View profile

A Node.js v17 bug and other Adventures in Nodeland - Issue #36

Matteo Collina
Matteo Collina
Hi Folks! These weeks are quite busy with the typical end-of-year work and I am not doing as much Open Source as I would like. However

I’m so happy to announce that I will be back speaking at an in-person event the next March! I’m still preparing the abstract… what would you like me to talk about?
Haven’t you listened to the “JS Party” about Fastify and Pino? If you haven’t you should definitely check it out, we had a lot of fun recording this!
The "JS Party" Podcast
Pino's origin story is a little bonkers. 🤪

@matteocollina and @NearForm were consulting for a large business built on @nodejs and found their performance bottleneck was...

The logger! 🪵 (shared on https://t.co/Ivc2d0NSiY) https://t.co/a0L882BN4E
I have been working to make Fastify fully support Node v17… and I found a bug in Node! This means that Fastify will support Node v17 once this is fixed. In case you are curious, here is the PR:
stream: fix finished regression when working with legacy Stream by mcollina · Pull Request #40858 · nodejs/node · GitHub
Here is the Fastify PR that is currently blocked by a new release of Node:
Releases
Last week we shipped a new release of Pino that added some missing options (mkdir and append) to pino.file(), as well as improving the debuggability of some tests.
Release v7.3.0 · pinojs/pino · GitHub
My talk on GraphQL Caching is ready.. and a last minute fix to mercurius-cache was in order as I thought setting the Time-To-Live (TTL) of cached data kept only the deduplication behavior.. while in reality it cached data forever. It’s fixed in v0.10.0:
Release v0.10.0 · mercurius-js/cache · GitHub
I keep finding amazing projects on NPM. Here is a certified OAuth 2.0 Authorization server. You can use this as the basis for your Authentication service - in case you prefer not to use an Authentication provider.
Interesting modules
Have you ever wondered how to implement an OAuth 2.0 server? This has always been a topic that fascinated me, mainly due to the impressive amount of complexity that is involved to provide a secure and flexible solution today. Then I found this module by Filip and I got the wow effect: a full implementation ready to go. Check it out:
GitHub - panva/node-oidc-provider: OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js
News
I’m so glad that NPM is finally going to enforce 2FA on the packages with the most reach. It’s paramount to improve the safety of our ecosystem:
GitHub's commitment to npm ecosystem security | The GitHub Blog
OpenCollective has always been a very interesting social experiment: how could we fund Open Source work at scale?
Elastic changed the license of their database from Open Source to Source Available a few months ago? Have they been affected anyhow? Apparently not much:
Elastic keeps ticking | InfoWorld
How to create tech videos / tutorials that are memorable? What programs to use? Here it is all unpacked by Francesco:
Francesco Ciulla
5000 Subscribers on YouTube!!!!!

Thank you for your support 🖤

To celebrate this I want to share what I learned about creating tech videos.

It took me 1.5 years to understand the process!

This is not a perfect one but what I use, and it works for me.

/thread https://t.co/dCZpjLxD9Q
How would you identify a good software architecture? What principle should you follow when creating one? How would it intersect with the team structure? Read up on this article:
The strong and weak forces of architecture
If you have been following Adventures in Nodeland you’d have read about the new “Trojan Source” attack. This article explains how to mitigate it using eslint:
How to effectively detect and mitigate Trojan Source attacks in JavaScript codebases with ESLint | Snyk
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.