Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Node.js 10.0 Fills Some Gaps, Polishes a Few Rough Edges

DZone's Guide to

Node.js 10.0 Fills Some Gaps, Polishes a Few Rough Edges

Node.js has quickly risen to become one of the most popular backend development frameworks. And the latest update has only made it better!

· Web Dev Zone ·
Free Resource

Bugsnag monitors application stability, so you can make data-driven decisions on whether you should be building new features, or fixing bugs. Learn more.

Node.js 10 was released this April and I just wanted to kind of touch on what's new—the additions improvements, etc. Obviously, I'm not going go through the extensive change log or anything but I just want to mention the major things. The changes are so many that you’ll find this information in series of articles elsewhere but I figured that I would wrap it up in one article and try to convey it in a simple way.

I know these aren't the most exciting articles to read and share in the world but if you're a JavaScript developer or someone who works at a technology firm, I think it's really important to keep up-to-date with these things. It’ll be a short article.

Standardized Error Codes

Standardized Error Codes

If you’ve worked with errors and debugging Node, you know it can be kind of a pain. Before we got some weird string-based error messages that we'd have to constantly look up or sometimes guess what they mean, but now with Node.js 10 they adopted standardized error codes. We have consistent codes with a repeatable pattern instead of a string with no identifiers.

This will make debugging and error handling easier and it will remove a lot of the guessing and the searching—looking up things on Google and Stack Overflow. Applications are easier to debug and offer faster to develope.

error code 1error code 2

With Node.js 10, we can actually check for error codes. We'll get a specific error code that we can handle. Node.js 10 is will make debugging easier.

Stable HTTP/2

Stable HTTP/2

HTTP/2 is a higher performing successor to HTTP. If you really haven't looked into HTTP/2, it’s not a rewrite of the protocol or anything like that. All the HTTP methods, the status codes, the semantics are the same. You should be able to use the APIs as with HTTP/1. X. There will be some additions but everything should be backward compatible.

HTTP/2 was introduced in Node 8 but it was known to be very buggy. In version 10, it's now completely stable and safe to use. As far as frameworks go, the Hapi.js framework and KOA framework fully support HTTP/2 right out of the box. As far as Express is concerned, you need to use the Express-HTTP/2-workaround package. The focus of HTTP/2 is performance, specifically end-user perceived latency and network and server resource usage.

Having stable HTTP/2 is a pretty nice addition to Node.js 10. Let’s take a look how the code would look with Hapi and HTTP/2.

stable http2

As you can see, we’re basically creating a connection or setting our routes and handlers. The syntax is not much different. We’re just using the HTTP/2 module.

Better Support for ESM Modules

Node.js 10 does offer better support for ESM or ECMAScript modules. For years, Node has used CommonJS modules.

If you don't know what that is, it's when we bring in our packages using const, equalrequire, express. etc. ECMAScript modules, or ES6 modules, are where we import something from somewhere else. For example React, Angular, and most front-end frameworks use syntaxes with Webpack and Babel.

Understand that pure native ECMAScript modules are not standardized yet. They're not ready to be used by default in Node.js 10. They are getting closer and it's a huge priority. It’s difficult for them to integrate along with the CommonJS modules.

For now, we can enable the experimental-modules flag and any file where you want to use ESM or ECMAScript modules. You just have to give it .mjs extension. I'll be happy when we can just use ES6 modules right out of the box.

N-API

N-API

N-API is the next generation of Node.js APIs for native modules. It's now completely independent from the JavaScript runtime - V8. Before it was tightly coupled with the runtime. Now it's actually maintained as a part of Node.js.

This opens up doors for engines like Microsoft Chakra, which is a JavaScript engine that powers the Microsoft Edge browser. Developers can write C and C++ add-ons without having a real deep understanding of the V8 engine itself because now it provides better abstractions that are more true to Node in JavaScript. Apparently, Node 10 will make it not only easier but also more stable.

Every time there was a Node update, developers would have to completely revise a lot of code due to its binding to V8. There's higher level of abstractions that can make this much easier for them.

Modern Cryptography

Image title

With Node.js 10, Open SSL has been updated to version 1. 1. With TLS 1. 3, we'll have faster SSL handshakes and even better security. Node.js 10 includes the ChaCha20 cipher, which is a high speed cipher. It is up to three times faster than AES, which is the current industry standard. There is also a poly1305 authenticator for authenticated encryption, which is going tomake Node more secure overall.

fs/Promises

fs promises

If you've worked with Node you've probably worked with the FS, or the file system, module which allows you to interact with the file system. In Node 10, we have the experimental fs.promises, which means we can now use asynchronous file system methods that return a promise. We can use: require fs.promises. We'll get methods where we don't need to use callbacks and it will make our code cleaner and readable if you use async/await.

With fs.promises in Node 10 for error handling, we don't need to use try-catch blocks because where it's promise based we can now use .catch. Let’s look at an example.fs/promises - 4

In the above code, we have the regular fs or filesystem module and then the Promises-based one. We're just reading a file synchronously and we have the doTruncate method that is using the fs.Promises module along with async/await to truncate this.

The code is truncating it into four characters and then we're just logging it out. It started off as Node.js. Now it's going to just read the Node.fsPromises method, which is it much more elegant than using something like callbacks, where we're using async/await. As in the last line of the code example, we can use .catch. If we have any errors, we can log those errors.

Performance Improvements

Image title

We should see quite a bit of improvement because Node is powered by the V8 JavaScript engine, which is the same engine that Google Chrome uses. With version 6 of V8 included with Node 10, we should get a pretty nice performance bump.

Chrome uses the latest version as well and there's been a 20-40% reduction in parsing and compiling JavaScript. We should see some nice improvements. It also offers async generator and array performance improvements.

Node.js is getting faster.

NPM 6

NPM 6

Node.js 10 is shipped with NPM 6 which comes with its own set of improvements including performance, security, and stability. I did underline security because that seems to be like the main theme of NPM 6. NPM recently acquired lift security and the Node security platform which identifies vulnerabilities for developers and security vendors.

With Node and NPM 6, you should start to get automatic warnings when trying to use code and packages with known security issues. We have the new audit command npm audit. The command will look at your applications dependency trees, identify if anything is insecure, tell you about it, and then if you wanted to, you could switch it out for an alternate, safer dependency.

NPM is now 17 times than it was exactly one year ago, which is pretty impressive progress.

Monitor application stability with Bugsnag to decide if your engineering team should be building new features on your roadmap or fixing bugs to stabilize your application.Try it free.

Topics:
web dev ,node.js ,backend development ,npm

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}