Buffer() without a new keyword is going to be hard-deprecated soon

[ChALkeR]

Refs: nodejs/node#8169, nodejs/node#7152.

Two options here:

• Use the new Buffer API — Buffer.alloc()/Buffer.from()/Buffer.allocUnsafe() (requires a shim for v0.10/v0.12 and older v4.x versions prior to v4.5.0).
• Use new Buffer() for the time being — just add the new keyword everywhere. You should manually check that everything is safe in this case, see the links below for more explanation. That might be hard-deprecated at some later point.

More background:

• https://github.com/ChALkeR/notes/blob/master/Lets-fix-Buffer-API.md
• https://github.com/ChALkeR/notes/blob/master/Buffer-knows-everything.md
• buffer: runtime-deprecate Buffer constructor nodejs/node#7152 (comment)

Quick grep (you should better re-check):

mysql2-1.0.0-rc.9.tgz/examples/pass-sha.js:4:  passwordSha1: Buffer('8bb6118f8fd6935ad0876a3be34a717d32708ffd', 'hex')
mysql2-1.0.0-rc.9.tgz/lib/packets/auth_switch_response.js:8:    data = Buffer(data);
mysql2-1.0.0-rc.9.tgz/lib/packets/handshake_response.js:91:    packet.writeNullTerminatedString(Buffer(this.authToken));
mysql2-1.0.0-rc.9.tgz/lib/packets/packet.js:685:  var res = Buffer(0);
mysql2-1.0.0-rc.9.tgz/test/integration/connection/test-binary-charset-string.js:74:  assert.deepEqual(rows, [{'x\'010203\'': Buffer([1, 2, 3])}]);
mysql2-1.0.0-rc.9.tgz/test/integration/connection/test-binary-charset-string.js:78:  assert.deepEqual(rows2, [{'x\'010203\'': Buffer([1, 2, 3])}]);
mysql2-1.0.0-rc.9.tgz/test/integration/connection/test-binary-charset-string.js:83:  assert.deepEqual(rows4, [{'x\'010203\'': Buffer([1, 2, 3])}]);
mysql2-1.0.0-rc.9.tgz/test/integration/connection/test-binary-charset-string.js:85:  assert.deepEqual(rows5, [{'x\'010203\'': Buffer([1, 2, 3])}]);
mysql2-1.0.0-rc.9.tgz/test/integration/connection/test-buffer-params.js:10:var buf = Buffer([0x80, 0x90, 1, 2, 3, 4, 5, 6, 7, 8, 9, 100, 100, 255, 255]);
mysql2-1.0.0-rc.9.tgz/test/integration/connection/test-connect-sha1.js:45:    passwordSha1: Buffer('8bb6118f8fd6935ad0876a3be34a717d32708ffd', 'hex')
mysql2-1.0.0-rc.9.tgz/test/integration/test-auth-switch.js:53:    var asrmd = new Packets.AuthSwitchRequestMoreData(Buffer('hahaha ' + count));
mysql2-1.0.0-rc.9.tgz/test/integration/test-auth-switch.js:72:    pluginData: Buffer('f\{tU-{K@BhfHt/-4^Z,')

The grep above only includes the lines that call Buffer() without the new keyword, if you choose to move to the new API — you should probably also replace new Buffer(…) calls.

[sidorares]

yep, I saw original safe alloc discussion, thanks for heads up!

[sidorares]

@ChALkeR did you use some custom script or eslint to log this? I'd like to add test rule so that it's not accidentally introduced in the future

[ChALkeR]

@sidorares No, I don't have an eslint rule for that, sorry, and am not aware of any. It would be super-awesome if you would find one, though =).

[ChALkeR]

Status update: the deprecation was landed and will start printing warnings in Node.js 7.0 (e.g. for older versions that didn't receive the patch).

Thanks for the fast reaction, btw! =)