Skip to content

http: improve writeEarlyHints by avoiding for-of loop #59958

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 6, 2025
Merged

http: improve writeEarlyHints by avoiding for-of loop #59958

merged 1 commit into from
Oct 6, 2025

Conversation

haramj
Copy link
Contributor

@haramj haramj commented Sep 21, 2025

This change is based on the "Unsafe array iteration" principle from the Node.js core development guidelines. for-of loops rely on the Symbol.iterator property, which can be modified by userland code, potentially leading to unpredictable or insecure behavior. Using a standard for loop directly accesses the array elements by index, ensuring a more stable and secure execution flow.

Refs: https://github.com/nodejs/node/blob/main/doc/contributing/primordials.md#unsafe-array-iteration

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/http
  • @nodejs/net

@nodejs-github-bot nodejs-github-bot added http Issues or PRs related to the http subsystem. needs-ci PRs that need a full CI run. labels Sep 21, 2025
@haramj haramj force-pushed the haramjeong-patch-250921 branch from 0760cdf to 17e98e7 Compare September 21, 2025 06:10
@haramj haramj changed the title http: Improve writeEarlyHints by avoiding for-of loop http: improve writeEarlyHints by avoiding for-of loop Sep 21, 2025
@codecov Codecov
Copy link

codecov bot commented Sep 21, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.43%. Comparing base (39d7303) to head (17e98e7).
⚠️ Report is 120 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #59958   +/-   ##
=======================================
  Coverage   88.42%   88.43%           
=======================================
  Files         703      703           
  Lines      207399   207401    +2     
  Branches    39986    39992    +6     
=======================================
+ Hits       183397   183410   +13     
- Misses      15989    15990    +1     
+ Partials     8013     8001   -12
Files with missing lines Coverage Δ
lib/_http_server.js 97.31% <100.00%> (-0.08%) ⬇️

... and 46 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@daeyeon daeyeon added request-ci Add this label to start a Jenkins CI on a PR. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. labels Sep 27, 2025
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Sep 27, 2025
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/69393/

gurgunday
gurgunday approved these changes Sep 27, 2025
View reviewed changes
Copy link
Member

@gurgunday gurgunday left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/69410/

@haramj
Copy link
Contributor Author

haramj commented Oct 2, 2025

It looks like the CI run for this PR failed due to a flaky test.
Could you please re-run the CI.

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/69508/

@daeyeon daeyeon added the commit-queue Add this label to land a pull request using GitHub Actions. label Oct 6, 2025
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Oct 6, 2025
@nodejs-github-bot nodejs-github-bot merged commit 5b3c4b3 into nodejs:main Oct 6, 2025
64 of 65 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 5b3c4b3

targos pushed a commit that referenced this pull request Oct 6, 2025
@haramj @targos
http: improve writeEarlyHints by avoiding for-of loop
1b25008 
PR-URL: #59958
Refs: https://github.com/nodejs/node/blob/main/doc/contributing/primordials.md#unsafe-array-iteration
Reviewed-By: Daeyeon Jeong <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
@github-actions github-actions bot mentioned this pull request Oct 7, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@daeyeon daeyeon daeyeon approved these changes

@aduh95 aduh95 aduh95 approved these changes

+1 more reviewer

@gurgunday gurgunday gurgunday approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. http Issues or PRs related to the http subsystem. needs-ci PRs that need a full CI run.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@haramj @nodejs-github-bot @daeyeon @aduh95 @gurgunday