Node.js Weekly Update - 17 Feb, 2017

Read the most important Node.js weekly news & updates: Node.js testing & TDD, Heroku Production-ready checklist, Hacking Node Serialize, Native shared objects, and more..

Stay up-to-date on a daily basis too. Check out our Node.js news page and its Twitter feed!

The 6 best Node.js materials of this Week:

○ Getting Node.js Testing and TDD Right

Would you like to work on code that's not tested properly? If not, read this guide on getting testing and TDD (test-driven development) right.

Making changes to a large codebase and making sure it works is a huge deal in software development. We've already talked about a few great features of Node.js testing before, and it is very important to emphasize how crucial it is to have your code tested before you release it to your users.

○ Using Heroku with Node.js: Production-Ready Application Checklist

These best practices will save you from false alarms waking you up in the nights as well as provide a consistent user experience for your users.

You are going to learn how to deploy applications to production, how to do proper logging and monitoring, and how to debug effectively.

○ Hacking Node Serialize - remote Code Execution Done Nicely

Several days ago I noticed a blog post on the opsecx blog talking about exploiting a RCE (Remote Code Execution) bug in a nodejs module called node-serialize. The blog post explains pretty clearly what's wrong with the module in question but one thing that strikes me is how complex the exploitation process was with Burp. No offence to Burp - it is a great tool - but I think we can do better.

○ [free, 30 page long e-book] Building with Node.js

Everything you need to build and scale up a Node app properly.

Here is what you will learn in this book:

  • Advanced Project Structuring
  • Writing Clean JavaScript Code
  • Async tools and Best Practices
  • Event Sourcing and CQRS

○ How NodeJS requires native shared objects

Recently, I faced an issue with requiring native bindings in JavaScript code so I started researching it. If you ever used commands like require(‘my_module.node’) but don’t know how they work from JavaScript perspective - this article is for you.

○ Tracking Issue: Migrate errors to internal/errors.js

For those looking for a Good First Contribution to Node.js, this makes an excellent starting point.

Previously in the Node.js Weekly Update

In the previous Node.js Weekly Update we read fantastic articles about dismissing garbage collection, exploiting Node.js deserialization, building microservices with Hydra, building a microblog and many more..