View profile

So many new gifts 馃巵 (releases) and other Adventures in Nodeland - Issue #40

Matteo Collina
Matteo Collina
Hi Folks, we are well in the holiday season and OSS activity has been at an all time high! This edition features a few new releases of Fastify, Mercurius, Pino as well a few interesting articles and Node.js Core PRs! Check it out while it鈥檚 hot!

Fastify
Release v3.25.1 路 fastify/fastify 路 GitHub
The hardest bug I fixed last week was a tiny bug driving a part of the next community into Fastify and Pino issue tracker. I鈥檝e learned the hard way that parsing an incoming request body can break the asynchronous context tracking that AsynchronousLocalStorage (ALS) provides, checkout our solution:
Fix context tracking with als run by mcollina 路 Pull Request #3571 路 fastify/fastify 路 GitHub
I have also opened an issue to discuss this further in Node.js core as the current documentation of ALS does not cover this case well:
async_hooks: AsyncLocalStorage losing context 路 Issue #41285 路 nodejs/node 路 GitHub
鈥nd Fastify v3.5.2 include the fix:
Release v3.25.2 路 fastify/fastify 路 GitHub
We have also release point-of-view v5, dropping support for Marko as it now has its own plugin maintained by the Marko team!
Release v5.0.0 路 fastify/point-of-view 路 GitHub
fast-json-stringify v2.7.13 was released recently with a fix for allOf support:
Release v2.7.13 路 fastify/fast-json-stringify 路 GitHub
I鈥檝e also shipped a new release of Middie that adds the support to setup the middleware hook in a different request lifecycle phase.
Release v5.4.0 路 fastify/middie 路 GitHub
Pino
v7.6.0 of pino 馃尣 ships a new logic to determine the caller of the transport system, making it simpler to integrate with frameworks such as Fastify.
Release v7.6.0 路 pinojs/pino 路 GitHub
As with every new feature, we shipped a regression :(. v7.6.1 fixes it.
Release v7.6.1 路 pinojs/pino 路 GitHub
We also shipped the v6.5.0 release of pino-http that improve the throughput by 25%. There is likely some more to optimize on this module, but this is a great step:
Release v6.5.0 路 pinojs/pino-http 路 GitHub
Mercurius
As promised in the latest edition of Adventures in Nodeland, I released the new version of Mercurius to support GraphQL-js v16 and a few other semver-major changes that were waiting for a release:
Release v9.0.0 路 mercurius-js/mercurius 路 GitHub
v9.1.0 adds support for GQL_CONNECTION_KEEP_ALIVE for subscriptions, thanks Stefano!
Release v9.1.0 路 mercurius-js/mercurius 路 GitHub
Node.js Core
My colleague Paolo has started to crunch a few 鈥渙ld鈥 HTTP issues, the first is a behavior simplification of headersTimeout and requestTimeout.
http: add headersTimeout timer and response logic by ShogunPanda 路 Pull Request #41263 路 nodejs/node 路 GitHub
The second fix is adding a couple of new options to net.connect() to be able to enable TCP KeepAlive and disabling Nagle Algorithm by default in HTTP.
net: add new options to `socket.connect` by ShogunPanda 路 Pull Request #41310 路 nodejs/node 路 GitHub
What happens when Node.js deprecates a private/undocumented feature and your library depends on it? They work to support that use case in Node,js core, thanks Tim.
http2: handle existing socket data when creating HTTP/2 server sessions by pimterry 路 Pull Request #41185 路 nodejs/node 路 GitHub
News
When a bug is a security issue and when a bug is just a bug? As part as my work as a Node.js Technical Steering Committee is to help triage and assess the security vulnerabilities that are reported to the project.
Security in context: When is a CVE not a CVE? | Snyk
One of the most amazing piece of news from last week is that the React Core team will start being composed of people from multiple companies. This is an amazing news and a bright future for the React project!
Supporting the Future of React 鈥 Vercel
I鈥檓 stunned I will fly out to Austin, TX to speak at OpenJS World! Registrations are open:
What lesson could we learn to the Log4j vulnerability that has been all over the news last December? Read up:
Articles
One of the questions I always ask to frontend, backend and DevOps candidates is to explain me CORS. What is the best way to learn CORS? Read this article from Jake Archibald:
How to win at CORS
Recruitment
Careers - NearForm
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.