Snyk joins the Node.js Foundation

The newest member of the Node.js Foundation is a security company called Snyk. They fix and monitor known vulnerabilities in Node.js and Ruby on Rails projects. As a company that contributes greatly to the Node.js module ecosystem, its addition as a Foundation Silver member roster is a great step forward for the Node community.

Snyk provides tools to catch various problems in your code, problems that can put entire projects at risk. Although open source is a great way to share code and improve things, it can also lead to issues if the code hasn’t been vetted, or at least create a high risk because of the many dependencies used today. Snyk give the tools necessary to monitor your Node packages and fix any issues you might encounter. Basically, a great company to align with the goals of the Node.js Foundation, to grow node.js as a technology.

As the end of the year draws near, it’s also a right time to look at all the things that the Foundation accomplished, not just this year, but since its inception. It’s been barely a year and a half since the Foundation was founded and Snyk’s addition is just one of many other accomplishments.

Its role was to accelerate the development of node.js and support the growing ecosystem through a managing system resembling open source, marked by transparence and community sharing. Membership of the Foundation grew by 30%, a staggering figure if you take into account the timeline, its members being both large corporation and also smaller ventures like Snyk.

Node.js has truly exploded these past couple of years and the Foundation’s evolution not only matches that trend, but also contributed to it. The number of new contributors doubled compared to 2015 which is fabulous and critical to sustain and grow any open source project.

The Node Foundation also launched, during the second Node.js Interactive North America, its second user survey. You can complete it here, it will remain open until the end of the month. This survey it’s a bit more complex than the last one, offering more information on how developers learn node.js, what are they using it for and how do they mix and match it with other technologies.



The rise of Node.js in popularity, jobs and company usage

The rise of Node.js in popularity, jobs and company usage

Node is very young, yet it has huge momentum,  because of its characteristics and because of, well, let’s just call it the boost of JavaScript. As server-side JavaScript, Node is very accessible to those who already know JavaScript (and there are plenty of people there) and practical for companies who can work in just one language for development. But let’s not just brag, like the saying goes – put your money where your mouth is, or in this case, the numbers.

Google Trends for popularity

Google Trends shows the search traffic over time for certain terms. By following this graph you can get a good picture on how relevant and popular a certain term/trend is.

The overall trend is positive, no surprise there, but as Node is reaching a more mature stage in its life, it’s also beginning to stabilize. Google trends is a useful resource to check out actual data regarding trend popularity. (the small decrease at the end of the graph is represents the month of July, that is still being processed). It offers a lot of useful data, including a region based graph.

As you can see there is a lot (a lot!) of interest in node.js in Asia, mostly in India and South Korea.  The first three cities are all big IT hubs, Bangalore is actually dubbed the Silicon Valley of India while the next two cities are in the original Silicon Valley.

Indeed for jobs

Most of you, or probably all of you know about indeed, a huge (by size and popularity) job search engine. If you ever hunted for a job you most likely also used Indeed. Well, besides job posts, Indeed also has a trends section where you can see how certain job terms evolve over time.

We took Ruby on Rails as a competitor because it’s in the same ballpark with node when it comes to age, it’s also a relatively young language, they’re only 4 years apart. Also, both Node and Ruby on Rails have a strong relationship with other large and dominant programming languages, JavaScript for the former and Ruby for the latter.

Companies and startups for usage

There are quite a few big names. Big companies that adopted Node in the detriment of other more established programming languages, like Java for Paypal and Netflix, we wrote about both of them, here on our blog. Here are a few big brands that use Node.js.


Check out our site to see more companies and startups that use Node.js.



Node.js V7 Beta

Node.js 7 is in Beta, boosting more performance, memory improvement, module safety and virtual machine agnosticism. It also features the V8, version 5.4 JavaScript engine, a version that “delivers a number of key improvements in memory footprint and startup speed,” with peak memory consumption of on-heap memory reduced by up to 40%.  Another great improvement is the increase of support of ECMAScript 6 language features which it’s up to 98%, an amazing rise from the 56% in version 5.

“In Node.js v6, which will become the active Long Term Support release in October 2016, there were a number of regressions caused by a file system API that were intended to benefit performance, but hurt modules. Node.js v7 is working to fix these issues while remaining performant.”

Mikeal Rogers, Node.js community manager

A big change is Canary in the Gold mine, this technology will help maintain Node modules during updates in node versions by pulling down modules from npm and testing them to see if they fail in Node.js updates.

“The key focus for V7 was make sure modules in the ecosystem are keeping up with Node Core”

Rod Vagg, chairperson for the Node.js Technical Steering Committee

This method will give a lot of useful information to the team in regards to modules and updates. V7 will also support the Chakra JavaScript engine, although the V8 will still be the default engine. The goal here is to get Node.js an agnostic state in regards to VM. 

This beta release is the first one since the merger between io.js and Node.js, the moment Node reunited all of its resources and people under one roof. There will be several betas before the final and official V7 release, to smooth out any issues that may come up.

Node.js V8 is to be released in the spring, sometime in April 2017.



5 Node.js frameworks you should look at

Node.js is a runtime environment that has the tools and capabilities to build server oriented apps rapidly and in JavaScript.  It works with Mac, Linux and Windows. It has an amazing package manager with over 200 thousand modules that you can use right now. It’s popularity is shown in pure numbers, it has been downloaded more than 90 million times. And beyond this, it also has quite a few handy frameworks that make it easier to work with. Here are a few of them that you might want to try out.


This is a full stack frameworks that helps you create desktop and mobile apps with reusable components. It has built in templating system, a storage agnostic resource-oriented object to document mapper for building data models and many other features. Check out more about it on their Github page.


Yes, there is a framework even with this name. It’s a pretty small framework for building APIs mostly. It’s open source so you can tweak it and add on. With Diet you can create multiple hosts, and build clean APIs and URLs. Get it here.


This framework is similar to Rails, as in it provides things like authentication modules, SocketIO  and Passport.js integrations, that give you a very flexible environment for building secure apps with very little code. This is a more visible framework than the first two i mentioned, so you can find different opinion pieces on it. You can also just try it yourself.


The core of Rhapsody is supported by Express  and it’s useful for creating RESTful APIs for models. Among its features we have support for sockets and middleware. It also have other goodies that you can check out while trying out in a real coding environment. You can also choose what database and  template engine. you want to use.


Derby helps you create complex web application without having to write complicated code. It’s fully compliant with all search engine requirements so you can tap the organic traffic opportunity more easily.  It has quite a few learning resources so you can get a grip on it pretty easily. Have a look at it here!

Share your favorite Node.js framework in the comment section. We’d love to hear what you’re using and how’s it working out!



Yarn, new open source package manager

Yarn is a new package manager recently open sourced by Facebook, created by a team of developers from Facebook with additional help from engineers from Google, Exponent and Tilde. Just to be clear, this is not a Facebook projects, it’s an open source, community project. It has a standard open source license, the same governance model as Ember or Rust and its own Github organization. You can also check out its website.

It’s compatible with the npm registry, replacing the existing workflow with something faster, more safe and more reliable.

What’s wrong with npm?

5 million engineers use the npm registry, adding up to about 5 billion downloads every month. It works well for all of them, but when you take into account the size of the codebase at Facebook and the number of engineers working together you start to have issues. The problems encountered were related to consistency, performance and security. Many facebook projects depend on the npm registry, but when installing dependencies on different machines they often encountered consistency issues. Fixing one problem in once place, created other problems somewhere else.

Trying to keep solving every issue as it came up turned out to be unproductive so they moved to build something new and suitable to their needs. The problems wasn’t necessarily npm, but the incompatibility between the workflow at Facebook and npm. Hacking around npm’s limitation wasn’t enough or practical for that matter.

Building Yarn

Yarn came as a direct response to the problems they encountered. Instead of keep trying to fix issues and invest in short term solutions they decided to build a new client that would meet their needs. As development began they realized that they were not the only ones facing the same issues, it became apparent that a new solution could help the whole community. That’s how Yarn came to be. With it you can access the npm registry but in a more secure and consistent environment.

Try out Yarn

npm install -g yarn


The yarn CLI will replace npm in your development workflow with a matching command or a new similar command:

  • npm install → yarn. The yarn command will read your package.json, fetch packages from the npm registry, and populate your node_modules folder. It’s basically the same to running npm install.

  • npm install –save → yarn add . The invisible dependency behavior of npm install is removed and split the command. Running yarn add is equivalent to running npm install –save .



Node and NASA

If you’ve been following our blog you must have seen a few profile articles that we did on several big names that are using node.js in production. We’re talking about PayPal, Netflix, Uber, GoDaddy and there will be more to come. Big companies changing their tech stack to include Node is a big deal as well as startups that work from the ground up using Node or create node frameworks (see Thorin.js). This makes more people be interested and more importantly, be confident in node.js as a main technology. But how about this?

FIY: Collin Estes is the Director of Software Engineering @NASA. And yes, this means that NASA – National Aeronautics and Space Administration, the people who send people into outer space are using node.js.

Node’s journey at Nasa actually began in 2013 when a malfunction in one of spacesuits led to a complete reevaluation, one that wasn’t so easy as the data they had on the spacesuits, maintenance and previous spacewalks was spread out. Collecting the data necessary to figure out what went wrong turned out to be quite a difficult task. Considering they had to know what happened, as fast as possible, this presented another kind of system data problem.

The aforementioned Collin Estes is the Chief Architect at Mathematical Research Institute Technologies, (MRI Technologies). He and his team, together with the company that makes the spacesuits, United Technologies Corporation Aerospace Systems, went in to create a new centralized data system.

We took that on as a challenge, to not just continue to support our systems today, but also to make this conscious migration into the cloud with this web API, and to do that with no additional contract cost. My model centered around creating a an API-driven Node.js enterprise architecture.”

Collin Estes

The old way

Data was usually kept in siloes, organize in individual missions, a practice that was already being gradually changed. It wasn’t practical at all, Sandeep Shetye, NASA’s chief data architect said it took a 28 step process to get to the data you needed. The system created in node by Estes and his team reduced this to just 7 steps.

Choosing Node

JavaScript already was in use by the team at MRI Technologies, so choosing Node allowed them to stay on one platform which was very important. Here are a few of the key reasons why NASA chose node: (from the case study) 

  • The relative ease of developing data transfer applications with JavaScript, and the familiarity across the organization with the programming language, which keeps development time and costs low

  • Node.js’ asynchronous event loop for I/O operations makes it the perfect solution for a cloudbased database system that sees queries from dozens of users who need data immediately

  • The Node.js package manager, npm, pairs incredibly well with Docker to create a microservices architecture that allows each API, function and application to operate smoothly and independently. This encourages each of the three legacy database systems to play nice with each other while the data is transferred to the cloud.

The new way – the Node way

The new way is actually a database arhitectura centering on node, using decoupled data module APIs and applications running as independent microservices. The APIs send document data from the legacy Oracle and Microsoft SQL Server databases to RethinkDB instances running on Amazon Web Services to be indexed via nightly Extract-Transform-Load (ETL) jobs. Read the full case study called: Node.js Helps NASA Keep Astronauts Safe and Data Accessible here.



World, meet

It’s with great excitement that we’re announcing the launch of our newest #builtin project:

We’ve been working on our website during the past couple of months and reaching out to fellow Noders, getting really interesting insights on the Node.js community around the world. Stay close, we’re going to share them all with you soon.

So what’s BuiltinNode about?

BuiltinNode is a young project with a great mission, which is promoting the success stories of Node.js & contributing to the growth of the global Node.js community. We’re quite excited to get things rolling – and what we really want to accomplish with our blog is to get YOU involved in the blogging process, as we would be honored to write about your startup’s milestones & your company’s achievements.

6 amazing startups & 1 company registered on BuiltinNode since our launch yesterday, May 12th.  Thanks guys for joining our pre-launch list! To learn more about them, just click the links below, since they’re really interesting projects:

  • Augur – Recognize Devices and the Consumers who own them
  • Brightin – Making great apps with Node, Ember and React.js
  • Cronj – Cronj provides custom enterprise software development.
  • Muscula – Monitor your website for JavaScript errors
  • Onscribe – An elegant way to use online content
  • Sourcey – Startup Developers and Consultants
  • Unloq – Authentication. Authorization. Growth

You are also invited to advertise your Node.js openings on our job board; our goal is to make it the “go-to” Node.js job board, so let’s do that together.

And have no doubt, we also have other ideas on the table. We’re periodically reviewing them in an agile way (yes, we like and use the agile methodology even in marketing and product management). Thanks to our new blog, we’ll keep you updated!

We are continuously working on improving our users’ experience with our website, so if you have any suggestions on how we could make your interaction with our site better, feel free to drop us a line anytime.

Greetz & keep you posted!