯ã«ä¸€æ°—ã«æ¶ˆè²»ã•ã‚Œã€ãã®å¾Œæž¯æ¸‡ã—ã¦ã„ãŸã€‚ ã“ã‚Œã¯ã€ç§ã®å€‹äººé–‹ç™ºã‚µãƒ¼ãƒãƒ¼ãŒæ”»æ’ƒã‚’å—ã‘ã€ä»®æƒ³é€šè²¨ãƒžã‚¤ãƒ‹ãƒ³ã‚°ã®è¸ã¿å°ã«ã•ã‚Œã¦ã„ãŸè¨˜éŒ²ã§ã™ã€‚ ç•°å¤‰ã®ç™ºè¦‹æœ€åˆã®é•å’Œæ„Ÿå€‹äººé–‹ç™ºã§é‹ç”¨ã—ã¦ã„ãŸNext.jsã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã€‚æ™®æ®µã¯é™ã‹ã«å‹•ã„ã¦ã„ã‚‹ã¯ãšã®t2.microã®CPUã‚¯ãƒ¬ã‚¸ãƒƒãƒˆãŒä½•æ•…ã‹æž¯æ¸‡ã—ã¦ã„ã‚‹ã€‚ è©³ã—ãèª¿ã¹ã¦ã¿ã‚‹ã¨ã€ ps aux --sort=-%cpu | head -20 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND ubuntu 2175 0.0 0.0
YassLab 2025/12/13
"å€‹äººé–‹ç™ºã§é‹ç”¨ã—ã¦ã„ãŸNext.jsã‚¢ãƒ—ãƒª / ä»®æƒ³é€šè²¨ãƒžã‚¤ãƒ‹ãƒ³ã‚°ã®è¸ã¿å°ã«ã•ã‚Œã¦ã„ãŸ / å…¬é–‹ã‹ã‚‰3æ—¥ã§æ”»æ’ƒãŒæ¥ã‚‹ / æ”»æ’ƒè€…ã¯è„†å¼±ãªã‚µãƒ¼ãƒãƒ¼ã‚’è‡ªå‹•ã‚¹ã‚ãƒ£ãƒ³ã—ã¦ã„ã‚‹. è¦æ¨¡ã¯é–¢ä¿‚ãªã„. ã‚¤ãƒ³ã‚¿ãƒ¼ãƒãƒƒãƒˆã«å…¬é–‹ã—ãŸçž¬é–“, æ”»æ’ƒå¯¾è±¡"

å€‹äººé–‹ç™º

React

JavaScript

CVE

Security

Next.js
ãƒªãƒ³ã‚¯
React Server Componentsã«ãŠã‘ã‚‹è„†å¼±æ€§ã«ã¤ã„ã¦ï¼ˆCVE-2025-55182ï¼‰ | æƒ…å ±ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ | IPA ç‹¬ç«‹è¡Œæ”¿æ³•äºº æƒ…å ±å‡¦ç†æŽ¨é€²æ©Ÿæ§‹
æ³¨é‡ˆï¼šè¿½è¨˜ã™ã¹ãæƒ…å ±ãŒã‚ã‚‹å ´åˆã«ã¯ã€ãã®éƒ½åº¦ã“ã®ãƒšãƒ¼ã‚¸ã‚’æ›´æ–°ã™ã‚‹äºˆå®šã§ã™ã€‚ æ¦‚è¦ React Server Componentsã¯ã€JavaScriptãƒ©ã‚¤ãƒ–ãƒ©ãƒªã€ŒReactã€ã®ã‚µãƒ¼ãƒæ©Ÿèƒ½ã«é–¢ã™ã‚‹ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã™ã€‚ ã“ã®React Server Componentsã«ãŠã„ã¦ã€ä¿¡é ¼ã§ããªã„ãƒ‡ãƒ¼ã‚¿ã‚’ãƒ‡ã‚·ãƒªã‚¢ãƒ©ã‚¤ã‚ºã™ã‚‹è„†å¼±æ€§ï¼ˆCVE-2025-55182ï¼‰ãŒç¢ºèªã•ã‚Œã¦ã„ã¾ã™ã€‚ æœ¬è„†å¼±æ€§ã‚’æ‚ªç”¨ã•ã‚ŒãŸå ´åˆã€é éš”ã®æ”»æ’ƒè€…ã«ã‚ˆã£ã¦ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ã‚’å®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ ãªãŠã€ã€ŒNext.jsã€ãªã©ä»–è£½å“ã«ãŠã„ã¦ã€åŒæ§˜ã®å½±éŸ¿ã‚’å—ã‘ã¾ã™ã€‚ --- 2025å¹´ 12 æœˆ 10 æ—¥æ›´æ–° --- æœ¬è„†å¼±æ€§ã‚’æ‚ªç”¨ã—ãŸã¨æ€ã‚ã‚Œã‚‹æ”»æ’ƒãŒå›½å†…ã§ç™ºç”Ÿã—ã¦ã„ã‚‹ã¨ã®æƒ…å ±ãŒã‚ã‚Šã¾ã™ã€‚ ä»Šå¾Œã€ã“ã®è„†å¼±æ€§ã‚’çªã„ãŸæ”»æ’ƒãŒæ‹¡å¤§ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€æ—©æ€¥ã«å¯¾ç–ã‚’å®Ÿæ–½ã—ã¦ãã ã•ã„ã€‚ --- 2025å¹´ 12 æœˆ 12 æ—¥æ›´æ–° ---
YassLab 2025/12/11
â€œ2025å¹´ 12 æœˆ 10 æ—¥æ›´æ–° --- æœ¬è„†å¼±æ€§ã‚’æ‚ªç”¨ã—ãŸã¨æ€ã‚ã‚Œã‚‹æ”»æ’ƒãŒå›½å†…ã§ç™ºç”Ÿã—ã¦ã„ã‚‹ã¨ã®æƒ…å ±ãŒã‚ã‚Šã¾ã™ã€‚ä»Šå¾Œã€ã“ã®è„†å¼±æ€§ã‚’çªã„ãŸæ”»æ’ƒãŒæ‹¡å¤§ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚‹ / ã€ŒNext.jsã€ãªã©ä»–è£½å“ã«ãŠã„ã¦ã€åŒæ§˜ã®å½±éŸ¿ã‚’å—ã‘ã¾ã™â€

React

CVE

Security

è„†å¼±æ€§

Next.js

JavaScript
ãƒªãƒ³ã‚¯
ChatGPT - SPA è¤‡é›‘ã•ã®æ‡¸å¿µ
YassLab 2025/09/25
â€œã—ã‹ã—ç§ãŸã¡ã¯ã€ãƒãƒ¼ãƒ ãŒãã®ã‚ˆã†ãªãƒˆãƒ¬ãƒ¼ãƒ‰ã‚ªãƒ•ã‚’åˆ†æžã™ã‚‹ã“ã¨ãªãã€ãƒ“ã‚¸ãƒã‚¹ä¸Šã®è¦ä»¶ãŒæ£å½“åŒ–ã—ãªã„å ´é¢ã§ã‚‚ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ SPA ã®è¤‡é›‘ã•ã‚’å—ã‘å…¥ã‚Œã¦ã—ã¾ã£ã¦ã„ã‚‹çŠ¶æ³ã‚’ã‚ˆãç›®ã«ã—ã¾ã™ã€‚â€

JavaScript

SPA

React

Hotwire
ãƒªãƒ³ã‚¯
GitHub - taketo1113/alt-ujs: alternative rails-ujs
YassLab 2025/09/11
â€œalt-ujs is an alternative to rails-ujs. rails-ujs has been deprecated since Rails 7.0 and was no longer released starting from Rails 7.2. / alt-ujs provides: force confirmation dialogs for various actions; make non-GET requests from hyperlinks; have submit buttons become automatically disabledâ€

Ruby

Rails

UJS

JavaScript
ãƒªãƒ³ã‚¯
Alternative rails-ujs
YassLab 2025/09/11
â€œ2025/10/18 Proposals on Rails 2025 (Roppongi.rb) https://roppongirb.connpass.com/event/366845/â€

Ruby

Rails

JavaScript

UJS
ãƒªãƒ³ã‚¯
Usage Statistics and Market Share of Server-side Programming Languages for Websites, December 2025
Top Site Usage Market Position PerformancePage Speed BreakdownRanking Content Management Client-side Languages JavaScript Libraries CSS Frameworks Web Servers Web Panels Operating Systems Web Hosting Data Centers Reverse Proxies DNS Servers Em ail Servers SSL Certificate Authorities Content Delivery Traffic Analysis Tools Advertising Networks Tag Managers Social Widgets Site Elements Structured Dat
YassLab 2025/05/25
â€œHow to read the diagram: PHP is used by 74.2% of all the websites whose server-side programming language we know. PHP: 74.2%, Ruby: 6.3%, Java: 5.2%, ASP.NET: 5.1%, JavaScript: 4.5%, Scala: 4.4%, static files: 1.7%, Python: 1.2%, ColdFusion: 0.2%, Perl: 0.1%, Erlang: 0.1% (25 May 2025)â€

Ruby

PHP

Stats

JavaScript

Java

Python

Perl

ASP.NET

Scala

ClodFusion
ãƒªãƒ³ã‚¯
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js - Hardcover Blog
This is part 1 of a series documenting Hardcoverâ€™s Alexandria release. We recently migrated our codebase from Next.js to Ruby on Rails, and itâ€™s been amazing so far! It was a learning experience, and Iâ€™m excited to share some of our takeaways. Iâ€™ll link each article here as itâ€™s written. Introducing Alexandria: Faster, Smoother, Smarter Part 1: How we fell out of love with Next.js and back in love
YassLab 2025/05/06
â€œWhat we didnâ€™t expect was for a Pricing Change the month we launched after months of building. Our hosting bill grew from $30 in April to $142 by June, $354 in August. Hardcover was growing, but 10x cost increase in a few months was too much.â€

Ruby

Rails

Next.js

Pricing

JavaScript
ãƒªãƒ³ã‚¯
Usage Statistics and Market Share of jQuery for Websites, August 2025
YassLab 2025/04/28
"Usage statistics and market share of jQuery for websites - jQuery is used by 90.8% of all the websites whose JavaScript library we know. These diagrams show the usage statistics of jQuery as JavaScript library on the web. ... This is 74.1% of all websites."

jQuery

JavaScript

Stats
ãƒªãƒ³ã‚¯
Railsã¯ã€Œé•·å¹´å¤‰ã‚ã‚‰ãªã„ã“ã¨ã€ãŒæœ€å¤§ã®å¼·ã¿ã§ã‚‚ã‚ã‚‹ï¼ˆç¿»è¨³ï¼‰ï½œTechRacho by BPSæ ªå¼ä¼šç¤¾
æ¦‚è¦ å…ƒã‚µã‚¤ãƒˆã®è¨±è«¾ã‚’å¾—ã¦ç¿»è¨³ãƒ»å…¬é–‹ã„ãŸã—ã¾ã™ã€‚ è‹±èªžè¨˜äº‹: Rails: when "nothing changed" is the best feature | Arkency Blog åŽŸæ–‡å…¬é–‹æ—¥: 2025/04/03 åŽŸè‘—è€…: Szymon Fiedler æ—¥æœ¬èªžã‚¿ã‚¤ãƒˆãƒ«ã¯å†…å®¹ã«å³ã—ãŸã‚‚ã®ã«ã—ã¾ã—ãŸã€‚ æœ€è¿‘ç§ã¯ã€æ˜”Railsã‚’ã‚„ã£ã¦ã„ãŸã“ã¨ã®ã‚ã‚‹çŸ¥äººã¨è©±ã‚’ã—ã¾ã—ãŸã€‚å½¼ã¯ãã®å¾Œ10å¹´ãƒ¢ãƒã‚¤ãƒ«é–‹ç™ºã«ç‰¹åŒ–ã—ã¦ã„ãŸã®ã§ã™ãŒã€ãã‚Œã«ã¤ã„ã¦å½¼ãŒä»Šã©ã†æ„Ÿã˜ã¦ã„ã‚‹ã‹ã«èˆˆå‘³ãŒæ¹§ã„ãŸã®ã§ã€å½“æ™‚ã®æ±ºæ–ã¯æ£ã—ã‹ã£ãŸã¨æ€ã†ã‹ã€ãã‚Œã¨ã‚‚Webé–‹ç™ºãŒæ‹ã—ã„ã‹ã¨å°‹ãã¦ã¿ã¾ã—ãŸã€‚ æ›°ãã€ ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ã‹ã€æ‡ã‹ã—ã„ãã€‚ã§ã‚‚Webé–‹ç™ºã¯ã‚‚ã†ã†ã‚“ã–ã‚Šã€‚JSã¨åŒã˜ã“ã¨ã‚’æ–°ã—ã„ESãƒ•ãƒ¬ãƒ¼ãƒãƒ¼ã§ã‚„ã‚‹ãŸã‚ã«æ–°ã—ã„ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã‚’ç‰‡ã£ç«¯ã‹ã‚‰è¿½ã„ã‹ã‘ã‚‹ã‚ˆã†ãªå¹´ã˜ã‚ƒãªã„ã‚“ã ã‘ã©ã€npmã‚„yarnã€pnpmã€bunã¨ã‹ã€ã“ã®å››åŠæœŸã¯æ—¬
YassLab 2025/04/24
"ã€Œãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ç–²ã‚Œã€ãŒå°‘ãªã„ / å®‰å®šæ€§ã¯ã€é€”æ–¹ã‚‚ãªãå®Ÿç”¨çš„ãªä¾¡å€¤ / ä¼æ¥ã¯ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã®å¤§å¤‰ã•ã«åˆã‚ã›ã¦ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®æ›¸ãç›´ã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãªã—ã«ã€Railsã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’é•·æœŸé–“ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ã§ãã‚‹"

Ruby

Rails

JavaScript
ãƒªãƒ³ã‚¯
Railsã‚’å¿«é©ã«é–‹ç™ºã™ã‚‹ãŸã‚ã®æœ€æ–°ãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰ãƒ„ãƒ¼ãƒ«ã‚ãƒƒãƒˆï¼ˆç¿»è¨³ï¼‰ï½œTechRacho by BPSæ ªå¼ä¼šç¤¾
æ¦‚è¦ å…ƒã‚µã‚¤ãƒˆã®è¨±è«¾ã‚’å¾—ã¦ç¿»è¨³ãƒ»å…¬é–‹ã„ãŸã—ã¾ã™ã€‚ è‹±èªžè¨˜äº‹: Keeping Rails cool: the modern frontend toolkitâ€”Martian Chronicles, Evil Martiansâ€™ team blog åŽŸæ–‡å…¬é–‹æ—¥: 2024/12/10 åŽŸè‘—è€…: Irina Nazarovaï¼ˆCEOï¼‰ã€Travis Turnerï¼ˆæŠ€è¡“ç·¨é›†è€…ï¼‰ ã‚µã‚¤ãƒˆ: Evil Martians -- ãƒ‹ãƒ¥ãƒ¼ãƒ¨ãƒ¼ã‚¯ã‚„ãƒã‚·ã‚¢ã‚’ä¸å¿ƒã«æ‹ ç‚¹ã‚’æ§‹ãˆã‚‹Ruby on Railsé–‹ç™ºä¼šç¤¾ã§ã™ã€‚è‰¯è³ªã®ãƒ–ãƒã‚°è¨˜äº‹ã‚’å¤šæ•°å…¬é–‹ã—ã€å¤šãã®gemã®ã‚¹ãƒãƒ³ã‚µãƒ¼ã§ã‚‚ã‚ã‚Šã¾ã™ã€‚ æ—¥æœ¬èªžãƒ–ãƒã‚°: åˆåŒä¼šç¤¾ã‚¤ãƒ¼ãƒ“ãƒ«ãƒžãƒ¼ã‚·ãƒ£ãƒ³ã‚º - Qiita ã¯ã˜ã‚ã« Evil Martiansã¯ã€Railsã§ã®ã‚¹ã‚¿ãƒ¼ãƒˆã‚¢ãƒƒãƒ—æ”¯æ´ã‚„æ§‹ç¯‰ã‚’è¡Œã£ã¦ãŠã‚Šã€Rubyã¨RailsãŒãƒãƒ¼ãƒ ã®ç”Ÿç”£æ€§ã¨ç«¶äº‰åŠ›ã®å¼·åŒ–ã«ã¤ãªãŒã‚‹ã“ã¨ã‚‚ç†ŸçŸ¥ã—ã¦ã„
YassLab 2025/03/07
"Hotwireã®ç”Ÿç”£æ€§ã‚’è½ã¨ã•ãªã„ãŸã‚ã«ã¯å¿…è¦ãªå ´æ‰€ã§ã„ã¤ã§ã‚‚Hotwireã‚’ã‚¨ãƒ¬ã‚¬ãƒ³ãƒˆã«å–ã‚Šå¤–ã›ã‚‹èƒ½åŠ›ãŒå¿…è¦ / Turbo Mountã‚’ä½¿ã†äº‹ã§è‡ªåˆ†é”ãŒé¸ã‚“ã ãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã‚’éžå¸¸ã«ç´°ã‹ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆãƒ¬ãƒ™ãƒ«ã§å°Žå…¥ã§ãã‚‹"

Ruby

Rails

Hotwire

Turbo

JavaScript

React
ãƒªãƒ³ã‚¯
WebAssembly ã§ã® Ruby on Railsã€ãƒ•ãƒ«ã‚¹ã‚¿ãƒƒã‚¯ã®ãƒ–ãƒ©ã‚¦ã‚¶å†…é–‹ç™º Â |Â web.dev
å…¬é–‹æ—¥: 2025 å¹´ 1 æœˆ 31 æ—¥ ãƒ–ãƒ©ã‚¦ã‚¶ã§ã€ãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰ã ã‘ã§ãªããƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ã‚‚å«ã‚ã¦ã€å®Œå…¨ã«æ©Ÿèƒ½ã™ã‚‹ãƒ–ãƒã‚°ã‚’å®Ÿè¡Œã™ã‚‹ã¨ã—ã¾ã™ã€‚ã‚µãƒ¼ãƒãƒ¼ã‚„ã‚¯ãƒ©ã‚¦ãƒ‰ã¯ä¸è¦ã§ã™ã€‚å¿…è¦ãªã®ã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ãƒ–ãƒ©ã‚¦ã‚¶ã€WebAssembly ã ã‘ã§ã™ã€‚WebAssembly ã¯ã€ã‚µãƒ¼ãƒãƒ¼ã‚µã‚¤ãƒ‰ ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã‚’ãƒãƒ¼ã‚«ãƒ«ã§å®Ÿè¡Œã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§ã€å¾“æ¥ã®ã‚¦ã‚§ãƒ–é–‹ç™ºã®å¢ƒç•Œã‚’æ›–æ˜§ã«ã—ã€æ–°ã—ã„å¯èƒ½æ€§ã‚’é–‹ã„ã¦ã„ã¾ã™ã€‚ã“ã®æŠ•ç¨¿ã§ã¯ã€Vladimir Dementyevï¼ˆEvil Martians ã®ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ ãƒ˜ãƒƒãƒ‰ï¼‰ãŒã€Ruby on Rails ã‚’ Wasm ã¨ãƒ–ãƒ©ã‚¦ã‚¶ã«å¯¾å¿œã•ã›ã‚‹ãŸã‚ã®é€²æ—çŠ¶æ³ã‚’å…±æœ‰ã—ã¾ã™ã€‚ 15 åˆ†ã§ Rails ã‚’ãƒ–ãƒ©ã‚¦ã‚¶ã«å°Žå…¥ã™ã‚‹æ–¹æ³•ã€‚ Rails ã® wasm åŒ–ã®è£å´ã€‚ Rails ã¨ Wasm ã®å°†æ¥ã€‚ Ruby on Rails ã®æœ‰åãªã€Œ15 åˆ†ã§ãƒ–ãƒã‚°ã€ãŒãƒ–ãƒ©ã‚¦ã‚¶ã§å®Ÿè¡Œå¯èƒ½
YassLab 2025/03/07
"ç§»æ¤ã™ã‚‹ã“ã¨ã§ã€å¦ç¿’ã¨ãƒ—ãƒãƒˆã‚¿ã‚¤ãƒ”ãƒ³ã‚°ã®æ©Ÿä¼šãŒå¤§å¹…ã«åºƒãŒã‚Šã¾ã™ / Stackblitzã§ã¯ã€JavaScriptãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã§ã“ã‚Œã‚’å®Ÿç¾ / WordPressãƒ†ãƒ¼ãƒžã‚’è©¦ã™ã“ã¨ãŒã§ãã‚‹WordPress Playground / Rubyã¨ãã®ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã§åŒæ§˜ã®æ©Ÿèƒ½ã‚’å®Ÿç¾"

Google

Ruby

Rails

WASM

JavaScript

WordPress
ãƒªãƒ³ã‚¯
Clear My Spam
YassLab 2025/03/07
"I am extremely happy with the result of this refactor. The codebase is cleaner, more organized, and only 60% the size of the original TypeScript codebase (while being more feature-rich). I learned how to build and deploy a Rails app from scratch, and feel confident in my ability to test and extend"

Ruby

Rails

JavaScript

Next.js

TypeScript
ãƒªãƒ³ã‚¯
1 2 3 4 æ¬¡ã®ãƒšãƒ¼ã‚¸