Advancing the NodeSource Node.js Package Repo (Including User-Requested Upgrades!)

For over a decade, NodeSource has developed and maintained a Node.js package repository that, has become the standard for production use globally. We are excited to announce some significant updates to this repo that include a large number of items related to user requests. (Note that there is an important point in the section below about using the new repo as the old repo will remain available but no longer be supported with new versions)

We handle over 100 million downloads of the open-source binaries each year, developers rely on our timely releases (fastest in the ecosystem) and tooling to simplify their use of the Node.js Runtime. Every time there is a release, including security updates, our team delivers updates in less than 48 hours.

Img 1- Type of Distributions

As part of our ongoing commitment to the ecosystem, we want to ensure that developers who rely on our repository have access to a robust and efficient resource led by our Node experts. A key objective with this update was to enhance the Node.js package distribution experience, making it more intuitive, feature-rich, and responsive to user needs. In the following sections, we’ll dive into the improvements we’ve made, highlighting the changes that promise to make your development journey easier.

Check it out HERE and let us know your thoughts!

New Features

Version Choice (Made Easy): We have added versatility with the latest update to our repository, gone are the days of being locked into the latest Node.js release. Now, you can choose the specific version of Node.js you need to tailor your environment to the unique needs of your project.

Universal distribution support: Say goodbye to server customization and compatibility concerns. Our repository now seamlessly supports all distributions. You don’t need to adjust for each new OS version, all are supported out-of-the-box.

Seamless CDN transition: We’ve revamped our CDN provider to address cache-related issues. This change ensures a smoother, more reliable experience and eliminates cache-related hiccups..

Streamlined installation requirements: Installing Node.js should be a snap. That’s why we’ve carefully configured the necessary installation requirements. The package now includes the required glibc and Python3 configurations, making the setup more accessible.

Simplified installation process: Recognizing the diversity of our user base, we’ve redesigned the installation process—no more complex scripts to decipher. Instead, we’ve streamlined it to a few simple lines of code. Installation is now easy and accessible for users of all skill levels.

These improvements demonstrate our commitment to providing a repository experience that keeps pace with technological demands and prioritizes user convenience and satisfaction.

⚠️ IMPORTANT: Use the new repository!

Failing to migrate to the new repository could be significant, most notably is the potential denial of access to the latest versions of Node.js. Because these latest versions will be distributed exclusively through the new repository, those who do not migrate will miss important updates, improvements, and features.

For more information on the new repository including details regarding the migration process, we recommend you visit the following link for the repository wiki, which provides comprehensive information on making a successful transition.

Our Distributions Journey

Our mission to help developers gain access to Node.js and enable the enterprise to adopt it safely has been a key driver for our binary distribution effort. We have seen tremendous growth in the number of downloads every year from our distributions across the globe.

Img 2- Request per Country and Data Transfer by Country per 24H

Our flagship product, N|Solid, an enterprise-grade version of the Node.js Runtime, is a testament to this devotion to OSS, and was a key part of why we created this repo that is used by millions of developers to power a massive number of applications. Our Node and Infra experts will continue to support this repo for the community with great pride.

> This repository has seen a staggering number of annual package downloads, over 120 million, and a data consumption rate of around 300 terabytes per month. This endeavor hasn’t been without its challenges, as maintaining such a repository has required extraordinary dedication and effort.

Earlier this year we made the decision to open-source our N|Solid Runtime marking a key turning point for NodeSource, inspiring us to extend our commitment to the repository. (The OSS version of N|Solid will be available in October of this year)

_> Recognizing the symbiotic relationship between Node.js and N|Solid, we decided to merge their paths. _

By distributing Node.js and N|Solid together, we’re creating a unified ecosystem that takes advantage of the power of Node combined with the advancements of N|Solid. This dynamic coupling invites those familiar with our repository to explore what we refer to as “enterprise Node.js,” or the Node.js that enterprises have been waiting for. This synergy is a testament to our commitment to both the Node.js community and the growth of enterprise-grade solutions.

Conclusion

As we embark on this transformative phase, we reflect on our journey in this ecosystem. We’ve been privileged to play a role in supporting developers and companies, and we’re excited to further enhance our collaboration.

Today, we invite you to explore our new repository, HERE, – a hub of choice and compatibility, empowering you to select the Node.js version that suits your needs. But that’s just the beginning of the story. If you are interested in our Enterprise version N|Solid it’s available to you for FREE with additional pricing packages for larger projects/teams and support.

Stay tuned for further enhancements as we refine and enrich your experience.Thank you for being a part of our journey. Here’s to many more years of collaboration and growth!

About NodeSource, Inc.

NodeSource, Inc. is a technology company completely focused on Node.js and is dedicated to helping organizations and developers leverage the power of this technology. We offer the leading APM for monitoring and securing Node.js and provide world-class support and consulting services to help organizations navigate their Node.js journey. #KnowYourNode. For more information, visit NodeSource.com and follow @NodeSource on Twitter.

N|Solid v4.9.2 is now available

NodeSource is excited to announce N|Solid v4.9.2 which contains the following changes:

General stability improvements and bug fixes
Node.js v14.21.3 (LTS): Includes a Node.js security release captured in Node.js v14.21.3 (LTS).
Node.js v16.19.1 (LTS): Includes a Node.js security release captured in Node.js v16.19.1 (LTS).
Node.js v18.14.1 (LTS): Includes a Node.js security release captured in Node.js v18.14.1 (LTS).
Support for a new action in N|Solid saved views to capture traces automatically.

IMPORTANT: N|Solid v4.9.1 contains a Node.js security release!

For detailed information on installing and using N|Solid, please refer to the N|Solid User Guide.

Changes

N|Solid v4.9.2 contains the following changes:

General stability improvements and bug fixes
Node.js v14.21.3 (LTS): Includes a Rebase of N|Solid on Node.js v14.21.3 (LTS).
Node.js v16.19.1 (LTS): Includes a Rebase of N|Solid on Node.js v16.19.1 (LTS).
Node.js v18.14.2 (LTS): Includes a Rebase of N|Solid on Node.js v18.14.2 (LTS).

IMPORTANT: N|Solid v4.9.1 contains a Node.js security release. This release includes patches for these vulnerabilities:

CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low).
With the new action in N|Solid saved views, you can activate the tracing automatically when one or more processes cross over performance thresholds or match query parameters that you set.

N|Solid

N|Solid v4.9.2 Fermium ships with Node.js v14.21.3.

N|Solid v4.9.2 Gallium ships with Node.js v16.19.1.

N|Solid v4.9.2 Hydrogen ships with Node.js v18.14.1.

Node.js

The Node.js 14 Fermium LTS release line will continue to be supported until April 30, 2023.
The Node.js 16 Gallium LTS release line will continue to be supported until September 11, 2023.
The Node.js 18 Hydrogen LTS release line will continue to be supported until April 30, 2025.

Supported Operating Systems for N|Solid Runtime and N|Solid Console

Please note that The N|Solid Runtime is supported on the following operating systems:

Windows:

Windows 10
Microsoft Windows Server 1909 Core
Microsoft Windows Server 2012
Microsoft Windows Server 2008

macOS:
macOS 10.11 and newer

RPM based 64-bit Linux distributions (x86_64):

Amazon Linux AMI release 2015.09 and newer
RHEL7 / CentOS 7 and newer
Fedora 32 and newer

DEB based 64-bit Linux distributions (x86_64, arm64 and armhf):

Ubuntu 16.04 and newer
Debian 9 (stretch) and newer

Alpine
Alpine 3.3 and newer

Download the latest version of N|Solid

You can download the latest version of N|Solid via http://accounts.nodesource.com or visit https://downloads.nodesource.com/ directly.

New to N|Solid?

If you’ve never tried N|Solid, this is a great time to do so. N|Solid is a fully compatible Node.js runtime that has been enhanced to address the needs of the Enterprise. N|Solid provides meaningful insights into the runtime process and the underlying systems. Click ???? [HERE]