I’m starting to feel that bounties for security vulnerabilities for OSS were a mistake. They attract the “wrong” kind of actors that have no interest in improving OSS, but they are in it only for the money.
Creating a minimum viable reproduction is hard work, and most often more than 50% of the solution. Remember to help the maintainers of your favorite library and provide them a repro!
(Because of this, tracking down "flaky" bugs and race conditions is exceptionally hard).
@329ac5db@365a528d this is valid feedback and none of this is set in stone. The flag is experimental… having *you* give this feedback is the reason why we do so.
A new edition of Adventures in Nodeland is out. This includes:
1. Platformatic v1.0.0 release
2. Node.js plans to add a flag to flip the default to ESM
3. "Reports of Node.js deaths are greatly exaggerated" podcast
4. process hangs
5. Cloudflare announcements and many other links.
https://adventures.nodeland.dev/archive/1e2dcf79-8f0f-47aa-be4b-1587dc50231f/
Oddbean new post about login | logout
Notes by 84afd2fa | export