“The 10.x release is breaking new ground in a number of different areas. It’s great to see the project taking on larger and longer-term efforts and delivering progress incrementally in each release,” said Michael Dawson, a collaborator and technical steering committee member as well as the IBM community lead for Node.js. “I think this shows how well the Node LTS process is working to provide new functionality in a regular and consumable manner.”
This is also the first Node.js release line to upgrade to OpenSSL v1.1.0, the latest version of the open source cryptography and toolkit for Transport Layer Security and Secure Sockets Layer (TLS/SSL) protocols. This is particularly significant given the recent ratification of the TLS 1.3 specification, which will be supported by OpenSSL’s v1.1.1 when released later this summer.
By including the current OpenSSL, Node.js 10.x paves the way for seamless and stable upgrades when the TLS-compliant version goes live. Convenience aside, the inclusion of a robust and commercial-grade library aligns Node.js with the paramount standard for encrypted communication via the web — yet another signal to enterprise users that Node.js is a solid and scalable backend choice for developing web apps, back-ends, and consolidating APIs, even on IoT or mobile platforms.
The new Node also unlocks multiple new API features. For example, a new API has been introduced allowing user code to enable and disable trace events on demand at runtime, providing improved flexibility in diagnosing issues in Node.js applications at runtime. Then there is a promises API — albeit currently experimental — aiming to eventually replace the existing “util.promisify()” function with Node.js APIs that directly support promises in the most efficient manner.
Indeed, this is so anticipated in part because the N-API effort was much-desired and community-wide. “Many thanks to all of the community members who stepped up to help move N-API forward and into 10.x as a supported feature,” said Dawson. “It is just such a significant milestone on the journey to making native addon development easier.”
Performance also gets an upgrade. Coupled with the latest Chrome V8, Node.js v.10.0.0 comes with features including promises, async generator and async iteration, as well as improvements to array performance that have increased throughput response. (For example, Array.reduce() has improved by a factor of ten). All of these serve as a small but significant — and permanent — performance boost for applications built using Node.js.
Manage Those Packages More Securely, Too
In fact, npm v.6 contains a new shortcut specifically to address this: npm-audit allows users to recursively analyze dependency trees to identify potential conflicts and insecurities. A proactive step allowing devs to swap out for updated or better-fit versions before anything breaks, “npm audit” totally rocks. (We just have to remember to, you know, run it).
Node v.10.x will update to npm v.6 in the coming months.