Profile avatar
targos.dev
18 posts 290 followers 207 following
Getting Started
Conversation Starter
Posts 6 Comments 16
comment in response to post
I'll be there too!
submitted 133 days ago
comment in response to post
Major in theory. In practice I would probably not have thought about it.
submitted 136 days ago
comment in response to post
Maybe we should start specifying that we want minimal code, not minimal effort.
submitted 169 days ago
comment in response to post
Is SHA-256 faster because CPUs have specialized instructions for it?
submitted 170 days ago
comment in response to post
This GitHub "feature" has been known for years and has already been abused to trick people into downloading malware. I'm not aware of any official communication about it but I may have missed it.
submitted 203 days ago
comment in response to post
Wait, it's actually in the stack trace. The problem is in the abandoned `esm` module: github.com/standard-thi... This internal method was changed. It now expects two parameters.
submitted 206 days ago
comment in response to post
This probably means that one of the modules is abusing Node.js internals. Try to run the tests with the `NODE_DEBUG=module` env var to find which one.
submitted 206 days ago
comment in response to post
I'm talking about runtime checks. I don't know what you mean by "type checks".
submitted 207 days ago
comment in response to post
I agree. My point is that correct types should force you to write the checks, or at least help you think about it.
submitted 207 days ago
comment in response to post
My opinion here is that if the query string parser you use has type definitions and may convert any query param to an array, the types should reflect that. Otherwise it's a typings bug that may introduce the security vulnerability.
submitted 207 days ago
comment in response to post
I tried to find a hint in the conversation but I don't find how you can (unexpectedly) get something other than a string from a query parameter. You need to have a specific parser/transformer in the middle. It's not like untrusted JSON body.
submitted 207 days ago
comment in response to post
node --expose-internals -e "require('internal/test/binding').internalBinding('process_methods').causeSegfault()"
submitted 228 days ago
comment in response to post
bsky.app/starter-pack...
submitted 230 days ago
comment in response to post
I only had one sponsor (codecov), and lost it today.
submitted 231 days ago
comment in response to post
I use Draw Things: drawthings.ai
submitted 231 days ago
comment in response to post
In case they want to use the `nodejs.org` handle and can't do it, feel free to direct them to me. Happy to help for the DNS challenge.
submitted 233 days ago