Evangelism: Weekly Update Mar 6th

[bnb]

io.js 1.5.0 Release

On Friday, March 6th, @rvagg released io.js v1.5.0. The complete change log can be found on GitHub.

Notable changes

• buffer: New Buffer#indexOf() method, modelled off Array#indexOf(). Accepts a String, Buffer or a Number. Strings are interpreted as UTF8. (Trevor Norris) #561
• fs: options object properties in 'fs' methods no longer perform a hasOwnProperty() check, thereby allowing options objects to have prototype properties that apply. (Jonathan Ong) #635
• tls: A likely TLS memory leak was reported by PayPal. Some of the recent changes in stream_wrap appear to be to blame. The initial fix is in #1078, you can track the progress toward closing the leak at #1075 (Fedor Indutny).
• npm: Upgrade npm to 2.7.0. See npm CHANGELOG.md for details including why this is a semver-minor when it could have been semver-major. Summary:
  • 145af65
    #4887 Replace calls to the
    node-gyp script bundled with npm by passing the
    --node-gyp=/path/to/node-gyp option to npm. Swap in pangyp or a version
    of node-gyp modified to work better with io.js without having to touch
    npm's code! (@ackalker)
  • 2f6a1df
    #1999 Only run stop and start
    scripts (plus their pre- and post- scripts) when there's no restart script
    defined. This makes it easier to support graceful restarts of services
    managed by npm. (@watilde /
    @scien)
  • 448efd0
    #2853 Add support for --dev and
    --prod to npm ls, so that you can list only the trees of production or
    development dependencies, as desired.
    (@watilde)
  • a0a8777
    #7463 Split the list printed by
    npm run-script into lifecycle scripts and scripts directly invoked via npm run-script. (@watilde)
  • a5edc17
    #6749 [email protected]:
    Support for passing scopes to npm init so packages are initialized as part
    of that scope / organization / team. (@watilde)
• TC: Colin Ihrig (@cjihrig) resigned from the TC due to his desire to do more code and fewer meetings.

Known issues

• Possible TLS-related memory leak, details at #1075.
• Windows still reports some minor test failures and we are continuing to address all of these as a priority. See #1005.
• Surrogate pair in REPL can freeze terminal #690
• Not possible to build io.js as a static library #686
• process.send() is not synchronous as the docs suggest, a regression introduced in 1.0.2, see #760 and fix in #774

Community Updates

• You can relax knowing that io.js and latest node.js [are not affected]((https://strongloop.com/strongblog/are-node-and-io-js-affected-by-the-freak-attack-openssl-vulnerability/) by the FREAK Attack. You are running io.js or the latest version of node.js, right?
• Walmart is now sponsoring a build machine for the io.js Jenkins CI system. The @iojs/build team is working on creating io.js SunOS binaries (like you can get from nodejs.org). A V8 fix (iojs/io.js#1079) needs to be landed first before more progress can be made.
• We would also like to thank the following companies for contributing hardware and related technology/support/engineering for io.js builds:
  • Digital Ocean (mainly Linux)
  • Rackspace (mainly Windows)
  • Voxer (OS X and FreeBSD)
  • NodeSource (ARMv6 & ARMv7)
  • Linaro (ARMv8)
  • Walmart (SmartOS / Solaris)
• The io.js community has been hard at work on the internationalization of all of its content. There are now over 20 active languages published on iojs.org and i18n community sites. Additionally, i18n links (iojs/website#258) have been added to the website footer for easy access. Are we missing your language? Help us add it!
• Speaking of translations, the io.js roadmap presentation has been updated to link to other language versions.
• It seems that PayPal is running an experiment comparing Kappa on io.js vs node.js 0.12 vs node.js v0.10. The PayPal team identified a likely TLS memory leak. Initial fix is in #1078 and progress towards closing is in #1075
• NodeSource is now providing io.js Linux binary packages for Ubuntu/Debian as well as RHEL/Fedora distributions.
• The io.js [Docker build]((https://registry.hub.docker.com/u/library/iojs/) is one of thirteen new official Docker repositories added in January and February.
• NodeBots and IoT people should be happy to hear that the just-announced Tessel2 runs io.js natively.
• @maxbeatty is working on a new version of the jsperf.com backend, running on io.js and it is entirely open source. Contributions are welcome!
• @eranhammer wrote a blog post called The Node Version Dilemma which discusses the various node.js / io.js versions and proposes which ones to use and when to use them.

io.js Support Added

• scrypt now supports io.js. Learn more from this GitHub issue
• proxyquire v1.3.2 published with support for iojs.

[rvagg]

Walmart are sponsoring a build machine for our CI set, we're just in the process of trying it out how well it's going to work but this could lead to "sunos" binaries from io.js like you can get from nodejs.org.

So far we have the following companies contributing hardware (and related means to make this work)

• DigitalOcean (mainly Linux)
• Rackspace (mainly Windows)
• Voxer (OS X and FreeBSD)
• NodeSource (ARMv6 & ARMv7)
• Linaro (ARMv8)
• Walmart (SmartOS / Solaris)

Someone in here should get @geek to update the status of SmartOS before this Weekly Update goes out because it'll have evolved by then.

[bnb]

@rvagg Great news! And thanks - I'll make sure we message @geek before this is published.

[rosskukulinski]

proxyquire v1.3.2 published with support for iojs. Announcement here

[geek]

We have a jenkins worker running on SmartOS at the moment, but we are running into issues getting v8 to compile: https://code.google.com/p/v8/issues/detail?id=3935

[bnb]

The Node Version Delimma - http://hueniverse.com/2015/03/02/the-node-version-dilemma/

[rvagg]

jsperf.com backend going io.js https://twitter.com/jsperf/status/572716156357873665

[yosuke-furukawa]

io.js and latest node.js are NOT affected by the FREAK Attack openSSL vulnerability. https://strongloop.com/strongblog/are-node-and-io-js-affected-by-the-freak-attack-openssl-vulnerability/

[tellnes]

scrypt do now support io.js, details in barrysteyn/node-scrypt#39

[bnb]

Major version bump issue - iojs/io.js - nodejs/node#1061

[bnb]

iojs.org adds localization links to footer for access to available localized versions. #31

[julianduque]

NodeSource io.js linux distributions: https://nodesource.com/blog/nodejs-v012-iojs-and-the-nodesource-linux-repositories

[yosuke-furukawa]

Tessel2 is io.js compatible. https://twitter.com/rwaldron/status/573525951688085504 https://twitter.com/technicalhumans/status/573503873727356929

[mikeal]

More on the Tessel 2. It runs io.js on the hardware http://blog.technical.io/post/112787427217/tessel-2-new-hardware-for-the-tessel-ecosystem

[bnb]

Just wanted to ask if someone could take over writing this tomorrow, as I'm having a pretty painful dental issue, and will be trying to get into the dentist to get it fixed. Would anybody be able to take it over?

[rosskukulinski]

I can step in. I'll ping you in the am for details unless there's a readme
on the process. If not, I'll write one.

Ross

On Thursday, March 5, 2015, &! (bitandbang) [email protected]
wrote:

Just wanted to ask if someone could take over writing this tomorrow, as
I'm having a pretty painful dental issue, and will be trying to get into
the dentist to get it fixed. Would anybody be able to take it over?

—
Reply to this email directly or view it on GitHub
#16 (comment).

[snostorm]

FYI We're up to 20 active languages now published (and linked) on io.js org.

[mikeal]

more on tessel http://blog.technical.io/post/112888410737/moving-faster-with-io-js

[Fishrock123]

dangit @mikeal beat me to it XD

[Fishrock123]

Someone in here should get @geek to update the status of SmartOS before this Weekly Update goes out because it'll have evolved by then.

ping @geek

[Fishrock123]

Also, io.js 1.5.0 should be landing today: nodejs/node#1060

[geek]

#16 (comment)

Additionally, we have a fix for the issue here: nodejs/node#1079

[mikeal]

@rosskukulinski we can start drafting the language for the weekly update now :)

[rosskukulinski]

@mikeal aye, I'll start writing it up

[rosskukulinski]

Still working, but here's what I've got so far. Comments welcome.

---

io.js 1.5.0 Release

This week version 1.5.0 was released.

Notable changes

For reference, the complete change log is here

• [v8] Fix for build on solaris platforms iojs/io.js#1079

Community Updates

• io.js and latest node.js NOT affected by FREAK openSSL vulnerability
• Build machines for CI:
  • Walmart now sponosring a build machine
    • Could lead to sunos binaries
  • Existing companies contributing hardware:
  • Digitial Ocean (mainly Linux)
  • Rackspace (mainly Windows)
  • Voxer (OS X and FreeBSD)
  • NodeSource (ARMv6 & ARMv7)
  • Linaro (ARMv8)
  • Walmart (SmartOS / Solaris)
• iojs community has been hard at work on internationalization of all of our content. There are now over 20 active languages published on iojs.org, and i18n links (iojs/website#258). have been added to the footer for easy access.
• NodeSource now providing io.js Linux Distributions
• iojs/io.js Major version bump discussion iojs/io.js#1061
• Tessel2** runs io.js natively.
• @maxbeatty is working on a new version of jsperf.com backend, running on io.js link
• Blog: The Node Version Dilemma

io.js Support Added

• scrypt now supports io.js. Details here
• proxyquire v1.3.2 published with support for iojs. Announcement

[rosskukulinski]

I would appreciate it if someone from @iojs/core could help flush out the 1.5.0 release description & notable changes.

[rvagg]

@rosskukulinski I'm in the process of doing the Notable changes right now, watch the 1.5.0 issue for that.

Breaking news that will impact this update is that Joyent are stepping up to provide some SmartOS machines but we're still in the early stages of that -- the Walmart SmartOS server will probably not end up being required and we'll switch out to Joyent resources. Obviously this is bigger news than just having new build servers so perhaps the best way to handle this for now is to run with what you have and the next update can provide new information about the situation when we actually have our hands on something.

[rosskukulinski]

:) Awesome, thanks

[rosskukulinski]

ok, updated again. I think it's all flushed out. Anything/everything fair game for comments/suggestions/rewrites.

[julianduque]

• s/lanuage/language in "are you missing your lanuage?" sentence under i18n comments.
• s/v8/V8
• s/NodeBot/NodeBots
• node.js, Node.js and Node.JS are used in the article, not sure if we want to use only one style.

[rosskukulinski]

thanks @julianduque - updated!

[mikeal]

Is it ready? I can throw it up on Medium.

[rosskukulinski]

@mikeal I've submitted a PR here: #36

[mikeal]

Published https://medium.com/node-js-javascript/io-js-week-of-march-6th-2f9344688277

[rvagg]

the npm sub-points have come out cray cray

[rvagg]

[are not affected]((https://strongloop.com/strongblog/are-node-and-io-js-affected-by-the-freak-attack-openssl-vulnerability/)

too much bracket

[rvagg]

[Docker build]((https://registry.hub.docker.com/u/library/iojs/) 

same

[mikeal]

cut the sub points. let's not do subpoints, they don't wokr on medium.

[rosskukulinski]

ok, I'll ditch the npm subpoints, fixing the extra brackets

[mikeal]

fixed the bracketing issue son the medium post

[snostorm]

Trying a little (safe) experiment: https://iojs.org/en/index.html is featuring a link to the weekly update (english homepage.)

This might help keep occasional users more in the loop until we expand the site's content offerings more. Thoughts?

[rvagg]

If you read this from the perspective of a new user/visitor there could be confusion about what "update" means, particularly given there is a "v1.5.0" next to it. Sounds like maybe io.js has weekly updates to download.

[bnb]

@snostorm @rvagg How about:

Weekly Update - March 6th featuring official and community updates (Medium)

[rvagg]

better I guess

[mikeal]

-1 on the word "official." Strike it from our vocabulary :)

[bnb]

@mikeal My bad, I keep forgetting.

Weekly Update - March 6th featuring core and community updates (Medium)

That better?

[mikeal]

+1

[snostorm]

Updated, thanks for the feedback

[rvagg]

Perhaps someone here should start a new issue for this at the begining of each week, or just after the last update goes out, so you can start collecting tidbits from around the interwebs.

For the next one, while I have it top of mind, @jbergstroem is likely getting a patch into V8 on behalf of io.js to bring Solaris support back into the latest version. It's nice to highlight these points of collaboration because they go to the value of the ongoing relationship between io.js and V8.

[julianduque]

@rvagg done #41

[julianduque]

This was published, thank you all for this great work, this week will be on #41