Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
replace new Buffer() with Buffer.from()
See original GitHub issueHi,
there is some buffer usage such as new Buffer().
Using Buffer constructor is unsafe and is redundant.
According to Node.js docs: ref
Developers should migrate all existing uses of the new Buffer() constructors to one of these new APIs.
I could create a PR and replace all new Buffer() with Buffer.from() (including examples and tests)
Issue Analytics
- State:
- Created 6 years ago
- Reactions:1
- Comments:6 (1 by maintainers)
Top Results From Across the Web
Porting to the Buffer.from() / Buffer.alloc() API - Node.js
The Buffer() and new Buffer() constructors are not recommended for use due to security ... For new Buffer(number) , replace it with Buffer.alloc(number)...
Read more >Buffer() is deprecated due to security and usability issues ...
According to the deprecation warning new Buffer() should be replaced with one of: Buffer.alloc(); Buffer.allocUnsafe() or; Buffer.from().
Read more >Understanding the Buffer Deprecation in Node.js 10
There are three methods available to replace the deprecated new Buffer() . These methods should be used anywhere you need to use Buffers...
Read more >Using Buffers in Node.js - DigitalOcean
A buffer is a space in memory (typically RAM) that stores binary data. In Node.js, we can access these spaces of memory with...
Read more >Avoid using Buffer deprecated APIs | CAST Appmarq
Using deprecated Node.js API could lead to security compliancy issues. The Buffer() function and new Buffer() constructor are deprecated due to API usability ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Also, I don’t think you should support Node.js 0.10.16 since we (Node) no longer support it.
In fact, 0.10.x, 0.12.x, 1.x, 2.x, 3.x, 5.x, 7.x are all EoL, 4.x becomes EoL in ~ a month.
To clarify, if you don’t change this then every updated node install will emit a process warning every time ioredis is used (but no code will break)
@shaharmor …