Skip to content

Instantly share code, notes, and snippets.

View jasnell's full-sized avatar
💭
Loving Life

James M Snell jasnell

💭
Loving Life
View GitHub Profile
// Do this
const { writable, readable } = new TransformStream();
const writer = writable.getWriter();
writer.write('something');
writer.write('something');
writer.write('something');
// Here, you can use the writer's `.ready` promise to determine
@jasnell
jasnell / index.js
Created May 24, 2021 21:58
Getting loopy with JavaScript
'use strict';
const {
createHistogram,
performance: {
timerify
}
} = require('perf_hooks');
const users = [
@jasnell
jasnell / fast-path-set bench
Created April 25, 2021 22:25
faster-path-set.js
Histogram {
min: 200,
max: 842751,
mean: 326.24267848,
exceeds: 0,
stddev: 512.5949230856029,
percentiles: SafeMap(30) [Map] {
0 => 200,
50 => 301,
75 => 401,
@jasnell
jasnell / index.ts
Created February 12, 2021 14:40
HTTP(S) import bomb vulnerability in Deno
import * as foo from 'http://localhost:3001/foo.ts'
There once was a repo written in C
The name of the repo was libshanty
The buffers overran, her memory leaked
O blow, my registers, blow.
Soon may the User folk come
And try our repo to build and run
One day, when the compilin's done
We'll make a release and go
She had not been two weeks released
When down on the net came a CVE
const EventEmitter = require('events')
const { promisify } = require('util')
const foo = new EventEmitter()
const sleep = promisify(setTimeout)
foo.on('something', async () => {
await sleep(100)
try {
functionThatDoesNotExist()
L �
�TwB $`tys�?yZ�w���?"- �A�^A�*NA!ˎ0A)�@(
* it was a mistake to let npm, inc. get as far as it did with what should have always been a part of the foundation (post Joyent).
* The CLI isn't the interesting part – the registry contains the value & needs to be safeguarded.
* I really strongly dislike Facebook and don't trust anyone that takes a paycheck or benefits at all from that brand. NPM is know to not be well managed but I really don't like Facebook.
* "Dear God please don't ship Yarn by default. Not only are the maintainers unpleasant to interact with, the whole thing is just... bad.
* Most of the time fixing Yarn issues comes down to: ""Can you try npm instead?"". Making that a default experience would be a catastrophy."
* I am more concerned about the stability of the npm package management repo than necessarily npm vs yarn.
* I remember when node didn't come with a package manager, it was pretty bad
* the problem is not the package manager, it’s the registry. Currently the registry is not owned the foundation. no matter what the client is, we
@jasnell
jasnell / p.js
Last active February 25, 2020 21:19
Promises example
const { createHook } = require('async_hooks');
const { promisify } = require('util');
const sleep = promisify(setTimeout);
let count = 0;
const hook = createHook({
init(id, type) {
if (type === 'PROMISE')
count++;

Keybase proof

I hereby claim:

  • I am jasnell on github.
  • I am jasnell (https://keybase.io/jasnell) on keybase.
  • I have a public key whose fingerprint is 71DC FD28 4A79 C3B3 8668 286B C97E C7A0 7EDE 3FC1

To claim this, I am signing this object: