View profile

Technical Principles and other Adventures in Nodeland - Issue #49

Matteo Collina
Matteo Collina
Hi Everyone, this edition is bittersweet. It’s packed with all the usual OSS releases and news that you got to enjoy, however the current world situation keeps me awake at night. I #StandWithUkraine.

Ukraine / Україна
To the free people of the world!

We feel your support. We see your demonstrations with our flags. We hear your chants. This helps us fight the horrific Russian evil.

Ukraine holds its ground ✊

We. Will. Not. Fall.

#StandWithUkraine
Last week I was hosted in PodRocket, the podcast of LogRocket! We talked about Fastify, Pino and community building!
PodRocket - A web development podcast from LogRocket: Fastify and Pino with Matteo Collina
Technical Principles
Early this week a colleague asked me what principles I followed when designing architectures. Here is my list:
1. Conway’s Law is paramount.
Any organization that designs a system (defined broadly) will produce a design whose structure is a copy of the organization’s communication structure.
In order to design a piece of software we need to “design” the team that is going to produce it.
2. Developer Experience is key to productivity
Developers must spend as much time in the “flow” state to maximize the joy their profession sparks. A developer in flow state can resolve any problem in front of them. Meetings and constant interruptions break them out of the “flow”, impacting their job satisfaction and productivity. Given that coordination overhead (= meetings) increases quadratically with the number of people in a team, developers works best when in teams of 4-6 people.
Optimising developer productivity is a fundamental activity of every team. Every tool and framework could impact developer productivity. Choose wisely.
3. DORA metrics, not burndown charts
Scrum and other Agile methodologies predicates the use of story points and time to assess how much work will fit in a sprint. Then, the team is benchmarked with these estimates. This incentives writing low quality software as bug fixes will be more story point to churn later on.
Continuous Deployment is the way. The best way to measure CD are DORA metrics:
  1. deployment frequency (DF)
  2. lead time for changes (LT)
  3. mean time to recovery (MTTR)
  4. change failure rate (CFR)
Node.js
I’m so excited about Node.js v17.6.0 as it’s the first one to ship HTTPs import of modules behind a flag. We are still early days of this new method of module installation.
Node v17.6.0 (Current) | Node.js
Fastify
The Fastify community worked on a couple of module updates: fastify-cookie and fastify-swagger, to fix a few minor bugs.
Release v5.6.0 · fastify/fastify-cookie · GitHub
Release v4.16.0 · fastify/fastify-swagger · GitHub
We will be soon starting to migrate all fastify-* modules that are maintained by the Fastify team to the @fastify namespace. The goal is to make them immediately recnognizable. You can read about the progress at:
Deprecating `fastify-*` modules · Issue #3733 · fastify/fastify · GitHub
Mercurius
Mercurius shipped an important update that updates graphql-jit so that v9 works with typescript. Thanks to Simen Bekkis it got resolved quickly. Read up on the following issues:
Release v9.3.3 · mercurius-js/mercurius · GitHub
fix: update graphql-jit by SimenB · Pull Request #736 · mercurius-js/mercurius · GitHub
The other fix mercurius v9.3.3 shipped is a fix for the gateway to support GraphQL fragments in certain queries:
fix: gateway fragment usage by Eomm · Pull Request #739 · mercurius-js/mercurius · GitHub
Last but not least we had a new release of mercurius cache:
Release v1.4.0 · mercurius-js/cache · GitHub
Pino
We fixed a bad bug (in fact, a typo) that could lead to crashes or data corruption in case of multi-byte utf characters. I’d like to thank the issue reporter that created an easy way to reproduce the problem, thanks https://github.com/petru-planable!
Release v0.13.2 · pinojs/thread-stream · GitHub
News
Could package-lock.json be an attack vector? Indeed it can. Read up at:
Injecting backdoors to NPM packages - DEV Community
I’m so impressed that yelp is using techniques that James Snell, Anna Henningsen and myself, theorized and built while they were at NearForm in the last few years. I’m glad we built something of valuez
Good libraries
I used and maintained several generations of HTML5 slides. I find that using git to store slides provides a better solution for technical topics, more importantly if there is a live demo. My colleague Jonas demoed slidevv… and we have been using it since!
Slidev
I’m a user of Docker and I always recommended my clients to buy a subscription for Docker Hub to store their images for deployment. Recently Docker changed their licensing of Docker Desktop, making it a paid product. While I support their decision to become profitable, I had to evaluate that the price associated with Docker Desktop was worth it. Late January I had to make a decision if I should buy a license. A colleague pointed me to colima, a barebone Linux vm for Mac OS X that can be used to containers. Check it out and remember to support his maintainer!
GitHub - abiosoft/colima: Container runtimes on macOS (and Linux) with minimal setup
Did you enjoy this issue? Yes No
Matteo Collina
Matteo Collina @matteocollina

I write about my journey as a core contributor of Node.js, as an author and a maintainer of many modules - including Fastify and Pino. In addition, I speak at conferences, and I will add links to all my talks in case you missed one.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.