View profile

Adventures in Nodeland - Issue #34

Matteo Collina
Matteo Collina
Hey Everyone, another week in Nodeland has passed! This edition covers some improvements on npm, two fastify releases and a pino release!

After a couple of modules were released with Windows virus included, last we are now debating about disabling postinstall scripts by default in npm pacalges. I believe this is a great step we should take. Read the RFC… will the npm team implement it?
Make npm install scripts opt-in by tolmasky · Pull Request #488 · npm/rfcs · GitHub
Fastify
I’m incredibly happy that after 194 releases of Fastify we can still fix some “bad” bugs that could potentially lead to a crash. Fastify v3.23.0 is such a release: Davide Fiorello who is currently working on one of “my” projects at NearForm identified and quickly fixed it. Thanks!
Release v3.23.0 · fastify/fastify · GitHub
You can read more about the actual problem at:
fix: verify request socket before access attributes by codeflyer · Pull Request #3420 · fastify/fastify · GitHub
The above condition can happen if the incoming socket is destroyed before the server could respond.
Unfortunately that release/PR did not fix all the problems, so we got v3.23.1 shipped in a hurry! Here are the two links:
Release v3.23.1 · fastify/fastify · GitHub
fix: socket null in logger by codeflyer · Pull Request #3422 · fastify/fastify · GitHub
Pino
The v7.1.0 release of pino brings quite a few improvements to thread-stream (v0.12.0) and it starts reporting a deprecation warning if pino.final() is used in Node v14. We have also improved our docs quite a bit!
Release v7.1.0 · pinojs/pino · GitHub
My colleague Paolo Insogna has also been busy in adding support for bundlers for pino.transport(). More news to come next week!
Apollo Federation 2 goes Source Available
Last week big news has been Apollo GraphQL announcing Federation v2 with a few novelties… and a license change! A few libraries of their stack are moving to the “Elastic License”. You can read about in two following articles:
Announcing Apollo Federation 2 - Apollo GraphQL Blog
Moving Apollo Federation 2 to the Elastic License v2 - Apollo GraphQL Blog
I think this news is bittersweet. I understand their reasoning behind this change, however I think the GraphQL community will suffer from this change. You can read a counterargument at:
News
Do you know how database indexes work? You should! In the era of “metered” databases, a wrong query can cost you a small fortune. Read up:
Redis is one of my favorite databases as it allows all sort of amazing data structures.
Building a Reactive Architecture Around Redis
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.