Node.js Weekly Update - 20 Jan, 2017

Read the most important Node.js weekly news & updates:

Finding Node.js performance optimization killers, using serverless with Node & StdLib, Async best practices, writing JavaScript packages for the browser & Node, preventing ReDos attacks, and Node.js at eBay.

Also, if you'd like to stay up-to-date on a daily basis, I recommend to check out our hand-curated Node.js news page and its Twitter feed!

The 6 must-read Node.js articles/projects of this Week:

○ How to find Node.js Performance Optimization Killers

This post analizes what the "dynamic performance optimization" of Node.js means, and shows you methods for detecting the optimized parts of a code.

After reading this article, you should be able to:

  • Detect if a function is optimized by the JavaScript engine (V8)
  • Detect if an optimized function is de-optimized
  • Detect why a function cannot be optimized

○ Using “Server-less” Architecture to Massively Parallelize DNA Sequence Alignment via StdLib and Node.js

There’s a new flavor of the day in software development, so-called “server-less”, or Function as a Service (FaaS) architecture — and for good reason. It represents the fantastic promise of indefinite scalability without having to manage servers. You can simply write code, ship it, and never worry about the context in which your code is executing or the resources it’s consuming.

This article shows you the power of FaaS, and how polybit uses this new, scalable, distributed architecture to build StdLib: The Function as a Service Software Library.

○ Node.js Async Best Practices & Avoiding Callback Hell

This post covers what tools and techniques you have at your disposal when handling Node.js asynchronous operations.

You can also learn how to avoid the despised callback hell !

○ How to write a JavaScript package for both Node and the browser

Let’s say you have a JavaScript module that you want to publish to npm, available both for Node and for the browser. But there’s a catch! This particular module has a slightly different implementation for the Node version compared to the browser version.

This situation comes up fairly frequently, since there are lots of tiny environment differences between Node and the browser.

This article helps to do this trickly implementation correctly, especially if you’re trying to optimize for the smallest possible browser bundle.

○ Regular Expression Denial of Service and Catastrophic Backtracking

In this post, Snyk Security explains what a regular expression denial of service is and how to prevent them from happening.

The level of danger when it comes to regular expressions and security is quite high. ReDoS attacks can bring an application to a grinding halt.

This is especially true in the world of Node.js where the event loop only amplifies the impact of catastrophic backtracking.

○ Node.js for the Real World

In this article, the engineers of (Ebay) share some of their recent learnings and approaches running Node.js in production, specifically when developing the new homepage.

Here at we’ve been busy refactoring monolithic legacy applications into a landscape of microservice-oriented architectures.

As we believe in concepts like the single responsibility principle and separation of concerns, we think Node.js as back-end for the user-interface layer is a perfect usecase.

Previously in the Node.js Weekly Update

In the previous Node.js Weekly Update we read fantastic articles about Computer vision with OpenCV, MongoDB & the importance of secure defaults, the state of package managers, transpiling ES5 code to ES6, npm security and many more..