Node Foundation published an enterprise case study about Node.js usage at Capital One. The title “After Call For Innovation from C-Suite, Node.js Pops Up All Over Capital One” and you can download the full case study from nodejs.org.
I get this question very often: “What tools would you recommend for Node development?” Software engineers love to optimize and increase productivity instead of wasting their time. I bet you are one of them! Read on to find out the best Node tools for development.
IDEs/code editors
Libraries
GUI tools
CLI tools
IDEs/code editors
When it comes to your primary tool, the code editor, I recommend sticking with lighter and simpler editors like Atom or VS Code instead of full-blown IDEs like Webstorm. Of course an IDE will do more for you but this comes with a learning curve and the need to configure. Node is interpreted, thus there’s no need to compile it. The files are just plain text files with the .js extension.
Here’s my list of the best Node editors:
Atom: created and maintained by GitHub; uses Electron, HTML, JS and CSS under the hood which makes it very easy to customize or add functionality; allows to have Git and terminal support via packages. Price: free.
VS Code: a newer addition; uses similar to Atom web-based tech; was created from Azure’s Monaco editor; comes with debugging, smart autocomplete based on types, Git and terminal support. Price: free.
WebStorm: more of an IDE than an editor, developed by JetBrains and based on IntelliJ platform; has code assistance, debugging, testing, Git. Price: starts at $59/yr for individuals.
There are more options like Brackets, Sublime Text 3 and of course IDEs like Eclipse, Aptana Studio, NetBeans, Komodo IDE, and cloud-based like Cloud 9, Codenvy.
What to pick? Any of the three in the list is good choice. I have heard good things about VS Code and their smart autocomplete is a nice thing, but I didn’t find it a good enough reason for me to switch from Atom. So try VS Code and Atom and see which one you like more. Both of them offer a wide variety of packages and themes.
The most popular and useful libraries and project dependencies
Here’s the list of the most used and most popular modules which you would install as dependencies of your projects. Node developers use most of these modules (or alternatives) in almost all of their projects.
The libraries are listed with the npm names, so you can execute npm i {name} substituting {name} with the name of the package/module:
webpack: Builds static assets like browser JavaScript, CSS and even images. It allows to use node modules in the browser.
babel: Allows to code in the latest versions of JavaScript/ECMAScript without having to worry about your runtime by converting the new code to the code compatible with older versions of ECMAScript
async: Controls flow by running function concurrently, sequentially or any way you want
concurrently: Allows to execute CLI tools (local) as multiple processes all at the same time, e.g., webpack and node-static.
Note: Some of the libraries/tools listed above like webpack or mocha, can be installed globally instead of locally in your project folder. However, installing them globally is an old practice and currently is an anti-pattern because local installation allows developers to use multiple versions of the tool with different projects in addition to have these tools specified in package.json.
Of course there are a lot of different options in each category. For example, request and superagent are also extremely popular HTTP agent libraries. However, I don’t want to give too many options and confuse you with the differences, I listed only one tool (typically the one I use the most currently).
CLI tools (global)
Unlike the previous section, these tools are okay to install globally since most likely their version won’t affect or break your project.
node-dev: Monitor and restart your Node app automatically on any file change within the current folder
node-inspector: Debug Node code in a familiar interface of DevTools (now part of Node starting with v7)
docker: Build and run Docker containers to isolate app environment, speed up deployment and eliminate conflicts between dev and prod (or any other) environments
curl: Make HTTP(S) requests to test your web apps (default for POSIX but can get for Windows too)
nvm: Change Node versions without having to install and re-install them each time
wintersmith: Build static website using Node templates and Markdown
pm2: Process manager to vertically scale Node processes and ensure fail-tolerance and 0-time reload
GUI tools
A good share of Node developers prefer GUI (graphical user interface) tools at least for some of the tasks because these tools require less typing and have features which makes them more productive and the development easier and simpler.
Postman: HTTP client with ability to save requests and history, change formats (JSON, form, etc.) and do other things
MongoUI: Modify and inspect your MongoDB data in a web interface. You can host this web app on your server to enable the database management.
Chrome: DevTools is a great way to inspect your requests, network, traffic, CPU profiles and other developer related data which is very useful for debugging
iTerm, itermocil and zsh: A better alternative to a native macOS Terminal app which together with itermocil and zsh increases productivity greatly
When Bert presented his keynote at Node Interactive Europe 2016 on Event Loop, he started by saying that most of event loops diagrams are WRONG. I’m guilty of using one of them in my talks. :)
This is it. In it, event loop is spinning data back at clients like hot-cakes.
His diagram is closer to the real stuff. In it, event loop starts, works and then quits eventually (pun intended).
This post is on how to build beautiful APIs in Node.js. Great, and what is an API? The definition says Application Programming Interface, but what does it mean? It could mean on of the few things depending on the context:
Endpoints of a service service-oriented architecture (SOA)
Function signature
Class attribute and methods
The main idea is that an API is a form of a contract between two or more entities (objects, classes, concerns, etc.). Your main goal as a Node engineer is to build beautiful API so that developers who consume your module/class/service won’t be cursing and sending you hate IM and mail. The rest of your code can be ugly but the parts which are public (mean for usage by other programs, and developers) need to be conventional, extendable, simple to use and understand, and consistent.
Let’s see how to build beautiful APIs for which you can make sure other developer
Container technology is one of the best options for software development and deployment. It allows you to share some of the OS resources while encapsulating the code and other concerns. You can think of containers as virtual machines but with less footprint.
Containers are great for micro services where you replace monoliths with many services. Each of them works in isolation and communicates with other services via a well defined interface (typically REST).
Docker is one of the most popular implementations of containers. Docker’s What is Docker? page has a a neat comparison of containers with VMs. In a nutshell, VMs use hypervisor and each VM has it’s own OS while containers share OS and only separate libraries, bin, executables, etc.
In the previous post, we learned how to perform HTTP/2 server push in a Node server. We also covered the benefits of server push there so to avoid duplication we won’t list them here. We used spdy for server push and H2. But most of the times Node developers don’t work with core HTTP server, they use a framework like Express. So let’s see how we can implement server push in Express.
HTTP/2 is the new standard of the web. It has many great features which will make the web faster and simplify the development. For example, no need to concatenate files thanks to multiplexing, or a server push which can send files before a browser knows it need them.
This post won’t cover all advantages of HTTP/2. You can read about them online. No need to go into all the details and duplicate text here. Instead, we’ll focus on server push and implement it in Node.js using Express and the spdy library.
Last week was very fruitful on conferences. Luckily, there were all in the Bay Area so I didn’t have to travel. I spoke at NodeSummit and ForwardJS, and attended npmCamp. At all of them, I met old friends and made new ones. All of them were great but in different way.
NodeSummit 2016
NodeSummit started on Tuesday with Executive Roundtable which consisted of tech leads from major companies most of you’re familiar with like Netflix, Disney, Dictionary.com, New York Times, me representing Capital One and others totally 12 or so. It’s the first time Joyent put together this round table. It was interesting to hear how other people use Node.js, their pains and wins. Sorry, but I can’t tell you anything more because we all swore to secrecy and weren’t allowed to record anything.
The modern Internet with its TCP/IP protocol started around 1975 which is astonishing 41 years ago. For the most part of its existence, we used HTTP and it’s successor HTTP/1.1 (version 1.1) to communicate between clients and servers. It served the web well but the way developers build websites has dramatically changed. There are myriads of external resources, images, CSS files, JavaScript assets. The number of resources is only increasing.
HTTP2 is the first major upgrade to the good old HTTP protocol in over 15 years (first HTTP is circa 1991)! It is optimized for modern websites. The performance is better without complicated hacks like domain sharding (having multiple domains) or file concatenation (having one large file instead of many small ones).
There’s a better alternative to the ubiquitous JSON as the communication protocol of the web. It’s Protocol Buffers (protobuf). In a nutshell, protobuf offers a more dense format (faster processing) and provides data schemas (enforcement of structure and better compatibility with old code).
The purpose of this article is not to highlight why protobufs are better or sell you on the concept. There are many article online that’ll do it for you. The purpose of this article is to show you how you can get started with this format in the Node.js environment.
This essay was inspired by the Kyle Simpson’s series of books, You Don’t Know JavaScript. They are a good start with JavaScript fundamentals. Node is mostly JavaScript except for a few differences which I’ll highlight in this essay. The code is in the You Don’t Know Node GitHub repository under the code folder.
Why care about Node? Node is JavaScript and JavaScript is almost everywhere! What if the world can be a better place if more developers master Node? Better apps equals better life!
This is a kitchen sink of subjectively the most interesting core features. The key takeaways of this essay are:
Event loop: Brush-up on the core concept which enables non-blocking I/O
Global and process: How to access more info
Event emitters: Crash course in the event-based pattern
Streams and buffers: Effective way to work with data
Clusters: Fork processes like a pro
Handling async errors: AsyncWrap, Domain and uncaughtException
C++ addons: Contributing to the core and writing your own C++ addons
Event Loop
We can start with event loop which is at the core of Node.
It allows processing of other tasks while IO calls are in the process. Think Nginx vs. Apache. It allows Node to be very fast and efficient because blocking I/O is expensive!
Take look at this basic example of a delayed println function in Java:
Before we can get started with Node patterns, let’s touch on some of the main advantages and features of using Node. They’ll help us later to understand why we need to deal with certain problems.
Node Advantages and Features
Here are some of the main reasons people use Node:
JavaScript: Node runs on JavaScript so you can re-use your browser code, libraries and files.
Asynchronous + Event Driven: Node executes tasks concurrently with the use of asynchronous code and patterns, thanks to event loop.
Non-Blocking I/O: Node is extremely fast due to its non-blocking input/output architecture and Google Chrome V8 engine.
That’s all neat but async code is hard. Human brains just didn’t evolve to process things in an asynchronous manner where event loop schedules different pieces of logic in the future. Their order often is not the same order in which they were implemented.
My new book Full Stack JavaScript (my 4th traditionally-published book) comes with a series of screencast videos for better immersion in a wonderful and mesmerizing world of Node.js, Backbone and MongoDB. It’s a one thing to read through the text and another to follow up with dynamic videos which walk you through the book’s projects.
The videos and the source code are open source, meaning they are publicly available. Therefore, you don’t have to buy a book—you can just watch the 14 videos on YouTube (playlist) and go through the code on GitHub (repository).
Last week, I presented my talk at the inaugural Node Interactive ’15, in Portland, Oregon. It’s probably the largest Node.js conference in the world! My talk was on Node.js at Capital One. You might wonder: bank and Node.js? What they have in common? The best kept secret, which is not a secret at all is that Capital One, is moving into being a technology company with a focus on finance… not just a bank. It’s worth watching my talk if you’re are interested in hear about challenges of bringing innovation to a large company in a heavily regulated field.
Have you ever wanted to learn basics of Node.js and the most popular Node.js web framework Express.js? If you are experienced web developer or software engineer who wants to learn Node.js and build some servers along the way, then this self-study workshop is for you.
What is ExpressWorks? It’s an automated tool which allows to learn Express.js from the author of one of the best books on Express.js—Pro Express.js— with this workshop that will teach you basics of Express.js and building Node.js web apps (a.k.a. servers).
You will walk through adventures via command-line interface. Each adventure has a problem, hints, and the solutions.
I hated Jade as many other Node.js developes do. But I changed 180 after I realized that it has tons of features.
At Storify and DocuSign we used Jade for EVERYTHING. We used Jade even in the browser. There is a little trick called jade-browser. It was developed by folks at Storify. I maintained it for a bit.
The funny thing is that DocuSign team used jade-browser long before they met me. They swear they hired me without knowing that I was involved in that library. :-)
Anyway, after covering Jade and Handlebars in previous posts, it’s time to apply them to do some real work. In this post, I’ll cover:
When I started working at Storify as a Node.js Engineer. The tech stack was Express and Jade. I hate to admit it, but I struggled with Jade a lot!
Before, I mostly worked with Underscore, and Handlebars. I attempted to modify some HTML in the Jade templates. Other times I would only change the text. Those were trivial updates, but very often they cause the whole server to crash.
I was failing miserably to learn by trial and error. I hated Jade. I was starting to hate editing templates as well. Then I had a light bulb moment: I need a tutorial. I went to the official docs. I wish this article existed at that time. After spending just an hour learning Jade, I was able to use Jade and make all the changes to templates smoothly.
Smart people learn by their mistakes, and wise people learn from others. Don’t repeat my folly. Skim through this Jade tutorial to harness the power of this wonderful template language.
This text is part of my new book Pro Express.js: Master Express.js—The Node.js Framework For Your Web Development [Apress, 2014]. Security is important, that’s why I decided to publish this chapter on my blog. The book will be released very soon.
The set of tips in this chapter deals with security in Express.js applications. Security is often a neglected topic that is deferred until the last minute before the release. Obviously, this approach of treating security as an afterthought is prone to leaving holes for attackers. A better approach is to consider and implement security matters from the ground up. Continue reading “Express.js Security Tips”
Sails.js (GitHub) is a convention-over-configuration type of a framework. This means that it’s similar in philosophy to Ruby on Rails. Sails.js is a true MVC framework, unlike Express.js which relies on developers for adding ORMs like Mongoose. Sails.js uses the Waterline ORM.
Now our hand-picked registry of Node.js frameworks (NodeFrameworks.com) has GitHub statistics right on the website, so you don’t have to navigate back and forth when making a decision!
This is how it looks: each framework has a number (GitHub stars) next to its name. This serves as a social proof meaning the more people use the framework the more robust it is and the less bugs it has.
The buttons provided by the service called GitHub Buttons. The links to the frameworks’ GitHub, NPM, examples and other resources are hidden under the “i” icon.
Thank you Randson Oliveira for contributing and making pull requests!