A Node.js 10.0.0 Release Summary

Today, the Node.js core team is proud to release version 10.0.0 of the Node runtime. The Node.js project makes various releases year round which include minor improvements, bug fixes, and new features. Twice per year, in April and October, the project cuts a new major release. Each major release is the culmination of six months of code changes, some of which may break compatibility with previous versions. This release process is captured in the following image.

Node.js Release Schedule

The image shows several things:

  • Node 10.x does not enter Long Term Support (LTS) until October. The six month period between initial release and entering LTS gives Node 10.x the opportunity to attain the stability required for LTS. Once it enters LTS, Node 10.x will be codenamed Dubnium. This follows Node's existing convention of giving each LTS release line a codename based on the periodic table of elements. As the fourth LTS release line, the name Dubnium was selected from the pool of elements whose name begins with a D. Node 10.x will receive 18 months of Active LTS support, followed by a 12 month Maintenance period before reaching its end-of-life in April 2021.
  • In a few months, Node 9.x will reach its end-of-life. Odd-numbered releases never enter LTS. If you are currently using Node 9.x, consider moving to Node 8.x for increased stability, or Node 10.x if you're looking for the latest and greatest.
  • Node 8.x (Carbon) continues as the only Active LTS release line. Most users should be targeting 8.x due to its commitment to stability, and compelling list of features compared to 6.x. You can read more about the Node.js 8 LTS release line in Wyatt Preul's blog post.
  • Node 6.x (Boron) is transitioning from Active LTS to Maintenance. This means that Node 6.x will only receive the most critical bug fixes and security updates until its end-of-life in April 2019. Node 6.x is still a viable option, but you should really be looking to Node 8.x.
  • Node 4.x (Argon) is reaching its end-of-life. This means that Node 4.x will not receive any additional updates. If you are using Node 4.x or an older release line, you should take the time to update immediately.

What to expect

Before looking at Node 10.0.0 in detail, it's important to set some expectations:

Major releases of Node.js are generally uninteresting.

If major releases contain all of the breaking changes, how can they possibly be boring? The answer to this question has several components.

  • New APIs, new language features, and V8 updates typically generate the most excitement among developers. With the exception of backward incompatible V8 updates, these are usually classified as semver minor changes, or feature additions. Since semver minor releases are made on an ongoing basis, the "exciting" changes don't need to wait for a new major release line.

  • The project tries really hard not to break existing code. When breaking changes are made, they are typically not very drastic. Instead, they focus on small, incremental improvements that just happen to be backward incompatible. The bulk of these changes involve the deprecation or removal of legacy APIs. Furthermore, before an API is removed, the core team attempts to gauge ecosystem usage and impact. If a particular API is widely used, it may not be removed.

Who should run Node 10.x

Now that it is available, the 10.x release line will receive all non-breaking changes that land in the master branch until Node 11.0.0 is released in October. While it is expected that no breaking changes will be introduced in Node 10.x, history has shown that there will likely be some accidental breakage. Until it transitions to LTS in October, Node 10.x does not come with the same stability guarantees as an existing LTS release line.

If you (or your company) can safely exist closer to the bleeding edge, tolerate possible unexpected breakage, and can easily switch between Node.js versions, then Node.js 10.x is a viable option for you now.

If you are running Node.js in mission-critical areas, require the utmost level of stability, or cannot easily move between Node.js versions, then Node.js 10.x is not a viable option for you at this time. If you fall into this category, you absolutely should be running an LTS release.

Release breakdown

This section lists some of the notable changes in Node.js 10.0.0. Some of the items in this list arrived very recently in Node 9.x, but warrant mentioning here.

  • Several of Node's biggest dependencies have been updated. This includes V8 6.6, libuv 1.20.2, OpenSSL 1.1.0h and c-ares 1.14.0. These specific dependencies represent the JavaScript engine, asynchronous I/O library, crypto library, and DNS library used by Node.js.
  • The Buffer() constructor is being deprecated when called outside of a node_modules directory. Certain uses of the Buffer() constructor are considered security risks. The constructor has been deprecated in the documentation for several years. However, its widespread use, and the deeply nested nature of Node.js application dependency trees has made displaying a runtime deprecation message impractical. Node 10.0.0 attempts to discourage use of the Buffer() constructor in new code by displaying a deprecation message if the call comes from an application, but not a dependency in a node_modules directory.
  • N-API is no longer considered experimental. The goal of N-API is to provide API and ABI stability for compiled addons across Node.js versions. In addition to being considered a stable feature, N-API will now be available on all supported release lines. This represents a huge amount of forward progress for Node's compiled addon story.
  • The Node.js core codebase is slowly migrating to a new error system. The goal of this migration is to associate a unique code with all errors thrown by Node. This will allow error messages to be changed without being considered breaking changes. It will also make user code more robust by not relying on error messages.
  • util.types has been introduced. It is an object that provides a number of type checking functions. These functions are significant because they execute at the C++ level, where JavaScript type checking can be done much more reliably.
  • Copy-on-write flags have been added to fs.copyFile(). The original goal of fs.copyFile() was to provide a file copy mechanism that was cross-platform, but with better performance than a JavaScript implementation. These flags take that goal one step further by avoiding a copy operation unless the file is modified.
  • Top level await in the REPL is available behind a flag. This makes await significantly easier to use in the REPL because an async function wrapper is not necessary.
  • Both the API documentation and test suite receive a constant stream of improvements. While these changes are not directly reflected in the node binary, they are critical to the success of Node.js, and make up the bulk of every release. For those reasons, they are included in this list. And, in case you were curious, Node.js core currently has approximately 94% and 92% code coverage in the JavaScript and C++ layers, respectively.

Conclusion

This post has explored the Node.js 10.0.0 release at a high level. It also detailed who is a prospective user of Node.js 10.0.0, and who should be using an existing LTS release line instead. If anything in this post is unclear, please reach out. Joyent offers comprehensive Node.js support and would love to help you succeed.



Post written by Colin J. Ihrig