Weekly GitHub Report for Node: February 17, 2025 - February 24, 2025

            Weekly GitHub Report for Node: February 17, 2025 - February 24, 2025

            Weekly GitHub Report for Node
Thank you for subscribing to our weekly newsletter! Each week, we deliver a comprehensive summary of your GitHub project's latest activity right to your inbox, including an overview of your project's issues, pull requests, contributors, and commit activity.

Table of Contents

I. News
1.1. Recent Version Releases
1.2. Other Noteworthy Updates

II. Issues
2.1. Top 5 Active Issues
2.2. Top 5 Stale Issues
2.3. Open Issues
2.4. Closed Issues
2.5. Issue Discussion Insights

III. Pull Requests
3.1. Open Pull Requests
3.2. Closed Pull Requests
3.3. Pull Request Discussion Insights

IV. Contributors
4.1. Contributors

I. News
1.1 Recent Version Releases:
The current version of this repository is v23.8.0
1.2 Version Information:
Released on February 13, 2025, this Node.js update introduces several key features, including support for using system CA certificates on macOS and Windows, the implementation of the URL Pattern API, and the addition of the zstd compression algorithm. Notable enhancements also include naming threads for improved debugging and updated timezone data to 2025a, reflecting changes such as Paraguay's adoption of permanent -03 starting in spring 2024.

II. Issues
2.1 Top 5 Active Issues:
We consider active issues to be issues that that have been commented on most frequently within the last week. Bot comments are omitted. 

Let's enable Temporal by default: This issue discusses the proposal to enable the Temporal API by default in the Node.js project, as it is nearing completion and stability in the TC39 process, although it is not yet fully unflagged in V8. The feature is suggested to be marked as experimental, with the intention to keep it under observation until it reaches a more stable stage.

The comments reflect a cautious approach, with some contributors suggesting waiting until the API is fully unflagged on the web, while others are preparing to proceed with a pull request. There is a discussion about the mixed experiences with enabling flagged features in V8, and a request for more information on the V8 implementation progress. The consensus leans towards waiting for further test coverage improvements and considering merging the feature as experimental after the next major release.
Number of comments this week: 7

Strange slowness about crypto.webcrypto.subtle.deriveBits, when called with identical inputs a second time: This issue reports a performance anomaly in Node.js where the crypto.webcrypto.subtle.deriveBits function takes significantly longer to execute on its second call with identical inputs, compared to its first call. The user suspects that this discrepancy might be due to an underlying issue in Node.js, as the problem does not occur in other environments like the browser or Bun.js, and they are concerned about potential internal mishandling of cryptographic operations.

The comments discuss attempts to reproduce the issue on different platforms, with findings indicating that the delay is not due to garbage collection but rather related to the cleanup process from a previous encryption job. Further investigation reveals that a costly concat operation in the user's library is blocking the main thread, causing the perceived delay in deriveBits, and suggestions are made to offload this operation to a worker thread to improve performance.
Number of comments this week: 5

Invalid string construction: This issue involves a potential bug in the Node.js project where the function ThrowInvalidURL is incorrectly handling a nullptr as its third parameter, which leads to undefined behavior and will be considered ill-formed in C++23. The issue suggests that the intended third argument should be std::nullopt instead of nullptr to prevent this problem.

The comments discuss the correctness of the issue and invite contributions, with one user suggesting a code change and asking if it qualifies as a "good first issue." Several users express interest in working on the issue, but it is noted that there is already an open pull request addressing it.
Number of comments this week: 5

Ability to allow any application to be easily extensible by installing and running any node package at runtime: This issue discusses the proposal to make Node.js applications easily extensible by allowing the installation and execution of any Node package at runtime, without requiring deployments or server customization, thereby enabling app users to choose which plugins or extensions to install. The feature aims to implement functionality similar to the live-plugin-manager, which has limitations and lacks sufficient support, suggesting that native implementation in Node.js could be beneficial.

The comments express skepticism about the proposal, highlighting concerns about safety and the role of Node.js as a package manager. Some suggest that modifying applications at runtime is unsafe, while others point out existing tools like npx and question the necessity of the feature. The discussion also touches on potential use cases, such as CMS plugin management, and seeks alternative approaches to achieve similar goals safely.
Number of comments this week: 4

Request: Omitting experimental flags from new config file: This issue is about a request to exclude --experimental-* flags from the new configuration file format in a GitHub project, even though these flags are permitted in NODE_OPTIONS. The request is made on behalf of several individuals who believe that experimental flags should not be included in the configuration file to maintain clarity and prevent potential misuse.

The comments discuss the need for a well-motivated decision on the issue, with some suggesting that experimental flags could be useful in specific cases like test runners. Others propose solutions such as ensuring runtime warnings for unwanted experimental features and controlling the ability to disable these warnings through the configuration file.
Number of comments this week: 4

2.2 Top 5 Stale Issues:
We consider stale issues to be issues that has had no activity within the last 30 days. The team should work together to get these issues resolved and closed as soon as possible. 
As of our latest update, there are no stale issues for the project this week. 
2.3 Open Issues
This section lists, groups, and then summarizes issues that were created within the last week in the repository. 
Issues Opened This Week: 18
Summarized Issues:

Node.js Function Errors: The fs.rmSync function in Node.js v23.7.0 returns an incorrect error code (EACCES instead of ENOTEMPTY) when trying to remove a non-empty directory on Darwin. Additionally, the socket.destroySoon method in the net subsystem fails to emit an end event, causing the socket not to terminate gracefully.
nodejs/node/issues/57095, nodejs/node/issues/57111

Node.js Platform-Specific Bugs: Node.js v23.4.0 on macOS crashes with an assertion error when a custom DNS lookup function returns an array instead of a string. Furthermore, using the --watch flag with --watch-path on Darwin in Node.js v22.13.1 results in duplicate restart events.
nodejs/node/issues/57112, nodejs/node/issues/57124

Node.js Module System Discrepancies: The require(esm) function in Node.js provides full file paths to customization hooks, unlike require.resolve, causing unexpected behavior in CommonJS modules. Additionally, Mocha tests encounter an "ERR_REQUIRE_CYCLE_MODULE" error on the latest CommonJS version.
nodejs/node/issues/57125, nodejs/node/issues/57172

Node.js Experimental Features and Proposals: There is a proposal to enable the Temporal API by default in Node.js, marking it as experimental. Another request is to exclude --experimental-* flags from the new configuration file format to ensure proper discussion around experimental features.
nodejs/node/issues/57127, nodejs/node/issues/57157

Node.js Compilation and Build Issues: A compilation error occurs when building Node.js version 22.13.0 with AddressSanitizer on Ubuntu 20.04.4 due to ambiguous use of overloaded operators in the ICU library. Additionally, a segmentation fault is reported on macOS arm64 when running Jest tests with a specific Node.js setup.
nodejs/node/issues/57161, nodejs/node/issues/57166

Node.js API and Functionality Bugs: The ThrowInvalidURL function in Node.js incorrectly constructs a std::string from a null pointer, leading to undefined behavior. The Intl.NumberFormat function also incorrectly uses maximumFractionDigits as an exact number of fraction digits instead of a maximum.
nodejs/node/issues/57133, nodejs/node/issues/57137

Node.js Security and Argument Handling: The execFile and spawn functions in Node.js accept an array of arguments even when the shell option is set to true, leading to potential security vulnerabilities. It is suggested that these functions should throw an error if arguments are provided in such cases.
nodejs/node/issues/57143

Node.js DNS and TLS Enhancements: Support for the AD flag in DNSSEC is proposed for the dns.resolve API to enable proper validation of DNS records. Additionally, support for intermediate CA certificates on Windows is requested when using the --use-system-ca option.
nodejs/node/issues/57159, nodejs/node/issues/57163

Node.js TLS Session Bugs: A bug in the TLS subsystem causes the socket.servername to be false when reusing TLS sessions, instead of showing the expected SNI host. A potential solution is to save the SNI host in the session buffer for session resumption.
nodejs/node/issues/57175

Node.js Documentation and Typing Issues: The streamResetBurst and streamResetRate options are missing from the http2.createSecureServer documentation, despite being available in Node versions 18.18.2, 20.8.1, and 21.0. Incorrect TypeScript typings also necessitate suppression of errors when using these options.
nodejs/node/issues/57169

2.4 Closed Issues
This section lists, groups, and then summarizes issues that were closed within the last week in the repository. This section also links the associated pull requests if applicable. 
Issues Closed This Week: 16
Summarized Issues:

Documentation Issues: The absence of documentation for certain Node.js functions and features has been highlighted, such as the process.emit() function and the nextLoad hook. These omissions lead to confusion among developers who rely on official documentation for accurate implementation details.
issues/55731, issues/57030

Testing and Bug Fixes: Several issues have been identified in the Node.js testing framework, including a bug in the test runner related to carriage return characters and a TypeError in synchronous transpilation examples. These bugs hinder the testing process and lead to errors that complicate development workflows.
issues/56836, issues/57030

Feature Requests and Enhancements: Requests for new features and enhancements in Node.js include allowing the --cpu-prof flag in NODE_OPTIONS, native support for TSX, and support for tsconfig paths in type stripping mode. These enhancements aim to improve performance and ease of use for developers working with complex projects.
issues/56944, issues/57079, issues/57113

Naming and Classification Concerns: Discussions around naming conventions and classifications in Node.js have arisen, such as the naming of "AsyncLocalStorage" and the classification of atob and btoa functions as legacy. These concerns reflect the community's desire for intuitive and accurate terminology that aligns with current usage and functionality.
issues/57067, issues/57145

Installation and Compatibility Issues: Users have reported installation problems and compatibility issues, such as difficulties with the @mongodb-js/zstd package and Bionano Access on Windows 10. These issues often stem from version mismatches and require updates or configuration changes to resolve.
issues/57118, issues/57138

Documentation and Link Errors: Errors in documentation, such as broken links in the CommonJS documentation and the absence of a Slack channel link, have been noted. These errors can lead to confusion and hinder access to important resources for developers.
issues/57094, issues/57181

Miscellaneous Issues: Other issues include a test entry titled "A1 TEST" and a discussion on security policy configurations, which were closed as duplicates or tests. These entries indicate ongoing maintenance and organizational efforts within the Node.js project.
issues/57153, issues/57155

2.5 Issue Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed issues that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment. 
Based on our analysis, there are no instances of toxic discussions in the project's open or closed issues from the past week. 

III. Pull Requests
3.1 Open Pull Requests
This section provides a summary of pull requests that were opened in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. All other pull requests are grouped based on similar characteristics for easier analysis.
Pull Requests Opened This Week: 29
Key Open Pull Requests
1. deps: update V8 to 13.4: This pull request aims to update the V8 JavaScript engine to version 13.4 in the Node.js project, incorporating notable changes such as the introduction of Atomics.pause, WebAssembly Memory64, explicit resource management, and Error.isError, while also addressing various build and compatibility issues across different platforms and configurations.

URL: pull/57114

Merged: No

Associated Commits: 487aa, ff7bb, c62f3, dcad4, 67292, 80578, d65ce, ada7b, a3a0d, 2e49f, e3ce7, ef686, 95dc9, 53983, 8c7cf, 33b5d, a2c1e, 9b6a0, f150b, 12d24, 8ce8a, 0df9c, 9312f, 44a6e, 570ed, 32bc1, 084e6, ef3e8, b433a

2. [v22.x] backport module.registerHooks(): This pull request involves a manual backport of the module.registerHooks() feature to the v22.x branch of the Node.js project, addressing a documentation conflict related to the removal of the --experimental-default-type flag, and includes several commits that implement and refine module hooks, correct documentation, and fix a URL change issue in the synchronous hook chain.

URL: pull/57130

Merged: No

Associated Commits: cd50d, 49d7c, 6564c, bc0f0

3. crypto: add support for intermediate certs in --use-system-ca: This pull request adds support for intermediate certificates in the --use-system-ca option of the crypto module, addresses issue #57163, and includes tests to validate the functionality across macOS, Windows, and Linux platforms.

URL: pull/57164

Merged: No

Associated Commits: 03297, e6d4c, 0bcaa, c3b8c

Other Open Pull Requests

New API and Method Introductions: The Node.js project has introduced new APIs and methods to enhance functionality. The tls.getCACertificates() API allows querying different types of CA certificates, while the v8.getCppHeapStatistics() method exposes CppHeap data. These additions aim to improve the usability and performance of Node.js by providing more detailed information and capabilities to developers.
pull/57107, pull/57146

Configuration and Build Enhancements: Several pull requests focus on improving configuration and build processes in Node.js. These include setting default configuration files, introducing namespace configuration flags, and allowing alternate inspector_protocol paths for embedder customization. These changes aim to streamline configuration management and enhance compatibility with other platforms like Electron.
pull/57171, pull/57170, pull/57116

Performance Optimizations: Node.js has seen performance improvements through various optimizations. Enhancements to the priority queue and format function have resulted in significant performance gains, while simplifying the compareTimersLists function has improved operations per second. These optimizations aim to make Node.js more efficient and responsive.
pull/57100, pull/57099, pull/57110

Bug Fixes and Error Handling: Addressing bugs and improving error handling have been key focuses. Fixes include correcting argument orders, error codes, and ensuring proper function argument types. These efforts aim to enhance the reliability and accuracy of Node.js operations.
pull/57177, pull/57103, pull/57141

Testing and Documentation Improvements: Enhancements in testing and documentation have been made to ensure better coverage and clarity. This includes testing individual write throw cases, adding caveats for fs.watch, and updating build instructions. These improvements aim to provide clearer guidance and more robust testing frameworks.
pull/57132, pull/57150, pull/57158

Feature Unflagging and Deprecation: Node.js is unflagging the experimental Temporal feature and unexposing deprecated process bindings. These changes reflect the project's ongoing efforts to stabilize new features and phase out outdated components, ensuring a modern and efficient runtime environment.
pull/57128, pull/57149

Proxy and Environment Variable Support: A proof of concept has been proposed to support HTTP_PROXY and HTTPS_PROXY environment variables by default. This feature, initially opt-in, aims to simplify proxy configuration for users and may become a default setting in the future, enhancing Node.js's adaptability to network environments.
pull/57165

QUIC Datagram Testing: New tests for QUIC datagrams have been introduced, addressing issues with the Uint8Array constructor and noting test failures. These tests aim to ensure reliable data transmission between client and server, contributing to the robustness of Node.js's networking capabilities.
pull/57119

Miscellaneous Enhancements: Various other enhancements include reserving NMV 135 for Electron 36, running Linux tests on arm64 runners, and improving the tools/inspector_tools/roll.py script documentation. These changes aim to support platform-specific needs and streamline development processes.
pull/57151, pull/57162, pull/57167

3.2 Closed Pull Requests
This section provides a summary of pull requests that were closed in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. All other pull requests are grouped based on similar characteristics for easier analysis.
Pull Requests Closed This Week: 40
Key Closed Pull Requests
1. deps: update V8 to 13.3.415.20: This pull request involves updating the V8 JavaScript engine to version 13.3.415.20 in the Node.js project, introducing notable features such as Atomics.pause and WebAssembly Memory64, while also addressing various build and compatibility issues, including resetting the embedder string, updating the NODE_MODULE_VERSION, disabling V8 concurrent sparkplug compilation due to process hangs, and making several patches to ensure compatibility with different compilers and platforms.

URL: pull/56959

Merged: No

Associated Commits: c7f67, f5987, cf32d, 5bb47, 2aef7, 33d5f, 491a5, d2774, ee32c, 1e480, b3eaf, 7fc43, 81883, 2ef20, 2df68, b3ca1, 1c85f, c6813, dec58, a4064, fa3d2, a1ecc, ebe4d

2. src: port defineLazyProperties to native code: This pull request involves porting the defineLazyProperties function to native code in order to make property getters non-observable from the JavaScript side, thereby aligning the implementation more closely with other runtimes.

URL: pull/57081

Merged: Yes

Associated Commits: 0df05, 2f9a8, cbe1f, f0cb5, b9a85, 77925, 71fec, 019fe, c89ce, af7bb, fde62, 55cf9

3. build: add skip_apidoc_files and include QUIC: This pull request aims to enhance the build process by adding the skip_apidoc_files option and including support for QUIC, as discussed in a Technical Steering Committee meeting, but it was ultimately not merged.

URL: pull/56941

Merged: No

Associated Commits: 13d19, 585a3, 85e4a, db302

Other Closed Pull Requests

Special Characters in Snapshot Keys: This topic addresses the issue of allowing special characters in snapshot keys within the test runner by utilizing JSONStringify for serialization. It enables characters such as \r to be used in test names, resolving a specific issue in the Node.js project.
pull/57017

Promise Hooks in Node.js Inspector: This topic involves the reduction of unnecessary promise hooks in the Node.js inspector by introducing an internal path to bypass them. The V8 inspector already manages user-land promise tracking, thus reducing noise during async execution inspection.
pull/57148

JSON Configuration File Support: This topic introduces support for a JSON configuration file in Node.js, allowing developers to specify various flags and options in a more user-friendly manner. It parses the provided file with --experimental-config-file and adds recognized flags to NODE_OPTIONS.
pull/57016

Copy Button Fix in TypeScript Documentation: This topic addresses an issue with the Copy button not functioning on the Node.js API documentation page for TypeScript. It fixes a null properties error caused by a missing introduced_in tag and includes a test to ensure all API documentation contains the necessary tag.
pull/57109

Error Messages for Asynchronicity Issues: This topic aims to enhance error messages related to asynchronicity issues when using require(esm) and import(esm) simultaneously. It provides more detailed information, such as parent and target file names, and includes a drive-by update to split the require(tla) tests.
pull/57126

Thread CPU Usage Method: This topic introduces the threadCpuUsage method to the process module, which provides metrics specific to individual threads. It was initially implemented in a user-land package and is used to test platform compatibility.
pull/56467

Error Handling Enhancements: This topic aims to enhance error handling across multiple files in the Node.js project by replacing several instances of the ToLocalChecked function. However, it was ultimately not merged.
pull/56962

Support for --cpu-prof* Flags: This topic adds support for --cpu-prof* flags in the NODE_OPTIONS environment variable and updates the documentation accordingly. It addresses a specific issue in the Node.js project.
pull/57018

Documentation Updates and Corrections: This topic covers various documentation updates and corrections in the Node.js project. It includes correcting definitions, updating links, and clarifying pseudo-code statements to prevent misinterpretation.
pull/57046, pull/57089, pull/57090, pull/57092, pull/57097, pull/57098, pull/57129

Benchmark and Performance Improvements: This topic involves performance improvements in the Node.js project, such as optimizing the comparisons.js file within the assert codebase. It results in a significant improvement in the performance of set comparison tests.
pull/57088, pull/57136

Node.js Module System Modifications: This topic modifies the Node.js module system to allow the omission of the context parameter in synchronous next hooks. It aligns their behavior with asynchronous hooks and ensures that contexts are merged along the chain.
pull/57056

Error Handling in node_blob Module: This topic aims to enhance the error handling mechanisms within the node_blob module of the Node.js project. It includes modifications to move a shared pointer instead of copying it, addressing a new warning reported by Coverity.
pull/57078, pull/57120

Suppressing SEA Warning: This topic introduces an option to suppress a built-in warning related to the Single Executable Application (SEA) feature. It implements a disableExperimentalSEAWarning option as detailed in the commit message.
pull/57086

Windows Building Guide Update: This topic updates the Windows building guide for clang-cl by advising users to reinstall components if they are not found despite being installed. It provides guidance on using clang-cl with ccache.
pull/57087

Documentation for module.builtinModules: This topic updates the documentation to clarify that the module.builtinModules list now includes both modules that can be loaded without the node: prefix. Since version 23.5.0, it also includes prefix-only modules.
pull/57089

Backporting and Code Improvements: This topic involves backporting functionality and code improvements in the Node.js project. It includes replacing instances of NewFromUtf8 with OneByteString and backporting the postMessageToThread method.
pull/57096, pull/57101

macOS Version Update: This topic updates the supported macOS version for Node.js to 13.5, moving away from the end-of-life macOS 11 and 12. It ensures compatibility with future Node.js 24 LTS and leverages additional C++20 features.
pull/57115

Test and Benchmark Enhancements: This topic involves enhancements to tests and benchmarks in the Node.js project. It includes simplifying tests for the HTTP/2 client and introducing a warmup phase to the bench-openSync benchmark.
pull/57051, pull/57144

QUIC Support and Compile-time Flag: This topic proposes disabling the building of QUIC support by default in the Node.js project. It introduces a new compile-time flag due to the need to revert to using OpenSSL's official releases.
pull/57142

SQLite CODEOWNERS File: This topic adds a CODEOWNERS file specifically for SQLite to the Node.js project. It ensures that designated maintainers are automatically requested for review on changes related to SQLite.
pull/57147

File and Return Type Corrections: This topic involves renaming files and correcting return type declarations in the Node.js project. It includes renaming "devcontainer.json" and correcting the return type for the ImportModuleDynamicallyCallback function.
pull/57156, pull/57160

TLSA Records Resolver Function: This topic introduces the resolveTlsa function to enable the resolver to query TLSA records. It leverages a parser added by c-ares and seeks guidance on documentation and code quality improvements.
pull/52983

3.3 Pull Request Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed pull requests that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment. 
Based on our analysis, there are no instances of toxic discussions in the project's open or closed pull requests from the past week. 

IV. Contributors
4.1 Contributors
Active Contributors:
We consider an active contributor in this project to be any contributor who has made at least 1 commit, opened at least 1 issue, created at least 1 pull request, or made more than 2 comments in the last month. 
If there are more than 10 active contributors, the list is truncated to the top 10 based on contribution metrics for better clarity.

Contributor
Commits
Pull Requests
Issues
Comments

jasnell
66
25
5
135

aduh95
95
18
1
90

anonrig
33
15
4
129

joyeecheung
68
18
0
76

targos
80
14
3
41

cjihrig
20
5
1
70

marco-ippolito
26
6
0
46

legendecas
32
10
0
30

lpinca
19
6
0
35

RafaelGSS
45
5
0
9

Access Last Week's Newsletter:  

Link

Don't miss what's next. Subscribe to Weekly Project News:

Contributor	Commits	Pull Requests	Issues	Comments
jasnell	66	25	5	135
aduh95	95	18	1	90
anonrig	33	15	4	129
joyeecheung	68	18	0	76
targos	80	14	3	41
cjihrig	20	5	1	70
marco-ippolito	26	6	0	46
legendecas	32	10	0	30
lpinca	19	6	0	35
RafaelGSS	45	5	0	9