NodeJS Tips and Tricks

Some tips and tricks when coding NodeJS:

(Caution: highly opinionated thoughts follow)

  • keep code tidy with “jscs” (decide on a style guide and find or make a jscs template for it) and “jshint” or “eslint
  • use “slow-deps” to find out which packages are slowing down your “npm install” (possibly “jscs” – consider installing it globally) – more info on “slow-deps”
  • lock down your package versions, and their dependencies verisons, with “shrinkwrap” (this is good for stability and security!)
  • scan your dependencies regularly for security issues, using tools like “snyk” (pronounced “sneak”) or “nsp” – I made a docker image for this
  • vax” will help with some other security stuff – run it
  • “you can’t manage what you don’t monitor”… run a “statsd” server to gather metrics on events, actions and durations in your app – I made a docker image to help with this during development
  • improve console  debug/output/start-up output with “cli-tables” and “colors” – personally I like to (programmatically) print out all of the endpoints an application exposes… which saves on external documentation
  • expressjs” is popular, but “restify” lets you add all kinds of extra metadata on to your routes which you can then act on (easier permission handling, debug data output, etc)
  • make use of “sinon“s “sandbox” functionality to easily stub and reset object properties and methods (for testing in isolation) – and “istanbul” makes code coverage easy
  • restrict and validate data with “joi” – note: it does not prevent SQL Injection or HTML characters in strings, that’s on you (take a look at “striptags” and “xss“)
  • update your packages more easily with “npm-check” (run with “-Ue”)
  • pnpm” attempts to speed up “npm install” by downloading in parallel, but I had some issues (seemingly race conditions) – might be worth keeping an eye on and trying
  • be aware of some of the unicode issues:

Leave a Reply

Your email address will not be published. Required fields are marked *