Systems | Development | Analytics | API | Testing

Modern software systems are exposed to a constant stream of disclosed vulnerabilities. Thousands of new issues are published every year across operating systems, runtimes, libraries, and frameworks. Treating all of them as equally urgent is not realistic, and trying to do so often leads to ineffective security work. To manage this volume, the security community relies on two foundational mechanisms: CVE and CVSS.

If you've been writing anything more than "Hello world" programs, you are probably familiar with the concept of errors in programming. They are mistakes in your code, often referred to as "bugs", that cause a program to fail or behave unexpectedly. Unlike some languages, such as Go and Rust, where you are forced to interact with potential errors every step of the way, it's possible to get by without a coherent error handling strategy in JavaScript and Node.js.

Boosting the scalability of your backend applications often means rethinking how you manage asynchronous data. That’s where reactive programming comes into play: a paradigm that treats data streams as first-class citizens, allowing your code to respond to data changes as they occur. While Node.js wasn’t built with reactive programming in mind, libraries like RxJS and Bacon.js support that approach.

At NodeSource, we’re continuously enhancing N|Solid’s AI-powered optimization workflow, helping teams identify, validate, and implement performance improvements faster and more securely. Our latest release N|Solid 6.3.1, introduces GitHub PR and MCP (Model Context Protocol) Integrations, The Model Context Protocol (MCP) is an emerging standard that allows AI systems to communicate securely with external tools and repositories.

With the release of Node.js 24.11.0 “Krypton”, the Node.js 24 line has officially entered Long-Term Support (LTS) and will continue receiving maintenance and security updates through April 2028. This marks the beginning of a new stable era for production workloads, bringing developers enhanced security, stricter runtime behavior, and improved Web API support.

Express.js, one of the most widely used web frameworks in the Node.js ecosystem, is undergoing a major transformation. Once considered stable but stagnant, Express is now being revitalized with a clear governance model, a renewed focus on performance, and active collaboration from organizations like NodeSource.

JSConf North America 2025 brought together the brightest minds in the JavaScript ecosystem: from maintainers and contributors to companies driving innovation across runtimes, frameworks, and platforms. For NodeSource, this year’s event was especially meaningful, filled with major announcements, community recognition, and deep discussions about the future of JavaScript. Here are some of our biggest highlights from the week.

Imagine your Node.js app is like a super-fast sports car. The "loader" is its transmission — that crucial part that gets the engine's power to the wheels, making everything run smoothly. If that transmission starts acting up, your speedy app will just sputter and stop. So, it's simple: a good loader means your app flies, a bad one means it's stuck in neutral. In this post, we'll explore how to improve your Node.js app's performance with its loader. But first, what exactly is this loader thing?

We’re excited to announce that NodeSource has joined the OpenJS Foundation’s Ecosystem Sustainability Program (ESP), a strategic partnership designed to sustain the health and reliability of the JavaScript ecosystem. Through the ESP, NodeSource will help provide security support for organizations running older, unsupported versions of Node.js, giving teams more time and flexibility to transition to newer releases while maintaining a secure posture.

Node.js 22 has entered into Long-Term Support (LTS) phase, a critical milestone that signals its stability and readiness for enterprise-level deployment. This release represents a significant push toward dependency elimination, core performance optimization, and enhanced developer experience.