Weekly GitHub Report for Node: January 28, 2025 - February 04, 2025
Weekly GitHub Report for Node
Thank you for subscribing to our weekly newsletter! Each week, we deliver a comprehensive summary of your GitHub project's latest activity right to your inbox, including an overview of your project's issues, pull requests, contributors, and commit activity.
Table of Contents
I. News
1.1 Recent Version Releases:
The current version of this repository is v23.7.0
1.2 Version Information:
The version released on January 30, 2025, introduces several significant updates, including a minor version update to the crypto module with root certificates updated to NSS 3.107, enhancements in the fs module allowing the exclude option in globs to accept patterns, and the addition of support for TypedArray and DataView in sqlite's StatementSync. Notable trends include a focus on improving test infrastructure with new APIs in the test_runner and various performance and compatibility improvements across modules.
II. Issues
2.1 Top 5 Active Issues:
We consider active issues to be issues that that have been commented on most frequently within the last week. Bot comments are omitted.
-
JSX Support: This issue discusses the challenges and potential solutions for supporting JSX syntax in Node.js, highlighting the complexities of JSX transformations and the need for configuration files like
tsconfig.jsonorjsconfig.jsonto manage these transformations effectively. The proposal suggests that Node.js should natively transform JSX syntax and support.jsxand.tsxfiles, similar to Deno's implementation, to enhance performance in server-side rendering scenarios.- The comments explore the feasibility of implementing a hook system for JSX transformations, with concerns about multiple hooks leading to conflicts and security risks. There is a debate on whether Node.js should support JSX natively, considering the diverse transformation needs and potential unfairness to non-React frameworks. Some argue for a standardized approach, while others suggest leveraging custom loaders, similar to TypeScript support, to maintain flexibility and security.
- Number of comments this week: 16
-
util.parseEnv creates keys from invalid, newline-separated lines: This issue describes a bug in the
util.parseEnvfunction from a GitHub project, where it incorrectly creates keys from invalid, newline-separated lines in a string input. The expected behavior is for the function to throw an invalid syntax error, but instead, it produces an invalid output, which has been tested on node versions v21x-v23.6.1.- The comments discuss whether the current behavior of
util.parseEnvis expected, comparing it to the behavior of thedotenvpackage, which handles similar inputs differently. Some contributors suggest thatdotenv's behavior is more correct and propose changes to align with it, while others debate the handling of multiline arguments and keys. There is also interest in fixing the issue, with discussions on the complexity of the task and the location of the affected code. - Number of comments this week: 10
- The comments discuss whether the current behavior of
-
Math.atan() behavior change: This issue reports a change in the behavior of the
Math.atan()function in Node.js version 20.18.1 on Mac OS X arm64, where the result slightly differs from previous versions and other platforms, causing inconsistencies in unit tests. The discrepancy is attributed to a potential change in the V8 engine or build environment, as the result aligns more closely with Python and Wolfram Alpha, but differs from older Node.js versions and Linux x86 results.- The comments discuss the potential causes of the issue, including the V8 engine's role and a possible build-server dependency change due to macOS updates. There is a mention of similar issues in other projects, suggesting a precision problem related to the V8 engine's implementation of mathematical functions. Some comments explore whether other related issues should be considered, and a bisect attempt is mentioned but did not yield conclusive results.
- Number of comments this week: 8
-
Proposal: Built-in VERSION Import for Package Version Detection: This issue proposes the introduction of a built-in
__VERSION__import in Node.js to facilitate package version detection at runtime, addressing the current inefficiency of manually readingpackage.jsonfiles. The feature aims to allow packages likenest-pinoto adapt their behavior based on the version of dependencies, without requiring additional efforts from package maintainers.- The comments discuss the feasibility and potential issues of implementing
__VERSION__, highlighting concerns about compatibility with CJS and ESM, naming conflicts, and performance overhead. An alternative solution,getPackageVersion(), is suggested, which would leverage existing module resolution logic to retrieve package versions without modifying the module system. This approach is considered cleaner and more flexible, with suggestions to usemodule.findPackageJSONfor implementation. - Number of comments this week: 5
- The comments discuss the feasibility and potential issues of implementing
-
Question around dropping support for OpenSSL < 3: This issue discusses the potential timeline and implications of dropping support for OpenSSL versions earlier than 3 in the Node.js project. The conversation involves considerations about the extended support for OpenSSL 1.1.1, its performance compared to version 3.x, and the impact on downstream rebuilders and Linux distributions.
- The comments reflect a debate on whether to continue supporting OpenSSL 1.1.1, with some arguing for its retention due to extended support and performance benefits, while others suggest dropping it due to its end-of-life status and the challenges of maintaining compatibility with newer versions. There is also a discussion about the impact on Linux distributions and the potential need for a compromise between immediate and indefinite support.
- Number of comments this week: 4
2.2 Top 5 Stale Issues:
We consider stale issues to be issues that has had no activity within the last 30 days. The team should work together to get these issues resolved and closed as soon as possible.
As of our latest update, there are no stale issues for the project this week.
2.3 Open Issues
This section lists, groups, and then summarizes issues that were created within the last week in the repository.
Issues Opened This Week: 21
Summarized Issues:
- Node.js Functionality Issues: The
util.parseEnvfunction in Node.js is incorrectly creating keys from invalid, newline-separated lines in environment variable strings, leading to unexpected outputs instead of throwing a syntax error. Additionally, there is a proposal to add support for converting aNodeJS.Immediateobject to a number to improve compatibility, particularly for browser environments.
- JavaScript Errors and Crashes: A JavaScript error in the main process due to an uncaught exception is reported, likely caused by a bug in Node.js or incorrect usage of its internals. Furthermore, a persistent crash occurs when using the
v8.deserialize()function in Node.js version 21.7.2, indicating a compatibility issue between serialization and deserialization processes for large files.
- Flaky Tests on Various Platforms: Several tests are reported as flaky on different platforms, including 'test-fs-cp' on Windows x64, and multiple tests on SmartOS such as
parallel.test-stream-readable-unpipe-resume,sequential.test-worker-prof,parallel.test-worker-message-port-transfer-terminate, andparallel.test-net-autoselectfamily, all showing inconsistent results or crashes.
- Behavioral Changes and Performance Concerns: A behavior change in the
Math.atan()function on Mac OS X arm64 between Node.js versions v20.18.0 and v20.18.1 causes inconsistencies in unit tests. Additionally, there is a performance-related concern whereWebAssembly.Memoryis not functioning as a resizable ArrayBuffer in Node.js, contrary to expectations.
- Node.js Version and Compatibility Issues: A PowerShell execution error on Windows 11 occurs when running
npm -vwith Node.js version 22.13.1 due to a digital signature verification problem. There is also a regression in version 23 of Node.js where a crash occurs when an error is thrown in a module involving imports and multiple top-level await statements.
- Node.js Proposal and Security Concerns: A proposal for Node.js to natively support JSX syntax and transform
.jsxand.tsxfiles is discussed, highlighting challenges and potential benefits. Additionally, there are concerns about the security of Node.js on Mac, advocating for a sandboxed environment to restrict file and network access.
- Test Runner and Race Condition Bugs: A bug in the test runner fails to locate a snapshot when the title contains a carriage return character, affecting both local and GitHub Actions environments. There is also a potential race condition bug in Node.js when using
sudo, causing disordered console output.
- Node.js Build and Import Issues: A Nuxt build error during deployment using Node 22 suggests a potential bug in Node.js or incorrect usage of its internals. Additionally, there is a proposal for a built-in
__VERSION__import in Node.js to facilitate package version detection at runtime.
- Performance Regression in NodeJS: A performance regression is reported where the system fails to cache the absence of a package.json file in a directory, leading to repeated and unnecessary syscalls for each file load, instead of caching the "missing file" result as was done in Node 18.
2.4 Closed Issues
This section lists, groups, and then summarizes issues that were closed within the last week in the repository. This section also links the associated pull requests if applicable.
Issues Closed This Week: 16
Summarized Issues:
- Node.js
fs.promises.readdirBug: A bug in Node.js version 18.20.1 causes thefs.promises.readdirfunction to incorrectly return the file path as the file name when using thewithFileTypesoption. This issue does not occur in the synchronousreaddirSyncor with therecursiveoption and has been resolved in later versions by removing thedirent.pathfield.
- Node.js
readline/promisesModule Issue: Thereadline/promisesmodule in Node.js has a bug where a promise remains unsettled if a user aborts areadlinequestion using SIGINT or Ctrl+D. This leads to an uncatchable warning and highlights the unexpected behavior ofcreateInterfacehijacking signal handling.
- Node.js Deprecation Warnings and Unhandled Rejections: Users implementing the OpenZiti Node SDK in a Next.js application encounter deprecation warnings and unhandled rejections, resulting in 404 errors and internal assertion errors. This issue might be due to a bug in Node.js or incorrect usage of its internals.
- Node.js TypeScript Types Removal Bug: A bug in Node.js related to the removal of TypeScript types can cause broken JavaScript code due to automatic semicolon insertion. This results in a TypeError when a
returnstatement followed by a newline is interpreted asreturn;.
- Node.js Readable Streams Misunderstanding: There is a misunderstanding regarding the expected behavior of Node.js Readable streams, where users expect the stream to start in a paused state. However, the
isPaused()method returns false, indicating the stream is not paused initially.
- Node.js Crypto Module Bugs: Several bugs in the Node.js crypto module involve potential null pointer dereferences and uninitialized fields. These issues can lead to runtime errors and undefined behavior, as identified by the Linux Verification Center using SVACE.
- Node.js
util.styleTextFunction Bug: Theutil.styleTextfunction in Node.js fails to respect theNO_COLORenvironment variable when the first argument is an array. This results in inconsistent output compared to when the first argument is a string.
- Node.js Intl.DateTimeFormat Regression: A regression in the Intl.DateTimeFormat.format() function for the Finnish locale in version 22 causes the 'short' month format to output a numeric format instead of the expected abbreviated month name. This behavior diverges from version 20 and does not align with the latest ICU data or Chrome's output.
- Node.js Path Module UNC Paths Bug: A bug in the Node.js path module causes UNC paths to be incorrectly parsed, setting the entire path as the root. This affects the expected behavior of path concatenation by not recognizing the server and share name separately.
- Node.js
path.joinwithfile:URL Issue: After upgrading to version 22.13.1, usingpath.joinwith afile:URL on Windows results in an invalid module specifier error. This issue did not occur in version 22.13.0.
- Closed Node.js Issues with No Details: Several closed issues in the Node.js project lack detailed descriptions or comments, making it difficult to understand their context or resolution. These issues are titled "A," "Nap," and "My work."
2.5 Issue Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed issues that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.
Based on our analysis, there are no instances of toxic discussions in the project's open or closed issues from the past week.
III. Pull Requests
3.1 Open Pull Requests
This section provides a summary of pull requests that were opened in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. All other pull requests are grouped based on similar characteristics for easier analysis.
Pull Requests Opened This Week: 29
Key Open Pull Requests
1. deps: update V8 to 13.2.152.37: This pull request involves updating the V8 JavaScript engine to version 13.2.152.37 in the Node.js project, addressing various compatibility and build issues such as resetting the embedder string, updating the NODE_MODULE_VERSION, defining certain V8 macros as no-ops to prevent compilation errors, disabling concurrent sparkplug compilation due to process hangs, patching V8 for MSVC support, and removing support for s390 32-bit architecture, among other changes.
- URL: pull/56842
- Merged: No
- Associated Commits: 8400e, 5a33f, 547fc, b2c20, 241b2, 105bd, 8a171, 7f8bc, df61c, 92b53, b8ea9, 1bff2, 50bbf, 83f9e, 7ec8f
2. util: fix parseEnv handling of invalid lines: This pull request addresses an issue in the util.parseEnv() function by ensuring that invalid lines without an equals sign are properly skipped during parsing, rather than being incorrectly concatenated into key names, and includes various commits for fixing lint and format issues, adding tests and documentation, and updating logic based on feedback.
- URL: pull/56778
- Merged: No
3. src,deps: port some electron boringssl workarounds: This pull request aims to port some BoringSSL workarounds from Electron into the Node.js project, building on a previous pull request and focusing on addressing incompatibilities between BoringSSL and OpenSSL.
- URL: pull/56812
- Merged: No
Other Open Pull Requests
- URLPattern Improvements: This topic involves multiple cleanups and improvements to the
URLPatternin the Node.js project. The pull requests focus on enhancing error handling and simplifying code structures, addressing error propagation, code simplification, and the use of more convenient methods.
- Jenkins CI Test Reporter Modifications: The pull request aims to modify the Jenkins CI test reporter to only report errors. It includes several commits such as changing the reporter, temporarily failing a test to observe output, and updating a test file with contributions from multiple authors.
- Ccache on Windows: This pull request aims to enable ccache on Windows by implementing an alternative approach to a previous PR. It involves disabling precompiled headers (PCH) when using ccache and Clang to improve subsequent compilation times.
- MaybeStackBuffer Copy and Move Disallowance: This pull request proposes to disallow copy and move functions and constructors on the MaybeStackBuffer in the Node.js project. It follows a recommendation from a previous discussion and includes multiple commits addressing these changes.
- Support for
--use-system-caon Windows: This pull request introduces support for the--use-system-caoption on Windows by collecting certificates in accordance with Chromium's policy. It re-implements a previous pull request with modifications to align with the macOS support and fix a memory leak issue.
- GetPackageJSON Caching Mechanism: This pull request addresses issue #56821 by implementing a caching mechanism in the
GetPackageJSONfunction. It stores negative results, indicating which directories do not contain apackage.jsonfile, thereby reducing unnecessary file system reads.
- SQLite and JavaScript Error Handling: This pull request addresses the issue of handling conflicting error reports between SQLite and JavaScript. It adds support for situations where SQLite attempts to report an error while a JavaScript exception is already pending.
- Documentation Updates for
filehandle.writeFile(): This pull request updates the documentation for thefilehandle.writeFile()function in the Node.js project. It includes information about the new signal option in the options parameter to enhance clarity and completeness.
- Container Overflow Workaround Removal: This pull request aims to remove a previously implemented workaround for a container overflow issue in the Node.js project. It replaces hard-to-understand C++ code with a cleaner solution without altering the existing functionality.
- GitHub Action for WinGet Submission: This pull request proposes the addition of a GitHub action to automatically submit the latest stable release of Node.js to WinGet. It uses the microsoft/winget-create tool, contingent upon the availability of installer URLs on the Node.js distribution site.
- V8 Commit Cherry-Picking for SIGILL Fix: This pull request addresses a critical issue by cherry-picking a specific V8 commit to fix SIGILL errors on the riscv64 architecture. It ensures the instruction cache is flushed correctly in both local and remote harts.
- Manual Backport for V8 Dependency Update: This pull request involves a manual backport to the v20.x branch of the Node.js project. It specifically addresses a dependency update for V8 by incorporating a commit that ensures the instruction cache is flushed in both local and remote harts.
- ESM Examples in
utilDocumentation: This pull request adds missing ECMAScript Module (ESM) examples to the Node.jsutildocumentation. It updates existing CommonJS (CJS) examples with destructured imports and makes various improvements to example outputs and error messages.
- Network.Initiator Feature in Inspector Protocol: This pull request proposes adding a Network.Initiator feature to the inspector protocol. It includes an initiator stack trace in network events to accurately identify the script location that created an HTTP request.
- Platform Shutdown Deadlock Resolution: This pull request addresses a platform shutdown deadlock issue by ensuring that each worker signals its task completion independently using Signal instead of Broadcast. It prevents the count of outstanding tasks from going out of sync.
- Enhancements to
ToStringHelperFunction: This pull request addresses issue #56666 by enhancing theToStringHelperfunction to properly handle enums. It includes significant formatting changes using clang-format.
- Documentation Rendering Correction: This pull request addresses a documentation issue by correcting the rendering of the DEP0174 description. It previously omitted the word "Promise" due to its incorrect formatting as an HTML element.
- Use-After-Free Bug Fix in SQLite Module: This pull request addresses a use-after-free bug in the
StatementSynccomponent of the SQLite module. It ensures it maintains a strong reference to theDatabaseSyncobject to prevent premature garbage collection.
- Firefox Release URL Computation Fix: This pull request addresses an issue in the
update-root-certs.mjsscript by correcting the computation of the Firefox release URL. It changes the format from using dots to underscores in the release tag.
- Race Condition Resolution in Test File: This pull request addresses a race condition in the
test-child-process-bad-stdio.jsfile. It modifies the child process to wait indefinitely to be killed, resolving timing issues between the test process and the spawned child process.
- Dependency Update for
cjs-module-lexer: This pull request updates the dependency "cjs-module-lexer" to version 2.0.0 in the Node.js project. It is indicated by the commit signed by Michael Dawson.
- Broken Link Fix in Permission Documentation: This pull request addresses a broken link in the permission documentation of the Node.js project. It specifically fixes the reference to the source code.
- Integration of Electron Patches for BoringSSL: This pull request aims to integrate additional patches from Electron to facilitate building Node.js with BoringSSL. It expands on the existing patches already incorporated.
- Exclusion of
node:quicModule: This pull request ensures that thenode:quicmodule is excluded frommodule.builtinModulesunless the--experimental-quicflag is explicitly used. It is detailed in the commit found at the provided URL.
- Memory Leak Fix in X509 Structures: This pull request addresses a memory leak issue in the Node.js project by ensuring that X509 structures are properly managed and freed using
ncrypto::X509Pointer. It refactors the X509 to PEM conversion into a reusable helper function.
3.2 Closed Pull Requests
This section provides a summary of pull requests that were closed in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. All other pull requests are grouped based on similar characteristics for easier analysis.
Pull Requests Closed This Week: 53
Key Closed Pull Requests
1. deps: update V8 to 13.0: This pull request aims to update the V8 JavaScript engine to version 13.0 in the Node.js project, incorporating various changes such as the introduction of WebAssembly JS String Builtins, adjustments to the NODE_MODULE_VERSION for compatibility, and multiple patches to address compilation issues and improve compatibility with different platforms, although it was ultimately not merged.
- URL: pull/55014
- Merged: No
- Associated Commits: 6d244, 63794, d7ea9, 9c8e1, 40dc1, ff8ae, 5ebad, 5cfb4, a0ee3, a4f5d, 04320, 4d6d7, 5e894, c4673, 6e178, 8253b, 740c7, 63ee9
2. src: remove node namespace from sqlite.cc: This pull request aims to clean up the code in node_sqlite.cc by removing the unnecessary use of the node namespace and includes several commits addressing string view changes and direct initialization improvements, although it was ultimately not merged.
- URL: pull/54500
- Merged: No
3. doc: improve accessibility of expandable lists: This pull request focuses on improving the accessibility of expandable lists by ensuring the first link in the list receives focus, removing unnecessary focusability from the wrapping div, and fixing keyboard navigation when JavaScript is disabled.
- URL: pull/56749
- Merged: Yes
Other Closed Pull Requests
- URLPattern Specification Implementation: This topic involves implementing the URLPattern specification from the WHATWG in the Node.js project. The pull request includes updates such as requiring C++20, passing all web-platform tests, and updating the Ada dependency to version 3.0.1.
- OpenSSL Security Level API: This topic introduces an API for retrieving the OpenSSL security level in Node.js. It enhances compatibility with different security configurations and modifies a test to utilize the security level instead of the OpenSSL version.
- Node.js Readline Module Fixes: This topic addresses an unresolved promise issue in the readline module when an operation is aborted. It includes additional commits to resolve JavaScript lint errors and improve a test to cover aborting a question using both Ctrl+C and Ctrl+D.
- Node.js Inspector Protocol Update: This topic involves updating the Node.js project to align its inspector_protocol with the version used by V8. It includes modifications to the
roll.pyscript and updates the Node.js inspector to utilize the newcrdtpprotocol library.
- Test Runner Enhancements: This topic aims to enhance the test runner in the Node.js project by removing Promise return values from certain functions. It ensures subtests automatically wait to finish and improves consistency with test suites.
- Test and Workflow Improvements: This topic addresses the removal of a duplicate test reporter configuration from workflow files to streamline the testing process. It also includes updates to test files to use strict mode and clean up unnecessary buffer allocations.
- Generational Garbage Collection Efficiency: This topic aims to enhance the generational garbage collection efficiency in Node.js. It prevents references to Buffer objects from the old generation to the new generation, reducing the frequency of heavy Major GC invocations.
- Test Conversion and Backporting: This topic involves converting a C++ test to a JavaScript test and backporting changes to address a critical SEGV regression issue. It includes changes to search for cctest files during configuration to prevent missing entries.
- C++20 Modernization: This topic modernizes the cleanup queue in the Node.js project by utilizing C++20 features. It includes the use of
std::ranges::sortand the spaceship operator for sorting.
- Documentation and Certificate Support: This topic updates the documentation to move Anatoli to emeritus status and adds support for reading certificates from the macOS system store. It addresses issue #39657 and builds upon a previous pull request.
- Build and Test Updates: This topic introduces a new build option to suppress all errors when warnings are enabled by default. It also updates test files to remove dependencies on internal modules and addresses the deprecation of the
ENODATAmacro in libc++.
- Bignum and StyleText Fixes: This topic adds a check for Bignum in the GroupOrderSize function and addresses the issue of enforcing the
shouldColorizeparameter within thestyleTextarray argument. It ensures correct validation and has been successfully merged.
- Accessibility and Styling Improvements: This topic introduces a "Skip to content" button to improve accessibility and addresses a styling issue in the expandable Table of Contents. It replaces custom list markers with standard ones to improve visual presentation.
- Error Handling and Code Ownership: This topic addresses the issue of incorrect usage of the
common.mustSucceed()function in tests and adds the @nodejs/url team as code owners. It ensures oversight and responsibility for changes in relevant code areas.
- SQLite Module Enhancements: This topic updates the SQLite module to allow user-defined functions to return
ArrayBufferViewtypes. It also clarifies the behavior of theDatabaseSync#function()in SQLite.
- Test Instability and Bug Fixes: This topic addresses test instability by marking certain tests as flaky and fixes a bug in the
getMaxListenersfunction. It ensures compatibility and performance improvements in theundiciproject.
- CI and Build Process Improvements: This topic involves a test run for the CI process and addresses a fix in the license-builder tool. It also updates tools by upgrading sccache and sccache-action to newer versions.
- Xcode and Python Path Updates: This topic increases the minimum required Xcode version to 16.1 and updates the macOS test workflow. It also adds double quotes around the Python executable path to handle spaces.
- C++ Code Adjustments: This topic attempts to address an issue by replacing
std::greaterwithstd::ranges::greater. It also reverts a previous commit that attempted to modernize the cleanup queue due to a compilation error.
3.3 Pull Request Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed pull requests that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.
Based on our analysis, there are no instances of toxic discussions in the project's open or closed pull requests from the past week.
IV. Contributors
4.1 Contributors
Active Contributors:
We consider an active contributor in this project to be any contributor who has made at least 1 commit, opened at least 1 issue, created at least 1 pull request, or made more than 2 comments in the last month.
If there are more than 10 active contributors, the list is truncated to the top 10 based on contribution metrics for better clarity.
| Contributor | Commits | Pull Requests | Issues | Comments |
|---|---|---|---|---|
| jasnell | 89 | 23 | 5 | 154 |
| aduh95 | 106 | 23 | 2 | 47 |
| joyeecheung | 46 | 13 | 1 | 100 |
| cjihrig | 39 | 9 | 0 | 107 |
| anonrig | 21 | 2 | 4 | 98 |
| RafaelGSS | 87 | 12 | 0 | 13 |
| legendecas | 36 | 11 | 0 | 36 |
| pmarchini | 27 | 6 | 0 | 50 |
| targos | 37 | 8 | 1 | 28 |
| lpinca | 34 | 9 | 0 | 26 |