jimmont · May 21, 2017 09:23
diff --git a/v8-notes.txt b/v8-notes.txt
 authoritative sources:
 https://github.com/nodejs/node/wiki
 https://nodejs.org/en/security/
 https://nodejs.org/
 https://nodejs.org/en/docs/
 TODO (arguably) the wiki could use more material currently spread across the internet

 injection/input escaping:
 TODO what are the modules/strategies necessary for managing input that moves through the application

 arguments/argv:
 I prefer process.argv.forEach over packages, using the specific pattern --name=value
 this doesn't make sense for certain types of product/end-user

 debugging:
 1) node --inspect app.js --argvname=argvvalue // see argv comment
   npm run debug -- --argvname=argvvalue
 2) open chrome url chrome://inspect/ and click the link "Open dedicated DevTools for Node"
   - 2017 May (Chrome changes regularly)	

 deployments:
 convention has just 3 environments
 NODE_ENV = development | staging | production

 performance:
 These seem to be the only straightforward points to follow, otherwise profile your code.
 * avoid fn.apply => prefer fn.call (or pass arguments) based on whatever is easy/clear
 * avoid try/catch => eg for iterators (map/filter/forEach...) use it in caller instead;
 	* where needed I'm providing an alternate to use via a flag (in one case user needs to submit and see specifics for each)
 * express's layer and promises appear to trigger a deoptimization (guessing due to try/catching errors, not my work so don't really care to look further)

 memory usage:
 TODO profiling, details ...
	authoritative sources:
	https://github.com/nodejs/node/wiki
	https://nodejs.org/en/security/
	https://nodejs.org/
	https://nodejs.org/en/docs/
	TODO (arguably) the wiki could use more material currently spread across the internet

	injection/input escaping:
	TODO what are the modules/strategies necessary for managing input that moves through the application

	arguments/argv:
	I prefer process.argv.forEach over packages, using the specific pattern --name=value
	this doesn't make sense for certain types of product/end-user

	debugging:
	1) node --inspect app.js --argvname=argvvalue // see argv comment
	npm run debug -- --argvname=argvvalue
	2) open chrome url chrome://inspect/ and click the link "Open dedicated DevTools for Node"
	- 2017 May (Chrome changes regularly)

	deployments:
	convention has just 3 environments
	NODE_ENV = development \| staging \| production

	performance:
	These seem to be the only straightforward points to follow, otherwise profile your code.
	* avoid fn.apply => prefer fn.call (or pass arguments) based on whatever is easy/clear
	* avoid try/catch => eg for iterators (map/filter/forEach...) use it in caller instead;
	* where needed I'm providing an alternate to use via a flag (in one case user needs to submit and see specifics for each)
	* express's layer and promises appear to trigger a deoptimization (guessing due to try/catching errors, not my work so don't really care to look further)

	memory usage:
	TODO profiling, details ...
No results found