Missed the AMA? You can still connect with Mathias Bynens and ask questions on their Hashnode profile
I’ll give you an example. V8 used to have a compilation pipeline called Crankshaft. For technical reasons, it didn’t do a great job of optimizing any code within
catch blocks. This implementation detail caused some well-meaning developers to avoid
catch altogether in their code “because otherwise it would be slow”, and instead work around the lack of proper error handling in complicated ways. Last year we shipped a new pipeline with TurboFan, our new optimizing compiler.
catch can now be optimized in V8. All those hacky workarounds are now moot.
By default, features that can be implemented in what the committee calls “userland code” don’t have a strong case to be included in the language. Exceptions can be made when implementing the feature natively would yield significant benefits compared to what’s possible in userland code:
- deep platform integration (e.g. Promises)
- performance or efficiency benefits in terms of load time, run time, or memory usage (e.g. RegExp Unicode property escapes,
- some features are impossible to implement in userland (e.g.
So far, this has always been discussed on a per-proposal basis. Bradley Farias and Daniel Ehrenberg are currently leading an effort to codify the TC39 committee’s goals on new proposals in general, which would help answer future-facing questions such as “should new library features be in built-in modules?”.
What is your favourite emoji?
Would you rather fight 1 horse-sized duck or 100 duck-sized horses?
On January 1st, 2018, I embarked upon a spontaneous three-hour horse ride that changed everything. My white-maned friend’s name was Burro, and he took me on a wonderful tour through the beautiful Ibagué country fields. I had never ridden a horse before, and had such a good experience! It’s an afternoon I’ll never forget.
That night, I vowed to never fight Burro, or any other horse — especially not when they’re duck-sized.
I’m sorry, horse-sized duck. You’re going down.
The V8 engine is one of the most beautiful pieces of software out there, thanks for making our life easier through it.
I have two questions:
How to get started with compiler design, I've never had the chance to venture into that side of programming.
Do you think JavsScript can be perceived as a compiled language and not an interpreted language? JIT (just-in-time compiler) makes code optimizations (also create compiled versions); interpreted languages can't usually do that.
Stanford Engineering’s CS1 course on compilers is available online. I haven’t looked at it myself but have heard good things about it.
Array method, can sometimes end up causing breakage on websites (often in weird an unexpected ways). As a browser engineer, Breaking the Web is the worst thing that can happen.
What's the best and worst part about being at Google?
What are the basic security measures you would take if you were starting a new project in 2018?
The cool thing about web app security basics is that they don’t really change over time.
For web app security specifically, I’ll say the following.
Sanitize content in different HTML contexts to avoid XSS. Apply defense-in-depth, and use CSP as an additional layer of security. Use SRI if you load resources from a CDN. Check your server configuration, and make sure you serve each resource with the correct MIME type and headers to disable MIME sniffing where applicable. Avoid cookies, and if you must use them, consider applying the
SameSite flag. Never trust any data that you do not fully control (e.g. user input, data fetched from a third party, request header values, etc.). Train yourself to have a security mindset: always assume the worst.
IMHO the best (and most fun!) way to learn about all this, is to try and exploit these bugs yourself. There are perfectly legal ways of doing so.
I used to play a lot of Security CTFs with my friends from KUL (team Hacknam Style 4 lyfe!). These are online competitions where you get access to similar hacking challenges. Every level contains some kind of vulnerability, and exploiting it gives you access to a secret “flag” you can then submit to score points.
With every single CTF I played, I learned something new. I ended up starting a project to collect my (and later, other people’s) write-ups along with the original challenges. Here are some example write-ups for web challenges:
Have you, as a coder, explored Blockchain technologies? Have you written any smart contracts?
If no, do you intend to invest your time learning and explore more?
Hi Mathias, What measures do you take to improve the performance of your app?
That’s a very broad question! There’s lots of different aspects to “performance”. In my day-to-day work, I mostly focus on load-time performance. The best advice I can give there is to ship less code :)
Invest time in setting up a robust build pipeline. Consider using a tool like webpack or rollup to minimize the size of your generated JS and CSS bundles. If you transpile JS, use
babel-preset-env to avoid over-transpiling — this helps with both load-time and run-time performance.
Rendering performance is another important aspect.
I recommend the Web Fundamentals performance guide.
Hi Mathias, do you see web assembly as a threat for V8?
Good standards take time.
1) Writing a good feature proposal is hard. The best new proposals describe a clear use case and discuss multiple possible solutions with their pros/cons. Even just doing the research and putting together such a document be very time-consuming. Later, the proposal also needs formal spec text, Test262 tests, and eventually JS engine and browser implementations. Oh, and ideally there’s a transpiler plugin too. For some TC39 proposals, most of this work is driven by a single person.
2) New functionalities must be formally proposed (or “championed”) at TC39 meetings. There is a staging process, ranging from Stage 0 (the “hey, I’ve got an idea” stage) to Stage 4 (the proposal is shipping and merged into the spec), and each stage advancement requires committee consensus.
3) That’s right! TC39 operates by consensus, meaning anyone on the committee can single-handedly block a proposal from advancing or making it into the spec. This is great, as it sometimes prevents the committee from making mistakes that can’t be undone later, but it can also result in delays.
Which new ECMAScript language proposal are you most excited about? Why?
Do I have to pick one? In that case:
I’m also excited about the upcoming class features. Any proposal that meaningfully expands existing functionality in the language is A-okay in my book.
Hi Mathias, what is your opinion on the Apple's software quality in the last couple years? From time to time I'm getting very angry about bugs and security flaws in macOS. Do you have similar feelings?
How can we get more (non-corp-affiliated) contributors involved in v8 work, and expand the community of owners and reviewers? This seems important both due to the multiple important/popular v8 embedders not owned by Google, and to keep interest and ideas flowing in.
I agree this is an important topic.
One of the things I’ve been working on since joining the team is creating or updating our documentation to reflect our best development processes. There’s a technical side to this, of course, but the non-technical aspects are much harder to communicate.
A small example: at Google, there’s a culture of pinging unresponsive reviewers after a few days. It’s how we roll! However, this is not documented anywhere, and new external contributors might not feel comfortable repeatedly asking for reviews. Review latency can be frustrating and reduce development velocity. We are specifically working on this issue within V8’s coding culture. There’s definitely room for improvement, and I’d love to hear your thoughts on this as well.
It makes me happy to see we’re receiving an increasing number of patches from external contributors, including Igalia, Groupon, and individual contributors like Peter Wong, Kevin Gibbons, Choongwoo Han, Taketoshi Aono, Ben Coe, and others.
Will TC39 have Observables?
Hi Mathias, Could you explain about the difference between Agnular, typescript, react, node? In total, what is mean stack , or mern stack?
Hi Mathias, Where can a person find the ECMAScript specification explained in a simple manner?
What is your setup?
- Computer specs
- Software you use for a regular day
I use a MacBook Pro most of the time.
As for software: I spend most of my time in a browser (Chrome) or a terminal (dotfiles). I consider websites and especially PWAs to be software as well, so here are some tabs I have open most of the time: Gmail, Google Calendar, IRCCloud, Google Docs, GitHub, Twitter.
Why did you part away from Opera and what are the key takeaways?
It depends on the web app.
In general, IMHO progressive enhancement makes a lot of sense.