Open in app

Sign in

Write

Sign in

Node.js v20: The latest fancy tools

Let’s discover them!

nairihar
4 min readApr 24, 2023

It’s amazing how quickly time passes — Node.js has already released its 20th version!

I will be highlighting some of the most notable tools in this release.

node:test / native library

Traditionally, developers have relied on libraries like Mocha and Jest to test their Node.js applications. However, these libraries require additional installations and can lead to vulnerabilities by adding numerous packages to the node_modules folder.

Fortunately, Node.js now offers a built-in testing module that eliminates the need for external libraries. This module was once experimental but has now been considered production-ready. By using this reliable tool, developers can streamline their testing process and reduce the risk of security issues.

import test from 'node:test';
import assert from 'node:assert';

test('synchronous failing test', () => {
  // This test fails because it throws an exception.
  assert.strictEqual(1, 2);
});

test('asynchronous passing test', async () => {
  // This test passes because the Promise returned by the async
  // function is not rejected.
  assert.strictEqual(1, 1);
});

test('failing test using Promises', () => {
  // Promises can be used directly as well.
  return new Promise((resolve, reject) => {
    setImmediate(() => {
      reject(new Error('this will cause the test to fail'));
    });
  });
});

Whether you're beginning a new project or tired of dealing with vulnerabilities and excessive packages, it's time to transition to Node.js' native testing library. By utilizing this built-in tool, developers can streamline their workflow and eliminate the need for external libraries.

Say goodbye to the hassle of managing multiple packages and the associated security risks. Instead, embrace the simplicity and reliability of the native testing library for all your testing needs.

Permissions

In Node.js, permissions are a powerful tool that allows developers to control the access a Node.js process has to system resources and the actions it can perform on those resources. With permissions, you can define which modules can be accessed by other modules, providing an additional layer of security to your applications. By carefully managing permissions, you can ensure that your Node.js applications only have the necessary access to system resources and data, reducing the risk of security breaches and improving overall system stability.

For instance, when working with Node.js applications that require access to the file system, you can grant the necessary permissions by using the --allow-fs-read and --allow-fs-write flags. These flags enable the process to read from and write to the file system, providing the required level of access while also ensuring that the application is secure and stable. By leveraging permissions in this way, developers can control which resources their applications can access, and prevent unauthorized access or malicious activity.

node --experimental-permission --allow-fs-read=* --allow-fs-write=/tmp/ 20.js

This will allow FileSystemWrite access to the /tmp/ folder and all FileSystemRead operations.

Here is how we can check the process’s permissions.

// 20.js

console.log(process.permission.has('fs.write', '/tmp')); // true

console.log(process.permission.has('fs.write', '/root')); // false

console.log(process.permission.has('fs.read', '/root/')); // true

I’d like to draw your attention to the experimental-permission flag we used to run our Node.js process. This flag enables experimental permission features that can be used for our testing purposes.

It’s important to note that this feature is still in the experimental stage and not recommended for production use until it’s deemed stable. It’s crucial to exercise caution when working with experimental features and to wait for stable releases before using them in production environments.

Single executable

In one of my recent articles, I discussed Node.js/Npm executables and their importance in the development process. However, it’s important to note that these executables require Node.js to be installed on your system in order to function properly.

Global NPM/Node.js executables

Have you ever come across a library that, upon global installation, offers a range of global commands?

nairihar.medium.com

Fortunately, there’s a new way in V20 to create a single executable file that doesn’t require Node.js to be installed on the system.

In the official documentation, you can see how to achieve that, but it’s important to note that this approach is currently an experimental feature, and there are some notable disadvantages.

As an example, a simple “HelloWorld” application can have a file size of 82 MB. In other languages, the single executable file size is much less than this.

Let’s not disregard Node.js because of that, as it’s an experimental feature and will be improved over time.

Summary

Today, we discussed three key features that were introduced in the 20th version of Node.js. Of course, there are many other changes and updates in the runtime that may not be as significant, but you can learn about them by referring to the documentation.

Thank you, feel free to ask any questions or tweet me @nairihar

Also follow my “JavaScript Universe” newsletter on Telegram: @javascript

How to Scale Node.js Socket Server with Nginx and Redis

Server scaling and distribution are among the most exciting topics in back-end development.

nairihar.medium.com

How to use Puppeteer in Heroku

After spending several hours updating the Puppeteer library and testing it in the Heroku environment, I wanted to share…

nairihar.medium.com

Nodejs
JavaScript
Programming
Engineering
Computer Science

--

--

nairihar

Written by nairihar

528 Followers

Sharing valuable insights on the latest tools and trends in JavaScript. nairi.dev

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams