View profile

Adventures in Nodeland - Issue #25

Matteo Collina
Matteo Collina
Hi Folks,
I’m sorry for the delay - I’m currently in the Austrian Alps with my family! Last week has been a bit hectic and I did not accumulate much Open Source work as it was a back-to-work week for most people.. and I had to focus on Node.js Core security work.

Stream Into the Future (NodeJS Streams)
Stream Into the Future (NodeJS Streams)
I have recently found that this version of one of my best talks ever “Stream Into the Future” has almost 30 thousands view on youtube! I’m sincerely impressed, thank you all for watching it. If you have not watched this, it’s a really instructive talk on the “future” of Node.js streams at the time… however we have mostly implement all of what I mentioned in the talk, I guess I should do a new stream talk! Would you be interested?
One important fix we shipped last week is within sonic-boom, a fundamental dependency of pino. In order to provide the throughput increase as well as the development experience everybody relies upon, I created sonic-boom as a stream replacement from Node.js core process.stdout. sonic-boom offered two modes of operation, synchronous and asynchronous. In synchronous mode, all strings written are immediately flushed to the operating system buffers - the throughput of this solution is entirely dependent on the destination performance. In asynchronous mode, strings are buffered until the previous one finishes. Unfortunately due to some other limitations (too long for this newsletter), we have to limit the maximum chunk size to 16MB. The changes Robert Nagi and myself did made sure that a string is never split across two writes, making asynchronous logging safer in case multiple processes are writing to the same destination concurrently. The day were pino ships asynchronous logging by default is coming - it might happen as soon v8, likely a year or so from now.
GitHub finally shipped one of most requested features to GitHub Actions: the ability to reduce duplication with composition, so that action definitions could be reused across repositories without duplicating them. This will be an amazing news for the Fastify ecosystem as we have to maintain several tens of copies of the same actions!
GitHub Actions: Reduce duplication with action composition | GitHub Changelog
Last but now least, we have another Security Release for Node.js coming out next week. As you can expect, we had a flurry of those since the end of July - the good news is that Node.js is getting safer, the bad news is a lot of forced upgrade to everybody. These vulnerabilities are serious, so consider an update as soon as possible.
August 31 2021 Security Releases | Node.js
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.