Node.js 8 brings sanity to native module dependencies
In addition to runtime, URL parsing, and buffer improvements, the new release promises to preserve native module dependencies across upgrades.
On the module dependencies front, Node.js 8.0.0, released today by the Node.js Foundation, introduces the Node.js API, or N-API, albeit still behind an experimental flag. The N-API is designed to eliminate the breakage of dependencies on native modules that happens between release lines.
In the buffer realm, the zero-filling buffer and a new buffer are added by default. “The benefit of the zero-filling buffer helps with security and privacy to prevent information leaks,” the foundation said. “However, the downside with this buffer is that folks using it will take performance hits, but this can be avoided by migrating to buffer.allocUnsafe().” Developers should use this function only if they are aware of risks and have the know-how to avoid these problems.
With the Node 8 release, the WHATWG URL parser moves from an experimental stage to being fully supported. The URL implementation and API in WHATWG matches what is available in browsers such as Chrome, Firefox, Edge, and Safari, enabling the sharing of code using URLs across these different environments.
Node 8 replaces Node 7 in the current release line and will become the Long Term Support release in October. The LTS line is focused on stability and security and is recommended for enterprise deployments.