Back to News
8 min read

Node.js Digest #10: Node.js 22, Vercel and Edge, Stackoverflow is not what it used to be, ESET vs Node.js

Node.js Digest #10 by Oleksandr Zinevych

Hello, community! A new month and a new traditional digest, this time the tenth — a milestone edition 🎉

Key highlights

🔹 Node.js Next 10 Survey — 2024 — a traditional community survey where you can share your experience working with Node.js. There are only 21 questions, so when you have a few minutes — be sure to fill it out.

🔹 Bun v1.1.7 — a new version of one of the most discussed JavaScript runtimes. As with previous versions, the update includes bug fixes, improved Node.js compatibility, and more.

🔹 Express v5.0 will be released soon, and in the meantime you can check out what still needs to be finished.

🔹 TypeScript v5.5 beta — you can already try the new version of TypeScript, which promises many interesting updates.

🔹 EdgeDB has a new website. If you have not heard about this cloud database yet, it is time to check it out 😉

🔹 The updates to Deno v1.43 that have become a tradition in our digest. You can read about all the new features here — they are small but plentiful.

Node.js 22

In April, another update landed with Node.js v22, and while this time it is not a huge release, it contains a number of truly important updates worth discussing:

  • First and very important is the V8 update. This brings support for Set methods and iterator helpers, as well as updates to the JIT compiler.
  • In version 22, another step was taken toward enabling require(esm) out of the box, and I am eagerly waiting for this to finally happen 🙂.
  • The experimental node --run [script] command, which is significantly faster than npm run smth.
  • Node --watch is now stable, as is the WebSocket implementation.

More details can be found here.

Node.js collaboration summit

Contributors and community members regularly gather at informal conferences of sorts, where they discuss the future of the platform, share thoughts and ideas, and brainstorm about where to go next. On the official Node.js blog, you can check out the details of what was discussed at the summit. Among the main topics:

  • new CLI features, such as a new command for quickly launching a file server, as well as a new npm run command;
  • naturally, the topic of package managers and Corepack came up;
  • they talked about ECMAScript modules and what still needs to be worked on in Node.js Core;
  • they also discussed the so-called Node.js Ambassadors Program, which is essentially an initiative to popularize and educate about Node.js.

You can find all the details on these and other topics from the report directly in the Node.js GitHub in the corresponding pull requests.

How Vercel moved away from Edge

Lee Robinson shared how they moved away from and then fell back in love with Node.js. First of all, it is not immediately clear from his post which Edge is being discussed, especially for those who have not worked with Vercel. The Vercel platform provides a bunch of services and tools with the "Edge" prefix — among them, they have something like an AWS Lambda equivalent called Vercel Functions.

When using this service, you also have the option to choose a runtime, such as Go, Python, Ruby, Node.js, or Edge. The Edge option was supposed to be a good choice if you need your code to execute as close to the client as possible, with critically important and great performance along with smart cost management. Sounds logical, right?

But it turns out, not quite — because the startup time, and in some cases the cost of running Vercel Functions with Node.js (from version 20), is actually better than with the specialized Edge runtime.

Vercel leaves it up to users to choose which runtime to use in their application, but the lesson is simple — trust, but sometimes verify 🙂

ESET vs Node.js

Those readers who use the ESET antivirus on Windows may have recently experienced how one of the latest antivirus updates essentially made it impossible to communicate with services written in Node.js that use HTTPS. All because of the HTTPS traffic scanner for Node.js.

For many users, disabling this specific feature allowed them to continue working. You can read more about the problem itself and how the discussion developed here. This post from an administrator is somewhat amusing:

When a bunch of users started describing their problems at scale — affecting both servers and end users, and consequently causing significant losses — nobody mentioned this "feature" anymore, and they asked the developers to fix everything. As of now, the corresponding fix should have reached its users.

Bun is going to take over the world

Jarred Sumner shared his plans about Bun's main priorities for the near future on the X platform. Traditionally, the main goal is to be a better and more popular runtime than Node.js. As of now, this goal is not very achievable due to Bun's youth.

But Jarred outlined that their main focus in the near term will be on solving problems that arise for companies already using Bun in production, or for companies that are blocked and cannot use Bun due to certain environment issues. All we can do is wish the team success in this long and challenging battle.

Something to read

🔹It has been a while since we had horror stories about cloud services and enormous bills for their use (or non-use 🙂), so here are some new ones.

🔹Not exactly about Node.js, but another horror story, this time from the security segment, about how a single vulnerability can lead to the data of 125 million users being leaked from 900 websites.

🔹I am sure most readers are against reinventing the wheel, but here the hivekit team shares their experience where reinventing the wheel turned out not to be so bad after all.

🔹Have you also wondered, like me sometimes, who actually uses Deno? If so, a new official case study from Slack has been published. There are not many details, but it is worth checking out.

🔹An interesting article about how you can generate a short summary from a podcast. It covers a bit of LLM models, a bit of Node.js, and various other things.

🔹Ryan Dahl decided to explain to the community how the Deno team arrived at JSR and what its advantages are.

🔹If you write or plan to write your own ESM or CJS modules, this article is for you. Liran Tal shares his thoughts on what is important to know about this topic in 2024.

🔹We all know what a conference is, but have you heard the term unconference? Joyee Cheung talks about what she learned from organizing the latest Node.js collaboration summit, which was held in an unconference format.

🔹JavaScript is planning to introduce Signals. Here is a bit more detail about the proposal itself.

🔹Profiling Node.js in Google Chrome in a new way, thanks to a browser update. Worth checking out.

🔹Michael Dawson talks about how to run Node.js on Edge devices: part 1 and part 2.

🔹A bit about why you no longer need the dotenv package.

🔹Liran Tal explains how you should not implement authentication in Express.

Something to watch

🔹If you have not seen it yet, be sure to watch how a JavaScript developer interview should go 🤡

🔹Everyone already knows that microservices architecture is not a silver bullet, but where it makes sense, you need to build it properly. This video covers some of the most popular architectural patterns.

🔹Matteo Collina covers all the new features in Node.js v22.

🔹Is Stackoverflow not what it used to be and slowly dying? In his video, Theo Browne explores what is currently happening with every developer's favorite website 🙂

🔹Let or Const — which is better? Ryan Florence tried to answer this question in his recent talk. Be prepared to disagree with some of his points, but that is exactly why it will be interesting to watch.

🔹Another video from Matteo Collina — this time a masterclass on working with Streams.

🔹Event-Driven or Request/Response architecture — when and which is better? Adam Bellemare answers.

🔹GitHub Copilot has earned its captain's rank.

🔹Local AWS, or how to efficiently build AWS-heavy applications locally using LocalStack.

Library of the month

If you need to write tests for functions that directly make HTTP requests but want to do so in isolation, the nock library is exactly what you need. It overrides the native request APIs and allows you to effectively test areas that have dependencies on other services.