Mike MacCana mikemaccana

async/await is just the do-notation of the Promise monad

Mike MacCana just wrote a blog post arguing ES2017's async/await was the best thing to happen with JavaScript. I fully heartedly agree.

In short, one of the (few?) good things about JavaScript used to be how well it handled asynchronous requests. This was mostly thanks to its Scheme-inherited implementation of functions and closures. That, though, was also one of its worst faults, because it led to the "callback hell", an seemingly unavoidable pattern that made highly asynchronous JS code almost unreadable. Many solutions attempted to solve that, but most failed. Promises almost did it, but they failed too. Finally, async/await is here and, combined with Promises, they solve the problem for good. On this post, I'll explain why that is the case and trace a link between promises, async/await, the do-notation and monads.

First, let's illustrate the 3 styles by implementing a function that r

Wow. I've now read the whole book and much of the supporting code. I'm not a fan, and recommend against relying on it. Here's a laundry list of concerns:

The teaching method the book uses is badly flawed. The book's strategy is to start simple and build to complexity, which makes sense if you're teaching algebra but not if you're teaching heart surgery. The result is that each chapter culminates with the implementation of a system that is grievously insecure. Little warning is given of this, apart from allusions to future chapters improving the system. For instance, Chapter 2 closes with a chat system that uses AES-CBC without an authenticator.
The book is full of idiosyncratic recommendations. For instance, AES-CBC requires a padding scheme. There is a standard padding scheme. The book purports to present it, but instead of PKCS7, it presents 80h+00h..00h.
At one point about 1/3rd of the way through the book, it suggests using a SHA256 hash of the plaintext as an authenticator for a message. Thi

	machine:
	node:
	version: 4.2.2

	# From for occasional ELIFECYCLE errors compiling microtime
	# https://discuss.circleci.com/t/using-node-js-4-0-on-circleci/26
	# Modified to use 'pre' rather than 'override' so 'npm install' runs
	# See https://circleci.com/docs/configuration
	dependencies:
	pre:

	-----BEGIN PGP PUBLIC KEY BLOCK-----
	Comment: GPGTools - https://gpgtools.org

	mQINBFXXdIoBEADOBaR80qvse6Ex4mA3KwELDc+9xwe7ZGMie7nBtnz8EYKfAkMi
	fmdyCUr/EY5ncxQ1+q0MZwLTR8HlWC2Ssy737yCb1gCPa0G9IaGKXwKavflUToEd
	7CdYC9prWrSF5lHn6NmCz+qtB+M3lLPRgCJTGv5rMHjKwvONO19NtmCGHf1o9v84
	EnnaRDbnxCEyoqH0+a4tDHAK3YVl12/Wc3Cbvg/d5dUnihtUGnKSfCWhP7gkf4Kq
	WBsaucs4pCxGvbYvY5hIlQzY37KBbDsO9KcddlKYjMvUkKLu2JaulLiIoX6HTPGq
	Am3Y6SEHwf9BV/wiQiBZGCn1B/ByxHH64rwBCbJptAxz+kRln5NfI6HFLXa7Zx/W
	n8pMfx7/z/WxxdIjFcijBZLN6iggD0VL/raHuJfyWsFBtLB3V4MYtntjd1/3DfIx


	Handshake Simulation
	Android 2.3.7 No SNI 2 TLS 1.0 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) No FS 128
	Android 4.0.4 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.1.1 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.2.2 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.3 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.4.2 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Android 5.0.0 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Baidu Jan 2015 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256

	Handshake Simulation
	Android 2.3.7 No SNI 2 TLS 1.0 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) No FS 128
	Android 4.0.4 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.1.1 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.2.2 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.3 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.4.2 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Android 5.0.0 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Baidu Jan 2015 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	BingPreview Jan 2015 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128


	Handshake Simulation
	Android 2.3.7 No SNI 2 TLS 1.0 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) No FS 128
	Android 4.0.4 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.1.1 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.2.2 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.3 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
	Android 4.4.2 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Android 5.0.0 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Baidu Jan 2015 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256

	Just wanted to make sure the IE8 issue isn't a user error:

	Android 2.3.7 No SNI 2 Protocol or cipher suite mismatch Fail3
	Android 4.0.4 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) FS 128
	Android 4.1.1 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) FS 128
	Android 4.2.2 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) FS 128
	Android 4.3 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) FS 128
	Android 4.4.2 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Android 5.0.0 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) FS 128
	Baidu Jan 2015 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) FS 128

	#!/usr/bin/env node
	var log = console.log.bind(console);
	var fs = require('fs'),
	path = require('path'),
	jsonFile = require('jsonfile')

	require('es6-shim');

	var moduleDirs = fs.readdirSync('node_modules').filter(function (file) {
	return fs.statSync(path.join('node_modules', file)).isDirectory();

	var makeObject = function(prototype, properties) {
	var newObject = Object.create(prototype \|\| null) // If no prototype is set, just create a regular object literal (which inherits from null)
	for ( var property in properties ) {
	if ( properties.hasOwnProperty(property) ) {
	newObject[property] = properties[property]
	}
	}
	return newObject
	}