James Snell

quic: continuing work on impl using openssl 3.5 by jasnell · Pull Request #59342 · nodejs/node More work on the implementation

Got quic in Node.js making progress again now that openssl 3.5 has landed, and finished another chapter in the book. Productive weekend. github.com/nodejs/node/...

🧵⚠️ PSA for @nodejs.org developers: be careful with setImmediate() for CPU-intensive work.

A minor libuv optimization exposed how many apps accidentally depended on implicit timing behaviors they didn't even know existed.

Here's why this is a crucial lesson 👇

PSA.. the @nodejs.org TSC just had a leadership vote. @nodeland.dev is the new TSC chair. @ruyadorno.com and I will be serving as the Co-Vice Chairs.

And, for Workers + Rust enthusiasts out here: WASI with filesystem bindings is coming (hopefully) shortly after!

I figure it's a good thing when some random person blocks me. I'm sure it means avoiding stuff I don't want to see in the future.

// Currently let prefs = new getUserPrefs(); if (!prefs.has("useDarkmode")) { prefs.set("useDarkmode", true); // default to true } // Using getOrInsert let prefs = new getUserPrefs(); prefs.getOrInsert("useDarkmode", true); // default to true

ECMAScript excitement 😉

Congrats to Dan Minor @mozilla.org on advancing the Upsert proposal to Stage 3 at TC39 this week 🎉

let map = new Map();
map.getOrInsert(key, defaultVal);

It lets you set a default value on a map key without overwriting an existing value 👍

let values = [1e20, 0.1, -1e20]; values.reduce((a, b) => a + b, 0); // 0 Math.sumPrecise(values); // 0.1

ECMAScript excitement 😉

Congrats to @bakkot.com on advancing Math.sumPrecise to Stage 4 at TC39 this week 🎉

let vals = [1e20, 0.1, -1e20];
Math.sumPrecise(vals); //👉 0.1

It lets you calculate the sum of an array of numbers. Manual addition in a loop can lose precision - use this API instead.

The (Star Trek themed) vibe I bring to the party:

Monday: Greg Tuesday: Ian Wednesday: Greg Thursday: Ian Friday: Greg Gregorian Calendar

If anyone ever wonders what kind of humor I enjoy most. It's this. Definitely this.

More unintentional. Temporal is going to require enabling rust in our build tooling because that is required by V8. It's a big change that's unlikely to be back ported. Not impossible, just unlikely.

Yep. That's exactly it. I don't mind developers making use of new tools but good grief people, read the code before you open the PR. Please.

The more I end up having to review AI generated code the more I really dislike reviewing AI generated code. At least it's fairly easy to spot.

Yeah, I miss all my friends but I just can't in good conscience ask anyone to come visit given the risks

Just don't come to the US for the time being.

You're not missing anything... well, except for the opportunity to be kidnapped and shipped to a concentration camp.

Even more things that'll soon... Just Work

import.meta.url
import.meta.resolve(...)

import * as foo from 'file:///bundle/module';

More things that'll soon... Just Work

process.stdout.write('hello world');

import { write } from 'node:fs';
write(1 /** stdout **/, 'hello world', callback);

Some things that will (fairly soon) Just Work in Cloudflare Workers:

import { readFileSync } from 'node:fs';
readFileSync('/bundle/config');

const r = await navigator.storage.getDirectory();
const tmp = await r.getDirectoryHandle('tmp');
const file = await tmp.getFileHandle('foo',{create:true});

The governing party of the United States is shutting down the federal government to cover-up evidence the president sexually abused children so he can continue trying to implement dictatorship.

That's just a true statement about the world!

ICE Is a terrorist organization.

You can preview the new design here: nodejs-api-docs-tooling.vercel.app

Redesign of the Node.js API Docs · Issue #52343 · nodejs/node Hey, y'all 👋 with the redesign of the Node.js Website done. We're ready to move our efforts into revamping the design of the Node.js API docs and its build process. We understand this is code owned...

The @nodejs.org website team (including my son!) has been working on a redesign of the API docs github.com/nodejs/node/...

First episode was, "This is a'ight"
Second episode was, "This is shite"

Hopefully it gets better.

These aren't "arrests", these are kidnappings.

And yes, this means things like Axios should become possible to use... But I still think y'all should just be using fetch at this point.

put http and https modules behind compat flag by anonrig · Pull Request #4456 · cloudflare/workerd This pull-request enables the following modules and functions behind a compat flag node:_http_agent Agent globalAgent node:_http_client ClientRequest node:_http_common _checkIsHttpToken _ch...

PSA: The node:http get and request methods will soon be available for use on Cloudflare Workers with nodejs_compat mode github.com/cloudflare/w...

src: add web locks api by IlyasShabi · Pull Request #58666 · nodejs/node This PR implements the Web Locks API, Locks are used to coordinate access to shared resources across multiple threads. This implementation is based on previous work in #22719 and #36502, but takes ...

PSA: Node.js is about to get an impl of the Web Locks API built in github.com/nodejs/node/...

To do per module permissions correctly, you'd need to start from the ground up. Properly sandboxing and isolating every module, preventing shared memory, preventing shared anything really. Otherwise it gets way too difficult to actually depend on

There are options, however. ShadowRealms, once they arrive, will give better standard isolation of contexts without having access to apis that require the event loop by default. But it's best not to think of it as a secure container, and still would require complexity.

Specifically, given the way JavaScript works, and the way the runtimes have implemented things, it would be a massively breaking change to apply permissions in an enforceable way per module. There'd be a nontrivial cost in both complexity and performance that would offset other benefits.

Adding a permission system to Node.js | Nearform Nearform is an independent team of engineers, designers and strategists. We build digital capability and software solutions for ambitious enterprises seeking sustained business impact. We love what we...

Yes and no. I discussed the issues with that a few years back nearform.com/insights/add...