Need to Node – Volume 17
Over the past week a few things have happened around the Node.js project itself, and quite a bit happened outside of the project as well. There was a rather major, ecosystem wide security scare that Node.js itself wasn’t affected by, but did once again raise discussions around Node.js, npm, and security throughout the community.
Here’s a quick recap of updates in the various Node.js Working Groups, Teams, and Strategic Initiatives from the past week:
What’s New in the Node.js Project
- The Build WG is discussing building out a Prometheus dashboard to help monitor the Build process more effectively.
- A batch of 179 commits translating the Node.js documentation was submitted via automated PR to the i18n repository, adding translations to 49 different files.
- The User Feedback Initiative is currently working on a survey around Promises, specifically focusing on some of the rougher edges around Promises and Node.js.
- The Modules Team is discussing possible approaches to both ESM in
.jsfiles and ESM in executable files.
- The firstname.lastname@example.org release is progressing nicely, with a second release candidate having shipped early last week.
- In a newer Promises Debugging repository, Benedikt Meurer of the V8 team has brought up an interesting proposal around the possibility of a hook for rejected promises – such a hook would theoretically significantly reduce the headache of debugging
- Related to the above, the promises-debugging group is looking for additional members who are interested in implementing debugging for promises in Node.js!
Awesome Articles, Links, and Resources
- Mathius Buus published a mad science tool called
- JS Interactive is right around the corner – be sure to get your tickets as soon as possible!
- A High Level Post Mortem of the eslint-scope Security Incident by Tierney Cyren (that’s me!)
- A new version of VS Code for Node.js – Development Pack has shipped, now including an updated Azure Functions extension and VS Live Share!
One Last Thing...