23.03.2021 - Read in 7 min.
23.03.2021 - Read in 7 min.
JavaSript is a key part of our company’s programming toolkit and we see it as our mission to show what the technology is capable of and how it can benefit many startups and enterprises. Let’s begin.
Myth 1: Node.js isn’t secure
In 2017, npm released their npmE — an enterprise version of their package manager that allowed the running of npm’s infrastructure behind a firewall, providing companies with access control vulnerability detection (it notified the user about any vulnerable package when you ran `npm install`). After npm was acquired by GitHub at the beginning of 2020, they moved the npmE to their GitHub Enterprise brand, offering secure solutions for various technologies.
And if you’re worried about XSS or CFSR attacks, which are some of the most common security issues pointed out in Node.js then you can use solutions like DOMPurify or Google’s Closure Tools to prevent Cross Site Scripting while implementation of Anti-CSRF tokens will deal with the Cross Site Forgery Requests.
After all, security is not only about which tools or technology you decide to use, but how you implement them.
- 16 companies that use Node.js in their apps
- 5 desktop apps you wouldn’t think are build using Electron
Node.js, for instance, is an incredibly scalable technology, especially when used for building microservices and serverless architecture. Microservices allow you to scale only those parts of the application that see a surge in traffic, making it easier to manage and you can interconnect different parts of the app written in different languages.
Serverless can also be used in various ways. At RST Software, one of the tasks we use serverless for is to quickly setup testing environments. In our experience, the performance of serverless solutions can be much faster than server-based development.
Myth 4: Because it’s so commonly used in browsers and web development, it’s not suitable for other uses
Native developers would certainly say so and there’s some truth to that- but you need to understand a few things first.
I also wrote an in-depth piece on the most well-known companies that are using React Native in their mobile apps, so you might want to give it a check.
Benefit 1: Versatility
This also results in easier recruitment of talent and in the case of startups, one developer can develop both frontend and backend.
Benefit 2: Active community
AdminBro, our auto-generated Node.js admin panel, is a great example of an active community. We’ve created a dedicated Slack community channel where everyone can ask their questions and our developers — or other contributors and users — give answers and help you implement the solution if you’re having trouble.
Also, if you’d like some numbers for a proof, according to ModuleCounts.com, npm sees as many as 878 new packages added to the registry daily. The second place is taken by PyPI with only 192 packages per day.
Benefit 3: Scalability
Benefit 4: Constant updates
In my opinion, it’s not yet peaked and there’s much more to come.
Benefit 5: Easy to adopt and maintain
I talked about this briefly before, so now let me elaborate.
Benefit 6: Enterprise-grade performance
I think numbers speak louder than words, so let’s have a look at numbers.
Netflix switched from Java to Node.js on their backend and as a result managed to reduce the startup time from 40 minutes to under 1 minute.
PayPal also switched from Java to Node.js in 2013 and that resulted in a 200ms faster page response time as well as doubling the number of requests their backend could handle per second.
GoDaddy’s Website Builder migrated from C# and SQL Server to Node.js CassandraNoSQL and managed to reduce the number of servers tenfold.
I could go on, but I guess you get the gist.
Benefit 7: Single package manager
npm is one of the largest developers ecosystems in the world with over 1 555 459 packages in the main npm registry as of Mar 21, 2021.
As you can see in the image above, the npm community simply crushes the rest of the technologies. Yes, many of the libraries are not up to par, but it’s still better to have more than you need rather than less. This means you won’t have to write many of the features your app might need from scratch, as you can use what was written before.
If you’re not sure about the security of said solution, you should use GitHub Enterprise, which I’ve mentioned in the 1st myth.
Till the next time, take care.