Weekly GitHub Report for Node: April 28, 2025 - May 05, 2025 (12:02:26)
Weekly GitHub Report for Node
Thank you for subscribing to our weekly newsletter! Each week, we deliver a comprehensive summary of your GitHub project's latest activity right to your inbox, including an overview of your project's issues, pull requests, contributors, and commit activity.
Table of Contents
I. News
1.1 Recent Version Releases:
The current version of this repository is v23.10.0
1.2 Version Information:
The version released on March 13, 2025, introduces the --experimental-config-file feature, allowing developers to use a JSON configuration file to streamline the use of multiple flags, enhancing the developer experience and potentially increasing adoption. Notable updates include improvements in error handling, updates to root certificates, and the addition of new methods such as tls.getCACertificates() and v8.getCppHeapStatistics(), reflecting a trend towards enhancing security, performance, and developer convenience.
II. Issues
2.1 Top 5 Active Issues:
We consider active issues to be issues that that have been commented on most frequently within the last week. Bot comments are omitted.
-
Conflicting behavior with
exportsand"type": "module": This issue discusses a conflict in Node.js between the use of theexportsfield inpackage.jsonand the"type": "module"setting, which leads to an error when attempting to load CommonJS modules in a project that is primarily set up for ECMAScript modules. The user expects Node.js to respect the loader type specified in the conditional exports, but instead, Node.js defaults to treating.jsfiles as ECMAScript modules due to the"type": "module"setting, causing aReferenceErrorwhen usingrequire.- The comments discuss the expectation that the
exportsfield should dictate the module format, with some suggesting avoiding the"type": "module"setting entirely for simplicity. Others highlight the challenges of this approach due to modern tooling dependencies on thepackage.jsonconfiguration, and the discussion includes examples of how this issue affects various tools and frameworks like Next.js, Jest, and Webpack. - Number of comments this week: 11
- The comments discuss the expectation that the
-
Nominating Giovanni Bucci @puskin as a collaborator: This issue is about nominating Giovanni Bucci, also known as @puskin, as a collaborator for the Node.js project due to his significant contributions to various components such as assert, util, and repl, as well as his work in both JavaScript and C++ code. The nominator expresses confidence in Giovanni's potential to be a valuable addition to the collaborator team, highlighting his diligence and ongoing efforts to improve Node.js.
- The comments section shows unanimous support for Giovanni's nomination, with multiple users expressing their approval with "+1" and praising his contributions. One comment also clarifies a username change from @puskin94 to @puskin, explaining the reason for broken links, which was later resolved.
- Number of comments this week: 8
-
[Bug] Cannot import mjs from cjs if this mjs file is already planned to be imported (ReferenceError: default is not defined): This issue describes a bug encountered when attempting to import an ES module (mjs) from a CommonJS module (cjs) if the mjs file is already planned to be imported, resulting in a "ReferenceError: default is not defined" error. The problem occurs consistently on Debian with Node.js version 23.11.0, and the expected behavior is a successful launch without errors.
- The comments discuss the bug's appearance in specific Node.js versions, with users tagging relevant contributors for input. A user notes that the error also occurs in earlier versions but with a different error message related to module cycles. Another user questions whether the error is expected behavior, and it is noted that the issue does not occur if the module lacks a default export. A fix for the issue is mentioned in a linked pull request.
- Number of comments this week: 5
-
Illegal instruction: This issue involves a crash occurring every time the user attempts to run their ExpressJS server using Node.js version v20.19.1 on a Linux platform, resulting in an "Illegal instruction" error. The user suspects that recent changes in the Node.js version might be causing the problem, as their previous commits were functioning correctly before the update.
- The comments discuss potential causes of the crash, with one user suggesting it might be related to a misconfiguration with the RedisStore variable, while another points out that it might not be a libuv issue. Suggestions include creating a minimal reproduction without external dependencies and checking the codebase for any instances where the process might be sending a SIGILL signal to itself.
- Number of comments this week: 4
-
Release GHA does not trigger GHA CI: This issue is about a problem where opening a release proposal pull request (PR) with GitHub Actions (GHA) does not trigger the GitHub Actions Continuous Integration (CI) workflow as expected. The issue is consistently reproducible, and a suggested workaround is to use a Personal Access Token (PAT) instead of the default GitHub token to trigger the workflows.
- The comments discuss whether releases are created with GHA in the repository, with some confusion clarified about the process. A specific PR created by a GitHub bot is mentioned, and a recent Build Working Group call is referenced, where the issue of PRs not triggering workflows was discussed. The conversation concludes with a clarification about the nature of the release proposal PRs.
- Number of comments this week: 4
2.2 Top 5 Stale Issues:
We consider stale issues to be issues that has had no activity within the last 30 days. The team should work together to get these issues resolved and closed as soon as possible.
- Flaky GC-related tests with V8 12.2: This issue concerns flaky garbage collection-related tests in the V8 12.2 engine, specifically involving
test-shadow-realm-gc-module,test-shadow-realm-gc, andtest-net-write-fully-async-hex-string, which are believed to be failing due to incorrect test assumptions affected by V8's new garbage collection strategy rather than actual bugs. The proposed temporary solution is to skip these tests and consider using a more reliable method,checkIfCollectableByCounting(), to verify if the ShadowRealm instance can be collected, although this approach might not fully address potential native side leaks, necessitating further investigation and a more robust testing strategy in the future. - Flaky
test-worker-arraybuffer-zerofillwith V8 12.2: This issue concerns a flaky test namedtest-worker-arraybuffer-zerofillassociated with V8 version 12.2, which has been open for over 400 days. The test intermittently fails, possibly due to a real bug or broken timing assumptions, and it has been suggested to mark it as flaky and add logs for better debugging. - Support loading dynamic addon modules (
.nodefiles) when embedding the Node.js shared library without needing to link withnode.def: This issue addresses the challenge of loading dynamic addon modules (.nodefiles) when embedding the Node.js shared library into a different executable without the need to link withnode.def. The proposed solution suggests modifying the delay load hook to utilize an environment variable, potentially namedNODE_LIBRARY, to facilitate the loading process, although the security implications of this approach are still uncertain. - unable to sign with external OpenSSL engine after usage of crypto.hash: This issue involves a bug where users are unable to sign with an external OpenSSL engine after using the
crypto.hashfunction in Node.js version v21.7.1 on a Linux platform. The problem consistently reproduces and results in an "unsupported" error, which seems to be linked to recent changes in the Node.js codebase, specifically affecting versions v21.7.0 and v21.7.1, while earlier versions like v21.6.2 do not exhibit this issue. - Performance improvement via hints to/heuristics in memory allocator to use huge pages for large data: This issue addresses the need for performance improvement in the Node.js project by suggesting enhancements to the memory allocator to utilize huge pages for large data, which has shown significant performance gains in benchmark tests. The proposal includes implementing a hinting mechanism or heuristics to automatically allocate 2MB huge pages for large, contiguous data, as opposed to relying on manual configuration of transparent huge pages, which can lead to memory fragmentation.
2.3 Open Issues
This section lists, groups, and then summarizes issues that were created within the last week in the repository.
Issues Opened This Week: 17
Summarized Issues:
- Node.js Module System Conflicts: The Node.js module system faces issues when
"type": "module"inpackage.jsoncauses.jsfiles to be treated as ECMAScript modules (ESM), conflicting with conditional exports that specify CommonJS (CJS) loaders. This results in errors when usingrequire, as Node.js defaults to the behavior dictated by the"type"field rather than respecting the loader type in conditional exports.
- Node.js TLS Certificate Chain Handling: Node.js's TLS implementation struggles with incomplete certificate chains, leading to verification errors when servers do not provide a complete chain up to a trusted root. Unlike modern browsers, Node.js does not automatically manage these cases, prompting proposals for transparent handling or user-managed solutions.
- Node.js Test and CI Issues: Several issues in Node.js testing and CI processes include a test not cleaning up correctly, causing suspended processes, and GitHub Actions not triggering CI workflows as expected. These problems highlight the need for better test management and CI configuration.
- Node.js Performance and Compatibility Concerns: Node.js v22 shows a significant performance regression in
aws-cdk-libcompared to v20, exacerbated by thedd-tracelibrary, with a 9x runtime increase linked topackage_json_reader. Additionally, a potential switch from MSVC STL to libc++ on Windows for V8 is considered due to a crash, raising compatibility concerns for addon authors.
- Node.js Documentation and Functionality Discrepancies: Discrepancies in Node.js documentation, such as the inaccurate description of the
createConnectionfunction, lead to confusion about its implementation. Additionally, theError.isErrorfunction fails to identifyDOMExceptionas an error, returningfalseinstead oftrue.
- Node.js Network and Timer Issues: Node.js v22.13.1 intermittently locks up on Windows 10 when reading from a named pipe, with the issue linked to a previously closed libuv issue. Furthermore, in v23.10.0,
headersTimeoutandrequestTimeouttimers are not restarted on keep-alive HTTP connections, allowing malicious clients to keep connections open indefinitely.
- Node.js Development and Collaboration: Giovanni Bucci (@puskin) is nominated as a collaborator for the Node.js project, recognized for his significant contributions and receiving positive endorsements from other collaborators. This highlights the ongoing efforts to enhance collaboration and development within the Node.js community.
- Node.js Build and Platform Support: Updating Xcode to version 16.3 is necessary to support the
std::atomic_reffeature required by V8's use ofsimdutf::atomic_binary_to_base64, necessitating a macOS upgrade to at least version 15.2. This reflects the ongoing need to maintain compatibility with evolving platform requirements.
- Node.js Watch and Run Command Issues: Using the
--watch-pathoption with the--runcommand in Node.js v22.15.0 on Darwin results in a failure, as the--watchflag requires a specific file. This issue highlights a potential documentation problem rather than a bug, indicating the need for clearer guidance on command usage.
2.4 Closed Issues
This section lists, groups, and then summarizes issues that were closed within the last week in the repository. This section also links the associated pull requests if applicable.
Issues Closed This Week: 8
Summarized Issues:
- Node.js Collaborator Nomination: The nomination of Dario Piotrowicz as a collaborator on the Node.js team has garnered strong support from multiple community members. This highlights the community's recognition of his contributions and the collaborative nature of the Node.js project.
- V8 Engine Garbage Collection Events: Implementing events in the V8 engine to notify before and after garbage collection processes is crucial for preventing request loss and service stalls. This is particularly important in Kubernetes environments with large, spiky memory allocations, where load balancers can redirect traffic to maintain service stability.
- Synchronous Module Loading Error: The
ERR_REQUIRE_ASYNC_MODULEerror occurs when using a try/catch approach withrequirefor synchronous module loading. The issue suggests that this error should only be thrown with a top-levelawait, allowing a fallback to asynchronousimportif needed.
- Node.js HTTP Module Bug: A bug in the Node.js HTTP module prevents the
errorevent from being emitted on anhttp.IncomingMessageobject when a client connection is prematurely closed. This issue complicates the detection of such disconnections, contrary to previous expectations and documentation.
- Visual Studio Installer Issue: The Visual Studio Installer fails to download update feeds during installation on Windows 10, likely due to network issues or firewall settings. This problem is not specific to the Node.js project but affects the installation process.
- Node.js v23.11.0 Assertion Failure: In Node.js v23.11.0, calling
process.exit()immediately after awaiting afetchstatus without waiting for the body results in an assertion failure. This behavior differs from v18.18.0, where the code executes correctly, indicating a regression.
- Conditional Debugging Feature Proposal: A proposal to add a
--inspect-brk-ifflag in Node.js aims to enhance debugging workflows by allowing conditional breaks on the first line. This feature would enable debugging without requiring code modifications, streamlining the process.
- macOS Build Process Error: An error during the build process on macOS involves the command
curl --hast--build@1.2. This issue is documented in the Node.js GitHub project and affects the build process.
2.5 Issue Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed issues that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.
Based on our analysis, there are no instances of toxic discussions in the project's open or closed issues from the past week.
III. Pull Requests
3.1 Open Pull Requests
This section provides a summary of pull requests that were opened in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. Other pull requests are grouped based on similar characteristics for easier analysis. Up to 25 pull requests are displayed in this section, while any remaining pull requests beyond this limit are omitted for brevity.
Pull Requests Opened This Week: 40
Key Open Pull Requests
1. deps: update V8 to 13.7: This pull request proposes updating the V8 JavaScript engine to version 13.7 in the Node.js project, incorporating notable changes such as the JavaScript Promise Integration (JSPI) for WebAssembly, while addressing various compatibility and build issues through multiple commits, including resetting the embedder string, updating the NODE_MODULE_VERSION, patching V8 to avoid duplicated zlib symbols, and disabling V8 concurrent sparkplug compilation due to process hangs on some platforms.
- URL: pull/58064
- Merged: No
- Associated Commits: 83300, 3c06c, aee5f, 05ec9, ad176, d4d95, f816c, d9294, b38fd, 1514c, 29b83, 65b94, eecee, dbb26, c8a88
2. Add SourceMap Benchmark: This pull request introduces a comprehensive benchmark suite for the lib/internal/source_map module in the Node.js project, aiming to evaluate and explore the performance characteristics of the SourceMap by adding various performance tests and refactoring payload handling to avoid V8 deadcode elimination, thereby providing insights for potential performance improvements.
- URL: pull/58125
- Merged: No
- Associated Commits: 83568, 74d6e, b09a6, a1b0b, 2613c, 83765, 31485, 4147f, abe87, 4675d, f6f36, 42655
3. draft: src: support namespace options in configuration schema generation: This pull request is a draft intended to facilitate discussion on the proposed approach to implementing support for namespace options in the configuration schema generation of the Node.js project, with several commits focusing on enhancing the OptionsParser, improving readability, adding validation for duplicate options, and supporting namespaced options.
- URL: pull/58073
- Merged: No
Other Open Pull Requests
- Documentation Updates: This set of pull requests focuses on updating various documentation aspects in the Node.js project. The updates include clarifying command-line interface options, enhancing the
EventEmitterclass documentation, and providing instructions for using Visual Studio on Windows for development.
- Performance Improvements: Several pull requests aim to enhance performance in different areas of the Node.js project. These include introducing a V8 fast API for buffer methods, optimizing the
TextEncoder.encodeIntomethod, and improving thestyleTextutility.
- Build and Configuration Changes: These pull requests propose changes to the build and configuration settings of Node.js. They include introducing a build option to exclude SQLite, updating the macOS runner version, and modifying build configurations for 32-bit architectures.
- Feature Enhancements: This group of pull requests introduces new features and enhancements to existing modules. Notable additions include support for the
Network.loadNetworkResourcemethod, a newuse()method inAsyncLocalStorage, and the dynamicimport.source()phase.
- Security and Compatibility: These pull requests address security and compatibility issues within the Node.js project. They include updates for OpenSSL compatibility, handling missing BoringSSL definitions, and discouraging the use of
AsyncLocalStorage.disable().
- Miscellaneous Updates: This category includes various updates such as reverting previous changes, updating test scripts, and modifying the
net.blocklistfor file management functionalities.
3.2 Closed Pull Requests
This section provides a summary of pull requests that were closed in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. Other pull requests are grouped based on similar characteristics for easier analysis. Up to 25 pull requests are displayed in this section, while any remaining pull requests beyond this limit are omitted for brevity.
Pull Requests Closed This Week: 41
Key Closed Pull Requests
1. deps: update V8 to 13.6: This pull request involves updating the V8 JavaScript engine to version 13.6 in the Node.js project, incorporating several notable changes such as the introduction of RegExp.escape, Float16Array, Atomics.pause, WebAssembly Memory64, and explicit resource management, while also addressing various compatibility and build issues across different platforms and configurations.
- URL: pull/58070
- Merged: No
- Associated Commits: e04b9, 038c3, 04550, 2b275, d6837, 8a9ba, 1f9cf, 3deb9, ee7ad, 567d7, ca3ff, eabc4, 36ee4, 840fb, eb26c, c0883, 0c4f3, d7d2b, 9afc8, f552e, b247c, 38be4, 3e314, 34b43, 9297f, 50db6, e7504, 6b6ad, 9c9f8, 07cdd, adc96, 773a8, 2e71f, 8a3e8, 6f160, 17809, 05054, c21b0, fb09a
2. deps: update V8 to 13.6: This pull request involves updating the V8 JavaScript engine to version 13.6 in the Node.js project, introducing several notable changes such as RegExp.escape, Float16Array, Atomics.pause, WebAssembly Memory64, explicit resource management, and Error.isError, while also addressing various build and compatibility issues across different platforms and compilers.
- URL: pull/57753
- Merged: No
- Associated Commits: de0bf, 736cb, 9e6dd, 7016b, 3eca2, 439cc, 0590f, 45497, a7468, 4d8f3, 61715, 4223a, b4595, ee884, 7e75e, ab6a0, 23df4, ec9ce, 6a24b, 0bc59, cc77d, 384a5, e1a8a, 9ba77, 324e0, b1111, f9753, 1c717, 06a53, 77260, b062a, 727b5, d8cc3, 05eab
3. Benchmarks for sqlite: This pull request introduces several benchmark tests for the SQLite module in the Node.js project, including tests for preparing insert statements, checking transaction status, and preparing select statements for both retrieving all records and specific records, as detailed in the associated commits.
- URL: pull/58040
- Merged: No
Other Closed Pull Requests
- OpenSSL 3.5 Preparation: This topic involves preparing the Node.js project for an update to OpenSSL 3.5 by adjusting tests and build scripts. The modifications accommodate changes in OpenSSL's behavior and structure, while deferring the actual update to a later automated process to keep the changes manageable for review.
- ClangCL Compiler Requirement: The Node.js project documentation and build scripts were updated to mandate the use of the ClangCL compiler on Windows. This change, reflected in the
BUILDING.mdfile andvcbuild.batscript, is necessary as compiling with MSVC will lead to errors in Node.js version 24 and beyond.
- Documentation Updates: Several pull requests focused on updating documentation files in the Node.js project. These updates include clarifying default values, correcting typos, and aligning method documentation for consistency.
- Performance and Optimization: Multiple pull requests addressed performance improvements and optimizations in the Node.js project. These include enhancing the
byteLengthfunction, optimizing buffer handling, and improving benchmarking processes.
- Code Quality and Configuration: Several pull requests focused on improving code quality and configuration settings. These include fixing CodeQL scan configurations, improving boolean option parsing, and addressing REPL test issues.
- Memory and Performance Fixes: Pull requests in this category addressed memory leaks and performance issues in Node.js. These include ensuring
AsyncLocalStorageis enabled immediately and fixing the v8 fast path in theinternalModuleStatfunction.
- Build and Test Improvements: Updates to the build process and test configurations were made to ensure compatibility and reliability. These include utilizing
$(BUILDTYPE)for cleaning coverage files and addressing test flakiness.
- Platform and Compatibility Adjustments: The Node.js project made adjustments for platform compatibility, including downgrading armv7 support to experimental status and modifying the
fsmodule usage for Electron compatibility.
- Miscellaneous Fixes and Features: Various pull requests introduced new features and fixed miscellaneous issues. These include adding a C FFI compatible function, backporting the
--perf-profflag for macOS, and removing unused methods.
3.3 Pull Request Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed pull requests that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.
Based on our analysis, there are no instances of toxic discussions in the project's open or closed pull requests from the past week.
IV. Contributors
4.1 Contributors
Active Contributors:
We consider an active contributor in this project to be any contributor who has made at least 1 commit, opened at least 1 issue, created at least 1 pull request, or made more than 2 comments in the last month.
If there are more than 10 active contributors, the list is truncated to the top 10 based on contribution metrics for better clarity.
| Contributor | Commits | Pull Requests | Issues | Comments |
|---|---|---|---|---|
| targos | 81 | 5 | 1 | 3 |
| jasnell | 23 | 5 | 2 | 45 |
| aduh95 | 26 | 4 | 0 | 43 |
| anonrig | 26 | 12 | 0 | 23 |
| LiviaMedeiros | 25 | 3 | 3 | 15 |
| dario-piotrowicz | 26 | 7 | 1 | 9 |
| joyeecheung | 13 | 5 | 3 | 18 |
| mcollina | 23 | 1 | 1 | 10 |
| marco-ippolito | 15 | 2 | 2 | 16 |
| miguelmarcondesf | 23 | 6 | 1 | 4 |