Node Weekly·10wNode Weekly Issue 610: February 5, 2026
This newsletter covers explicit resource management in JavaScript using the `using` keyword for deterministic cleanup, a postmortem of JSBin's 3-day outage caused by traffic spikes on an outdated Node 7 runtime, and highlights libraries for one-time password authentication (HOTP/TOTP) and simplified FFmpeg video operations. Also includes updates to the 'ora' terminal spinner library and Node bindings for FFmpeg's C APIs.
Game Developers·9wBirdMMO!
A developer built a multiplayer bird photography MMO in 2 days using AI-assisted development with Three.js and Socket.io. The game features 30 biomes, day/night cycles, an achievement system, and collection mechanics. The project demonstrates rapid prototyping capabilities with modern web technologies and AI coding assistance.
JS Development·9wThe Day I Learned Node.js “Timeouts” Don’t Mean What I Thought They Meant
Node.js has multiple timeout layers that must be configured correctly to prevent hanging requests. Setting only `server.setTimeout()` is insufficient because it primarily handles idle socket activity, not stuck outbound requests. A proper solution requires three layers: request-level timeouts using `AbortController` for outbound calls, server-level `headersTimeout` and `requestTimeout` for slow clients, and per-request hard timeouts as a safety net. Without proper timeout enforcement at each layer, services can accumulate open connections and gradually stop responding under load, even without crashes or obvious errors.
Web Nepal·9wServerCN, Backend Component Registry
ServerCN is an open-source component registry for Node.js backends that simplifies adding common features like OAuth (GitHub, Google), file uploads (Cloudinary, ImageKit), and email services to TypeScript projects through CLI commands. Inspired by shadcn/ui, it allows developers to add pre-built backend components directly into their codebase. The project is currently under development with commands not yet functional.
Cloudflare·7wWe deserve a better streams API for JavaScript
A deep technical critique of the WHATWG Web Streams API by a Cloudflare/Node.js core contributor, arguing that its fundamental design choices — reader/writer locking, BYOB complexity, advisory backpressure, promise-heavy internals, and push-oriented TransformStreams — create serious usability and performance problems that cannot be fixed incrementally. The post presents a proof-of-concept alternative API built around async iterables as the core primitive, pull-based lazy evaluation, explicit backpressure policies, batched chunk delivery (Uint8Array[]), and synchronous fast paths. Benchmarks show the alternative running 3x–120x faster than Web streams across Node.js, Deno, Bun, Cloudflare Workers, and Chrome, with gains attributed entirely to design choices rather than implementation optimizations. The author frames this as a starting point for community discussion about what a modern streaming standard could look like.
Node.js·7wNode.js — Node.js 25.7.0 (Current)
Node.js 25.7.0 has been released with several notable changes: HTTP/2 gains an `http1Options` parameter for HTTP/1 fallback configuration, Single Executable Applications (SEA) now support ESM entry points, the built-in SQLite module is marked as a release candidate, `Duplex.toWeb()` type option is renamed to `readableType`, and the test runner now shows interrupted tests on SIGINT. Additional fixes include HTTP keep-alive socket reuse race conditions, FileHandle leaks in HTTP/2 and REPL, zstd memory tracking improvements, brotli compression dictionary support in zlib, and a new `throwIfNoEntry` option for `fs.stat`. npm is upgraded to 11.10.1.
Architecture Weekly·8wHow I cheated on transactions
Building a multi-database driver library (Dumbo) for Node.js revealed tradeoffs when supporting Cloudflare D1, which exposes databases via HTTP API and doesn't support traditional transactions. The solution uses D1's session-based repeatable reads and SQL batches to mimic transaction behavior, requiring explicit opt-in and accepting limitations like inability to rollback across multiple statements. This approach prioritizes API safety by making users acknowledge non-standard behavior while enabling practical use cases in event sourcing and document operations.
Bun·9wBun v1.3.9
Bun v1.3.9 introduces parallel and sequential script execution with `--parallel` and `--sequential` flags, supporting workspace filtering and Foreman-style output. Testing improvements include `Symbol.dispose` support for automatic mock cleanup. Performance enhancements include SIMD-accelerated RegExp matching, faster string operations (trim, startsWith), optimized Markdown rendering, and ESM bytecode compilation support. HTTP/2 connection upgrades via net.Server now work correctly. Bug fixes address ARM64 crashes, Windows filesystem operations, WebSocket stability, and HTTP proxy keep-alive issues.
Socket·8wSocket Joins the OpenJS Foundation
Socket, a JavaScript supply chain security company, has joined the OpenJS Foundation as a Silver Member. The company highlights its deep roots in the JavaScript open source community, noting that its engineers collectively maintain packages accounting for roughly 10% of all npm downloads. The membership reinforces Socket's commitment to improving security and governance of the JavaScript ecosystem, with goals around making the open source supply chain safer and more resilient.
Tigris·9wA terminal user's next interface to object storage
Tigris released a new CLI tool for managing object storage from the terminal. Installed via npm, it follows UNIX philosophy with intuitive commands like `tigris cp` and `tigris ls`. The tool uses a spec-driven design approach with a `DOMAIN OPERATION ARGUMENT` pattern, making it simpler than AWS S3 CLI equivalents. It supports cross-platform usage, includes a `t3://` URL scheme for Tigris objects, and is designed to be discoverable for both humans and AI assistants.
Collections·9wESLint 10.0.0: A New Era of Configuration and Language Support
ESLint 10.0.0 mandates flat configuration files, removing support for legacy eslintrc formats entirely. The release requires Node.js v20.19.0+, adds built-in TypeScript definitions for Espree and ESLint Scope, improves JSX reference tracking for React projects, and enhances RuleTester with assertion options. Migration is mandatory with no opt-out for deprecated patterns including .eslintrc, .eslintignore, and eslint-env comments.
Vercel·8wWe Ralph Wiggumed WebStreams to make them 10x faster
Vercel profiled Next.js server rendering and found that WHATWG WebStreams (ReadableStream, WritableStream, TransformStream) were a major bottleneck due to per-chunk Promise allocations, microtask queue hops, and object overhead. They built `fast-webstreams`, a drop-in replacement that routes operations through Node.js's optimized `pipeline()` internally. Key optimizations include: zero-Promise piping by deferring pipeline construction until the full chain is known, synchronous resolution when data is already buffered, and a minimal `LiteReadable` for byte streams. Benchmarks show 10-14x throughput gains for common patterns—630 MB/s native vs ~6,200 MB/s for pipeThrough chains, and 110 MB/s vs 1,600 MB/s for the React Flight byte stream pattern. The library passes 1,100 of 1,116 Web Platform Tests. The work is also being contributed upstream to Node.js via a PR from Matteo Collina that adds fast paths directly to Node's native WebStreams implementation.
CodeHead·8wLearn Backend Development in 5 minutes (NO PRIOR KNOWLEDGE)
A beginner-friendly overview of backend development fundamentals covering language selection (Python, Node.js, Java/Spring Boot), HTTP methods and status codes, web frameworks, SQL vs NoSQL databases, authentication vs authorization, REST APIs, and basic security practices like environment variables and input validation.
Tigris·7wFrom npm to a Single Binary: Adopting Bun for the Tigris CLI
The Tigris team migrated their TypeScript CLI from Node.js/npm distribution to a Bun-compiled standalone binary. The migration required creating a parallel entry point to handle Bun's static bundling constraints (replacing dynamic YAML imports and lazy-loaded command handlers with auto-generated static equivalents), while keeping the npm distribution intact. Benchmarks on an Apple M4 Max showed Bun is 20–48% faster for uploads across all file sizes and 2–3x faster for downloads under ~100 MB, but Node.js handles very large downloads (180 MB+) more efficiently due to Bun's aggressive memory buffering. The result is a 60 MB self-contained binary for macOS, Linux, and Windows with no Node.js dependency required.
Halodoc·8wAngular 20 Migration: SSR Challenges & Resolutions with Vite, ESM, and Express 5
A real-world account of migrating Halodoc's Angular SSR monolith to Angular 20, covering 12 specific challenges and their resolutions. Key changes include: switching from Webpack to Vite+esbuild (56% faster builds), migrating from CommonJS to ESM (.mjs output), replacing CommonEngine with AngularNodeAppEngine, upgrading from Express 4 to Express 5 with new route syntax, upgrading RxJS to 7.8+, enforcing strict package exports, fixing TypeScript catch block strictness, handling CSP nonce injection, and managing Prometheus singleton registration. Includes a migration checklist and before/after architecture comparisons.