It's been a couple of weeks since the last email, and this is packed with updates. It includes two talks that I published on YouTube, links to the ongoing debate on open-source licensing, a brief explanation of the recent Node.js security release, many releases, and quite a few interesting articles.
I recorded a short video on how we made Platformatic DB routes up to 5x faster... by de-duplicating concurrent queries.
The "trick is to use the
async-cache-dedupe module to deduplicate the request to the database. In our implementation, we increased the req/s of Platformatic DB by 5x, while reducing the latency to 1/3. Amazing? You can implement it too!
In 2012, this tiny community group, "WEBdeBS" ran the first conference ever on Node.js. I was there in the room, watching great speakers present a future in technology that was so innovative that blew my mind. No one would have thought that the bumblebee could fly, but now Node.js is installed on every developer machine - yours too! In this talk, we are going to go through the story of Node.js, what were the key moments in Node.js history, and what's the state of the project today. We will also cover all the key features we shipped between 2012 and now, and why developing Node.js applications in 2023 can be so much better!
According to the Open Source Initiative, the Open Source Definition is available at https://opensource.org/osd/. However, not everyone agrees.
There is an ongoing debate on tech startups in how to monetize Open Source, which is often implemented via relicensing:
Which all successfully (?) transitioned from an Open Source license to a Source-Available one, essentially prohibiting somebody from competing against them on the cloud by offering similar services. Something to keep in mind is to choose projects with licenses that forbid retroactive relicensing.
I think Foundations are a good place to ensure "shared" ownership of Open Source projects so that projects can survive their original inventors. This is why Node.js, Electron, Eslint, Webpack, Fastify, and many other projects are housed in the OpenJS Foundation. Saying it in another term, when asked why an author should consider moving a project to a Foundation, I tend to reply:
A Foundation protects the project users from you.
Not everybody agrees on this take, read Matthew Phillips' take.
Last week, CloudFlare and Google released details on a large scale DoS attack that they received in August... by using a "feature" of HTTP/2:
While the technical aspects of this attack are fascinating, we had to ship our "fall" security release a few weeks earlier than planned to address this HTTP/2 scenario, this includes:
FinalizationRegistryif not required.
flushbefore the stream was ready.
levelproperty; v8.15.5 v8.15.6 fixes a flaky test in CITGM, v8.16.0 adds a callback to flush().