Upcoming Node.js Security Release, fastify-astro, a trip to Milan, and other Adventures in Nodelnad

really bad bug

                            February 13, 2023

                Upcoming Node.js Security Release, fastify-astro, a trip to Milan, and other Adventures in Nodelnad

                        Hi Folks,
Last week I visited Milan for a Platformatic team retreat! It was a great experience, and we planned several features for Platformatic!
I also spoke at the “Milano Frontend” meetup, presenting Platformatic DB!

fastify-astro
Today at 16:30 GMT, Matthew Phillips and
 I will be building fastify-astro together!
Tune in at https://twitch.tv/matteocollina. All recordings will be published on my YouTube channel too!
Node.js Security Releases
Next week we will have a Node.js security release:
https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/. This packs quite a lot of fixes. Make sure to update your setup as soon as possible!
Releases

pino v8.10.0 adds the dedupe option to transport.
fastify v4.13.0 includes many fixes and new features:
Return 408 on client timeout
ContentTypeParser remove(): Return false when content type parser was not present for removal
Replace native errors with @fastify/errors
Fix for a bad crash when using onReady hooks
…and many more!

avvio v8.2.1 fixes a really bad bug that we found when developing platformatic: some errors during the boot phase were swallowed.
pino-pretty v9.2.0 adds the possibility to pass an object as parameters to customLevels.
@fastify/circuit-breaker v3.2.0 adds missing options to typings.
@fastify/static v6.9.0 fixes an infinite loop when the multi-root and pre-compression are both enabled.
async-cache-dedupe v1.9.0 adds browser support.
mercurius v12.0.1 fixes __resolveReference.

Articles

GitHub Actions now have GITHUB_TOKEN permissions as read-only. This update broke the default GitHub for Platformatic Cloud, the fix is tiny. 

I’m so happy that the architecture for IPFS I co-designed with my ex-team NearFom is public. It’s a clear example of how you can use AWS tooling to create things that can achieve massive scalability.
    As part of this change, the team moved from using AWS SDK to a home-grown solution using undici. This reduced the time needed to serve files from 13 seconds to 3 seconds. Stunning!
    (TL;DR switch to undici.request() whereever possible) 

Should Open Source integrate some telemetry to help projects make better decisions? The answer seems to be “yes” for the Go team. Read more at Transparent Telemetry for Open-Source Projects1

Should You Use char, varchar, or text in PostgreSQL? I was surprised by the answer!

Upcoming Events
If you would like to meet me in person, you will find me at these upcoming events:

Open Source Day 2023 - Florence, Italy - 24th of March
CityJS - London, UK - 31st of March
JSDay 2023 - Verona, Italy - 12-14th of April
Node Congress - Berlin, Germany - 14th of April
Open Source Summit / OpenJS World / OpenJS Collaborators’ Summit - Vancouver, Canada - 9-12th of May
JSNation 2023 - Amsterdam, Netherlands - 1st of June

                            Don't miss what's next. Subscribe to Adventures in Nodeland: