Node.js Weekly Update - 16 June

Below you can find RisingStack's collection of the most important Node.js updates, projects, tutorials & Node related conferences from this week:

Two-Factor Authentication with Node.js

Passwords can be guessed, phone numbers can be spoofed, but using two-factor authentication essentially requires that user be in possession of a physical device with an app like Google Authenticator, loaded with a secret key for the given app, which provides an extra layer of security.

Node.js Two Factor Authentication Setup Step 1

Since I use 2FA so often, I wanted to see how the process is managed by a developer for its users. That would include generating the secret key, creating its QR code representation, scanning the code into Google Authenticator (done by the user), and then validating that GA-given code against the user's key. I found an easy to use Node.js library, speakeasy, to do so!

Habits of a Happy Node Hacker 2017

Here are 8 habits for happy Node hackers updated for 2017. They're specifically for app developers, rather than module authors, since those groups have different goals and constraints.

  1. Lock Down Your Dependency Tree
  2. Hook Things Up
  3. Modernize Your JavaScript
  4. Keep Your Promises
  5. Automate Your Code Formatting with Prettier
  6. Test Continuously
  7. Wear Your Helmet
  8. HTTPS all the things

Build a “Serverless” Twilio SMS + Call Forwarding Bot in 7 Minutes using Node.js + StdLib

Learn how you can build a Twilio Messaging Hub in only 7 Minutes with StdLib!

Node.js Stdlib Twilio

What You’ll Need Beforehand:

  • 1x Twilio Account
  • 1x Command Line Terminal
  • 7x Minutes (or 420x Seconds)

Survey: Node.js Developers Struggle with Debugging & Downtimes

In this article we summarize the insights we learned from our latest survey on developers problems with Node.js Debugging, Downtimes, Microservices & other pain-points.

Node.js Survey by RisingStack - Downtimes

Key Findings of the Node.js Survey:

  • 29,27% of Node.js developers experience downtimes in production systems at least once a week, 54,02% at least once a month.
  • 27,50% of Node developers responding to the survey never experience downtimes.
  • 42,82% of the respondents spend more than 2 hours a week with debugging their Node.js applications, including the 17,09% who spends more than 5 hours.
  • The developers building a microservices architecture with Node spend more time with debugging. The advantage of microservices + Node manifests in the form of fewer downtimes.

Free Webinar on Digital Transformation with Node.js

Interested in learning how Node.js can help streamline your digital processes and the latest trends with this application platform?

In this interactive online seminar, we’ll reveal how companies like Capital One, Slack, Skycatch, and NASA benefit from using Node.js, from enabling rapid data experimentation to building innovative experiences on connected devices.

In the live Q & A session, you will have the chance to ask questions about specific use cases and learn why Node.js is the platform of choice for building digital experiences.

Nodevember 2017 Tickets are available

Nodevember is a two-day conference touching on all aspects of Node and JavaScript. The conference includes seminars, workshops, tutorials, code sprints, and lightning talks.


The fourth annual conference will be held November 27th and 28th, 2017 in Nashville, TN.

Node Core Changes:

⬢ Node v8.1.1 (Current)

  • Child processes
  • stdout and stderr are now available on the error output of a failed call to the util.promisify()ed version of child_process.exec.
  • HTTP
  • A regression that broke certain scenarios in which HTTP is used together with the cluster module has been fixed.
  • The rejectUnauthorized option now works properly for unix sockets.
  • Readline
  • A change that broke npm init and other code which uses readline multiple times on the same input stream is reverted.

⬢ Node v8.1.2 (Current)

Fix broken process.release properties in 8.1.1 causing failure to compile native add-ons on platforms other than Windows. This is a fix in the Node.js build process so there are no additional code commits included on top of 8.1.1.

Node.js Related Conferences

Open CFP's

Upcoming Events

Source: The Node Foundation Newsletter

Vulnerable npm Packages Discovered:

Cross-Site Scripting (XSS)

Directory Traversal

Previously in the Node.js Weekly Update

In the previous Node.js Weekly Update we read about Node 8's util.promisify(), handling 100 gigabytes of data with MySQL & Node.js, understanding lock files in npm 5 and a comaprison of Node 6 & 8.

We help you to stay up-to-date with Node.js on a daily basis too. Check out our Node.js news page and its Twitter feed!