Weekly GitHub Report for Node: February 17, 2025 - February 24, 2025

Weekly GitHub Report for Node

Thank you for subscribing to our weekly newsletter! Each week, we deliver a comprehensive summary of your GitHub project's latest activity right to your inbox, including an overview of your project's issues, pull requests, contributors, and commit activity.

---

Table of Contents

• I. News
  • 1.1. Recent Version Releases
  • 1.2. Other Noteworthy Updates
• II. Issues
  • 2.1. Top 5 Active Issues
  • 2.2. Top 5 Stale Issues
  • 2.3. Open Issues
  • 2.4. Closed Issues
  • 2.5. Issue Discussion Insights

• III. Pull Requests
  • 3.1. Open Pull Requests
  • 3.2. Closed Pull Requests
  • 3.3. Pull Request Discussion Insights

• IV. Contributors
  • 4.1. Contributors

I. News

1.1 Recent Version Releases:

The current version of this repository is v23.8.0

1.2 Version Information:

Released on February 13, 2025, this Node.js update introduces several key features, including support for using system CA certificates on macOS and Windows, the implementation of the URL Pattern API, and the addition of the zstd compression algorithm. Notable enhancements also include naming threads for improved debugging and updated timezone data to 2025a, reflecting changes such as Paraguay's adoption of permanent -03 starting in spring 2024.

II. Issues

2.1 Top 5 Active Issues:

We consider active issues to be issues that that have been commented on most frequently within the last week. Bot comments are omitted.

1. Let's enable Temporal by default: This issue discusses the proposal to enable the Temporal API by default in the Node.js project, as it is nearing completion and stability in the TC39 process, although it is not yet fully unflagged in V8. The feature is suggested to be marked as experimental, with the intention to keep it under observation until it reaches a more stable stage.

   • The comments reflect a cautious approach, with some contributors suggesting waiting until the API is fully unflagged on the web, while others are preparing to proceed with a pull request. There is a discussion about the mixed experiences with enabling flagged features in V8, and a request for more information on the V8 implementation progress. The consensus leans towards waiting for further test coverage improvements and considering merging the feature as experimental after the next major release.
   • Number of comments this week: 7

2. Strange slowness about crypto.webcrypto.subtle.deriveBits, when called with identical inputs a second time: This issue reports a performance anomaly in Node.js where the crypto.webcrypto.subtle.deriveBits function takes significantly longer to execute on its second call with identical inputs, compared to its first call. The user suspects that this discrepancy might be due to an underlying issue in Node.js, as the problem does not occur in other environments like the browser or Bun.js, and they are concerned about potential internal mishandling of cryptographic operations.

   • The comments discuss attempts to reproduce the issue on different platforms, with findings indicating that the delay is not due to garbage collection but rather related to the cleanup process from a previous encryption job. Further investigation reveals that a costly concat operation in the user's library is blocking the main thread, causing the perceived delay in deriveBits, and suggestions are made to offload this operation to a worker thread to improve performance.
   • Number of comments this week: 5

3. Invalid string construction: This issue involves a potential bug in the Node.js project where the function ThrowInvalidURL is incorrectly handling a nullptr as its third parameter, which leads to undefined behavior and will be considered ill-formed in C++23. The issue suggests that the intended third argument should be std::nullopt instead of nullptr to prevent this problem.

   • The comments discuss the correctness of the issue and invite contributions, with one user suggesting a code change and asking if it qualifies as a "good first issue." Several users express interest in working on the issue, but it is noted that there is already an open pull request addressing it.
   • Number of comments this week: 5

4. Ability to allow any application to be easily extensible by installing and running any node package at runtime: This issue discusses the proposal to make Node.js applications easily extensible by allowing the installation and execution of any Node package at runtime, without requiring deployments or server customization, thereby enabling app users to choose which plugins or extensions to install. The feature aims to implement functionality similar to the live-plugin-manager, which has limitations and lacks sufficient support, suggesting that native implementation in Node.js could be beneficial.

   • The comments express skepticism about the proposal, highlighting concerns about safety and the role of Node.js as a package manager. Some suggest that modifying applications at runtime is unsafe, while others point out existing tools like npx and question the necessity of the feature. The discussion also touches on potential use cases, such as CMS plugin management, and seeks alternative approaches to achieve similar goals safely.
   • Number of comments this week: 4

5. Request: Omitting experimental flags from new config file: This issue is about a request to exclude --experimental-* flags from the new configuration file format in a GitHub project, even though these flags are permitted in NODE_OPTIONS. The request is made on behalf of several individuals who believe that experimental flags should not be included in the configuration file to maintain clarity and prevent potential misuse.

   • The comments discuss the need for a well-motivated decision on the issue, with some suggesting that experimental flags could be useful in specific cases like test runners. Others propose solutions such as ensuring runtime warnings for unwanted experimental features and controlling the ability to disable these warnings through the configuration file.
   • Number of comments this week: 4

2.2 Top 5 Stale Issues:

We consider stale issues to be issues that has had no activity within the last 30 days. The team should work together to get these issues resolved and closed as soon as possible.

As of our latest update, there are no stale issues for the project this week.

2.3 Open Issues

This section lists, groups, and then summarizes issues that were created within the last week in the repository.

Issues Opened This Week: 18

Summarized Issues:

• Node.js Function Errors: The fs.rmSync function in Node.js v23.7.0 returns an incorrect error code (EACCES instead of ENOTEMPTY) when trying to remove a non-empty directory on Darwin. Additionally, the socket.destroySoon method in the net subsystem fails to emit an end event, causing the socket not to terminate gracefully.
  • nodejs/node/issues/57095, nodejs/node/issues/57111

• Node.js Platform-Specific Bugs: Node.js v23.4.0 on macOS crashes with an assertion error when a custom DNS lookup function returns an array instead of a string. Furthermore, using the --watch flag with --watch-path on Darwin in Node.js v22.13.1 results in duplicate restart events.
  • nodejs/node/issues/57112, nodejs/node/issues/57124

• Node.js Module System Discrepancies: The require(esm) function in Node.js provides full file paths to customization hooks, unlike require.resolve, causing unexpected behavior in CommonJS modules. Additionally, Mocha tests encounter an "ERR_REQUIRE_CYCLE_MODULE" error on the latest CommonJS version.
  • nodejs/node/issues/57125, nodejs/node/issues/57172

• Node.js Experimental Features and Proposals: There is a proposal to enable the Temporal API by default in Node.js, marking it as experimental. Another request is to exclude --experimental-* flags from the new configuration file format to ensure proper discussion around experimental features.
  • nodejs/node/issues/57127, nodejs/node/issues/57157

• Node.js Compilation and Build Issues: A compilation error occurs when building Node.js version 22.13.0 with AddressSanitizer on Ubuntu 20.04.4 due to ambiguous use of overloaded operators in the ICU library. Additionally, a segmentation fault is reported on macOS arm64 when running Jest tests with a specific Node.js setup.
  • nodejs/node/issues/57161, nodejs/node/issues/57166

• Node.js API and Functionality Bugs: The ThrowInvalidURL function in Node.js incorrectly constructs a std::string from a null pointer, leading to undefined behavior. The Intl.NumberFormat function also incorrectly uses maximumFractionDigits as an exact number of fraction digits instead of a maximum.
  • nodejs/node/issues/57133, nodejs/node/issues/57137

• Node.js Security and Argument Handling: The execFile and spawn functions in Node.js accept an array of arguments even when the shell option is set to true, leading to potential security vulnerabilities. It is suggested that these functions should throw an error if arguments are provided in such cases.
  • nodejs/node/issues/57143

• Node.js DNS and TLS Enhancements: Support for the AD flag in DNSSEC is proposed for the dns.resolve API to enable proper validation of DNS records. Additionally, support for intermediate CA certificates on Windows is requested when using the --use-system-ca option.
  • nodejs/node/issues/57159, nodejs/node/issues/57163

• Node.js TLS Session Bugs: A bug in the TLS subsystem causes the socket.servername to be false when reusing TLS sessions, instead of showing the expected SNI host. A potential solution is to save the SNI host in the session buffer for session resumption.
  • nodejs/node/issues/57175

• Node.js Documentation and Typing Issues: The streamResetBurst and streamResetRate options are missing from the http2.createSecureServer documentation, despite being available in Node versions 18.18.2, 20.8.1, and 21.0. Incorrect TypeScript typings also necessitate suppression of errors when using these options.
  • nodejs/node/issues/57169

2.4 Closed Issues

This section lists, groups, and then summarizes issues that were closed within the last week in the repository. This section also links the associated pull requests if applicable.

Issues Closed This Week: 16

Summarized Issues:

• Documentation Issues: The absence of documentation for certain Node.js functions and features has been highlighted, such as the process.emit() function and the nextLoad hook. These omissions lead to confusion among developers who rely on official documentation for accurate implementation details.
  • issues/55731, issues/57030

• Testing and Bug Fixes: Several issues have been identified in the Node.js testing framework, including a bug in the test runner related to carriage return characters and a TypeError in synchronous transpilation examples. These bugs hinder the testing process and lead to errors that complicate development workflows.
  • issues/56836, issues/57030

• Feature Requests and Enhancements: Requests for new features and enhancements in Node.js include allowing the --cpu-prof flag in NODE_OPTIONS, native support for TSX, and support for tsconfig paths in type stripping mode. These enhancements aim to improve performance and ease of use for developers working with complex projects.
  • issues/56944, issues/57079, issues/57113

• Naming and Classification Concerns: Discussions around naming conventions and classifications in Node.js have arisen, such as the naming of "AsyncLocalStorage" and the classification of atob and btoa functions as legacy. These concerns reflect the community's desire for intuitive and accurate terminology that aligns with current usage and functionality.
  • issues/57067, issues/57145

• Installation and Compatibility Issues: Users have reported installation problems and compatibility issues, such as difficulties with the @mongodb-js/zstd package and Bionano Access on Windows 10. These issues often stem from version mismatches and require updates or configuration changes to resolve.
  • issues/57118, issues/57138

• Documentation and Link Errors: Errors in documentation, such as broken links in the CommonJS documentation and the absence of a Slack channel link, have been noted. These errors can lead to confusion and hinder access to important resources for developers.
  • issues/57094, issues/57181

• Miscellaneous Issues: Other issues include a test entry titled "A1 TEST" and a discussion on security policy configurations, which were closed as duplicates or tests. These entries indicate ongoing maintenance and organizational efforts within the Node.js project.
  • issues/57153, issues/57155

2.5 Issue Discussion Insights

This section will analyze the tone and sentiment of discussions within this project's open and closed issues that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.

Based on our analysis, there are no instances of toxic discussions in the project's open or closed issues from the past week.

---

III. Pull Requests

3.1 Open Pull Requests

This section provides a summary of pull requests that were opened in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. All other pull requests are grouped based on similar characteristics for easier analysis.

Pull Requests Opened This Week: 29

Key Open Pull Requests

1. deps: update V8 to 13.4: This pull request aims to update the V8 JavaScript engine to version 13.4 in the Node.js project, incorporating notable changes such as the introduction of Atomics.pause, WebAssembly Memory64, explicit resource management, and Error.isError, while also addressing various build and compatibility issues across different platforms and configurations.

• URL: pull/57114

• Merged: No

• Associated Commits: 487aa, ff7bb, c62f3, dcad4, 67292, 80578, d65ce, ada7b, a3a0d, 2e49f, e3ce7, ef686, 95dc9, 53983, 8c7cf, 33b5d, a2c1e, 9b6a0, f150b, 12d24, 8ce8a, 0df9c, 9312f, 44a6e, 570ed, 32bc1, 084e6, ef3e8, b433a

2. [v22.x] backport module.registerHooks(): This pull request involves a manual backport of the module.registerHooks() feature to the v22.x branch of the Node.js project, addressing a documentation conflict related to the removal of the --experimental-default-type flag, and includes several commits that implement and refine module hooks, correct documentation, and fix a URL change issue in the synchronous hook chain.

• URL: pull/57130

• Merged: No

• Associated Commits: cd50d, 49d7c, 6564c, bc0f0

3. crypto: add support for intermediate certs in --use-system-ca: This pull request adds support for intermediate certificates in the --use-system-ca option of the crypto module, addresses issue #57163, and includes tests to validate the functionality across macOS, Windows, and Linux platforms.

• URL: pull/57164

• Merged: No

• Associated Commits: 03297, e6d4c, 0bcaa, c3b8c

Other Open Pull Requests

• New API and Method Introductions: The Node.js project has introduced new APIs and methods to enhance functionality. The tls.getCACertificates() API allows querying different types of CA certificates, while the v8.getCppHeapStatistics() method exposes CppHeap data. These additions aim to improve the usability and performance of Node.js by providing more detailed information and capabilities to developers.
  • pull/57107, pull/57146

• Configuration and Build Enhancements: Several pull requests focus on improving configuration and build processes in Node.js. These include setting default configuration files, introducing namespace configuration flags, and allowing alternate inspector_protocol paths for embedder customization. These changes aim to streamline configuration management and enhance compatibility with other platforms like Electron.
  • pull/57171, pull/57170, pull/57116

• Performance Optimizations: Node.js has seen performance improvements through various optimizations. Enhancements to the priority queue and format function have resulted in significant performance gains, while simplifying the compareTimersLists function has improved operations per second. These optimizations aim to make Node.js more efficient and responsive.
  • pull/57100, pull/57099, pull/57110

• Bug Fixes and Error Handling: Addressing bugs and improving error handling have been key focuses. Fixes include correcting argument orders, error codes, and ensuring proper function argument types. These efforts aim to enhance the reliability and accuracy of Node.js operations.
  • pull/57177, pull/57103, pull/57141

• Testing and Documentation Improvements: Enhancements in testing and documentation have been made to ensure better coverage and clarity. This includes testing individual write throw cases, adding caveats for fs.watch, and updating build instructions. These improvements aim to provide clearer guidance and more robust testing frameworks.
  • pull/57132, pull/57150, pull/57158

• Feature Unflagging and Deprecation: Node.js is unflagging the experimental Temporal feature and unexposing deprecated process bindings. These changes reflect the project's ongoing efforts to stabilize new features and phase out outdated components, ensuring a modern and efficient runtime environment.
  • pull/57128, pull/57149

• Proxy and Environment Variable Support: A proof of concept has been proposed to support HTTP_PROXY and HTTPS_PROXY environment variables by default. This feature, initially opt-in, aims to simplify proxy configuration for users and may become a default setting in the future, enhancing Node.js's adaptability to network environments.
  • pull/57165

• QUIC Datagram Testing: New tests for QUIC datagrams have been introduced, addressing issues with the Uint8Array constructor and noting test failures. These tests aim to ensure reliable data transmission between client and server, contributing to the robustness of Node.js's networking capabilities.
  • pull/57119

• Miscellaneous Enhancements: Various other enhancements include reserving NMV 135 for Electron 36, running Linux tests on arm64 runners, and improving the tools/inspector_tools/roll.py script documentation. These changes aim to support platform-specific needs and streamline development processes.
  • pull/57151, pull/57162, pull/57167

3.2 Closed Pull Requests

This section provides a summary of pull requests that were closed in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. All other pull requests are grouped based on similar characteristics for easier analysis.

Pull Requests Closed This Week: 40

Key Closed Pull Requests

1. deps: update V8 to 13.3.415.20: This pull request involves updating the V8 JavaScript engine to version 13.3.415.20 in the Node.js project, introducing notable features such as Atomics.pause and WebAssembly Memory64, while also addressing various build and compatibility issues, including resetting the embedder string, updating the NODE_MODULE_VERSION, disabling V8 concurrent sparkplug compilation due to process hangs, and making several patches to ensure compatibility with different compilers and platforms.

• URL: pull/56959

• Merged: No

• Associated Commits: c7f67, f5987, cf32d, 5bb47, 2aef7, 33d5f, 491a5, d2774, ee32c, 1e480, b3eaf, 7fc43, 81883, 2ef20, 2df68, b3ca1, 1c85f, c6813, dec58, a4064, fa3d2, a1ecc, ebe4d

2. src: port defineLazyProperties to native code: This pull request involves porting the defineLazyProperties function to native code in order to make property getters non-observable from the JavaScript side, thereby aligning the implementation more closely with other runtimes.

• URL: pull/57081

• Merged: Yes

• Associated Commits: 0df05, 2f9a8, cbe1f, f0cb5, b9a85, 77925, 71fec, 019fe, c89ce, af7bb, fde62, 55cf9

3. build: add skip_apidoc_files and include QUIC: This pull request aims to enhance the build process by adding the skip_apidoc_files option and including support for QUIC, as discussed in a Technical Steering Committee meeting, but it was ultimately not merged.

• URL: pull/56941

• Merged: No

• Associated Commits: 13d19, 585a3, 85e4a, db302

Other Closed Pull Requests

• Special Characters in Snapshot Keys: This topic addresses the issue of allowing special characters in snapshot keys within the test runner by utilizing JSONStringify for serialization. It enables characters such as \r to be used in test names, resolving a specific issue in the Node.js project.
  • pull/57017

• Promise Hooks in Node.js Inspector: This topic involves the reduction of unnecessary promise hooks in the Node.js inspector by introducing an internal path to bypass them. The V8 inspector already manages user-land promise tracking, thus reducing noise during async execution inspection.
  • pull/57148

• JSON Configuration File Support: This topic introduces support for a JSON configuration file in Node.js, allowing developers to specify various flags and options in a more user-friendly manner. It parses the provided file with --experimental-config-file and adds recognized flags to NODE_OPTIONS.
  • pull/57016

• Copy Button Fix in TypeScript Documentation: This topic addresses an issue with the Copy button not functioning on the Node.js API documentation page for TypeScript. It fixes a null properties error caused by a missing introduced_in tag and includes a test to ensure all API documentation contains the necessary tag.
  • pull/57109

• Error Messages for Asynchronicity Issues: This topic aims to enhance error messages related to asynchronicity issues when using require(esm) and import(esm) simultaneously. It provides more detailed information, such as parent and target file names, and includes a drive-by update to split the require(tla) tests.
  • pull/57126

• Thread CPU Usage Method: This topic introduces the threadCpuUsage method to the process module, which provides metrics specific to individual threads. It was initially implemented in a user-land package and is used to test platform compatibility.
  • pull/56467

• Error Handling Enhancements: This topic aims to enhance error handling across multiple files in the Node.js project by replacing several instances of the ToLocalChecked function. However, it was ultimately not merged.
  • pull/56962

• Support for --cpu-prof* Flags: This topic adds support for --cpu-prof* flags in the NODE_OPTIONS environment variable and updates the documentation accordingly. It addresses a specific issue in the Node.js project.
  • pull/57018

• Documentation Updates and Corrections: This topic covers various documentation updates and corrections in the Node.js project. It includes correcting definitions, updating links, and clarifying pseudo-code statements to prevent misinterpretation.
  • pull/57046, pull/57089, pull/57090, pull/57092, pull/57097, pull/57098, pull/57129

• Benchmark and Performance Improvements: This topic involves performance improvements in the Node.js project, such as optimizing the comparisons.js file within the assert codebase. It results in a significant improvement in the performance of set comparison tests.
  • pull/57088, pull/57136

• Node.js Module System Modifications: This topic modifies the Node.js module system to allow the omission of the context parameter in synchronous next hooks. It aligns their behavior with asynchronous hooks and ensures that contexts are merged along the chain.
  • pull/57056

• Error Handling in node_blob Module: This topic aims to enhance the error handling mechanisms within the node_blob module of the Node.js project. It includes modifications to move a shared pointer instead of copying it, addressing a new warning reported by Coverity.
  • pull/57078, pull/57120

• Suppressing SEA Warning: This topic introduces an option to suppress a built-in warning related to the Single Executable Application (SEA) feature. It implements a disableExperimentalSEAWarning option as detailed in the commit message.
  • pull/57086

• Windows Building Guide Update: This topic updates the Windows building guide for clang-cl by advising users to reinstall components if they are not found despite being installed. It provides guidance on using clang-cl with ccache.
  • pull/57087

• Documentation for module.builtinModules: This topic updates the documentation to clarify that the module.builtinModules list now includes both modules that can be loaded without the node: prefix. Since version 23.5.0, it also includes prefix-only modules.
  • pull/57089

• Backporting and Code Improvements: This topic involves backporting functionality and code improvements in the Node.js project. It includes replacing instances of NewFromUtf8 with OneByteString and backporting the postMessageToThread method.
  • pull/57096, pull/57101

• macOS Version Update: This topic updates the supported macOS version for Node.js to 13.5, moving away from the end-of-life macOS 11 and 12. It ensures compatibility with future Node.js 24 LTS and leverages additional C++20 features.
  • pull/57115

• Test and Benchmark Enhancements: This topic involves enhancements to tests and benchmarks in the Node.js project. It includes simplifying tests for the HTTP/2 client and introducing a warmup phase to the bench-openSync benchmark.
  • pull/57051, pull/57144

• QUIC Support and Compile-time Flag: This topic proposes disabling the building of QUIC support by default in the Node.js project. It introduces a new compile-time flag due to the need to revert to using OpenSSL's official releases.
  • pull/57142

• SQLite CODEOWNERS File: This topic adds a CODEOWNERS file specifically for SQLite to the Node.js project. It ensures that designated maintainers are automatically requested for review on changes related to SQLite.
  • pull/57147

• File and Return Type Corrections: This topic involves renaming files and correcting return type declarations in the Node.js project. It includes renaming "devcontainer.json" and correcting the return type for the ImportModuleDynamicallyCallback function.
  • pull/57156, pull/57160

• TLSA Records Resolver Function: This topic introduces the resolveTlsa function to enable the resolver to query TLSA records. It leverages a parser added by c-ares and seeks guidance on documentation and code quality improvements.
  • pull/52983

3.3 Pull Request Discussion Insights

This section will analyze the tone and sentiment of discussions within this project's open and closed pull requests that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.

Based on our analysis, there are no instances of toxic discussions in the project's open or closed pull requests from the past week.

---

IV. Contributors

4.1 Contributors

Active Contributors:

We consider an active contributor in this project to be any contributor who has made at least 1 commit, opened at least 1 issue, created at least 1 pull request, or made more than 2 comments in the last month.

If there are more than 10 active contributors, the list is truncated to the top 10 based on contribution metrics for better clarity.

Contributor	Commits	Pull Requests	Issues	Comments
jasnell	66	25	5	135
aduh95	95	18	1	90
anonrig	33	15	4	129
joyeecheung	68	18	0	76
targos	80	14	3	41
cjihrig	20	5	1	70
marco-ippolito	26	6	0	46
legendecas	32	10	0	30
lpinca	19	6	0	35
RafaelGSS	45	5	0	9

Access Last Week's Newsletter:

• Link