Node.js Digest #13: Farewell Corepack, Make JS Great Again, Node.js Slightly Broke the Internet, Porffor
Node.js Digest #13 by Oleksandr Zinevych
Hey, community! Oleksandr Zinevych here, Engineering Director at Avenga. This time I was down with Covid, so the new digest is coming out a bit later than usual ;)
Key Highlights
🔹 Deno v1.45.5 — if you're a Deno user, take note: a new batch of fixes and improvements is out.
🔹 ESLint v9.9.0 — ESLint now has experimental support for TypeScript configuration files.
🔹 Node.js v22.6.0, v20.16.0 — the usual Node.js updates, which this time apparently don't break anything 🙂
🔹 The best practices for Node.js development by Yoni Goldberg have been updated.
🔹 Bun v1.1.23 — despite the hype around Bun gradually dying down, the team is actively working on new versions and actively hiring new people. The new release traditionally includes many fixes to improve compatibility with Node.js.
🔹 TypeScript 5.6 Beta — for those who have the opportunity, the beta version of the new TypeScript is already available for use. This time the update isn't as massive as the last one, but there are a few interesting things.
🔹 Protobuf-ES 2.0 — has seen the light of day and is ready for use in TypeScript.
Yet Another Survey from StackOverflow
A while back (but we have to mention it) the annual StackOverflow survey results came out. Not as many people participated as one might hope — only 65,437 developers from 180 countries. That's a very small percentage of the total number of StackOverflow users, which is worth keeping in mind when we look at the results.
As always, JavaScript leads among programming languages both among established professionals and those just entering our beloved IT industry.
And Node.js is still competing with React for popularity among web development technologies.
Something interesting and somewhat unexpected for me was the popularity of Full-stack positions among developers, which is higher than Back-end and Front-end combined. Of course, we need to account for the small audience. The results in a larger-scale survey might be different, but the strong desire of clients to hire Full-stack developers is definitely something you can observe in the market today.
And of course, there's been a huge rise in the use of various AI tools — where would we be without them these days. You can check out the full list of results here.
The Corepack Drama
Who would have thought that after raising the question of enabling Corepack as a default setting back in November 2023, we'd arrive at the point where Corepack would be removed entirely from the main Node.js build.
For those not in the loop, Corepack is an experimental Node.js feature that allowed using different package managers without needing to install them. Due to its relative popularity, the question arose about whether to enable it by default and make even npm optional, thereby removing it from the core build.
However, the discussions first led to the conclusion that npm wouldn't be going anywhere. Then they arrived at a roadmap for removing Corepack from the main Node.js build. The corresponding PR that starts this process was still open at the time of writing. It seems that strong negative feedback from the community has slowed down this process somewhat. We'll keep watching for news. And those who use Corepack should start gradually preparing for changes 🙂
A Node.js Update Slightly Broke the Internet
Even in communities as experienced as Node.js, with well-established processes and plenty of safeguards, problems occur that by a combination of circumstances everyone somehow missed and only noticed in production 🙂
A new Node.js release essentially broke all applications using v22.5.0. In the corresponding PR with fixes, the author explained why this happened.
There were two problems: first, in lib/internal/fs/read/context.js, a destructor was used incorrectly, which made the instance unavailable and caused an error.
Second, the use of V8 Fast API in fs.closeSync() caused an error even in NPM itself.
All of this has been fixed in subsequent versions. Let's hope this doesn't happen again (of course it will...).
TypeScript + Node.js = ❤️
As I mentioned in previous digests, the emergence of all these trendy new JavaScript runtimes is first and foremost good for the Node.js community. It provides an opportunity to see what the competitors came up with, how developers reacted, and to implement it in Node.js if there's a corresponding technical capability.
Precisely because TypeScript is supported out of the box by both Deno and Bun, something happened in July that previously would have seemed like fantasy. Node.js added TypeScript support. Of course, this doesn't work as a default setting yet, and to execute a file with a .ts extension you need to use the corresponding flag — --experimental-strip-types.
Overall, this is just the very beginning, and expecting full-fledged support right away was overly optimistic. Here you can check out the roadmap for where this functionality is headed and how it will evolve. I know that few readers work with the latest version of Node.js where this feature is available. So here's a link to a Codesandbox where you can try it out right now.
ECMAScript 2024
Back in June (and I somehow missed it), the new ECMAScript 2024 standard was ratified. Everything stayed pretty much the same as in ES 2023, with just a few new features that were approved over the past year 🙂
There isn't that much new stuff:
⚑ Promise.withResolvers() which in Node still only works behind the --js-promise-withresolvers flag;
⚑ Array grouping, which has been available in Node.js for a while now;
⚑ Atomics.waitAsync, which has been supported in V8 for about 3 years;
⚑ And a few other features you can read about here;
Let's hope that in 2025, ECMAScript will standardize more interesting things.
Porffor — Finally Something Interesting
Not long ago I mentioned LLRT — a runtime from AWS tailored for fast and efficient AWS Lambda execution. Recently, LLRT got a competitor — the experimental project Porffor. And what do you know, the author barely had time to share some details about his creation before the project was funded by a GitHub co-founder. So now it's a full-time job for Oliver Medhurst.
The project is genuinely fascinating. Besides the fact that Porffor compiles everything to WebAssembly, it also uses Ahead Of Time compilation. The resulting build doesn't bundle a bunch of extra tools to make it all run — just native code. Of course, such a tool won't dethrone the king of web development, Node.js, but defunkt wouldn't fund this development without good reason ;) More discussion here.
Make JavaScript Great Again
Probably after reading developers' responses to the State of JavaScript 2024 survey, which I mentioned in the previous digest, the community decided it was time to Make JS Great Again.
As a result, they created the e18e initiative, aimed at fixing existing problems in the JavaScript ecosystem and pulling developers out of a depressive slump. The main goals of the e18e developer community include cleaning up dependencies, improving performance, and
The community looks quite active right now, so if you have some spare time, you can join in to make our beloved JavaScript a place of joy and strength once more.
Something to Read
I personally love reading case studies from large companies. Here you can read about how Stripe scaled their database. There aren't too many details, but it's still interesting.
If you love the game Elden Ring as much as I do, you'll understand the pain of someone who planned a gaming evening but ended up dealing with production issues on one of their services. That's exactly how the story from Zalando begins, about their interesting problem with worker threads.
What to choose: Node.js, Deno, or Bun? Beyond community support and ecosystem size, a few benchmarks never hurt. The results are interesting because it's not marketing strategies and bold claims that win, but real numbers.
Artificial intelligence continues to hype and dive deeper into the development world. The Docker team reflects on generating Dockerfiles using generative AI.
How a bunch of spam packages ruined a good initiative, or a bit about npm security. This time Tea was hit, getting flooded with a massive number of fake npm packages.
The Node.js team shared how they automated the security fix release process to increase the number of fixes per month. Additionally, they've started reviewing experimental Node.js features that have been inactive for a long time or need better support.
A quick refresher on a typical interview question — what causes memory leaks in JavaScript — courtesy of Trevor Indrek Lasn.
The Node.js native Test Runner might seem like something that's only suitable for super simple tasks. But that's not the case. Here you can check out more advanced use cases.
Bun developers are promising to bring cluster support, with incredible performance as always.
Ryan Dahl talks about the mistakes made in the initial design of HTTP imports.
Something to Watch
Antony Shew shares his thoughts on how to properly structure a Monorepo:
Haven't heard about Static Hermes yet? If not, it's definitely worth watching the talk by Neil Dhar about this thing. Just to understand the craziness happening with JS runtimes:
Videos from the NodeTLV conference are also available. Not all talks are in English. Among the English ones, Erick Wendel's talk caught my attention. As did the talk about Proxy by Evytar Alush and about Neo4j by Ariel Shulman.
Additionally, videos from Gitnation TechLeadConf are available:
And JSNation:
Library of the Month
This month I'm sharing a library I fell in love with because of its syntax and the ability to make requests not just in a logical way, but also in the most concise way possible. Meet the Ky library. Under the hood it's the same old fetch, but on top there's a much nicer syntax and various goodies (timeouts, retries, URL prefixes, etc.).
