Thu, 19 Dec 2013 17:02:48 UTC - release

2013.12.18, Version 0.10.24 (Stable)

  • uv: Upgrade to v0.10.21

  • npm: upgrade to 1.3.21

  • v8: backport fix for CVE-2013-{6639|6640}

  • build: unix install node and dep library headers (Timothy J Fontaine)

  • cluster, v8: fix --logfile=%p.log (Ben Noordhuis)

  • module: only cache package main (Wyatt Preul)

Source Code: http://nodejs.org/dist/v0.10.24/node-v0.10.24.tar.gz

Macintosh Installer (Universal): http://nodejs.org/dist/v0.10.24/node-v0.10.24.pkg

Windows Installer: http://nodejs.org/dist/v0.10.24/node-v0.10.24-x86.msi

Windows x64 Installer: http://nodejs.org/dist/v0.10.24/x64/node-v0.10.24-x64.msi

Windows x64 Files: http://nodejs.org/dist/v0.10.24/x64/

Linux 32-bit Binary: http://nodejs.org/dist/v0.10.24/node-v0.10.24-linux-x86.tar.gz

Linux 64-bit Binary: http://nodejs.org/dist/v0.10.24/node-v0.10.24-linux-x64.tar.gz

Solaris 32-bit Binary: http://nodejs.org/dist/v0.10.24/node-v0.10.24-sunos-x86.tar.gz

Solaris 64-bit Binary: http://nodejs.org/dist/v0.10.24/node-v0.10.24-sunos-x64.tar.gz

Other release files: http://nodejs.org/dist/v0.10.24/

Website: http://nodejs.org/docs/v0.10.24/

Documentation: http://nodejs.org/docs/v0.10.24/api/

Shasums:

4a233e4e51ec24de3b2c3196b9128781665b4edc  node-v0.10.24-darwin-x64.tar.gz
1b018a372d919462e8ebef29a0de4816a83e38ff  node-v0.10.24-darwin-x86.tar.gz
423018f6a60b18d0dddf3007c325e0cc8cf55099  node-v0.10.24-linux-x64.tar.gz
fb99761ce4cef4a43743c1ed630b185545152264  node-v0.10.24-linux-x86.tar.gz
9719b2b636d8f5caf5495e967cbe167fd16eb160  node-v0.10.24-sunos-x64.tar.gz
84d7645d88dad9050f72c01d5f783cc018a8dc2b  node-v0.10.24-sunos-x86.tar.gz
4b3cd142e691033308bfab237b6bf79a1a7f5c10  node-v0.10.24-x86.msi
74aba302d8b34e1fc93b3e0babc3f5d9bd8c09f3  node-v0.10.24.pkg
d162d01eb173cb5a0e7e46c9d706421c4c771039  node-v0.10.24.tar.gz
782c0b437f1d4205d7ba012e02157fb984d656b0  node.exe
c3bf16e3e2e268340a96fca869a1e3ce3ead46b5  node.exp
b81ceddb831981b200f04403718b2adcd24fd5ed  node.lib
1c009c51c273512eb76ef3a1e36d5d1ccf1e4094  node.pdb
8c90873802c40ecadb304002401ba857ad728f9c  pkgsrc/nodejs-ia32-0.10.24.tgz
94eda460e90dd59886ee2543bb55c8baea6daf1c  pkgsrc/nodejs-x64-0.10.24.tgz
9b36fd16d8a6eb95c375ced0e1929b88b3dbb3e6  x64/node-v0.10.24-x64.msi
43c51bf9ff7c6aa421c4c89a4b14e0ab1cb0527a  x64/node.exe
74d67c1cad72c0231fdc3498a0ca90c09e49abfb  x64/node.exp
724463c1a1bd3ad386e1089f53c7fa0ca16c38b6  x64/node.lib
58a6bcec861c0a8d20e90db348d3a4fbd49e88cc  x64/node.pdb

Thu, 12 Dec 2013 06:10:46 UTC - release

2013.12.12, Version 0.10.23 (Stable)

  • uv: Upgrade to v0.10.20 (Timothy J Fontaine)

  • npm: Upgrade to 1.3.17 (isaacs)

  • gyp: update to 78b26f7 (Timothy J Fontaine)

  • build: include postmortem symbols on linux (Timothy J Fontaine)

  • crypto: Make Decipher._flush() emit errors. (Kai Groner)

  • dgram: fix abort when getting fd of closed dgram (Fedor Indutny)

  • events: do not accept NaN in setMaxListeners (Fedor Indutny)

  • events: avoid calling once functions twice (Tim Wood)

  • events: fix TypeError in removeAllListeners (Jeremy Martin)

  • fs: report correct path when EEXIST (Fedor Indutny)

  • process: enforce allowed signals for kill (Sam Roberts)

  • tls: emit 'end' on .receivedShutdown (Fedor Indutny)

  • tls: fix potential data corruption (Fedor Indutny)

  • tls: handle ssl.start() errors appropriately (Fedor Indutny)

  • tls: reset NPN callbacks after SNI (Fedor Indutny)

Source Code: http://nodejs.org/dist/v0.10.23/node-v0.10.23.tar.gz

Macintosh Installer (Universal): http://nodejs.org/dist/v0.10.23/node-v0.10.23.pkg

Windows Installer: http://nodejs.org/dist/v0.10.23/node-v0.10.23-x86.msi

Windows x64 Installer: http://nodejs.org/dist/v0.10.23/x64/node-v0.10.23-x64.msi

Windows x64 Files: http://nodejs.org/dist/v0.10.23/x64/

Linux 32-bit Binary: http://nodejs.org/dist/v0.10.23/node-v0.10.23-linux-x86.tar.gz

Linux 64-bit Binary: http://nodejs.org/dist/v0.10.23/node-v0.10.23-linux-x64.tar.gz

Solaris 32-bit Binary: http://nodejs.org/dist/v0.10.23/node-v0.10.23-sunos-x86.tar.gz

Solaris 64-bit Binary: http://nodejs.org/dist/v0.10.23/node-v0.10.23-sunos-x64.tar.gz

Other release files: http://nodejs.org/dist/v0.10.23/

Website: http://nodejs.org/docs/v0.10.23/

Documentation: http://nodejs.org/docs/v0.10.23/api/

Shasums:

80980a23ec1915a0d4522fd4423a2eee25bf9ba5  node-v0.10.23-darwin-x64.tar.gz
c9c0f6772f2bda746d3997f4d821da9090dcd2a3  node-v0.10.23-darwin-x86.tar.gz
4c7d17ae61c753750e8f5ae989e3d80f7c8f89ea  node-v0.10.23-linux-x64.tar.gz
afa901a312350ec8b271d402261a7882e1d3640b  node-v0.10.23-linux-x86.tar.gz
30d5e06cfed35eea80d5ee4643858c157d104a85  node-v0.10.23-sunos-x64.tar.gz
2c4ce154b8595848119bb63164ca021f4fe8457e  node-v0.10.23-sunos-x86.tar.gz
d51b641354a41243830ff6e3bdd1e03a7758fc38  node-v0.10.23-x86.msi
a7711fbb958350011641c218dae64c0c6f1f80a8  node-v0.10.23.pkg
8717942d1bdfa8902ce65cd33b4293d16b486c64  node-v0.10.23.tar.gz
12d1e0a6373bb2b67129c7f0ebc514b793b106af  node.exe
9f107c4dba21fee76bbb5ac2fe552d40e6ae5e70  node.exp
52b4c463f8b667c24a54a0d8cd583b677706ae3c  node.lib
ec619173e2e867b929d4178ecbe561639aed4cb2  node.pdb
837ff717c2842c32e0804ce6c131404fc8599d8d  pkgsrc/nodejs-ia32-0.10.23.tgz
395e9fe9e32874a24febffa17adacd7e1e387e63  pkgsrc/nodejs-x64-0.10.23.tgz
56892aadf1c9d2d2bc637ee87bd08775a139b252  x64/node-v0.10.23-x64.msi
663d9dd7face6399f5c0b7d6082ec2d5b4acc2c3  x64/node.exe
601b564b73df1f4a871ed55e2e2c9aee5b28f04d  x64/node.exp
523e3f96f45132d2e5e2eb39a1dbd0c5bf6b8822  x64/node.lib
2624cddcbd23c84d947af2bf2b91b1e0b64e3602  x64/node.pdb

Tue, 03 Dec 2013 22:13:57 UTC

As of this past weekend, Ben Noordhuis has decided to step away from Node.js and libuv, and is no longer acting as a core committer.

Ben has done a tremendous amount of great work in the past. We're sad to lose the benefit of his continued hard work and expertise, and extremely grateful for what he has added to Node.js and libuv over the years.

Many of you already have expressed your opinion regarding recent drama, and I'd like to ask that you please respect our wishes to let this issue rest, so that we can all focus on the road forward.

Thanks.

Tue, 26 Nov 2013 15:14:59 UTC - Charlie Robbins - npm

We know the availability and overall health of The npm Registry is paramount to everyone using Node.js as well as the larger JavaScript community and those of your using it for some awesome projects and ideas. Between November 4th and November 15th 2013 The npm Registry had several hours of downtime over three distinct time periods:

  1. November 4th -- 16:30 to 15:00 UTC
  2. November 13th -- 15:00 to 19:30 UTC
  3. November 15th -- 15:30 to 18:00 UTC

The root cause of these downtime was insufficient resources: both hardware and human. This is a full post-mortem where we will be look at how npmjs.org works, what went wrong, how we changed the previous architecture of The npm Registry to fix it, as well next steps we are taking to prevent this from happening again.

All of the next steps require additional expenditure from Nodejitsu: both servers and labor. This is why along with this post-mortem we are announcing our crowdfunding campaign: scalenpm.org! Our goal is to raise enough funds so that Nodejitsu can continue to run The npm Registry as a free service for you, the community.

Please take a minute now to donate at https://scalenpm.org!

How does npmjs.org work?

There are two distinct components that make up npmjs.org operated by different people:

  • http://registry.npmjs.org: The main CouchApp (Github: isaacs/npmjs.org) that stores both package tarballs and metadata. It is operated by Nodejitsu since we acquired IrisCouch in May. The primary system administrator is Jason Smith, the current CTO at Nodejitsu, cofounder of IrisCouch, and the System Administrator of registry.npmjs.org since 2011.
  • http://npmjs.org: The npmjs website that you interact with using a web browser. It is a Node.js program (Github: isaacs/npm-www) maintained and operated by Isaac and running on a Joyent Public Cloud SmartMachine.

Here is a high-level summary of the old architecture:

old npm architecture

Diagram 1. Old npm architecture

What went wrong and how was it fixed?

As illustrated above, before November 13th, 2013, npm operated as a single CouchDB server with regular daily backups. We briefly ran a multi-master CouchDB setup after downtime back in August, but after reports that npm login no longer worked correctly we rolled back to a single CouchDB server. On both November 13th and November 15th CouchDB became unresponsive on requests to the /registry database while requests to all other databases (e.g. /public_users) remained responsive. Although the root cause of the CouchDB failures have yet to be determined given that only requests to /registry were slow and/or timed out we suspect it is related to the massive number of attachments stored in the registry.

The incident on November 4th was ultimately resolved by a reboot and resize of the host machine, but when the same symptoms reoccured less than 10 days later additional steps were taken:

  1. The registry was moved to another machine of equal resources to exclude the possibility of a hardware issue.
  2. The registry database itself was compacted.

When neither of these yielded a solution Jason Smith and I decided to move to a multi-master architecture with continuous replication illustrated below:

current npm architecture

Diagram 2. Current npm architecture -- Red-lines denote continuous replication

This should have been the end of our story but unfortunately our supervision logic did not function properly to restart the secondary master on the morning of November 15th. During this time we moved briefly back to a single master architecture. Since then the secondary master has been closely monitored by the entire Nodejitsu operations team to ensure it's continued stability.

What is being done to prevent future incidents?

The public npm registry simply cannot go down. Ever. We gained a lot of operational knowledge about The npm Registry and about CouchDB as a result of these outages. This new knowledge has made clear several steps that we need to take to prevent future downtime:

  1. Always be in multi-master: The multi-master CouchDB architecture we have setup will scale to more than just two CouchDB servers. As npm grows we'll be able to add additional capacity!
  2. Decouple www.npmjs.org and registry.npmjs.org: Right now www.npmjs.org still depends directly on registry.npmjs.org. We are planning to add an additional replica to the current npm architecture so that Isaac can more easily service requests to www.npmjs.org. That means it won't go down if the registry goes down.
  3. Always have a spare replica: We need have a hot spare replica running continuous replication from either to swap out when necessary. This is also important as we need to regularly run compaction on each master since the registry is growing ~10GB per week on disk.
  4. Move attachments out of CouchDB: Work has begun to move the package tarballs out of CouchDB and into Joyent's Manta service. Additionally, MaxCDN has generously offered to provide CDN services for npm, once the tarballs are moved out of the registry database. This will help improve delivery speed, while dramatically reducing the file system I/O load on the CouchDB servers. Work is progressing slowly, because at each stage in the plan, we are making sure that current replication users are minimally impacted.

When these new infrastructure components are in-place The npm Registry will look like this:

planned npm architecture

Diagram 3. Planned npm architecture -- Red-lines denote continuous replication

You are npm! And we need your help!

The npm Registry has had a 10x year. In November 2012 there were 13.5 million downloads. In October 2013 there were 114.6 million package downloads. We're honored to have been a part of sustaining this growth for the community and we want to see it continue to grow to a billion package downloads a month and beyond.

But we need your help! All of these necessary improvements require more servers, more time from Nodejitsu staff and an overall increase to what we spend maintaining the public npm registry as a free service for the Node.js community.

Please take a minute now to donate at https://scalenpm.org!

← Page 5

Page 7 →