#605 — December 16, 2025 |
🗓️ Today we're taking a look back over some of the big stories and links that got you clicking this year. Also, Node Weekly will be moving to Thursdays in January 2026, as part of a reshuffle for many of our newsletters. |
|
 |
|
|
This is our final issue of the year, with a focus on looking back at what happened with Node in 2025, as well as the most popular items readers enjoyed. First, though, we do have a few items of news: |
|
Node.js v24.12.0 (LTS) Released — Node’s implementation of type-stripping in order to be able to run TypeScript natively reaches a conclusion of sorts with the support being marked as stable for the first time in the active LTS release. Michaël Zasso |
💡 Deno 2.6 was also released with a new |
CERN Upgrades Its Data Stack: Here’s the Database Behind It — The NextGen Archiver at CERN depends on high-performance ingestion and fast analytics. Discover why TimescaleDB beat pure PostgreSQL and legacy systems with superior throughput, 7–10x compression, and dramatically faster queries. Tiger Data sponsor |
|
SECURITY RELEASES: The expected December 15 Node.js releases have been bumped back to this Thursday, December 18. New versions of the 25.x, 24.x, 22.x, and 20.x release lines are expected to fix a handful of security vulnerabilities. MONGOOSE: Valeri Karpov gives us an update on what's new in Mongoose 9.0, the MongoDB object modeling library for Node. ⚙️ pnpm 10.26 has landed with stricter security defaults for git-hosted dependencies, |
🏆 The Top Items of 2025 |
|
The top items of the year based upon the aggregated number of clicks by readers, whether in email, on the Web, or through our RSS feed: |
|
1. 15 Recent Node Features that Replace Popular npm Packages — Clearly trimming dependencies is on many people's minds as the most popular item of 2025 was about ditching unnecessary packages for built-in Node alternatives. Lizz Parody |
|
2. A Modern Guide to Reading and Writing Files in Node — A valuable, comprehensive guide to various methods for working with files, something that doesn't often get blogged about. Luciano Mammino |
|
Extract Text from PDFs Using REST APIs — Pull text from PDFs for search, AI, or automation workflows — full Python example included. Foxit Software sponsor |
|
3. Modern Node.js Patterns for 2025 — Halfway through the year, Ashwin reminded us of various features the modern Node environment provides us, including ES modules, built-in Web APIs, the test runner, watch mode, the permission model, import maps, and more. Ashwin |
|
4. Node.js Testing Best Practices — A detailed guide to modern testing in Node from a group of developers who know all about it. Goldberg, Salomon, and Gluskin |
|
5. How V8 Made Patrick Thier (V8) |
|
6. ⚙️ Node Modules Inspector — A tool that runs pnpm inside your browser, “installs” a package, then analyzes its dependencies. Anthony Fu |
|
7. Subverting Control with Weak References — Node supports James Long |
|
8. The Many, Many, Many JavaScript Runtimes of the Last Decade — A fantastic, well-researched look at the myriad of JavaScript runtimes and engines both past and present, from mainstream picks like Node and Bun, to cloud platforms and more obscure ‘honorable mentions’. A perfect way to round out your knowledge of JavaScript’s runtime story. Whatever, Jamie |
🗓️ Node.js in 2025: Month by Month |
|
JANUARY – We start and end the year in the same place, with the ability of Node being able to run TypeScript being new early in the year, and now ending the year with Node.js v24.12.0 (LTS) making it stable in an LTS release. We also got a major update on progress with Express.js. NodeBB v4.0 was released too. FEBRUARY – TypeScript 5.8 was a big release for Node developers in particular, with support for MARCH – The Node.js project got its own official community space on Discord. It now has almost 22,000 members. The Node.js TSC also voted to stop distributing Corepack by default. Express 5.1 was released. APRIL – Koa 3.0 was released, and Microsoft warned us about Node's increasing role in malware. A major Node.js collaboration summit also took place in Paris. MAY – Node.js v24.0 was released. The Glitch platform announced it was shutting down. Platformatic began bringing PHP and Node together. JUNE – I think everyone took an early summer break as it was very quiet! JULY – A discussion, still ongoing, began about shifting Node to annual major releases and shortening the LTS timeframe. AUGUST – TypeScript 5.9 was released. SEPTEMBER – A messy autumn for npm package security began with a variety of packages being compromised in a phishing attack. In response, pnpm added support for delayed dependency updates. Cloudflare Workers introduced support for Node.js HTTP servers and improved Node compatibility generally. macOS Tahoe users found Electron apps were very laggy due to a change in a private API. OCTOBER – Node.js v25.0 was released and Node.js 24 became the active LTS release. NOVEMBER – Type stripping went 'stable' in Node v25.2 and Marco Ippolito shared his personal story of how type stripping was shipped. The now-named Shai Halud supply chain attack reared its ugly head in a 'version 2' form. DECEMBER – Where we are now: it's been a relatively quiet month so far! |
|
|
🎁 P.S. We hope you have a great holiday season and we'll be back on Thursday, January 8. |