Adventures in Nodeland - Issue #25

                            August 31, 2021

                Adventures in Nodeland - Issue #25

                        Hi Folks,

I’m sorry for the delay - I’m currently in the Austrian Alps with my family! Last week has been a bit hectic and I did not accumulate much Open Source work as it was a back-to-work week for most people.. and I had to focus on Node.js Core security work.

Stream Into the Future (NodeJS Streams)

I have recently found that this version of one of my best talks ever “Stream Into the Future” has almost 30 thousands view on youtube! I’m sincerely impressed, thank you all for watching it. If you have not watched this, it’s a really instructive talk on the “future” of Node.js streams at the time… however we have mostly implement all of what I mentioned in the talk, I guess I should do a new stream talk!   Would you be interested?

One important fix we shipped last week is within sonic-boom, a fundamental dependency of pino. In order to provide the throughput increase as well as the development experience everybody relies upon, I created sonic-boom as a stream replacement from Node.js core process.stdout. sonic-boom offered two modes of operation, synchronous and asynchronous. In synchronous mode, all strings written are immediately flushed to the operating system buffers - the throughput of this solution is entirely dependent on the destination performance. In asynchronous mode, strings are buffered until the previous one finishes. Unfortunately due to some other limitations (too long for this newsletter), we have to limit the maximum chunk size to 16MB. The changes Robert Nagi and myself did made sure that a string is never split across two writes, making asynchronous logging safer in case multiple processes are writing to the same destination concurrently. The day were pino ships asynchronous logging by default is coming - it might happen as soon v8, likely a year or so from now.

Atomic async writes by mcollina · Pull Request #102 · pinojs/sonic-boom · GitHub
Fixes: #96

github.com

GitHub finally shipped one of most requested features to GitHub Actions: the ability to reduce duplication with composition, so that action definitions could be reused across repositories without duplicating them. This will be an amazing news for the Fastify ecosystem as we have to maintain several tens of copies of the same actions!

GitHub Actions: Reduce duplication with action composition | GitHub Changelog
Previously, actions written in YAML could only use scripts. Now, they can also reference other actions. This makes it easy to reduce duplication in your workflows.

github.blog

Last but now least, we have another Security Release for Node.js coming out next week. As you can expect, we had a flurry of those since the end of July - the good news is that Node.js is getting safer, the bad news is a lot of forced upgrade to everybody. These vulnerabilities are serious, so consider an update as soon as possible.

August 31 2021 Security Releases | Node.js
Node.js® is a JavaScript runtime built on Chrome’s V8 JavaScript engine.

nodejs.org

                            Don't miss what's next. Subscribe to Adventures in Nodeland: