#235 — April 26, 2018

Read on the Web

Node Weekly

Node 10 and npm 6.0 Have Been Released

It's a big week for the Node world with the final release of Node 10. It's not an LTS release (that happens in October) or intended for your production servers yet, but 10.x takes some vital steps forward to help Node continue to grow, so get testing on it ASAP.

The Official Node 10 Release Post — This is essentially just a changelog and links to the release downloads, so if you want to learn more about what Node 10 is above, keep scrolling.

James M Snell

The Node.js Project Introduces Latest Release Line: Node 10 — A roundup of what’s new to Node 10 from the Node.js Foundation themselves.

Node.js Foundation

Ext JS: Developer-friendly & Enterprise-ready Framework for Your App Dev — Sencha’s time-tested JavaScript framework, Ext JS, provides a broad range of widgets and over 115 components designed and tested for compatibility with no external dependencies. Try it for free today and see why 60% of the Fortune 100 choose Ext JS.

Sencha sponsor

Some more on what's new in Node 10:

  • It uses V8 6.6 which improves `Function.prototype.toString()`, caches code after execution, compiles bytecode on a background thread, offer async performance improvements for promises, Arrays, and more.
  • the N-API 'Native API' is now stable/non-experimental - this makes it easier to build native addons that can target Node generally rather than have to worry about V8 or version concerns, and essentially Node core can become 'neutral' to the engine behind it - more here.
  • there's also a Node-Chakracore release that uses Microsoft's JavaScript engine instead of V8
  • The Buffer constructor has been deprecated (mostly)
  • It adopts of standardized 'error codes'
  • OpenSSL 1.1 support - which means TLS 1.3 support soon
  • Experimental promisified versions of `fs` functions in `fs/promises`
  • Node 10 supports lots of new regex features
  • HTTP/2 support, which will continue to be extended as 10.x progresses
  • We can now use async iteration natively
  • It comes with npm 5.6, but 6.0 is available if you want to try it (see below)

npm@6 Announced: Another Major Update to npm — npm 6.0 isn’t included with Node 10 yet, but you can play with it today. Beyond the usual performance improvements (up to 17x faster than npm a year ago), npm 6 focuses heavily on security and soon “every user of the npm Registry will begin receiving automatic warnings if you try to use code with a known security issue.” A new npm audit command will also soon let you recursively analyze dependencies for security issues.

The npm Blog

The New npm CLI: A Year in Review; Or, What You May Have Missed — A more accessible roundup of what’s new to npm at the CLI level since version 5 was released a year ago, including npx and npm ci. It’s worth brushing up on if you haven’t done so recently.

The npm Blog

Beyond npm@6: The Future of the npm CLI — We’ve just looked at the present and the past of npm, but what about the future? Here’s some of what’s being considered for npm 7.

The npm Blog


Advanced Backend Software Engineering @ London (UK) CyberSec Co. — We’re building a high-performance core Node backend for our cybersecurity platform; Experience in Node/C++/C#/Java? Join us.


Open To New Opportunities Working With Node? — Try Underdog.io, where hundreds of the best tech companies go to meet top engineers. Apply in 60 seconds. Open in NY, SF Bay Area, and for remote.


📖 Articles and Tutorials

Essential Tools for Versioning and Releasing Your npm Modules — Covers semantic-release, Commitizen, Jest, Codecov, ESLint and GreenKeeper.

Patrick Lee Scott

Dynaflow: An Open-Source Node Driver for DynamoDBDynamoDB is AWS’s longest serving NoSQL database service and this is the story of why Vice Tech built a Node driver for it.

Joshua Wise

Learn 100+ Azure Tips and Tricks for Web Apps, Databases and More

AZURE sponsor

Installing Node.js on Linux with 'snaps' — ‘Snaps’ are containerized packages designed to work across cloud, desktop, and IoT devices.

Eric O'Rear

A Complete Introduction to Async Functions and ES6 Modules in Node

David Herron

🔧 Code and Tools

Permit: An Unopinionated Auth Library for Node.js APIs — A library for adding an authentication layer to Node-built HTTP APIs, whether in Express, Koa, Hapi, etc. or using REST or GraphQL.

Ian Storm Taylor

lru-cache-node: A Fast Cache Manager for Node — Has a least-recently-used policy so once the cache is ‘full’, the least recently used items get dropped.

Arbaz Siddiqui

PKI.js: Tools for Working with Public Key Infrastructure — Pure JS library for working with signing, encryption, certificate requests, OCSP and TSP requests/responses

Yury Strozhevsky

Slugify: Simply Turns Strings into URL/Filename-Friendly 'Slugs' — e.g. ‘I ♥ Dogs’ becomes ‘i-love-dogs’

Sindre Sorhus

Hazelcast IMDG Node.js Client Code Reference Card — Get up and running quickly with the Hazelcast IMDG Node.js Client with this easy to use reference card.

Hazelcast sponsor

Emittery: A Simple, Modern Async Event Emitter

Sindre Sorhus

TypeORM 0.2: A Powerful ORM for TypeScript and JavaScript — Supports both Active Record and Data Mapper patterns and many database types. 0.2 adds Electron and React Native support and more.

Umed Khudoiberdiev

P.S. Stop using Node 4 ASAP. It's not going to get any more security updates from next Monday onward.