Sign in with Twitter

Username:

Working at GoDaddy on JS stuff; TC39; Node Collaborator. Thoughts are my own. He/him.

404 Following   2,034 Followers   17,886 Tweets

Joined Twitter 7/7/08


@buildsghost https://t.co/XylncIqBl7 @sebinsua https://t.co/Ic1QjTVG9O @timkevinoxley https://t.co/ZGtbeFuRgJ @JackMcCloy https://t.co/ewMU90cT6P @fed135 https://t.co/bpIXEujXqo @Fishrock123 https://t.co/GytpjfzQ5x @davidlymanning Ouches @davidlymanning https://t.co/HTtq3dnYxSWhat are some cursed but reasonable ESLint rule ideas?Anyone know if readonly string views are being looked at for WASM without doing a copy operation? I don't see anyth… https://t.co/Whpr7Trw3T
7/7
2020
@davatron5000 So many things are not usable when they finish rendering these days too @matteocollina problems would abound from overuse though since things like DOM like to put everything on prototypes @matteocollina probably wouldn't ever need to do this kind of language extension for . property access, can always… https://t.co/7dLY9TFhZ3 @matteocollina `object[own k]` :-/ not pleasant but seems... ok-ish? @matteocollina This would be better than home spun solutions since basically every dynamic property access that can… https://t.co/AIn84mvYBQ @matteocollina Also, if the list of keys passed to lodash are known they would be able to actually be checked for p… https://t.co/AJ3bxtLU38 @matteocollina One thing I really want to see is for dependents to be filtered properly, things like --disable-prot… https://t.co/ljTrYr4Z4u @matteocollina If you do dynamic unbounded property access you probably want a null prototype on the object with th… https://t.co/VD50ZTW5Xe @matteocollina Auditing JS is HARD when dynamic property access is involved. https://t.co/z2OZrvzDv5 @matteocollina The attack is abusing the libraries doing dynamic property access that people are doing in conjuncti… https://t.co/KRblBJnjF0 @matteocollina I'm confused, the problem is *any* way to create objects with various taintable keys (__proto__, con… https://t.co/FwU9sM78ZQ @matteocollina But thats not a bug with JSON.parse? @matteocollina It doesn't currently pollute crawl/modify prototypes, what is the problem currently with it?
7/6
2020
Rebased a PR to make Node policy files less of a startup hit and it is much better than when I first made the PR th… https://t.co/oTHYpoqszgFor today's stream, I made a tiny engine called TwitchMonkey -> https://t.co/RCjw3AG96m This will help us talk abo… https://t.co/dF3r1SQkde
Retweeted by Bradley Fariasis it possible to make a Typescript plugin that alters the global scope? Not a definition file. I have a .json file… https://t.co/h5If4eXNUP @getify There are weekly calls for interested parties as well on the TC39 calendar @_robotlolita Also math: You know how to get to these of there 2 unrelated places A and B already. Me: I don't know… https://t.co/7rSgML2JJ8
7/3
2020
@wycats I'd agree, and think ahead of time/static tooling will only become more necessary outside of bundling to ha… https://t.co/pEiOiQJaZu @aredridel @jackie_cs_ You don't even get the "open" event when it does drop down :-/ which can lead to fun things… https://t.co/zDrlYEqAt9You can avoid the HTTP waterfall of ESM in via a variety of ways, *lots* of preloads is a good start. With newer of… https://t.co/BNMjkm5Y1JSpreadsheets weren't useful enough. https://t.co/HzuKAR37iE @evanplaice @thom_is_coding We found ya.Terrible ideas July: water socks; literally socks filled with water. A bladder of discomfort around your feat leavi… https://t.co/FXZ6shuyOwTerrible ideas July: nacho cheese ice cream.
7/2
2020
@bitandbang google chat @robotlolita gross, who did that @robotlolita really not trusting `null` are we?Best test for a null/undefinedish value? Wrong answers only. @RReverser I'm surprised at how little frozen stuff is supported in a lot of tools @RReverser XD still can add new fields to the class @davidlymanning @RReverser I actively don't want final ;p the class is still extensible, you just can't change what… https://t.co/wW805bo1th @RReverser that has a variety of side-effects though I'd have to account for (fn.prototype is writable / callable f… https://t.co/K8nHvI7L0ZIn a typescript definition file, can you mark a class' prototype as ReadOnly somehow??? To handle: class F {}; Obj… https://t.co/00ZBLGhYEp
7/1
2020
@rickbutton I saw it in a crawl as my source map parser blew up since I used JSON.parse @rickbutton Yes, but the same inverted logic could be stated about *any* JSON payload, not just source maps which is... weird. @matteocollina @v8js Guaranteed eval semantics --, usefulness++ @rickbutton Fun enough that it also poisons the safe JSON.parse @rickbutton It's a roundabout way to poison people using eval not make source maps safer @rickbutton Like... Who would even recommend doing this / why? @rickbutton XSS is an issue... so... make invalid JSON so that your previously valid JSON cannot be consumed normal… https://t.co/DUdMgQKpMz @rickbutton Well prevention of XSS is sane, doing it as a poisoning of the valid JSON so it cannot be consumed is e… https://t.co/I4ywTYExbJ @buildsghost If you pass JSON into eval() yes, don't load random resources off remote systems either (stares at var… https://t.co/K5lvCY9zYy> Thus when delivering source maps over HTTP, servers may prepend a line starting with the string “)]}'” to the sou… https://t.co/8i4QNRGMBr
6/30
2020
@devsnek me with multiple files using same variable names https://t.co/KhkjsltkQI @rektide I was curious since we brought up the oddity of aliases not being identifiers in https://t.co/eczfljyuDv @rektide is there a typo hereHey folks! Trying something new for this episode of Compiler Compiler. I made a zine -> https://t.co/atGq8nylHd Le… https://t.co/siIJVyfDHW
Retweeted by Bradley FariasStream starting in 5 min! <cue much internal screaming and stage fright!> See you there! https://t.co/DBXo8CyIMb
Retweeted by Bradley Farias
6/26
2020
@addaleax You can already do this kind of stuff / cloning wasn't safe due to Map/Set/etc.: const dummies = new Wea… https://t.co/FJcA2E3XmBI'm getting used to listening to 2 meetings at once, help.Dive into some fun new activities (literally!) with the next update for #AnimalCrossingNewHorizons, coming 03/07! https://t.co/Ud7y6gmcsh
Retweeted by Bradley FariasHey, white people: Have your parents ever sat down with you and specifically talked to you, at length, about race?… https://t.co/ze8BCA56zU
Retweeted by Bradley FariasYear(s)? after @getify got onto Node about how timers couldn't be primitives in Node https://t.co/dwfdnOKI36 finall… https://t.co/KqY5I1zN28
6/25
2020
@jonathansampson I'm only zooming an element, devicePixelRatio is on the whole frame.CSS zoom and Element.getBoundingClientRect() are not friends, not at all. zoom:1 -> .width === 1280 zoom:2 -> .wid… https://t.co/65UiFTRnlI @rahul1sethi @bhathos @rauschma Symbols are public (Object.getOwnPropertySymbols), which is why they are not useful… https://t.co/tdDLzYZSBvCOMPILER COMPILER 🤝 BYTECODE Tune in on June 26th for a new episode in our guided tour series… https://t.co/KbVytGHJhv
Retweeted by Bradley FariasAs Texas sees record spikes in new coronavirus cases, Austin and Travis County's accounting for infections is laggi… https://t.co/o3yk49rP6u
Retweeted by Bradley Farias @mcclure111 https://t.co/WqK1Rw2708 @rauschma https://t.co/Fkmru09oBa @rauschma @awbjs You just made me follow up on Private Declarations @awbjs There is a bunch of interesting stuff in this too about how private methods differ from public methods in pl… https://t.co/3agoep717r @dym_sh @rauschma Awkward, https://t.co/vFTMWY8Vim @jaffathecake IPv4 or IPv6? (most of the "easy" CLIs still only show IPv4 links in logs)
6/24
2020
@MylesBorins A goblin has offered to ghost write your auto-biography. @davidmarkclem @dominictarr @jfhbrook @agoric This is part of why people need to be considerate of worker_threads b… https://t.co/A2Fyyi8se1 @davidmarkclem @dominictarr @jfhbrook @agoric Some of web standards participants have claims that only async commun… https://t.co/6US0wOOq2c @davidmarkclem @dominictarr @jfhbrook @agoric Async communication forces API issues, see Agoric/Salesforce issues a… https://t.co/meFsPsodSu @jfhbrook @dominictarr https://t.co/G6pXGUbA6k @davidmarkclem @dominictarr @jfhbrook You can't change all builtin prototypes/Object.prototype et al aren't configu… https://t.co/kCz3WWWhhD @dominictarr @jfhbrook Kind of, it catches references, but not things like [].constructor
6/23
2020
@matteocollina @mikeal @MylesBorins @IamStan So, I think more people need to convince web standards that *something… https://t.co/ZR35EElb8D @matteocollina @mikeal @MylesBorins @IamStan I think they will be hard to get through given Web standards are no lo… https://t.co/ZwTuqQMJzE @matteocollina @mikeal @MylesBorins @IamStan Tons of things going on about complexity for web to decouple the modul… https://t.co/RnAG4UkUJh @matteocollina @mikeal @MylesBorins @IamStan Lack of familiarity isn't really an innovation blocker to me. Repeated… https://t.co/sK6grK4RUz @matteocollina @mikeal @MylesBorins @IamStan I agree that it is very different from CJS just using Object GC seman… https://t.co/cDIqctQS8u @matteocollina @mikeal @MylesBorins @IamStan Spin up a Worker if you want to import and then GC stuff. Or use non-m… https://t.co/UqFFWTWW1I @matteocollina @mikeal @MylesBorins @IamStan In theory V8 could add a GC hook to all the script/module stuff that i… https://t.co/Ho379fnTdB @matteocollina @mikeal @MylesBorins @IamStan vm.* won't let it GC, even if the module cannot be directly referenced… https://t.co/vMZUNcvXV9 @matteocollina @mikeal @MylesBorins @IamStan This is the nature of V8 / the expectation once linked that a Module h… https://t.co/16dpK4M9EH @mikeal @MylesBorins @IamStan Well, that's not entirely true... you can hot reload, you just will leak memory. @mikeal @MylesBorins @IamStan Also yes; on a personal level, I would recommend people keep using tooling and target… https://t.co/pmOEuCb5WD @mikeal @MylesBorins @IamStan Interacting with all the faux modules using real ESM has consistently proven to be ha… https://t.co/aeAtGiTO3hIf you conflate "takes an ambivalent stance on racism" with "has not taken action on racism", you're going to be in… https://t.co/tPloXnFSXh
Retweeted by Bradley Farias @mikeal Break all the web! @mikeal If we used co-routines instead of an event loop as our model of concurrency this would be less of an issue. @mikeal It also would require a variety of things like synchronously inspecting Promises that are absolutely not de… https://t.co/VK0eMOdObI @mikeal Basically all those operations run in a way that is non-reentrant so you don't have deadlock/nested event l… https://t.co/Wq2hf2f0kr @mikeal ESM that isn't transpiled to faux modules/CJS cannot be loaded synchronously, so no way to require() it.
6/19
2020

0