-
Notifications
You must be signed in to change notification settings - Fork 29.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
V8 upgrades and what they mean for versioning #47
Comments
We did actually discuss this in another thread. Basically, if we're on a weekly release cycle and v8 makes a breaking change that means that we bump the major version that week. |
@mikeal I see, was this done in the node-forward repo? I've not kept up with every issue there. The initial release thread appeared to have just shrugged off the question with folks talking about rvagg/nan. And @indutny said that he "couldn't really say anything on this topic yet" which sounded to me like this wasn't something that was decided. If you know it happened on node-forward or something, I can go looking there. But nothing on this repo appears to set that standard. |
you know, I can't recall where the thread was, probably a good reason to just have this talk again :) how i see it is, we're gonna follow semver now. if we take deps that changes backward or forward compatibility then we have to increment that semver number accordingly. staying on top of those changes will be a challenge but I think it's a worthy one. |
-1. Wouldn't that cause dependency hell similar to peerDependencies? Let's say npm package A is pure JS and package B uses native V8 API. All packages initially support io.js 1.0.0. Then assume that V8 API changes while the io.js JS API remain unchanged, the major version still bumps to 2.0.0. It is reasonable to require B to update their native code, but to A it is really minor version update of io.js and no update should be required. And if package maintainer of A do not update their package.json, a project that require both A and B would face dependency hell problem even when there really isn't one. I thought the rationale behind semver is so that future npm packages can have dependency to certain version of io.js. That in turn allows io.js to make breaking changes in major version update while preventing outdated npm packages from being accidentally installed. The purpose of semver would be defeated if all pure JS npm packages ended up specifying that they can run on io.js version I'd propose to have two or more version numbers come with every io.js release. We can have for example one version number for io.js JS APIs and another version number for V8 APIs. Then npm packages that contain native code can specify dependency to the V8 version in their package.json independent of the JS API version. Taking this approach further, perhaps we can have separate versioning for different subsystems in io.js, such as libuv.js. Issue #9 already state that we'd like io.js to be split into smaller interdependent subprojects. It make sense to let these subsystems evolve independently and allow npm packages to have dependency to specific subsystems. Though in such case, the main version number of io.js would be mostly symbolic and is rarely needed for dependency management. |
I get that v8 extensions are super powerful, but it's kind of lame that they are the only way to call into a C lib. Maybe it's just me, but I've always thought it was a really big hassle just to call an shared library compared to something like cgo or pinvoke in C#. Why can't there be a nice clean standard solution for shared C library invocation that ships with node and can be configured without writing a bunch of C++ code yourself? IMO, requiring everyone to learn the internals of v8 just to call a function on a C lib makes native extensions a lot more brittle than they need to be and is really painful. Does it really have to be 100x more complicated than PInvoke? [DllImport("msvcrt.dll")] And cgo? // #include <stdio.h> C.puts("blah") |
On Mon, Dec 8, 2014, 07:19 Michael Caine [email protected] wrote:
|
Oh, the bot reply is gone, replied via email and didn't see it got deleted |
Is there any formal plan to keep iojs up-to-date with the latest (or latest-1) version of V8? The last upgrade seems to have been to 3.30.37, which is the latest version in the 3.30.x series. In case there is another 3.30.x release, would that translate to a patch version in iojs? |
@ruimarinho that will depend on the nature of the V8 upgrades .. Google aren't exactly masters of versioning so I suspect decisions will be reactive rather than carefully planned on our part. If there is a breaking API change from V8 then that'll warrant a major version bump from io.js, if there are feature additions then likely just a minor bump. |
Ok, fair enough. Is the plan to stick to |
I don't follow V8 development closely but I don't believe there will be another release soon enough to make it in to our 1.0.0 schedule, we're aiming to have an alpha release in a week or two from now. |
|
Out of curiosity, I've just compiled the results of iojs (head) which includes the most recent v8 update and that alone translates into a nice 28% bump on the ES6 compat-table. |
looks like 3.32.1 has been branched, so latest-not-in-dev would be 3.31.74 not sure if it can be called stable though |
|
@ruimarinho I intend to bring it up at the TC meeting tonight. |
PR: #243 |
@ruimarinho care to run those es6-compat tests again with #243 merged? |
@rvagg: already did (compat-table/compat-table#388)! Do you want me to crosslink with this issue on the commit for future reference? (Edit: mentioned crosslink on commit message). |
thanks @ruimarinho, this is a Big Deal ™️ for io.js ®️ |
Indeed, that is a game-changer for me and many other developers for sure! It'd also be interesting to see how benchmarks compare against each milestone (previous 3.30.31 upgrade and joyent/0.12.x which is on 3.26). |
Added an issue for a dedicated resource on ES6 (#251). |
BUGFIXES * [`27cccfbda`](npm/cli@27cccfb) [nodejs#223](npm/cli#223) vulns → vulnerabilities in npm audit output ([@sapegin](https://github.com/sapegin)) * [`d5e865eb7`](npm/cli@d5e865e) [nodejs#222](npm/cli#222) [nodejs#226](npm/cli#226) install, doctor: don't crash if registry unset ([@dmitrydvorkin](https://github.com/dmitrydvorkin), [@isaacs](https://github.com/isaacs)) * [`5b3890226`](npm/cli@5b38902) [nodejs#227](npm/cli#227) [npm.community#9167](https://npm.community/t/npm-err-cb-never-called-permission-denied/9167/5) Handle unhandledRejections, tell user what to do when encountering an `EACCES` error in the cache. ([@isaacs](https://github.com/isaacs)) DEPENDENCIES * [`77516df6e`](npm/cli@77516df) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`ceb993590`](npm/cli@ceb9935) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`4050b9189`](npm/cli@4050b91) `[email protected]` * [nodejs#46](npm/hosted-git-info#46) [nodejs#43](npm/hosted-git-info#43) [nodejs#47](npm/hosted-git-info#47) [nodejs#44](npm/hosted-git-info#44) Add support for GitLab subgroups ([@mterrel](https://github.com/mterrel), [@isaacs](https://github.com/isaacs), [@ybiquitous](https://github.com/ybiquitous)) * [`3b1d629`](npm/hosted-git-info@3b1d629) [nodejs#48](npm/hosted-git-info#48) fix http protocol using sshurl by default ([@fengmk2](https://github.com/fengmk2)) * [`5d4a8d7`](npm/hosted-git-info@5d4a8d7) ignore noCommittish on tarball url generation ([@isaacs](https://github.com/isaacs)) * [`1692435`](npm/hosted-git-info@1692435) use gist tarball url that works for anonymous gists ([@isaacs](https://github.com/isaacs)) * [`d5cf830`](npm/hosted-git-info@d5cf830) Do not allow invalid gist urls ([@isaacs](https://github.com/isaacs)) * [`e518222`](npm/hosted-git-info@e518222) Use LRU cache to prevent unbounded memory consumption ([@iarna](https://github.com/iarna))
BUGFIXES * [`27cccfbda`](npm/cli@27cccfb) [#223](npm/cli#223) vulns → vulnerabilities in npm audit output ([@sapegin](https://github.com/sapegin)) * [`d5e865eb7`](npm/cli@d5e865e) [#222](npm/cli#222) [#226](npm/cli#226) install, doctor: don't crash if registry unset ([@dmitrydvorkin](https://github.com/dmitrydvorkin), [@isaacs](https://github.com/isaacs)) * [`5b3890226`](npm/cli@5b38902) [#227](npm/cli#227) [npm.community#9167](https://npm.community/t/npm-err-cb-never-called-permission-denied/9167/5) Handle unhandledRejections, tell user what to do when encountering an `EACCES` error in the cache. ([@isaacs](https://github.com/isaacs)) DEPENDENCIES * [`77516df6e`](npm/cli@77516df) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`ceb993590`](npm/cli@ceb9935) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`4050b9189`](npm/cli@4050b91) `[email protected]` * [#46](npm/hosted-git-info#46) [#43](npm/hosted-git-info#43) [#47](npm/hosted-git-info#47) [#44](npm/hosted-git-info#44) Add support for GitLab subgroups ([@mterrel](https://github.com/mterrel), [@isaacs](https://github.com/isaacs), [@ybiquitous](https://github.com/ybiquitous)) * [`3b1d629`](npm/hosted-git-info@3b1d629) [#48](npm/hosted-git-info#48) fix http protocol using sshurl by default ([@fengmk2](https://github.com/fengmk2)) * [`5d4a8d7`](npm/hosted-git-info@5d4a8d7) ignore noCommittish on tarball url generation ([@isaacs](https://github.com/isaacs)) * [`1692435`](npm/hosted-git-info@1692435) use gist tarball url that works for anonymous gists ([@isaacs](https://github.com/isaacs)) * [`d5cf830`](npm/hosted-git-info@d5cf830) Do not allow invalid gist urls ([@isaacs](https://github.com/isaacs)) * [`e518222`](npm/hosted-git-info@e518222) Use LRU cache to prevent unbounded memory consumption ([@iarna](https://github.com/iarna)) PR-URL: #29023 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Rich Trott <[email protected]>
BUGFIXES * [`27cccfbda`](npm/cli@27cccfb) [#223](npm/cli#223) vulns → vulnerabilities in npm audit output ([@sapegin](https://github.com/sapegin)) * [`d5e865eb7`](npm/cli@d5e865e) [#222](npm/cli#222) [#226](npm/cli#226) install, doctor: don't crash if registry unset ([@dmitrydvorkin](https://github.com/dmitrydvorkin), [@isaacs](https://github.com/isaacs)) * [`5b3890226`](npm/cli@5b38902) [#227](npm/cli#227) [npm.community#9167](https://npm.community/t/npm-err-cb-never-called-permission-denied/9167/5) Handle unhandledRejections, tell user what to do when encountering an `EACCES` error in the cache. ([@isaacs](https://github.com/isaacs)) DEPENDENCIES * [`77516df6e`](npm/cli@77516df) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`ceb993590`](npm/cli@ceb9935) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`4050b9189`](npm/cli@4050b91) `[email protected]` * [#46](npm/hosted-git-info#46) [#43](npm/hosted-git-info#43) [#47](npm/hosted-git-info#47) [#44](npm/hosted-git-info#44) Add support for GitLab subgroups ([@mterrel](https://github.com/mterrel), [@isaacs](https://github.com/isaacs), [@ybiquitous](https://github.com/ybiquitous)) * [`3b1d629`](npm/hosted-git-info@3b1d629) [#48](npm/hosted-git-info#48) fix http protocol using sshurl by default ([@fengmk2](https://github.com/fengmk2)) * [`5d4a8d7`](npm/hosted-git-info@5d4a8d7) ignore noCommittish on tarball url generation ([@isaacs](https://github.com/isaacs)) * [`1692435`](npm/hosted-git-info@1692435) use gist tarball url that works for anonymous gists ([@isaacs](https://github.com/isaacs)) * [`d5cf830`](npm/hosted-git-info@d5cf830) Do not allow invalid gist urls ([@isaacs](https://github.com/isaacs)) * [`e518222`](npm/hosted-git-info@e518222) Use LRU cache to prevent unbounded memory consumption ([@iarna](https://github.com/iarna)) PR-URL: #29023 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Rich Trott <[email protected]>
BUGFIXES * [`27cccfbda`](npm/cli@27cccfb) [#223](npm/cli#223) vulns → vulnerabilities in npm audit output ([@sapegin](https://github.com/sapegin)) * [`d5e865eb7`](npm/cli@d5e865e) [#222](npm/cli#222) [#226](npm/cli#226) install, doctor: don't crash if registry unset ([@dmitrydvorkin](https://github.com/dmitrydvorkin), [@isaacs](https://github.com/isaacs)) * [`5b3890226`](npm/cli@5b38902) [#227](npm/cli#227) [npm.community#9167](https://npm.community/t/npm-err-cb-never-called-permission-denied/9167/5) Handle unhandledRejections, tell user what to do when encountering an `EACCES` error in the cache. ([@isaacs](https://github.com/isaacs)) DEPENDENCIES * [`77516df6e`](npm/cli@77516df) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`ceb993590`](npm/cli@ceb9935) `[email protected]` ([@isaacs](https://github.com/isaacs)) * [`4050b9189`](npm/cli@4050b91) `[email protected]` * [#46](npm/hosted-git-info#46) [#43](npm/hosted-git-info#43) [#47](npm/hosted-git-info#47) [#44](npm/hosted-git-info#44) Add support for GitLab subgroups ([@mterrel](https://github.com/mterrel), [@isaacs](https://github.com/isaacs), [@ybiquitous](https://github.com/ybiquitous)) * [`3b1d629`](npm/hosted-git-info@3b1d629) [#48](npm/hosted-git-info#48) fix http protocol using sshurl by default ([@fengmk2](https://github.com/fengmk2)) * [`5d4a8d7`](npm/hosted-git-info@5d4a8d7) ignore noCommittish on tarball url generation ([@isaacs](https://github.com/isaacs)) * [`1692435`](npm/hosted-git-info@1692435) use gist tarball url that works for anonymous gists ([@isaacs](https://github.com/isaacs)) * [`d5cf830`](npm/hosted-git-info@d5cf830) Do not allow invalid gist urls ([@isaacs](https://github.com/isaacs)) * [`e518222`](npm/hosted-git-info@e518222) Use LRU cache to prevent unbounded memory consumption ([@iarna](https://github.com/iarna)) PR-URL: #29023 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Rich Trott <[email protected]>
Original commit message: Merged: [runtime] Set instance prototypes directly on maps Bug: chromium:1452137 (cherry picked from commit c7c447735f762f6d6d0878e229371797845ef4ab) Change-Id: I611c41f942e2e51f3c4b4f1d119c18410617188e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4637888 Commit-Queue: Igor Sheludko <[email protected]> Auto-Submit: Igor Sheludko <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Reviewed-by: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/branch-heads/11.4@{nodejs#47} Cr-Branched-From: 8a8a1e7086dacc426965d3875914efa66663c431-refs/heads/11.4.183@{#1} Cr-Branched-From: 5483d8e816e0bbce865cbbc3fa0ab357e6330bab-refs/heads/main@{#87241} Refs: v8/v8@a1efa53
Original commit message: Merged: [runtime] Set instance prototypes directly on maps Bug: chromium:1452137 (cherry picked from commit c7c447735f762f6d6d0878e229371797845ef4ab) Change-Id: I611c41f942e2e51f3c4b4f1d119c18410617188e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4637888 Commit-Queue: Igor Sheludko <[email protected]> Auto-Submit: Igor Sheludko <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Reviewed-by: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/branch-heads/11.4@{nodejs#47} Cr-Branched-From: 8a8a1e7086dacc426965d3875914efa66663c431-refs/heads/11.4.183@{#1} Cr-Branched-From: 5483d8e816e0bbce865cbbc3fa0ab357e6330bab-refs/heads/main@{#87241} Refs: v8/v8@a1efa53
Original commit message: Merged: [runtime] Set instance prototypes directly on maps Bug: chromium:1452137 (cherry picked from commit c7c447735f762f6d6d0878e229371797845ef4ab) Change-Id: I611c41f942e2e51f3c4b4f1d119c18410617188e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4637888 Commit-Queue: Igor Sheludko <[email protected]> Auto-Submit: Igor Sheludko <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Reviewed-by: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/branch-heads/11.4@{#47} Cr-Branched-From: 8a8a1e7086dacc426965d3875914efa66663c431-refs/heads/11.4.183@{#1} Cr-Branched-From: 5483d8e816e0bbce865cbbc3fa0ab357e6330bab-refs/heads/main@{#87241} Refs: v8/v8@a1efa53 PR-URL: #50077 Refs: nodejs/nodejs-dependency-vuln-assessments#151 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Mohammed Keyvanzadeh <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Original commit message: Merged: [runtime] Set instance prototypes directly on maps Bug: chromium:1452137 (cherry picked from commit c7c447735f762f6d6d0878e229371797845ef4ab) Change-Id: I611c41f942e2e51f3c4b4f1d119c18410617188e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4637888 Commit-Queue: Igor Sheludko <[email protected]> Auto-Submit: Igor Sheludko <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Reviewed-by: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/branch-heads/11.4@{#47} Cr-Branched-From: 8a8a1e7086dacc426965d3875914efa66663c431-refs/heads/11.4.183@{#1} Cr-Branched-From: 5483d8e816e0bbce865cbbc3fa0ab357e6330bab-refs/heads/main@{#87241} Refs: v8/v8@a1efa53 PR-URL: #50077 Refs: nodejs/nodejs-dependency-vuln-assessments#151 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Mohammed Keyvanzadeh <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Richard Lau <[email protected]>
In the Initial Release issue @indutny says that the API shielding the users from V8 C++ API has been rejected. This lack of a shield + @mikeal's start of that thread here where it is stated that V8 will be merged as fast as possible when V8 releases brings up a very concrete problem.
The choices come down to the following if a shield is not developed for users to use. When V8 releases backwards incompatible changes to their C++ API:
Both of which have major consequences on the community who is trying to use iojs as a platform to build things on top of. The last solution, and one that makes even more sense in the world of faster releases and semver, is to protect the users and provide a stable API they can build against. The V8 API can still be there, but now there is a safe way for developers to write binary packages.
I understand that rvagg/nan exists and is even blessed. And perhaps that is the solution that core developers are alright with accepting and consider the V8 API not part of the API that iojs presents for its users. But that decision should be made official and communicated to the community that they are playing with fire if they touch the V8 API directly.
The text was updated successfully, but these errors were encountered: