Node Weekly Issue 590: August 19, 2025

#590 — August 19, 2025

☀️ I'm back from a week's vacation to find that the biggest Node story on social media is something we featured two weeks ago, namely that Node.js v22.18.0 (LTS) can now run TypeScript (sort of! – it uses type stripping) without a flag 😅 Nonetheless, we still have a good issue for you today, but if you missed our previous issue, you can find it here.
__
Peter Cooper, your editor

Together with

Sidequest.js: A New Scalable Job Execution Option for Node — A modern, scalable background job processor for Node apps that includes a Web-based dashboard, the ability to support multiple backends out of the box, and TS-first ergonomics. GitHub repo. LGPL 3.0 licensed.

Merencia and Guizzo

Memetria K/V: Redis Hosting Built for Node.js — Host Redis OSS and Valkey with deep analytics, memory profiling, and large key detection—tailored for the way Node.js applications scale and behave.

Memetria sponsor

Node.js v24.6.0 (Current) Released — A relatively minor step forward. Node 24.6 lets you use your system’s trusted certificates by setting the NODE_USE_SYSTEM_CA environment variable (a la --use-system-ca), zlib adds Zstd dictionary support, and http adds a keepAliveTimeoutBuffer option for servers.

Rafael Gonzaga

IN BRIEF:

👋 The official Node site now has a page explaining the 'End of Life' (EOL) process, what things can break when a version goes EOL, and the current status of different Node versions.
If you have many Node projects hosted on Vercel and have been dreading upgrading each app one-by-one, you can now bulk upgrade deprecated Node.js versions on Vercel.
Oxlint now has type-aware linting in preview.

Express App Support Coming to Cloudflare Workers — While there are now things like Hono for quickly building Express-like webapps across runtimes, Express nonetheless maintains its position as the most popular option for now. So it’s great to see edge platform Cloudflare Workers adding direct support for it – though it’s local dev only for now.

James Ross

💡 In related news, AWS Lambda now supports using GitHub Actions to simplify function deployment, so that when you push code, it can be quickly deployed.

📄 How Incorrect Shopify Webhook Parsing Led to Database Deletion – A sneaky problem with an unexpected undefined value being fed to Prisma. One of Prisma’s validation errors did pick it up, however. Ingressr

📄 npm Adopts OIDC for Trusted Publishing in CI/CD Workflows – A look into npm’s newest feature: secure npm package ‘trusted publishing’ from CI/CD workflows using OpenID Connect. Sarah Gooding (Socket)

📄 Understanding Flame Graphs in Node.js Lizz Parody (NodeSource)

🛠 Code & Tools

🖼️==🖼️? LooksSame: A Library to Visually Compare Images — Built for visual regression purposes, LooksSame takes human color perception into account, so it’s flexible and not just a precise comparison. (Note that it’s PNG only, to avoid introducing large dependencies.)

Yandex and Contributors

zx v8.8: Write Better Shell Scripts with Node.js — A popular way to make shell scripting a more pleasant experience in Node with useful wrappers around child_process, argument escaping, and sensible defaults. v8.8 improves zx’s piping story. (Docs.)

Google

Secure Your AI Agents So That You Can Protect Your Users — Whether you have a B2B or B2C use case, Auth0 is a full IdP that provides robust security like MFA and continuous threat monitoring.

Auth0 sponsor

Pyodide: Python Compiled to WebAssembly — A port of CPython to WebAssembly that can be used both in the browser and from within Node.js. You can, for example, import Pyodide into a Node app and then run Python code within it.

Pyodide Contributors and Mozilla

QuickJS Sandbox 3.0: Execute JS/TS in a QuickJS Powered Sandbox — QuickJS is a small, embeddable JavaScript engine built by Fabrice Bellard and this extends it to make it easy to run code in an isolated sandboxed environment, along with some basic Node module support and a virtual file system. GitHub repo.

Sebastian Wessel

🤖 YIKES: An LLM-Powered Text Adventure Game Engine — It’s early days, but LLMs open up some interesting opportunities for the classic game genre.

Scott Elcomb

NVM Desktop 4.1 – A desktop (macOS, Windows, and Linux) app to manage multiple active Node versions.
fdir 6.5 – High-performance directory crawler & globbing library. Now with an ESM build.
Strong SOAP 5.0 – SOAP client with mock server capabilities. A rewrite of node-soap (below).
Ghost 6.0 – Node.js-powered indie publishing and blogging platform.
Fastify 5.5 – The fast, low overhead Node web framework.
CryptoES 3.0 – A library of cryptography algorithms.
Prisma 6.14 – Next-gen Node.js + TypeScript ORM.
Undici 7.14 – Node's powerful HTTP client library.
node-soap 1.3 – SOAP client and server library.
ESLint v9.33.0

📰 Classifieds

😁 Sub-ms latency means happier users. Redis 8.2 is 91% faster than 7.2 and is a drop-in upgrade. Get started for free.

📌 Deploy with PinMe: Host Your Front-End Without Servers. No sign-up. No cost.

📢 Elsewhere in the ecosystem

A roundup of some other interesting stories in the broader landscape:

📺 TC39's Daniel Ehrenberg took part in ▶️ a fantastic 47-minute interview where he spoke about how the TC39 committee works and how you can have your say on the future of JavaScript.
🏎️ Ryan Skinner presents Rari, a demonstration of replacing Node.js with a Rust-powered backend for rendering React server components, and shows off some serious performance improvements.
Simon Willison shows how to configure GitHub Codespaces using devcontainers running both the latest Python and Node.js LTS releases.
Git 2.51 was just released and GitHub shares some highlights of the release.
Dr. Axel Rauschmayer has put together a simple primer on JavaScript arrays for beginners.
jQuery 4.0 RC 1 has been released!