Memory Leaks, Vulnerabilities, State of JS 2022, and other Adventures in Nodeland
Hi Folks!
This edition of Adventures in Nodeland is packed! The most exciting piece is the live stream I did with Kent C. Dodds on fixing the memory leaks on his website, check it out. I’m also announcing a new Fastify course at JSDay 2023. There are also a lot of releases, including a security vulnerability in mercurius.
Videos
This week I helped my friend Kent debug the memory leak to his website. You can read the full article at https://kentcdodds.com/blog/fixing-a-memory-leak-in-a-production-node-js-app, as well as watch our debugging session live on YouTube: https://www.youtube.com/watch?v=vkys6Wk-jYk.
I’m also continuing the development of the Unscalable Queue System in public, the latest video is Part 3:
You can subscribe to my twitch channel.
Fastify Course @ JSDay 2023
I’m proud to announce that on April 12th I will be doing a Fastify course at JSDay!
State of JS 2022
The good news of the #StateOfJS 2022: is that 9% of respondents use Fastify, which is excellent!
The bad news is that we have lost the year-over-year data that happened in the previous years.
I’m also the 35th in the list of people
Releases
- platformatic v0.13.0 implements a new way to configure CORS, improves the SQL mapping of Platformatic DB, and includes a few bugfixes in
create-platformatic. - mercurius v11.5.0 adds a missing
.catch()leading to an unwanted crash (CVE-2023-22477), it replaces subscription client with the standalone package, and it adds support for whole AST as parameters. This fix was also backported to v8.13.2. - @fastify/websocket v7.1.2 removes the
FSTDEP014deprecation warning. - secure-json-parse v2.7.0 improve performance on error path in JSON.parse.
- fastify-plugin v4.5.0 supports environments where
Error.stackTraceLimithas been lowered. - undici v5.15.0 is out with a spec-compliant WebSocket implementation, utilities to parse cookies from Headers objects, …and many other bugfixes!
- @fastify/autoload v5.7.0 adds the
matchFilterandignoreFilteroptions; v5.7.1 actually make them work. - hyperid v3.1.0 improves the performance of the module.
- async-cache-dedupe v1.7.0 adds TypeScript definitions.
- @fastify/view v7.4.0 set nunjucks environment globals on load not per request.
- @fastify/multipart v7.4.0 supports
saveRequestFilesoption withattachFieldsToBodyoption settrue. - fastify-cli v5.7.1 uses address 0.0.0.0 in Kubernetes by default.
- pino-syslog v3.0.0 updates to latest versions of pino and Node.js.
- @fastify/secure-session v6.0.0 fixes a problem when using the module with an Alpine image.
- @fastify/swagger v8.3.0 passes JSON Schema keywords into OpenAPI Header Spec.
- @mercuriusjs/gateway v0.2.0 is now on par with Mercurius v11.x.
Interesting Articles
- Why Fosstodon Is English Only - or how English is the language we use to collaborate on Open Source Software (as you may know, I’m tooting at @mcollina@fossdoton.org).
- Sick Systems: How to Keep Someone With You Forever | Issendai.com - I’ve found this article a must-read for everybody, as you can be trapped in a sick system without even noticing.
- $415k Pre-Release Launch of a Developer Education Product. This article tells the story of how Matt Pocock‘s “Total TypeScript” course came to be. It’s amazing.
- The state of HTTP in 2022 shows all the advancements HTTP made in 2022. Do you know all the novelties that were standardized in 2022? Check it out!
- The End of Programming - do you think AI will supersede software development? I’m afraid I have to disagree. We will see a further explosion in demand for software developers as AI will enable us to develop even more software.
- WebAssembly Performance in 2023 - I’m stunned that Node.js is a good competitor in the WebAssembly performance race!
- What is a micro-frontend? - Read up on all the knowledge Natalia Venditto prepared for you.
- What can go wrong if your CI gets hacked during the holidays? Read the CircleCI incident report for January 4, 2023 security incident.
Upcoming Events
- Global Summit for Node.js‘23 - remote - 25-26th of January
- CityJS - London, UK - 31st of March
- JSDay 2023 - Verona, Italy - 12-14th of April
- Open Source Summit / OpenJS World / OpenJS Collaborators’ Summit - Vancouver, Canada - 9-12th of May