jovidecroock.com
Jovi 🐨
@jovidecroock.com
1.1K followers 210 following 660 posts
🇧🇪 | he/him | Software Engineer @Shopify | @preactjs.com core maintainer | AI slop fixer | passionate about DX & web perf | opinions are my own
Posts Media Videos Starter Packs
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 1d
That's fair, I hope AI is able to provide the right answers then in that case
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 1d
I am saying this looking from my GraphQL/Preact bubble
1
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 1d
Anyone know a way to see overall open-source engagement within i.e. a programming language or a GitHub topic? I've been curious as it looks like engagement has dropped (PR/issue creation) while usage has gone up
1 2
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 2d
It would work yes, the easiest way would be to do `render(null, root); render(newComponent, root)` as that would ensure that you aren't updating the previous state
2
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 7d
Gotta game the system if your default bundle is a chonker 😅
4
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 7d
Signals change the paradigm from, rerender where you create state to rerender where you use state.

It requires a different mindset but ultimately these are free performance gains
1 1 8
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 9d
Getting OAuth to work in CF is a bit challenging, I documented what I had to do at github.com/bluesky-soci...

Consuming jetstream would probably be done through a durable object which could get costly I think. Maybe their containers solution is better for this
OAuth client in CloudFlare environments · Issue #3292 · bluesky-social/atproto
Describe the bug There's a few issues with implementing the OAuth client in environments like CloudFlare and other WinterCG environments. I have been able to circumvent these myself with a few tric...
github.com
2
Reposted by Jovi 🐨
danabra.mov
dan @danabra.mov · 9d
i think migrating away from Vercel hosting is a solid idea. i moved my Next.js blog to Cloudflare (for free) and have been very happy with that

with Next.js 16+ committing to deployment adapters (and Vercel adapter using the same API), we should hold their feet to the fire on the ease of migration
7 15 180
Reposted by Jovi 🐨
bell.bz
Andy Bell @bell.bz · 9d
There’s never been a better time to switch from Next.js to Astro nitter.net/rauchg/statu...
nitter.net
9 31 150
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 18d
Not sure what's been happening to the NPM downloads of Preact but we've been going parabolic these past few weeks. I know that downloads don't indicate much but always fun to look at a project you've been working on for 7 years gain popularity

npmtrends.com/@angular/cor...
A chart showing 4 lines, these represent npm libraries and their downloads. We can see at the bottom angular core have a steady 4m weekly downloads over the last year, then going up we see vue/runtime-dom evolving from 4 million to the current 6million. Going even more up we see the vue library (vue 2) going from 6Million to 8Million and dropping back to 7Million. At the top we see the Preact library starting the year around 6M and then now at the end going parabolic to 10million weekly downloads
4 2 18
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 19d
Seeing the impact of my performance efforts in the wild really makes my day github.com/captbaritone...
Upgrade graphql-js for better visit perf by captbaritone · Pull Request #194 · captbaritone/grats
https://github.com/graphql/graphql-js/releases/tag/v16.11.0 graphql/graphql-js#4312 Validated by running our benchmark with 10,000 types: Before Grats completed in: 9.090s Grats completed in: 8.969...
github.com
1 15
Reposted by Jovi 🐨
jviide.iki.fi
Joachim Viide @jviide.iki.fi · 21d
This was a very good read. It's also a good reminder to check our own NPM access token pages and maybe delete old lingering tokens.
The npmjs.com Access Token page. The user dropdown menu is open, with the "Access Tokens" link highlighted.
1 2 5
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 26d
I mean, I don’t think that solves a lot. I use AI myself, and I genuinely think using AI isn’t a bad thing _but_ if you just submit stuff that you prompt without reading it… yeah nah
1
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 26d
I've really had it with AI generated issues and tests, most can't even take the time to read that their test is actually asserting anything. I've just received a PR that asserted nothing - assert(true).tobe(false) - and didn't bother to look at how our tests are structured... OSS being great lately
1 11
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 26d
Gql.tada in the wild, love to hear it 🎉
1 3
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 27d
Growing as a person means using signals... I don’t make the rules @ryansolid.bsky.social does
1 1 15
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 27d
Also, I have never stopped to say that I love what you're doing for the client-side GraphQL space. Apollo-Client is the most used one out there, thank you for continuously improving it. Pioneering features and superseding the spec, akin to Relay will do a lot for the community.
1 3
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 27d
This is the parser you can use github.com/0no-co/graph...
feat: add support for fragment arguments by JoviDeCroock · Pull Request #23 · 0no-co/graphql.web
Summary This adds support for fragment-arguments as described in graphql/graphql-spec#1081
github.com
1
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 27d
Generally though, this spec should advance at some stage. It's implemented in GraphQL v17 but I might be doing something wrong in terms of how to push it, I am a bit unsure on all of that.
1 1
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 27d
Do you want to talk this through, I have a transformation that I use for my personal projects. The transformation basically changes all FragmentSpreads to InlineFragments to compile out the fragment-arguments.
2
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 27d
Oh gotcha, sounded like something new was coming instead of Fragment Arguments. I have updated the specification to remove all merge conflicts but at this point it's implemented and everything so it will be a time thing to implement it in GraphiQL and get TSC approval.
2
Reposted by Jovi 🐨
marvinh.dev
Marvin Hagemeister @marvinh.dev · 28d
The missing link in JavaScript tooling

Some thoughts on the fractured nature of our tools how we could unify them all. I feel like this would remove many barriers framework devs run into.

marvinh.dev/blog/unifyin...
The missing link in JavaScript tools
Templates, CSS imports and other non-standard enhancements to JavaScript are crucial for many projects. In spite of that each of our tools requires their own plugin to make this work. What if we had a...
marvinh.dev
4 6 45
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 28d
Signals transform the paradigm from, re-calculate where you create state to re-calculate where you access state.
2
jovidecroock.com
Jovi 🐨 @jovidecroock.com · 29d
Can we collectively agree, and maybe point out, that this is not okay... If a code gets compromised then for that short time window it should be able to do none or limited damage.

Anyone with good contacts at npm?
jviide.iki.fi
Joachim Viide @jviide.iki.fi · 29d
FWIW, reported this to them via HackerOne yesterday. Got a prompt response back that this is a known low risk issue and that they don't consider this to present a significant security risk.
1 4
Reposted by Jovi 🐨
jviide.iki.fi
Joachim Viide @jviide.iki.fi · 29d
Seems that NPM too allows TOTP reuse within the time-step window. Seen a similar issue in multiple services over the years.

Per RFC 6238, a TOTP (Time-based One-Time Password) should be single-use. Allowing reuse, even within the short-ish time window, is not ideal (shoulder surfing, phishing etc.)
1 2 7