jsr: open-source package registry for javascript

what is jsr and why does it exist?

  • a registry that lives alongside npm (the registry), but does not replace it
  • jsr aims for open governance, unlike npm which is now owned by microsoft
    • caveat: currently still owned by deno, but working towards own foundation
  • built-in support by yarn and pnpm, but not npm (the package manager)
  • has the backing of key people involved with npm, node.js, deno, vue.js, vite

cool features

  • supports typescript
  • supports auth without static secrets (oidc tokens)
  • supports artifact provenance when building and releasing in ci
  • serves up .d.ts files and source maps and documentation online

how impls get packages from jsr

  • for npm-compatible clients, point to npm.jsr.io in .npmrc
  • yarn, pnpm, jsr: supported out of the box
  • deno: supported out of the box (gets sources, not tarballs)

future steps

  • allowing import from https in browsers (currently not allowed for cost/infra reasons)

https://jsr.io

wintertc: standards for server-side js runtimes

what is wintercg wintertc?

  • wintertc defines the subset of apis supported by all runtimes
  • the goal is to interoperably expand that subset over time

finding a standards body

  • W3C community groups can’t publish specs, so we need to find a standards body proper
  • invited experts are important because you don’t want to limit collaboration to dues-paying companies
  • ECMA TC55

current work

  • building a wintertc test suite, subset of wpt
    • sometimes need to modify tests to be compatible with the minimum common api
    • want to work upstream. how do we do this without forking the whole wpt suite?
  • decoupling upstream specs from the web platform where possible (e.g. fetch)
    • fetch has a lot of web-specific concerns that don’t apply on server-side
    • there is no current page, cookie jar, cross-site security, atomic redirect handling
    • need to add cookies to the client-facing API, because there’s no cookie jar
    • want to add control over protocol (h1/h2/h3), mTLS, http proxies, CA certificates, etc
    • want to work upstream. how do we do this without forking the whole fetch spec?
  • adding functionality (e.g. streaming data in web crypto)

minimum common api

  • subset of [Exposed=*], which is in turn the subset allowed in any shadow realm
  • typically includes compute-only APIs and generally useful things like async I/O
  • what can wpt authors do to ensure they adhere to the minimum common api?
    • try to write your tests as .any.js, not as .html
    • currently you can check if you are server-side-compatible by landing your tests and checking wpt.fyi
    • they are working on ways to make this easier, such as running wpt tests locally in deno
  • what about the dom? wouldn’t it be useful to manipulate dom trees server-side?
    • this is complicated, because it’s tangled up in things like html parsing

additional conformance levels

  • useful for optional feature sets that we don’t want to mandate across all runtimes
  • for example, a graphics feature set would have WebGPU, OffscreenCanvas, etc

join the meetings!

  • restricted to ecma members and tc55 invited experts for ipr reasons
  • buuuuut they’re trying to make membership as easy as possible

porffor is a new ahead-of-time compiler for javascript

juicy numbers (output size, mean runtime, mean rss)

  • hi_bun 97M 55ms 75MB
  • hi_deno 100M 16ms 31MB
  • hi_porffor 20K <1ms 1.4MB
  • hi_javy 1.3M - - (javy is a js to wasm compiler)
  • hi_porffor_wasm 4.0K - -
  • no benchmark demo for the last two bc wasm is hard to run server-side (for now)
  • no benchmark demo for quickjs, another ahead-of-time compiler?

github canadahonk/porffor

  • porffor is completely written in ts/js, for better or worse

current limitations

  • with is a no-op for now
  • eval is unsupported for now - it’s possible but annoying to impl
  • takes advantage typescript type annotations
  • no gc or fancy allocator - best for short-running use cases like aws lambda

impl challenges

  • things that are inexplicably underspecified, like Date.parse() or Array#sort()
  • runtime code evaulation (as above) - would need to ship a mini engine in output
  • optimising prototypes without breaking shit

warning when opening the file “2025-05-09-this-month-in-servo.md”, that reads “The file is not displayed in the text editor because it is very large (3.73GB).”

this seems a little unrealistic

this month is going to age me a year i swear

shuppy: what do normal people do

ruby: normal people don’t call out to shell scripts from a rust binary, but that ship has already sailed

chromium development in a nutshell

“To update or add a story, 1. Look in The WPR Playbook (Googlers Only)”

love too be shown the Windows™ Welcome Experience™ on my ci runner after updates and occasionally when I sign in to highlight what’s new and suggested

women will literally build a virtual machine orchestration service for github ci before going to therapy

bark. bark bark (@bark) [archived]

oaughhh your clock is too fast. oaaugghh im angry im gonna behave badly. im gonna do wild stuff. oaaguaguauguugg your timing is wrong your routing is bad ouaoiuoiauieuoghh im a silly little fpga

shuppy (@delan) [archived]

shuppy (@delan) [archived]

wehhhhh you can’t compare these types. here are 84 unviable candidate function templates i found instead, do you like that. wraughh i can’t find a matching constructor for your initialiser. steve waauggh i don’t know how to deal with blink gc traceable objects in optionals but telling you what to do instead is simply too hard. im just a smol bean, a silly little toy hobby browser engine project

coming soon: nicer colors when you search for “is” in the first three sentences of the bee movie script

screenshot of google chrome find-in-page today, with the active match in orange and other matches in yellow screenshot of mozilla firefox find-in-page today, with the active match in white on light green and other matches in white on magenta
.chrome::search-text {
    background: #ffff00;
}
.chrome::search-text:current {
    background: #ff9632;
}
.firefox::search-text {
    background: #ef0fff;
    color: white;
}
.firefox::search-text:current {
    background: #38d878;
}
made with @nex3's syntax highlighter

https://groups.google.com/a/chromium.org/g/blink-dev/c/5FS_4mVQBLc

ohh so That is why my builds are so slow

screenshot of task manager with “Sockets: 2”, “Virtual processors: 2”, and servo building very slowly in the background

Sockets: 2

yknow all this web platform work has made my language en-AU-x-color

shuppy (@delan) [archived]

🎨 browsers are user agents 🦾

Browsers as user agents
Empower users to interact with the web on their own terms!
my general process is that every time i am feeling complainthoughts about a website, i think, wait, i could do something about that. — @blep on cohost Why customise the web?
Accessibility (26)
Readability and layout (31)
Automation and user rights (26)
Blocking non-ad content (18)
Bugs and features (18)
Personalisation (11)
Other (2) Tools for customisation
Author tools: styles, scripts, interactivity
User tools: user styling, user scripting, bookmarklets
[cow tools]
User styling: when loading some URL, add custom CSS
User scripting: when loading some URL, run JS in page context
Bookmarklets: when loading bookmark, run JS in page context How we can help
Advocate for user customisation in spec design
Involve customisation tooling devs in the standards process
Help build customisation tooling — existing or new; e.g. better UI for picking and restyling elements, or improve support for user stylesheets (user origin)
Help raise funds for userscript and userstyle repos; userstyles.world, greasyfork.org, openuserjs.org

i did a talk about why being able to customise the web is important, with a focus on userstyles, userscripts, and bookmarklets.

i explore how to make them, why people make them (thanks to your replies!), what we can learn from them, and how we can make them better.

https://www.youtube.com/watch?v=xLFQejlPf6U

#The Cohost Global Feed #web platform #userstyles #userscripts #bookmarklets #browser extensions #accessibility #css
shuppy (@delan) [archived]

pov: you wanna learn about content blocking but there’s a buncha nonsense in the way

slide about content blocking, covered with a cookie consent banner, live chat assistant, and clearly fake nft ad

🎨 browsers are user agents 🦾

Browsers as user agents
Empower users to interact with the web on their own terms!
my general process is that every time i am feeling complainthoughts about a website, i think, wait, i could do something about that. — @blep on cohost Why customise the web?
Accessibility (26)
Readability and layout (31)
Automation and user rights (26)
Blocking non-ad content (18)
Bugs and features (18)
Personalisation (11)
Other (2) Tools for customisation
Author tools: styles, scripts, interactivity
User tools: user styling, user scripting, bookmarklets
[cow tools]
User styling: when loading some URL, add custom CSS
User scripting: when loading some URL, run JS in page context
Bookmarklets: when loading bookmark, run JS in page context How we can help
Advocate for user customisation in spec design
Involve customisation tooling devs in the standards process
Help build customisation tooling — existing or new; e.g. better UI for picking and restyling elements, or improve support for user stylesheets (user origin)
Help raise funds for userscript and userstyle repos; userstyles.world, greasyfork.org, openuserjs.org

i did a talk about why being able to customise the web is important, with a focus on userstyles, userscripts, and bookmarklets.

i explore how to make them, why people make them (thanks to your replies!), what we can learn from them, and how we can make them better.

https://www.youtube.com/watch?v=xLFQejlPf6U

new talk out later this week 👀

title slide for “Customising the web: browsers as user agents”, with my face in the corner and the word “Customising” being changed to comic sans with a faux devtools highlight

i sure love having my meds wear off by the end of each workday. really makes me feel like my day job is the only value of my existence :))))))