Fix travis build

[holgerd77]

This fixes the travis build by updating the Node versions tested and use non-deprecated (safe-buffer) initialization.

[coveralls]

Coverage increased (+1.7%) to 37.838% when pulling cf74009 on fix-travis-build into 88c821f on master.

[fanatid]

Buffer.allocUnsafe(0) ?

[holgerd77]

Thanks.

Sorry, I'm not really aware of the implications, can someone explain? Is this only for nonce?

[axic]

Buffer.from([]) returns an empty buffer. Buffer.allocUnsafe(0) does the same but is faster.

[fanatid]

My intentions mostly was that alloc*(0) is more explicit than .from([])

[holgerd77]

So maybe we should avoid using the unsafe version all together in ethereumjs context, for not risking to leak a private key or stuff like this?@axic ?

Just tested both alloc versions on the console, there was not some noticeable lag on the output, feels like it doesn't really make a difference - at least for one-time operations.

[holgerd77]

Replaced this with alloc, actually feel better with this.

[fanatid]

You did not see the difference, because alloc(0) and allocUnsafe(0) return same.
alloc: https://github.com/nodejs/node/blob/28a0af358ac998f94052199dc62a8140e8a11ac5/lib/buffer.js#L269
allocUnsafe: https://github.com/nodejs/node/blob/28a0af358ac998f94052199dc62a8140e8a11ac5/lib/buffer.js#L278 & https://github.com/nodejs/node/blob/28a0af358ac998f94052199dc62a8140e8a11ac5/lib/buffer.js#L307

[axic]

alloc(0) will be the same since there is 0 bytes to clean after allocation.

[holgerd77]

@fanatid @axic Ok, to sum this up: I've learned a lot and we can leave alloc(0) since it doesn't make a difference both on the security and the speed side? :-)

[axic]

I don't mind which is used, just make sure to update -util and -vm accordingly. -vm only uses alloc, -util uses allocUnsafe also in a combination of allocUnsafe+fill (which should really be just alloc).

[fanatid]

utACK

[axic]

Looks good apart from @fanatid's comment.

[holgerd77]

Done (for all 4 occurrences).

Are there any occasions where to consider the unsafe part of it?

[fanatid]

Are there any occasions where to consider the unsafe part of it?

Yes. unsafe is faster, but allow data to be leaked to another unsafe. https://nodejs.org/api/buffer.html#buffer_what_makes_buffer_allocunsafe_and_buffer_allocunsafeslow_unsafe

[coveralls]

Coverage increased (+1.7%) to 37.838% when pulling 10f5bfb on fix-travis-build into 88c821f on master.

[coveralls]

Coverage increased (+1.7%) to 37.838% when pulling 84991a1 on fix-travis-build into 88c821f on master.