What's new with Node 8?

Node.js continues to be one of the most popular server-side frameworks available, through a combination of its lightweight efficiency, support for the 'JavaScript everywhere' paradigm, and comprehensive package support.

Since its introduction in 2009, Node has been through a number of major releases, including most recently version 8.0. This release dropped at the end of May and will enter LTS (long-term support, indicating a more stable version ready for enterprise adoption) in October. There's a lot going on in the latest release, and it's worth a look at some of the highlights.

01. V8 5.8

Node is built upon Google's Chrome V8 JavaScript engine (V8 is the name of the engine, not the version number), and Node 8.0 includes V8 5.8. This ships with significant improvements in performance and APIs, and establishes forward compatibility for Node 8.0 with future versions of V8. This is significant enough that the team behind Node actually chose to postpone the launch of 8.0 from April to better accommodate it.

02. Faster npm

If you're using Node, you'll be intimately familiar with npm, and Node 8.0 now includes the latest stable release, npm 5.0.0. This update includes significant speed-up of common tasks such as package installation, and several changes to improve consistency and avoid corruption.

This means that npm is now more reliable and faster than ever. And if you've ever missed out '--save' while installing modules, you'll be relieved to hear that new installs are now saved by default.

03. Better Buffer security

One of the more straightforward changes introduced in Node 8.0 is a security improvement to buffers. In prior versions, 'new Buffer(num)' did not initialise memory space with zeros. This was done for performance reasons; however, it meant that a new Buffer could contain sensitive information, leading to security issues.

Now, a new Buffer will automatically be filled with zeroes. This may seem minor, but could have performance implications which should be considered. Ultimately, Buffer(num) has been deprecated for some time, so it's probably best to move away from it.

04. util.promisify()

An interesting addition to Node 8.0's libraries is the 'util.promisify()' function, which has many Node developers excited. It's widely acknowledged that promises offer an improvement over callback-based asynchronous code. util.promisify() gives us an easy way to wrap callback-based functions to return promises.

This can be particularly useful for codebases and libraries with large numbers of callbacks, where refactoring code to use promises would be cumbersome and time-consuming. Previously it was common to use Bluebird.js or similar libraries to do this, but it's now a core Node function.

05. async and await

Another step forward for asynchronous code is the addition of the async and await keywords. These have actually been available in Node since version 7.6.0. However, 8.0 is the first version with them which will enter LTS, which is likely to mean a significant uptake in enterprise adoption. async functions provide an alternative to callbacks and promises (they're actually built on top of promises), which provides a cleaner syntax.

06. N-API

An experimental feature, the Node.js API (N-API) has been added in Node 8.0 to improve support for native modules. Native modules are written in C or C++, and loaded into Node.js as if they were a regular Node module. These are useful where performance is critical, or for hooking into low-level APIs or existing C or C++ libraries.

However, historically this has created a maintenance burden as the underlying V8 and Node core interfaces upon which native modules depend were not guaranteed to be stable, meaning native modules often needed updates to support new Node releases. N-API offers a set of stable, abstracted interfaces available as C APIs, maintained as part of Node itself. Being experimental, it does not yet provide full coverage of all V8 features, but this should improve in future.

07. Fixes and improvements

In addition to these new features and a few smaller ones, there are a number of stability improvements and fixes included in the new release. For example, console.log() and other similar methods are now safer than previous versions, as situations where they could cause the application to crash have been resolved.

The Node team have also begun the process of assigning static error codes to all errors Node generates, which are easily queried in the documentation and guaranteed not to change even if the associated message does.

08. What's next?

Beyond version 8.0, Node.js continues to improve and evolve. It usually sees two major releases per year, and the next, Node 9.0, is due for release in October. The Node team typically only move even-numbered versions to LTS status, and LTS for Node 10.0 is not scheduled until October 2018.

Once versions reach LTS status, they are actively maintained for a period of 18 months, after which they move into a 12-month maintenance status (during which only critical bugs and security issues are patched).

As a result, Node is likely to remain both popular and a safe choice for the foreseeable future, and Node 8.0 itself is expected to have a three-year shelf life from now.

This article originally appeared in Web Designer issue 263; buy it here!

Related articles: