Node.js 10.0 Fills Some Gaps, Polishes a Few Rough Edges
Node.js 10.0 Fills Some Gaps, Polishes a Few Rough Edges
Node.js has quickly risen to become one of the most popular backend development frameworks. And the latest update has only made it better!
Join the DZone community and get the full member experience.Join For Free
Bugsnag monitors application stability, so you can make data-driven decisions on whether you should be building new features, or fixing bugs. Learn more.
Node.js 10 was released this April and I just wanted to kind of touch on what's new—the additions improvements, etc. Obviously, I'm not going go through the extensive change log or anything but I just want to mention the major things. The changes are so many that you’ll find this information in series of articles elsewhere but I figured that I would wrap it up in one article and try to convey it in a simple way.
Standardized Error Codes
If you’ve worked with errors and debugging Node, you know it can be kind of a pain. Before we got some weird string-based error messages that we'd have to constantly look up or sometimes guess what they mean, but now with Node.js 10 they adopted standardized error codes. We have consistent codes with a repeatable pattern instead of a string with no identifiers.
This will make debugging and error handling easier and it will remove a lot of the guessing and the searching—looking up things on Google and Stack Overflow. Applications are easier to debug and offer faster to develope.
With Node.js 10, we can actually check for error codes. We'll get a specific error code that we can handle. Node.js 10 is will make debugging easier.
HTTP/2 is a higher performing successor to HTTP. If you really haven't looked into HTTP/2, it’s not a rewrite of the protocol or anything like that. All the HTTP methods, the status codes, the semantics are the same. You should be able to use the APIs as with HTTP/1. X. There will be some additions but everything should be backward compatible.
HTTP/2 was introduced in Node 8 but it was known to be very buggy. In version 10, it's now completely stable and safe to use. As far as frameworks go, the Hapi.js framework and KOA framework fully support HTTP/2 right out of the box. As far as Express is concerned, you need to use the Express-HTTP/2-workaround package. The focus of HTTP/2 is performance, specifically end-user perceived latency and network and server resource usage.
Having stable HTTP/2 is a pretty nice addition to Node.js 10. Let’s take a look how the code would look with Hapi and HTTP/2.
As you can see, we’re basically creating a connection or setting our routes and handlers. The syntax is not much different. We’re just using the HTTP/2 module.
Better Support for ESM Modules
Node.js 10 does offer better support for ESM or ECMAScript modules. For years, Node has used CommonJS modules.
If you don't know what that is, it's when we bring in our packages using const, equalrequire, express. etc. ECMAScript modules, or ES6 modules, are where we import something from somewhere else. For example React, Angular, and most front-end frameworks use syntaxes with Webpack and Babel.
Understand that pure native ECMAScript modules are not standardized yet. They're not ready to be used by default in Node.js 10. They are getting closer and it's a huge priority. It’s difficult for them to integrate along with the CommonJS modules.
For now, we can enable the experimental-modules flag and any file where you want to use ESM or ECMAScript modules. You just have to give it .mjs extension. I'll be happy when we can just use ES6 modules right out of the box.
Every time there was a Node update, developers would have to completely revise a lot of code due to its binding to V8. There's higher level of abstractions that can make this much easier for them.
With Node.js 10, Open SSL has been updated to version 1. 1. With TLS 1. 3, we'll have faster SSL handshakes and even better security. Node.js 10 includes the ChaCha20 cipher, which is a high speed cipher. It is up to three times faster than AES, which is the current industry standard. There is also a poly1305 authenticator for authenticated encryption, which is going tomake Node more secure overall.
If you've worked with Node you've probably worked with the FS, or the file system, module which allows you to interact with the file system. In Node 10, we have the experimental fs.promises, which means we can now use asynchronous file system methods that return a promise. We can use:
require fs.promises. We'll get methods where we don't need to use callbacks and it will make our code cleaner and readable if you use async/await.
With fs.promises in Node 10 for error handling, we don't need to use try-catch blocks because where it's promise based we can now use
.catch. Let’s look at an example.
In the above code, we have the regular fs or filesystem module and then the Promises-based one. We're just reading a file synchronously and we have the
doTruncate method that is using the
fs.Promises module along with async/await to truncate this.
The code is truncating it into four characters and then we're just logging it out. It started off as Node.js. Now it's going to just read the
Node.fsPromises method, which is it much more elegant than using something like callbacks, where we're using async/await. As in the last line of the code example, we can use
.catch. If we have any errors, we can log those errors.
Node.js is getting faster.
Node.js 10 is shipped with NPM 6 which comes with its own set of improvements including performance, security, and stability. I did underline security because that seems to be like the main theme of NPM 6. NPM recently acquired lift security and the Node security platform which identifies vulnerabilities for developers and security vendors.
With Node and NPM 6, you should start to get automatic warnings when trying to use code and packages with known security issues. We have the new audit command npm audit. The command will look at your applications dependency trees, identify if anything is insecure, tell you about it, and then if you wanted to, you could switch it out for an alternate, safer dependency.
NPM is now 17 times than it was exactly one year ago, which is pretty impressive progress.
Published at DZone with permission of Aditya Modi . See the original article here.
Opinions expressed by DZone contributors are their own.