Node.js 18 is available now! It adds multiple key features of enterprise and small- to medium-sized enterprises including increased security support, the Fetch API, and it is part of delivering on the larger Next-10 strategic initiative within Node.js that is pushing forward key priorities including modernizing HTTP and keeping Node.js on the forefront of web development.
As part of increased security support, Node.js has been announced as the first pilot open source community to be supported by OpenSSF’s Alpha-Omega Project. Alpha-Omega is committing $300k to bolster the Node.js security team and vulnerability remediation efforts through the rest of 2022, with a focus on supporting better open source security standards and practices.
“The Node.js team continues to do fantastic work. The open governance structure for Node.js has led to tangible improvements in security and forward-thinking planning, and the main features of Node.js 18 will be highly valuable to enterprises of all sizes,” said Robin Ginn, OpenJS Foundation executive director. “Whether you’re a new user or already have Node.js broadly implemented, now’s a good time to install and test Node.js 18.”
Following its long-established release schedule, Node.js 18 is a Current release, which means it’s the right time for testing by enterprises, before being suitable for production usage when it is promoted to long-term support (LTS) in October 2022.
“The Node.js project contributors and collaborators continue to do an excellent job, and I want to thank them all. We continue to improve and grow, and I believe Node.js is a real open source success story,” said Bethany Griggs, Node.js Technical Steering Committee member, and Senior Software Engineer at Red Hat. “As always, current releases, like Node.js 18, are the perfect time to test in your own unique development environment. If you’re a Node.js user, please try out Node.js 18 and give us feedback. Your feedback directly contributes to our ability to move new features into stable releases more quickly.”
For comprehensive information on specific Node.js features, see the Node.js team release announcement written by the Node.js project contributors: LINK
There are three key reasons to evaluate and upgrade to Node.js 18: Security, APIs, Future Planning.
This is the first version that will be later promoted to LTS with OpenSSL 3.0. OpenSSL 3.0 is a major new stable version of the popular and widely used cryptography library. OpenSSL contains an open-source implementation of the SSL and TLS protocols, which provide the ability to secure communications across networks. Among other key features, OpenSSL 3.0 contains a FIPS Module that has been submitted for validation. The Federal Information Processing Standards (FIPS) are a set of requirements enforced by the US government which govern cryptographic usage in the public sector. This is a key step forward in the cryptographic support in Node.js.
The Node.js project follows a well planned security release process, with regular outbound communications and more. In the last year, Node.js has formalized rotations around security. The commitment to take slots in the security release steward rotation is made by companies in order to ensure individuals who act as security stewards have the support and recognition from their employer to be able to prioritize security releases.
“Node.js 18 will enable the Fetch API as a default. It’s been available since Node.js 17, but this moves forward Node.js application development, and it’s exciting to be a part of the process of improving Node.js in key fundamental areas,” said Michaël Zasso, Scientific research software engineer and co-founder at Zakodium, member of the Node.js Technical Steering Committee. “I would like to thank multiple team members and contributors, and in particular I would like to thank users who push us and support us. Thank you!”
XMLHttpRequest has been used by web developers enabling ajax and a whole new kind of interactive exposure. However, it has been slowly succeeded by Fetch API. Fetch API is Promise based, providing a cleaner and more concise syntax.
The Next-10 effort has elevated technical priorities which have led to discussions around modernizing http. The purpose of the Next-10 project is to work collaboratively on the strategic directions for the next 10 years of Node.js. Fetch API is one direct result of this process. The full Next-10 repository is available here: https://github.com/nodejs/next-10
Node.js Training and Certification
The OpenJS Node.js Services Developer (JSNSD) and OpenJS Node.js Application Developer (JSNAD) certifications are available now. Node.js training courses are available to help you prepare for the exams: Node.js Application Development (LFW211) and the Node.js Services Development (LFW212). Discounts are available to members!
Click here to learn more about how you could be a part of the OpenJS Foundation, and view these additional resources:
- OpenJS Certification Program
- OpenJS Latest News and Blogs
- Open JS Slack Workspace
- OpenJS World is June 6–10, 2022!
About OpenJS Foundation
About Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 1000 members and is the world’s leading home for collaboration on open source software, open standards, and open hardware. Linux Foundation projects like Linux, Kubernetes, Node.js, and more are considered critical to developing the world’s most important infrastructure. Its development methodology leverages established best practices and addresses the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit their website.