Back to News
5 min read

Node.js Digest #1: Node.js Popularity, Edge Functions Gaining Momentum, TypeScript 5.2 Already in Beta

Node.js Digest #1 by Oleksandr Zinevych

Hello everyone, my name is Oleksandr Zinevych, and I work as an Engineering Director (Node.js, Ruby) at Avenga. I'm presenting the first digest with news, interesting and useful content about Node.js.

Not a Month Without Updates

In June, the latest version of Node.js 20 received a significant update that, aside from various minor fixes, also included updates to libuv that improve performance on Linux systems. You can read more about it here.

Additionally, security updates were released for LTS and Current versions of Node.js (16, 18, 20). Most of them relate to OpenSSL and experimental features. You can read more about what these updates fix in the corresponding release notes.

Everything related to security and performance always deserves attention and timely updates. So don't forget to update promptly.

Key Highlights

šŸ”¹ Node.js 19 is done. As of June 1, Node.js v19 reached EOL, meaning there will be no more updates for this version. šŸ”¹ Ecma International approved the ECMAScript 2023 specification. šŸ”¹ Official release of TypeScript 5.1. Improvements for working with JSX, better type handling in getters and setters, and other updates and fixes in this version. šŸ”¹ Meanwhile, TypeScript 5.2 beta is already available. Resource management via using is particularly interesting, and you can read about what else is included in the Microsoft blog.

The Traditional StackOverflow Survey

StackOverflow published the results of their traditional survey. For Node.js, the results are, I'd say, excellent. The technology took first place among web development tools, surpassing even React.js.

And the number of respondents who want to use Node.js next year has also grown, surpassing jQuery šŸ™‚

You can see all the results here.

Nest.js News

This month, Nest.js v10 was released. As usual, it included many fixes and improvements.

In addition, support for the SWC compiler was added, which is written in Rust and should speed up all development-related processes. You can now override modules in tests and subscribe to Redis messages by pattern.

Here you can read about how to migrate from version 9 to 10, but the developers state that there aren't many breaking changes, so the update should go fairly smoothly.

Vulnerability in the npm Ecosystem

A former Staff Engineering Manager at GitHub published a blog post that covered in great detail a security issue present in the npm ecosystem. This vulnerability has been named "manifest confusion" and boils down to the fact that information about dependencies, additional scripts, etc. in the manifest and package.json is stored separately, is never validated for consistency on npm's side, and as a result, can differ.

This means that the package archive may contain additional hidden dependencies and malicious scripts that the developer won't even be aware of.

At the time of writing this digest, it's still unclear how to fix all of this, but you can learn more about this vulnerability here.

What About Edge Functions

Edge Functions are a still-young but already quite popular technology for solving specific tasks. To better understand "which way the wind is blowing," it's interesting to read the survey results from the Deno team (raw results and analysis of the results).

Currently, working with Edge Functions comes with debugging and testing challenges, which is typical for a serverless environment. However, some respondents have already been building their entire applications using Edge Functions due to better performance.

Something to Watch

Erick Wendel gave a presentation about how Node.js works under the hood. Be prepared for reading C code, but it's going to be interesting.

Not sure which ORM to pick and which one is the best? This video will give you the answer (spoiler: it won't). Seriously though, it's a brief review of the most popular ORMs that will definitely be useful if you're uncertain about your ORM choice for your next project.

A bit about Worker threads and how to achieve multithreading in Node.js, presented in a very accessible format.

Of course, the hype around artificial intelligence and ChatGPT hasn't bypassed Node.js either. I recommend watching this video about how you can make ChatGPT call your function written in Node.js.

Something to Read

A great visualization and breakdown of how the Event Loop works.

A breakdown of scaling scenarios for a Node.js application. All characters are fictional, any resemblance is coincidental, but it reflects the real experience of Nate Anderson.

About working with the new Node.js test runner, which, by the way, became stable in version 20.

Library of the Month

This month, the traf library caught my attention. The development team at Lemonade, having several large monorepos, ran into the problem that nx affected doesn't always work correctly, and decided to fix this by developing a library with the appropriate fix.

Essentially, it does the same thing -- it determines which packages are affected by a file change -- but it does it more accurately than nx out of the box. And of course, it can be integrated into nx for further use šŸ™‚