javascript
Node.js antivirus scanning.
Minimal Node.js wrapper around ClamAV — scan any file and get Clean, Malicious, or ScanError. Handles installation and database updates automatically.
Automated monitoring of the top PyPI and npm packages for supply chain compromise. Polls both registries for new releases, diffs each release against its predecessor, and uses an LLM (via Cursor Agent CLI) to classify diffs as benign or malicious. Malicious findings trigger a Slack alert.
Related contents:
How to disable JavaScript in your browser.
Nowadays almost all web pages contain JavaScript, a scripting programming language that runs arbitrary code, through the web browser, on the visitor's computer. It is supposed to make web pages functional for specific purposes but it has proven its potential to cause significant harm to users time and time again:
A production-grade, zero-configuration preset for
Ultracite is a zero-config preset for ESLint, Biome, and Oxlint that helps teams and AI write consistent, type-safe code.
Components in Markdown.
A fast, streaming-ready markdown parser with component support for Vue, React, Svelte, HTML and ANSI terminal.
Run JavaScript anywhere. Safely. Run Node.js safely, anywhere, with any JS engine. Edge.js is a secure JavaScript runtime, designed for Edge computing and AI workloads.
Edge.js reimagines Node.js: fully sandboxed via --safe mode, engine-agnostic, and built for AI and serverless workloads. Ubiquitous by design.
Related contents:
Tiny engine for 3D voxel scenes rendered to SVG — boolean ops, oblique/perspective cameras, zero dependencies. Inspired by the geometric cardboard sculptures of Erwin Heerich.
heerich.js is a minimalist JavaScript engine that constructs 3D voxel compositions and distills them into pristine SVG. By extruding volumes, carving negative space, and applying boolean operations, you wield a programmatic chisel—projecting complex spatial arrangements into a flat, resolution-independent vector canvas.
Super lightweight syntax highlighter.
Super lightweight syntax highlighter for JavaScript and JSX—about 1 kB minified and gzipped. Works in the browser or any JS runtime that can set HTML strings.
Pure JavaScript/TypeScript library for multiline text measurement & layout. Fast, accurate & supports all the languages you didn't even know about. Allows rendering to DOM, Canvas, SVG and soon, server-side.
Pretext side-steps the need for DOM measurements (e.g. getBoundingClientRect, offsetHeight), which trigger layout reflow, one of the most expensive operations in the browser. It implements its own text measurement logic, using the browsers' own font engine as ground truth (very AI-friendly iteration method).
Structure LLM Outputs with Ease. Structured outputs powered by LLMs.
The simplest way to extract structured data from LLMs with type safety and validation.
Get reliable JSON from any LLM. Built on Pydantic for validation, type safety, and IDE support.
A manifest of JS modules and their more modern/active replacements.
As part of the community e18e effort, this project provides a collection of module replacements (i.e. possible alternative packages).
Related contents:
Open Source Video Player.
open source media player framework for Web and React. Modern, modular, and composable media player framework for Web and React.
Related contents:
The first UI framework for the agentic era — tiny, performant, with WASM sandboxes for safe code execution.
A tiny, blazing-fast, zero dependency, type-safe framework with no build step required.
ArrowJS ships with the ability to isolate component logic inside Web Assembly sandboxes while rendering full inline DOM directly in your app — no iframes, no pre-defined UI components.
Related contents:
Code and preview Word documents in the browser
A browser-based, client-side editor that helps you create .docx files using the JavaScript library Docx.js with live preview.
Related contents:
High-Performance Data Grid for Vue, React, Angular, Svelte, and JavaScript. RevoGrid is a high-performance JavaScript Data Grid built for massive datasets. 60fps, 3x less memory
Haptic feedback for the mobile web. Supports React, Vue, and Svelte.
Related contents:
🌳 Tiny & elegant JavaScript HTTP client based on the Fetch API.
Related contents:
The AI Operator Living in Your Web Page. JavaScript in-page GUI agent. Control web interfaces with natural language.
🪄One line of code, turns your website into an AI-native app. Users give natural language commands, AI handles the rest.
Unified Security Platform from Code to Runtime.
Protect against malicious code installed via npm, yarn, pnpm, npx, and pnpx with Aikido Safe Chain. Free to use, no tokens required.
Full NumPy, in TypeScript/JavaScript (94% coverage).
The most comprehensive NumPy implementation for TypeScript and JavaScript. Write numerical computing code with the same API you already know from Python — fully type-safe, tree-shakeable, and validated against NumPy itself.
Production-Ready Full-Stack Framework.
CedarJS is a stable, opinionated full-stack framework that integrates React, GraphQL, and Prisma into a cohesive system. Don't waste weeks on boilerplate—use the foundation trusted for production-grade applications.
A fast, lightweight, and responsive masonry grid layout library.
Light Weight "Headroom Style" scroll intent library that hides the site header on scroll down and shows on scroll up.
A lightweight JavaScript library for creating smart header behavior based on scroll intent. Peek automatically hides your site header when users scroll down and reveals it when they scroll up, creating a more immersive browsing experience.
The Lightweight Reactive Library.
Minimal reactive state management using only standard JavaScript and HTML - no custom syntax, no build step required.
Minimal PDF creation library. <400 LOC, zero dependencies, makes real PDFs.
Super-configurable and well-tested web page minifier (enhanced successor of HTML Minifier).
Stop logging into a black hole. Give your logs a beautiful, powerful, and interactive home.
log-vwer is the ultimate plug-and-play toolkit for Node.js developers who are tired of messy console.log statements. It instantly gives you a professional-grade dashboard to view, search, and filter your application logs in real-time.
Slow down, pause, or speed up time of any web content.
Debug animations, study cool demos, and make games easier or harder.
The WebMCP API enables web applications to provide JavaScript-based tools to AI agents.
Related contents:
Pretty logs in JavaScript!
Simple, powerful, and pretty. Make and improve your logs with kittylog.
KittyLog is a JavaScript library that makes your logs visually appealing and easy to understand. It helps organize information clearly and adds colors and styles to make messages stand out.
Simple and modern email sending library
Universal interface for emailing across runtimes.
Upyo is a simple and cross-runtime library for sending email messages using SMTP and various email providers. It works on Node.js, Deno, Bun, and edge functions.
Access the system clipboard (copy/paste).
Cross-platform. Supports: macOS, Windows, Linux (including Wayland), OpenBSD, FreeBSD, Android with Termux, and modern browsers.
La classe Vanilla JS universelle pour Google Maps.
MagixMaps est une bibliothèque JavaScript légère, performante et sans dépendances (Vanilla JS), conçue pour intégrer l'API Google Maps (version 2026) dans tout projet web.
API mocking library for browser and Node.js. Industry standard API mocking for JavaScript.
Mock Service Worker is an API mocking library that allows you to write client-agnostic mocks and reuse them across any frameworks, tools, and environments.
Related contents:
A modern data client for React & tRPC
Inspired by Relay and GraphQL, fate combines view composition, normalized caching, data masking, Async React features, and tRPC's type safety.
A framework for finding JavaScript memory leaks and analyzing heap snapshots. Analyzes JavaScript heap and finds memory leaks in browser and node.js.
Related contents:
✅ ESLint plugin to enforce the JavaScript Baseline.
Default to the Web Platform Baseline, the cross‑browser compatibility standard. Ship code that works for everyone.
A purely functional expression language for No-Code tools. A simple, well-designed, portable, and safe data expression language.
Elo compiles to JavaScript, Ruby, and SQL. Built for No-Code tools where non-technical users need to manipulate data easily and safely.
Related contents:
OpenWorkers is an open-source runtime for executing JavaScript in V8 isolates. It brings the Cloudflare Workers programming model to your own infrastructure.
smooth squircle corners for HTML elements.
Monoco is a tiny JavaScript library that adds squircles (smooth corners) and other corner types to html elements.
🔧 A collection of essential design pattern examples in JavaScript 🧰
A collection of essential design patterns for software development using practical examples, such Singleton, Factory Method, Observer, and more, to help developers write more efficient and maintainable code.
Nostalgist.js is a JavaScript library that allows you to run emulators of retro consoles like NES and Sega Genesis, within web browsers.
MicroQuickJS (aka. MQuickJS) is a JavaScript engine targetted at embedded systems. It compiles and runs JavaScript programs using as little as 10 kB of RAM. The whole engine requires about 100 kB of ROM (ARM Thumb-2 code) including the C library. The speed is comparable to QuickJS.
Universal visualizer and analyzer for JavaScript and CSS. Compatible with most bundlers and frameworks.
Sonda is a universal bundle analyzer and visualizer. It generates an interactive HTML report that is more accurate and detailed than some alternatives. The accuracy is achieved by analyzing source maps and showing the size of each module after tree-shaking and minification.
Complete media toolkit.
Pure TypeScript media toolkit for reading, writing, and converting video and audio files, directly in the browser.
A JavaScript library for reading, writing, and converting video and audio files. Directly in the browser, and faster than anybunny else.
Related contents:
The JavaScript Oxidation Compiler.
A collection of JavaScript tools written in Rust.
Related contents:
A spreadsheet where formulas also update backwards.
BIDICALC is a bidirectional calculator, a spreadsheet where formulas also update backwards.
A GraphQL.js validation rule for limiting the depth (including list depth) of GraphQL operations
The ultimate Object Relational Mapper for Node.js, Bun and Deno, offering seamless integration with a variety of popular databases. Orange ORM supports both TypeScript and JavaScript, including both CommonJS and ECMAScript.
A lightweight, PostgreSQL-backed job queue. Handle background jobs with ease.
DataQueue allows you to utilize your existing PostgreSQL database to process background jobs. No need for additional infra or services.
A lightweight, PostgreSQL-backed job queue for Node.js/TypeScript projects. Schedule, process, and manage background jobs with ease. Perfect for web apps (Next.js, etc.) deployed to serverless platforms like Vercel, AWS Lambda, etc.
🗄 Zero dependency streaming tar parser and writer for every JavaScript runtime. Built with the browser-native Web Streams API for performance and memory efficiency.
Lightweight type coercion library.
Of Coerce! is a lightweight, near-zero overhead alternative to Zod and Valibot.
Unlike these libraries, Of Coerce! focuses on a single task: ensuring the data corresponds to the types.
It uses built-in JavaScript features to coerce whatever you pass to it, which makes it the fastest and the most lightweight solution (full library is 381B!).
Actor-based state management & orchestration for complex app logic. XState is a state management and orchestration solution for JavaScript and TypeScript apps.
It uses event-driven programming, state machines, statecharts, and the actor model to handle complex logic in predictable, robust, and visual ways. XState provides a powerful and flexible way to manage application and workflow state by allowing developers to model logic as actors and state machines. It integrates well with React, Vue, Svelte, and other frameworks and can be used in the frontend, backend, or wherever JavaScript runs.
JavaScript Iceberg Client.
Icebird is a library for reading Apache Iceberg tables in JavaScript. It is built on top of hyparquet for reading the underlying parquet files.
The open protocol for real-time sync to client applications.
HTTP-based durable streams for streaming data reliably to web browsers, mobile apps, and native clients with offset-based resumability.
Durable Streams provides a simple, production-proven protocol for creating and consuming ordered, replayable data streams with support for catch-up reads and live tailing.
A JavaScript toolkit that saves you time and scales with your development process. Provides everything you need to build a Web app. Language utilities, UI components, and more, all in one place, designed to work together perfectly.
Related contents:
What happens when you take an XKCD joke too literally.
CLI tool that renders package dependencies as physical tower structures. Supports PyPI, npm, and crates.io with optimal crossing minimization.
Unterminated Block Parsing.
Remend is a lightweight, standalone preprocessor that completes incomplete Markdown syntax.
Related contents: