Node Weekly Issue 586: July 15, 2025

#586 — July 15, 2025

Together with

Node v24.4.0 (Current) Released — You can now use --watch-kill-signal to specify which signal is sent to a process being restarted by Node’s ‘watch mode’; spawn and spawnSync now propagate permission model flags; plus the usual V8 and dependency updates.

Rafael Gonzaga

💡 The Node team has also announced there are new releases of v24.x, 22.x, and 20.x in the next day or two to resolve some security issues, so keep an eye out for those.

Proposal: Shift Node.js to Annual Major Releases — A discussion is currently taking place around whether Node could move to having annual major releases and then reducing the LTS duration of the even-numbered releases from the current 30 months down to 24. Community feedback is encouraged on this thread.

Rafael Gonzaga et al.

Deploy Node in Docker the Right Way — Don’t settle for surface-level tutorials. Learn how containers are built, how to run Node apps properly inside them, and how to use Docker Compose and Kubernetes with confidence.

Frontend Masters sponsor

Announcing TypeScript 5.9 Beta — Perhaps the biggest introduction is support for import defer, but there’s also a new node20 mode which is like nodenext but targeting ES2023. We also learn that the Go-powered ‘native port’ of TypeScript will eventually be available as TypeScript 7.

Microsoft

IN BRIEF:

Node.js v18 went 'end of life' in April 2025, but Canonical (the maintainers of Ubuntu) have announced Ubuntu Pro users will now get support till 2032.
Callstack has announced Node-API support for React Native, opening up many more options for writing and sharing native code across platforms.
The Igalia team has shared a detailed summary of the latest TC39 plenary, packed with interesting tidbits about developments to ECMAScript.
North Korean 'threat actors' have deployed 67 malicious npm packages and Kirill Boychenko tells us what they are and explains how they work.

📊 The 500x Performance Gap Between Node Version Managers (and Why You Might Not Care) — “Your choice of Node.js version manager can make your shell startup 500x slower,” starts Pavel, who shares some benchmarks, but concludes it might not matter too much unless you’re spawning a lot of new shells.

Pavel Romanov

📄 JavaScript Scope Hoisting is Broken – The creator of Parcel argues that scope hoisting conflicts with modern JS patterns. Devon Govett

📄 Modern Async Iteration with Array.fromAsync() Matt Smith

📄 Typed Query Builders: Comparing Kysely and Drizzle Guillaume Billey

🛠 Code & Tools

Necord: A Framework for Creating Discord Bots — It uses Nest and Discord.js under the hood. Some example apps show how easy it is to deploy bot functions. GitHub repo.

Necord

✉️ Upyo: A Simple Cross-Runtime Email Sending Library — A cross-runtime email library that provides a unified, type-safe API for sending emails both on SMTP and HTTP-based (e.g. SendGrid or Amazon SES) providers. TIL that ‘upyo’ (우표) means ‘postage stamp’ in Korean.

Hong Minhee

Your Playwright Tests, Now on Real iOS Safari Devices — Stop missing Safari bugs. Run tests on real iOS devices with BrowserStack, capture logs, and ship with confidence.

BrowserStack sponsor

Rewire 9.0: Easier Monkey-Patching for Unit Tests — Enhances CommonJS (only) modules with special setters and getters, for injecting mocks, inspecting private variables, and overriding module internals.

Johannes Ewald

Envalid 8.1: Environment Variable Validation — Ensure your program only runs when all of its environment dependencies are met. v8.1 is a minor update, though the first in two years.

Aaron Franks

cRonstrue 3.0: Convert Cron Expressions into Natural Language — Not just English either - it supports about thirty locales. There’s also an online demo.

Brady Holt

ESLint v9.31.0 – Four core rules have been updated to support explicit resource management.
Serverless Express 4.17 – Run Express.js on AWS Lambda, API Gateway, Lambda@Edge, etc.
NATS.js 3.1 – JavaScript client for the NATS messaging system.
open 10.2 – Open URLs, files and executables – cross-platform.
🤖 OpenAI Node 5.9 – The official Node library for OpenAI.
snakecase-keys 9.0 – Convert object keys to snake case.
Poolifier 5.1 – Worker threads and cluster worker pool.

📢 Elsewhere in the ecosystem

A roundup of some other interesting stories in the broader landscape, in case you've missed them:

📅 new Date("wtf") – How well do you know JavaScript's Date class and how date parsing works in JavaScript? Find out with this hair-raising quiz.
ANSI.tools is a handy online tool for analyzing ANSI escape codes/sequences and a lookup of common codes.
Tae Kim explains how he tackled the 1 Billion Row Challenge in Bun, and was able to process a 1 billion row file in under 10 seconds.
The Nginx HTTP server has a module (njs) for extending its functionality using JavaScript, but it only supported ES5. Now, njs uses QuickJS for a more modern, powerful experience with full ES2023 support.