Node.js 10 was released this April and I just wanted to kind of touch on what’s new—the additions improvements, etc. Obviously, I’m not going go through the extensive change log or anything but I just want to mention the major things. The changes are so many that you’ll find this information in series of articles elsewhere but I figured that I would wrap it up in one article and try to convey it in a simple way.
Standardized Error Codes
If you’ve worked with errors and debugging node it can be kind of a pain. Before we got some weird string based error messages that we’d have to constantly look up or sometimes guess what they mean, but now with Node.js 10 they adopted standardized error codes. We have consistent codes with a repeatable pattern instead of a string with no identifiers.
This will make debugging and error handling easier and it will remove a lot of the guessing and the searching—looking up things on Google and Stack Overflow. Applications are easier to debug and offer faster development.
With Node.js 10, we can actually check for error codes. We’ll get a specific error code that we can handle. Node.js 10 is will make debugging easier.
HTTP/2 is a higher performing successor to HTTP. If you really haven’t looked into HTTP/2, it’s not a rewrite of the protocol or anything like that. All the HTTP methods, the status codes, the semantics are the same. You should be able to use the APIs as with HTTP/1. X. There will be some additions but everything should be backward compatible.
HTTP/2 was introduced in Node 8 but it was known to be very buggy. In version10, it’s now completely stable and safety use. As far as frameworks go HapiJS framework and KOA framework fully support HTTP/2 right out of the box. As far as Express is concerned, you need to use the Express-HTTP/2-workaround package. The focus of HTTP/2 is performance specifically end-user perceived latency and network and server resource usage.
Having stable HTTP/2 is a pretty nice addition to Node.js 10.
Let’s take a look how the code would look like with Hapi JS and HTTP/2.
As you can see,we’re basically creating a connection or setting our routes and handlers. The syntax is not much different. We’re just using the HTTP/2 module.
Better Support for ESM Modules
Node.js 10 does offer better support for ESM or ECMA Script modules. For years, Node has used CommonJS modules.
If you don’t know what that is, it’s when we bring in our packages using const, equalrequire, express or whatever module. ECMAScript modules or ES6 modules is where we say import something from something for example React, Angular, and most front-end frameworks use syntax with Webpack and Babel.
Understand that pure native ECMA Scriptmodules are not standardized yet. They’re not ready to be used by default in Node.js 10. They are getting closer and it’s a huge priority. It’s difficult for them to integrate along with the CommonJS modules.
For now, we can enable the experimental-modules flag and any file where you want to use ESM or ECMA Script modules. You just have to give it .mjs extension. I’ll be happy when we can just use ES6modules right out of the box.
You can implement Babel on your server side and use them. It would be nice to not have to do that any more and just have it right out of the box.
I came across a Medium article that tells why it’s so hard for them to get native ESM into Node.
The support for ESM modules is getting better we can use the experimental modules flag–just use the MJS extension. I wouldn’t really suggest doing this in production but you know you can mess around with it and they’re getting closer.
Every time there was a Node update, developers would have to completely revise a lot of code due to its binding to V8. There’s higher level of abstractions that can make this much easier for them.
With Node.js 10, Open SSL has been updated to version 1. 1. With TLS 1. 3, we’ll have faster SSL handshakes and even better security. Node.js 10 includes ChaCha20 cipher, which is a high speed cipher. It is up to three times faster than AES, which is the current industry standard. There is also poly1305 Authenticator for authenticated encryption, which is going tomake Node more secure overall.
If you’ve worked with node you’ve probably worked with the FS or the file system module which allows you to interact with the file system. In Node 10, we have the experimental fs.promises, which mean we can now use asynchronous file system methods that return a promise. We can use this require fs.promises. We’ll get methods, where we don’t need to use callbacks and it will make our code cleaner and readable if you use a sync await.
With fs.promises in Node 10, for error handling we don’t need to use try-catch blocks because where it’s promise based we can now use .catch.
Let’s look at an example.
In the above code, we have the regular fs or filesystem module and then the Promisesbased one. We’re just reading a file synchronously and we have doTruncate method that is using fs.Promises module along with asyncawait to truncate this.
The code is truncating it to four characters and then we’re just logging it out.
It started off as node.js. Now it’s going to just read Node.
fsPromises method makes it much more elegant to do this rather than using like callbacks where we’re using async await.
As in the last line of the code example, we can use .catch. if we have any errors, we can log those errors.
Node.js is getting faster.
Node.js 10 is shipped with NPM 6 which comes with its own set of improvements including performance, security and stability. I did underline security because that seems to be like the main theme of NPM 6. NPM recently acquired lift security and the Node security platform which identifies vulnerabilities for developers and security vendors.
With Node and NPM 6, you should start to get automatic warnings when trying to use code and packages with known security issues. We have the new audit command npm audit. The command will look at your applications dependency trees, identify if anything is insecure, tell you about it, and then if you wanted to, you could switch it out for an alternate, safer dependency.
NPM is now 17 times than it was exactly one year ago, which is pretty impressive progress.