View profile

Adventures in Nodeland - Issue #9 - Open Source Vampires, Un[email protected] is almost ready and many more stories!

Matteo Collina
Matteo Collina
Undici v4 is coming… and we have fix a really hard bug! This week newsletter is focused on a few key bugs I fixed along the way and a few relevant articles that popped up in my twitter feed.

I almost dropped out of the Open Source community because of the entitlement that user feels, and how bad they treat their maintainers. I call them “Open Source Vampires” and I’m extremely aware of their danger to all the communities we old dear.
In the following blog post Bret explores the topic in great length, take a read:
The social contract of open source
One of the things I miss the most about conferences is meeting with my friend Benedikt, where he would tell me the most amazing stories about V8 optimization (I indeed learned a lot from, thanks!). You should really check out his latest blog post on how he sped up DevTools stack traces by 10x!
New things to try out
I don’t get usually excited by a new AWS product launch, but CloudFront Functions caught my attention. I call it the missing .htaccess and mod_rewrite of AWS. A similar product is CloudFlare Workers. Anyway, read up as they cost very little while they enable new possibilities and use case on top of other AWS services (such as S3).
Introducing CloudFront Functions – Run Your Code at the Edge with Low Latency at Any Scale | Amazon Web Services
Undici
Last Monday I spent most of my day (and Open Source sponsored time) for the week in fixing a bad bug Ethan found in Undici when integrating with the Github REST API. The problem seemed simple but in reality it was quite complex to fix, let’s examine it in details.
Undici required HTTP/1.1 responses to have either a Content-Length or a Transfer-Encoding header. However, it is HTTP/1.1 compliant to close the connection instead (ref: https://tools.ietf.org/html/rfc2616#section-4.4). The Github API closed the connection abruptly which resulted in an ECONNRESET error in Node.js. In Undici we were sending this error back to the user, instead of consuming the full payload. Fedor pointed us to use llhttp_finish in this case, which fixed the problem completely for us!
fix: end message on connection close by ronag · Pull Request #784 · nodejs/undici · GitHub
We have also shipped [email protected] and -rc.3. We are aiming for a release this week - if we do not find any more hard bugs!
Fastify
Turns out I have still so much to learn from the community: the fastify-basic-auth module was wrongly implemented. As the Fastify co-contributor Manuel Spigolon said, https://tools.ietf.org/html/rfc7235 requires the WWW-Authenticate header to present in 401 Unauthorize resposes. [email protected] included that header everywhere. Then, I made things worse by only returning it with a successful authentication (https://github.com/fastify/fastify-basic-auth/pull/39). Manuel spot this immediately, and I reverted the change for v1, and implemented a proper fix which became v2.
Only send www-authenticate for 401. Make realm dynamic. by mcollina · Pull Request #40 · fastify/fastify-basic-auth · GitHub
Conferences
One of the conferences I hold dear is JSDay which used to happen every year in Verona. 2021 is still virtual and they are looking for speakers.
Thanks
Thanks for keeping up reading this! Your feedback motivate me in keeping up documenting my work as I go. I hope to have some news next as I have a few project that are almost ready for a semver-major release!
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.