Open source projects are about the software, the users, and the community. Since becoming project lead in 2014, I've been privileged to be a part of the most passionate, diverse, and vibrant community in the ecosystem. The community is responsible for Node.js' meteoric rise and continued adoption by users and companies all over the world. Given the strength of its community, I'm confident that Node.js is heading in the right direction. With that said, it's time for me to step back.
For the past year, I've worked directly with community members to improve Node.js, focusing on improving the parts of the project that benefit everyone. We wanted to know what in Node.js was working for them and what wasn't. During the life of a project, it's crucial to constantly reset yourself and not lose sight of your identity. Node.js is a small set of stable core modules, doing one thing, and one thing well. Every change we make, we tried to make sure we were being true to ourselves and not violating our ethos. We've focused on eliminating bugs and critical performance issues, as well as improving our workflows. Ultimately, our goal was to ensure Node.js was on the right path.
The formation of the Node.js Foundation couldn't have happened at a better time in the life of Node.js. I believe this will be the tipping point that cements Node's place in technology. Soon, the foundation will be announcing its first meeting, initial membership, and future plans for Node.js. The project is on the right path, has the right contributors and is not tied to one person. It has a vibrant and loyal community supporting it.
I want to take some time to highlight a few of those who have made an impact on Node.js. This list only scratches the surface, but these are a few of the unsung contributors that deserve some attention:
Node.js wanted to have a living breathing site, one that could attract our community and be the canonical source of documentation and tutorials for Node.js. Leading the charge has been Robert Kowalski and Wyatt Preul, who have been incredibly helpful to the Node.js ecosystem in many ways, but most notably by helping breathe life in the website.
One key point of the maturity for Node.js has been its growing predominance worldwide. Therefore, we've been working to improve our support for internationalization and localization. Node.js is so widely accepted that our users need Node.js to support internationalization so they can better support their own customers. Luckily, we have Steven Loomis leading the charge on this — he has the unique privilege of being a member of both ICU and Node.js.
Node.js is seeing adoption across many new platforms, which means we need to collaborate with the community to support those platforms. Much like we have Alexis Campilla working to support the Windows platform, we have people like Michael Dawson working on adding support for PowerPC and zSeries. Additionally, he's been able to leverage the technical depth of IBM to help squash bugs and do work on our VM backend of V8.
OpenSSL has had its share of issues recently, but it's not the only dependency that can be sensitive to upgrade -- so many thanks go to James Snell for working to help simplify and manage those upgrades. James has also been working together with our large, diverse, and complex community to make sure our development policies are easy to understand and approachable for other new contributors.
Finally, I want to make a very special mention of Julien Gilli, who has been an incredible addition to the team. Julien has been responsible for the last few releases of Node.js — both the v0.10 and v0.12 branches. He's done wonders for the project, mostly behind the scenes, as he has spent tons of time working on shoring up our CI environment and the tests we run. Thanks to him, we were able to ship v0.12.0 with all our tests passing and on all of our supported platforms. This was the first Node.js release ever to have that feature. He has also been working tirelessly to iterate on the process by which the team manages Node.js. Case in point is the excellent documentation he's put together describing how to manage the workflow of developing and contributing to the project.
In short, hiring Julien to work full time on Node.js has been one of the best things for the project. His care and concern for Node.js, its users, and their combined future is evident in all of his actions. Node.js is incredibly lucky to have him at its core and I am truly indebted to him.
It's because of this strong team, community, and the formation of the Foundation that it makes it the right time for me to step back. The foundation is here, the software is stable, and the contributors pushing it forward are people I have a lot of faith in. I can't wait to see just how far Node.js' star will rise. I am excited to see how the contributors grow, shape and deliver on the promise of Node.js, for themselves and for our users.
Moving forward, I will still remain involved with Node.js and will provide as much help and support to the rest of the core team as they need. However, I won't have the time to participate at the level needed to remain a core contributor. With the core team and the community working together, I know they won't miss a step.
In February, we announced the Node.js Foundation, which will steward Node.js moving forward and open its future up to the community in a fashion that has not been available before. Organizations like IBM, SAP, Apigee, F5, Fidelity, Microsoft, PayPal, Red Hat, and others are sponsoring the Foundation, and they’re adding more contributors to the project. The mission of the Foundation is to accelerate the adoption of Node and ensure that the project is driven by the community under a transparent, open governance model.
Under the aegis of the Foundation, the Node.js project is entering the next phase of maturity and adopting a model in which there is no BD or project lead. Instead, the technical direction of the project will be established by a technical steering committee run with an open governance model. There has been a lot of discussion on the dev policies and governance model on Github. As we move toward the Foundation model, the core team on Node.js is already adopting some of these policies as shown here.
As we open a new chapter with the Foundation, we also close a remarkable chapter in Node.js, as TJ Fontaine will be stepping back from his post as Node.js Project Lead. TJ has come to be an integral member of our team, and his contributions will have long-lasting effects on the future of Node.js. Although he will not be as active, TJ will continue to act as a resource for helping the Node.js project as needed.
I would like to thank TJ for his time and contributions to Node.js and to Joyent. I have witnessed firsthand the kind of impact he can have on a team, and his technical chops will be missed. As we take this next major step in the growth of Node.js, we wish TJ luck in his future endeavors.
2015.03.31, Version 0.12.2 (Stable)
uv: Upgrade to 1.4.2
npm: Upgrade to 2.7.4
V8: Fix --max_old_space_size=4096 integer overflow (Andrei Sedoi)
asyncwrap: fix constructor condition for early ret (Trevor Norris)
buffer: align chunks on 8-byte boundary (Fedor Indutny)
buffer: fix pool offset adjustment (Trevor Norris)
console: allow Object.prototype fields as labels (Colin Ihrig)
fs: make F_OK/R_OK/W_OK/X_OK not writable (Jackson Tian)
fs: properly handle fd passed to truncate() (Bruno Jouhier)
http: fix assert on data/end after socket error (Fedor Indutny)
lib: fix max size check in Buffer constructor (Ben Noordhuis)
lib: fix stdio/ipc sync i/o regression (Ben Noordhuis)
module: replace NativeModule.require (Herbert Vojčík)
net: allow port 0 in connect() (cjihrig)
net: unref timer in parent sockets (Fedor Indutny)
path: refactor for performance and consistency (Nathan Woltman)
smalloc: extend user API (Trevor Norris)
src: fix for SIGINT crash on FreeBSD (Fedor Indutny)
src: fix builtin modules failing with --use-strict (Julien Gilli)
watchdog: fix timeout for early polling return (Saúl Ibarra Corretgé)
Source Code: http://nodejs.org/dist/v0.12.2/node-v0.12.2.tar.gz
Macintosh Installer (Universal): http://nodejs.org/dist/v0.12.2/node-v0.12.2.pkg
Windows Installer: http://nodejs.org/dist/v0.12.2/node-v0.12.2-x86.msi
Windows x64 Installer: http://nodejs.org/dist/v0.12.2/x64/node-v0.12.2-x64.msi
Windows x64 Files: http://nodejs.org/dist/v0.12.2/x64/
Linux 32-bit Binary: http://nodejs.org/dist/v0.12.2/node-v0.12.2-linux-x86.tar.gz
Linux 64-bit Binary: http://nodejs.org/dist/v0.12.2/node-v0.12.2-linux-x64.tar.gz
Solaris 32-bit Binary: http://nodejs.org/dist/v0.12.2/node-v0.12.2-sunos-x86.tar.gz
Solaris 64-bit Binary: http://nodejs.org/dist/v0.12.2/node-v0.12.2-sunos-x64.tar.gz
Other release files: http://nodejs.org/dist/v0.12.2/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 bfdba242dbef3c6b2567c3cffd06fa4dcdab93ba node-v0.12.2-darwin-x64.tar.gz f6d3ab76516b800ee7f30c7b53f53a8c53914b70 node-v0.12.2-darwin-x86.tar.gz 0873180db9ebfe5b46f83de96ec67f9982f8e26e node-v0.12.2-linux-x64.tar.gz 916b1d9ecc2ba935836436aeafa8a6a64dfbc3a3 node-v0.12.2-linux-x86.tar.gz 52440341044462f0089c06416a4ac720312939b9 node-v0.12.2-sunos-x64.tar.gz f0df61d6d5825ba62d0ef8adca6898dd95afba0d node-v0.12.2-sunos-x86.tar.gz bdc711c0c8e6a48ff54a03350175070d0d55bb13 node-v0.12.2-x86.msi c88904207f5ddb7c1286cb1bf5ae5c3b7488b3cd node-v0.12.2.pkg a969f17a0a6c9238584f8946d96e8d39be8eb957 node-v0.12.2.tar.gz 2a11914845de4fdcd542da1ee1850bdaa9365e44 node.exe be95280eeb97abc7e490c21f75c45eb963261006 node.exp d6ba806609e3702be043951560964895088d7c16 node.lib ca2f0b4504d137df4c72193cc4e09993d458beee node.pdb d877da4f9f05c57039ea1dc876fd7d776228d10e openssl-cli.exe 92de0ab27f9304852bee902094c054967bc8a378 openssl-cli.pdb 994a1461df5dd7de79f8072b14103642d0d5cbfe x64/node-v0.12.2-x64.msi bb7ff2003522667be0c6990358d37fda654ca552 x64/node.exe 8b94fd4aa06a74517815832c7b2079c4c0a476b9 x64/node.exp 527400175a806ff3b0db15a70eea68950f199743 x64/node.lib b509a605aea12234f33e8311ea28af8fb05ec42e x64/node.pdb 6f67c2dee109c16e47109fc8ae8efd165a530a7f x64/openssl-cli.exe 48da80165e13ada3c41760e903200ae52190d534 x64/openssl-cli.pdb -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVGyv+AAoJEFCjBR+IjGKNJYsP/2nF/1489IXga69k2PkyDwaa hFiWHpASH0hmcnoISDeMOwCLQIiqUsVx4a3ou5Dd844MNyPSDlzL4mvUYhAEklVZ xZHvWqvqdkMkUFQY6Safz/ZN19667uVr0n5yzjkjtp1kONfUHA+PDIimFFXD0NQx oUssDP2qnfr8IoCWGp8oY0BaHiw3VN1F1P5KWt3G3nkIcNeeoSp1MYl5OX5zxSo5 mj9Y2i9qaIE3NAkkX5GJxNytbj82VJjlR6517zJ7z34EbevtvLk/5F1whOuE/Ipq Qa2xmQlKtC1FrH3EV4v0TVyZzJyy8PZDmLQZIxkQJHdJc511zf1MZ1j0lBUBbf+c xCYyg1IVpntOF9KAzXpV9k3Ffv9vdGbWMkGUaUfAsSmU6Pu86l96cYKtRTUT7zGv Bw+wWsvmIOnT1EIRvzK+lCDrTfNEhDEyhItGWiWS8UobEtvuXoCEriI32LYPPa6o CC8q18VzKonn5t0ixjkrx4JN/Vtx4f5nDNRbi3397uiUilVLc6c0MYwO7lgpv8Xw Ztj4z+epqoyqKTbRUHH8euuQkW0G25Of0a/By1AGPWVxxmYv1XM/2qdkWJcZnijO 3pDu3K4GheyMSvFlqzt9uEZYAXVKAEiHG3Z2MyEQVLvjHN0ug7w+X87YU0DBJlRi 5iAY7/T05CiLJ1+f4Czn =yvpO -----END PGP SIGNATURE-----
This release upgrades OpenSSL to version 1.0.1m, which includes fixes for several CVEs that were disclosed recently.
2015.03.23, Version 0.12.1 (Stable)
- openssl: upgrade to 1.0.1m (Addressing multiple CVES)
Source Code: http://nodejs.org/dist/v0.12.1/node-v0.12.1.tar.gz
Macintosh Installer (Universal): http://nodejs.org/dist/v0.12.1/node-v0.12.1.pkg
Windows Installer: http://nodejs.org/dist/v0.12.1/node-v0.12.1-x86.msi
Windows x64 Installer: http://nodejs.org/dist/v0.12.1/x64/node-v0.12.1-x64.msi
Windows x64 Files: http://nodejs.org/dist/v0.12.1/x64/
Linux 32-bit Binary: http://nodejs.org/dist/v0.12.1/node-v0.12.1-linux-x86.tar.gz
Linux 64-bit Binary: http://nodejs.org/dist/v0.12.1/node-v0.12.1-linux-x64.tar.gz
Solaris 32-bit Binary: http://nodejs.org/dist/v0.12.1/node-v0.12.1-sunos-x86.tar.gz
Solaris 64-bit Binary: http://nodejs.org/dist/v0.12.1/node-v0.12.1-sunos-x64.tar.gz
Other release files: http://nodejs.org/dist/v0.12.1/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 3ca64f6895fcb345ebbb89a23bee5ac2bb9eb633 node-v0.12.1-darwin-x64.tar.gz 0915abf1956014ad5db6b9645ccafdb87c65ade2 node-v0.12.1-darwin-x86.tar.gz 79880ff2bc95a674bd0701a6dd4ed38f8366db27 node-v0.12.1-linux-x64.tar.gz 1faad9bf54724934b0cd047d29fe521a26aa4323 node-v0.12.1-linux-x86.tar.gz 05c7abc865d84c350eab0a1e0a0d6e26ba64a60d node-v0.12.1-sunos-x64.tar.gz bc2d34d2ae3ebd4b12d207c39bc9b9b0e6d8e93d node-v0.12.1-sunos-x86.tar.gz 1c93cd3f14fad40b4bb8e8656b5ffd98504ea2a2 node-v0.12.1-x86.msi bfad329e12205a60fdf47434224aab5e8ef6ad60 node-v0.12.1.pkg 9b544043d78af7a41e41092b9d550dd412dfb461 node-v0.12.1.tar.gz d8dbc104cfb7c2516ca75294316986760cf62f67 node.exe 566e9a77711a2102fa498bc8a488f80032707d13 node.exp 8216848e37c6db01779603168e7a1aff3c6a62aa node.lib 9caaefaf2f412a26b66472e35058ca61a2aba3bd node.pdb 5bcae5ce9d3a7f3fb5787261b14375691a7270c6 openssl-cli.exe 61085ef9411e7a60cdf7365994e722a952f2d9c5 openssl-cli.pdb 2ba47a75e8f8cf118c0564641449bface77ed07f x64/node-v0.12.1-x64.msi a1565f6e11d0eeb305b7537eaa2f415440674167 x64/node.exe b9eda020ce16e5b772d395b3fe031e5fe3cfcd92 x64/node.exp 14af74ac1de04dcaed580479e2ce674d6ff48316 x64/node.lib 64a9ce8a60e3f9450e95fb4196103a67d92776d9 x64/node.pdb edc781c1d327d750c2fd7586e3d55a44304f02bd x64/openssl-cli.exe 991b40e4280dcb414ff6c5573890ecc0dea48e73 x64/openssl-cli.pdb -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVEM/HAAoJEFCjBR+IjGKNQ5AP/RKV0YhN+Wm4d9abBPZuJQAm tlwwEqXs8XNyFy3Ap7j0ZTnoGKTAFrcekTOFraGBMNhUVeJN2626mE0kIPAf32Ot 8lb0xuEdqcKBlgOOdz2UivJebGZagKfqES3feqp2BSQXVn+fDHEYDvaDRZyc0ybW PJ2+Ro+S7+Tso3kn1kViBiNXTJgR2FoXMSpo45qvXesIm7lctOeULoAcEmttNUsc du+xDN2Xn5PSNtoga12kWwubpyB3A2xeL7Xuim9+jZfcERgunAUFqYBryf7h9ejZ iqMQkj6EIPq/9yWK8Gjkszbi8xTn/cSxqcADM9TPjLMnqwHallFe/0vEKkYmr8KO YwzKW51Y/qp66J5PdXynmyh5o9mGcXNws03fan5gp5KTjQGtNmIj7TsUAz1AsWvt E1A7w26pUAc9Spb21oVgtJiJVceVL+lSYe9JKefPySCl45TbU/cKegbhd0xJMmp+ LvgYuefWOYszW0UhzxWqNZ84CPatAZSSm74nP+hcinvh4UYXI0RaZmyNAk4a8p25 4COamjrA3KSDFBsjVxhYv25JAruEeKvqPvoe+gyuJiBSEWOY7Q4/TwiZiQb5/fQq 5wPkMzH/SeAtGutNvfjfrfkc5IEL0luYbpphLAz5eZHcGFgkq13BauBiTuOn+Ay/ DNawF60FJ2KhPAMMZZ2u =4n9M -----END PGP SIGNATURE-----