|
| 1 | +# Node.js Single-Executable OpenJS Mini-summit 2022-10-01 |
| 2 | + |
| 3 | +## Present |
| 4 | + |
| 5 | +* Michael Dawson @mhdawson |
| 6 | +* Darshan Sen @RaisinTen |
| 7 | +* Juan Cruz Viotti @jviotti |
| 8 | +* Claudio Wunder @ovflowd |
| 9 | +* Ruy Adorno @ruyadorno |
| 10 | +* Orta Therox @orta |
| 11 | +* Tierney Cyren @bnb |
| 12 | +* Tony Gorez @tony-go |
| 13 | +* Anton Whalley @No9 |
| 14 | +* Waleed Ashraf @WaleedAshraf |
| 15 | + |
| 16 | +## Notes |
| 17 | + |
| 18 | +- There is general agreement that we want to try as hard as possible to make |
| 19 | + SEAs truly "single executable" without additional resources |
| 20 | +- There is agreement that we don't want Node.js to support a single specific |
| 21 | + blessed VFS. Instead, Node.js should aim to provide the necessary hooks for |
| 22 | + supporting arbitrary VFS implementations |
| 23 | +- Teaching Node.js how to transparently work with a VFS on `fs`, `require`, |
| 24 | + `import` and `child_process` is non-trivial. We agreed that we do not want |
| 25 | + implementations to continue monkey-patching these modules and that |
| 26 | + monkey-patching will not work with ESM at all |
| 27 | +- Exposing hooking capabilities is a complex problem. While we agree that a VFS |
| 28 | + is essential for supporting dynamic requires, read operations, etc we believe |
| 29 | + that there is a significant number of Node.js CLIs that might not need this |
| 30 | +- Therefore, we can explore delivering an MVP without a VFS while we continue |
| 31 | + thinking about how we'll do VFS properly |
| 32 | +- This MVP would assume that apps are bundled into a single JavaScript file |
| 33 | + before injection |
| 34 | +- Node.js core would take a small patch to detect a single file embedded as a |
| 35 | + section and jump to it if found |
| 36 | +- In the interest of making Node.js binaries smaller without operating custom |
| 37 | + Node.js builds, we will move the ICU data into a new section, so it can be |
| 38 | + replaced by the ICU "small" data (or removed?) if needed post-compilation |
| 39 | + rather than at build-time |
| 40 | +- We expect that distributing Node.js injected binaries to user computers will |
| 41 | + come with challenges we want to solve in advance. For example, Windows PE |
| 42 | + binaries including plain JavaScript tend to be flagged by AntiViruses as |
| 43 | + trojans. We will start maintaining a list of these challenges and then try to |
| 44 | + figure out how to incrementally solve them. |
| 45 | + |
| 46 | +## Action Items |
| 47 | + |
| 48 | +- Send patch to https://github.com/nodejs/node to detect and jump to a section |
| 49 | + containing a single JavaScript file if found |
| 50 | + (https://github.com/nodejs/single-executable/issues/47) |
| 51 | +- Collect a list of potential problems we would face when distributing Node.js |
| 52 | + injected binaries to user computers across operating systems |
| 53 | + (https://github.com/nodejs/single-executable/issues/46) |
| 54 | +- Split Node.js ICU data into its own section (so we can fiddle with it with |
| 55 | + Postject) (https://github.com/nodejs/single-executable/issues/48) |
| 56 | +- @No9 to connect us with IBM AIX folks to understand the need for SEAs on AIX |
| 57 | + (and potential XCOFF help?) |
| 58 | +- Start working on a proper "SEA" CLI MVP that can bundle and inject simple |
| 59 | + Node.js applications (https://github.com/nodejs/single-executable/issues/49) |
| 60 | + |
| 61 | +## Other Ideas |
| 62 | + |
| 63 | +- We could explore splitting different Node.js modules (like `fs`) into |
| 64 | + separate sections to strip them out for applications that do not need them |
| 65 | +- We could explore a different mechanism for loading native add-ons in order to |
| 66 | + embed them into the executable itself. For example, marking the corresponding |
| 67 | + sections as readable + executable and doing a long jump to the instructions |
| 68 | + corresponding to the add-ons instead of using `dlopen`, etc |
0 commit comments