Node Roundup: Node 0.8.27 and 0.10.29, BipIO, Reducto

Alex R. Young





node modules npm

Node Roundup: Node 0.8.27 and 0.10.29, BipIO, Reducto

Posted by Alex R. Young on .

node modules npm

Node Roundup: Node 0.8.27 and 0.10.29, BipIO, Reducto

Posted by Alex R. Young on .

Node 0.8.27 and 0.10.29

You may be surprised to see a Node 0.8 release here, but 0.8.27 and 0.10.29 have been updated to fix an OpenSSL and UTF-8 encoding issue:

Additionally these releases address the fact that V8 UTF-8 encoding would allow unmatched surrogate pairs. That is to say, previously you could construct a valid JavaScript string (which are stored internally as UCS-2), pass it to a Buffer as UTF-8, send and consume that string in another process and it would fail to interpret because the UTF-8 string was invalid.

This breaks backward compatibility for the specific reason that unsanitized strings sent as a text payload for an RFC compliant WebSocket implementation should result in the disconnection of the client. If the client attempts to reconnect and receives another invalid payload it must disconnect again. If there is no logic to handle the reconnection attempts, this may lead to a denial of service attack.

The post includes an example with Buffer, and demonstrates how even if you're not explicitly creating Buffer instances from strings Node might still do it behind the scenes.


BipIO (GitHub: bipio-server / bipio, License: GPLv3) an API platform for consuming and composing APIs based on graph definitions and pipelines. You can run your own server, and there's a closed source web UI that you can sign up to:

If you're familiar with Yahoo Pipes, IFTTT, Zapier, Mulesoft, Cloudwork or Temboo - the concept is a little similar. The server has a small footprint which lets you create and automate an internet of things that matter to you. It can be installed alongside your existing open source app or prototype for out-of-band message transformation, feed aggregation, queuing, social network fanout or whatever you like, even on your Rasberry Pi.

It uses MongoDB and RabbitMQ, and the readme has help for setting it up on a server with Monit.


Reducto (GitHub: michaelleeallen / reducto, License: MIT, npm: reducto) by Michael Allen is configuration framework for Express that aims to simplify the creation of routes for APIs.

The main goal of reducto is to break apart the routing mechanism into smaller, more cohesive components. By reducing your app to just middleware, data transforms, and reusable service calls you end up with a smaller set of code to reason about and thus make your app easier to write and maintain.

You can create routes using JSON files that map middleware, service handlers, data fixtures, and transform functions to routes. It also supports services, which are callable HTTP endpoints. It comes with an example application that shows weather for a given zip code.