The Node.js Update #Week 14 of 2019. 5 April
Below you can find a collection of the most important Node.js updates, tutorials & announcements from this week — curated by RisingStack’s Node.js Developers.
Node v11.13.0 (Current) Released
Changelog:
- crypto: Allow deriving public from private keys
- events: Added a
once
function to useEventEmitter
with promises - tty:
- Added a
hasColors
method toWriteStream
- Added NO_COLOR and FORCE_COLOR support
- v8: Added
v8.getHeapSnapshot
andv8.writeHeapSnapshot
to generate snapshots in the format used by tools such as Chrome DevTools - worker: Added
worker.moveMessagePortToContext
. This enables using MessagePorts in different vm.Contexts, aiding with the isolation that the vm module seeks to provide - C++ API:
AddPromiseHook
is now deprecated. This API was added to fill a use case that is served byasync_hooks
, since that hasPromise
support- Added a
Stop
API to shut down Node.js while it is running
Node v6.17.1 (LTS) Released
Node 6 is due to go End-of-Life on 2019–04–30 — see the Release Schedule.
Notable Changes:
- http: fix error check in Execute()
The request module goes into Maintenance Mode!
The most valuable thing request can do for the JavaScript ecosystem is to go into maintenance mode and stop considering new features or major releases. — Mikeal Rogers
request was one of the first modules added to the npm registry. As npm grew so did dependence on request. Request remains one of the most depended on modules in the registry.
The place request has in the Node.js ecosystem is no longer one of an innovator but of an incumbent.
It’s much harder for new libraries accomplishing similar tasks to gain adoption because of the incumbent position request holds over the ecosystem. It’s also very hard to change request in any meaningful way.
The best thing for these new modules is for request to slowly fade away, eventually becoming just another memory of that legacy stack. Taking the position request has now and leveraging it for a bigger share of the next generation of developers would be a disservice to those developers as it would drive them away from better modules that don’t have the burden of request’s history.
Plan for request to go into maintanence mode:
request
will stop accepting new features.request
will stop considering breaking changes.- The committers that are still active will try to merge fixes in a timely fashion, no promises though.
- Releases will be fully automated, any merge into master will be published. I’ve already built this for some other projects using GitHub Actions.
- We’re going to have to remove inactive collaborators and enforce 2fa, because commit rights will effectively become npm publish rights.
Easily identify problems in Node.js applications with Diagnostic Report
The Diagnostic Report utility was recently brought into the Node.js core to help developers identify almost all scenarios of Node.js application anomalies in production. The scenarios include abnormal termination such as a crash, slow performance, memory leak, high CPU, unexpected errors, incorrect output, and more.
While the report does not pinpoint the exact problem or specific fixes, its content-rich diagnostic data offers vital hints about the issue and accelerates the diagnostic process.
Node.js Event Loop Architecture
The idea of this article is to clarify your notion of Node.js core, how it is implemented and how it works.
Because Node.js is more than just “JavaScript on the server,”. Even more, about 30% of it is C++, and not JS! And we are going to discover here what that C++ part actually does in Node.js.
Node.js Application Security Guide
In this article, we will focus on some of the best practices of Node.js, and how to make your app much more secured. ToC:
- Crypto
- Keeping your dependencies up to date
- HTTP response headers
- Using cookies securely
- Cross-Origin Resource Sharing
- Cross-Site Request Forgery
- Error Handling
- Node.js API Authentication of JWT Tokens
- Tools to check the security risk of open-source dependencies
Automate your Deployment on Heroku
In this blog post, we will be using Heroku to deploy our small Node.js project through Travis CI. The most important thing in the DevOps field is defining the architecture of all the operations as it determines which operations will get execute first and feed as an input to another operation.
As it is quite a small project with only three major tools/services, its architecture is small and straightforward.
Build a real-time chat app with vuejs, socket.IO and Node.js
In this article, I will be showing you how I build a real time chat app with Vue.js, Node.js and Express and Socket.io
Running up Elasticsearch on Amazon Web Service (AWS) with Node.JS
Elasticsearch is a distributed restful search and analytical engine which built on top of Apache Lucene. It’s easy to use, scalable, support full-text search and use document based index rather than table or schema. So it has no transaction, like any other database, no relations, no constrains, and it also schema free.
I have made some Node.js application code which consists of connection to Elasticsearch itself, seeding the data by indexing a dummy data, and search endpoint so we able to search seeded data which indexed while initiate the application.
Trool: a spreadsheet rule engine for NodeJS/TypeScript
Trool is a simple npm library for NodeJS which allows you to create rules for your program in a spreadsheet-style format. Engineering time for businesses can be expensive: you want to keep that to a minimum. The problem is your program may need lots of small updates over time depending on business needs.
It’s a waste of money to call on programmers every time a small change needs to be made. Instead of hard-coding these small changes in your code, why not move them to a spreadsheet, so you or non-engineers on your team can quickly make the changes.
Originally published at community.risingstack.com on April 5, 2019.