Node.js releases version 6.0. Yes, yes, LTS

More module issue fixes still require()d

The Node.js Foundation has released version 6, which now falls just seven per cent short of complete support for the ES6 specifications.

The European Computer Manufacturer's Association's ECMAScript version 6 was released in 2015 as a trademarked specification for scripting languages, including JavaScript.

It specifies core features, which the foundation announced are now supported, including "default and rest parameters, destructuring, class and super keywords."

Version 6 also debuts equipped with the V8 JavaScript engine 5.0, and bumps up the E6 support from 56 per cent at v5.11, and 50 per cent from v4. The kangax compatibility table applied to Node.js is available here.

V8 is Google's JavaScript engine, used in its Chrome browser, and is set to boost what the foundation claims are 3.5m users at an annual growth rate of 100 per cent.

According to the foundation's announcement, "one of the most significant [performance] improvements" comes "from module loading", though stability may be of greater interest to client-side application developers than speed.

Back in March, a grouchy Azer Koçulu unpublished more than 250 modules from JavaScript packet manager NPM, subsequently borking the left-pad dependency and toppling thousands of projects with a shrug.

Following the Semantic Versioning Specification, Node.js will be putting version 4, the current stable release, under maintenance mode from April 2017, "meaning only critical bugs, critical security fixes and documentation updates will be permitted," and advises users to begin transitioning from v4 to v6 in October, when v6 goes into Long-Term Support.

As Node.js says, major releases "usually introduce backwards-incompatible, breaking changes. ®

Similar topics

Broader topics

Other stories you might like

  • Emma Sleep Company admits checkout cyber attack
    Customers wake to a nightmare as payment data pilfered from UK website

    Emma Sleep Company has confirmed to The Reg that it suffered a Magecart attack which enabled ne'er-do-wells to skim customers' credit or debit card data from its website.

    Customers were informed of the breach by the mattress maker via email in the past week, with the business saying it was "subject to a cyber attack leading to the theft of personal data" but not specifying in the message when it discovered the digital burglary.

    "This was a sophisticated, targeted cyber-attack on the checkout process on our website and personal information entered, including credit card data, may have been stolen, whether you completed your purchase or not," the email to customers states.

    Continue reading
  • Microsoft Azure developers targeted by 200-plus data-stealing npm packages
    Another day, another attack on the software supply chain

    A group of more than 200 malicious npm packages targeting developers who use Microsoft Azure has been removed two days after they were made available to the public.

    Security firm JFrog on Wednesday said that earlier this week its automated analysis system began raising the alarm about dubious uploads to the npm Registry, the most popular public source of software libraries for the JavaScript ecosystem. This group of packages grew from about 50 to at least 200 by March 21.

    "After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure npm scope, by an attacker that employed an automatic script to create accounts and upload malicious packages that cover the entirety of that scope," observed security researchers Andrey Polkovnychenko and Shachar Menashe in a write-up. "Currently, the observed malicious payload of these packages were PII (Personally identifiable information) stealers."

    Continue reading
  • Microsoft proposes type syntax for JavaScript
    Long overdue innovation or an affront to all that developers hold dear?

    Type-fans rejoice! Plans (or a proposal, at least) are afoot to pop some type-checking into the infamously dynamically typed JavaScript.

    The proposal planned from Microsoft and others, including devs from the Igalia Coding Experience program and Bloomberg, is all about adding "types as comments" to the language.

    The theory is that it would become possible to have a syntax for types that could be used by tools that need those hooks (such as Microsoft's own TypeScript) and ignored by those that do not.

    Continue reading

Biting the hand that feeds IT © 1998–2022