New release of bench-node v0.14.0! Two important features were released: github.com/RafaelGSS/be...

Right on time! Lovely @openjsf.org

Want to dive in further? Check out Rafael’s release of @nodejs.org 25: twitch.tv/videos/25925...

SEMVER MAJORS ARE BORING 🚨 Major releases mostly bring breaking changes, not shiny new features. The fun stuff? That’s hiding in the minors. @rafaelgss.dev talks about why you should follow the minor releases in our latest JavaScript Security Snapshot.

I should get back to this platform. I’ve scrolled it for like 5 minutes and I found many interesting topics that I don’t see in one week of X.

ok so... I'm writing a book. It's called JavaScript In Depth (www.manning.com/books/javasc...) ... the first four chapters are available by Manning. This has been a difficult project and will continue to be so. The reason is that it isn't a How To book that focuses only on how to use the langauge

Before automated workflows, releasing @nodejs.org meant 20 manual steps. Now it’s one command. 👀 @ulisesgascon.com and @rafaelgss.dev share how the Node.js build team went from a rack of Raspberry Pis in someone’s garage to full release automation. 👉Build Team on GitHub: github.com/nodejs/build

Live now!

It was great working with you on this! As much as I dislike that we had to do this work, I think it is important that we did it so there is a thorough and accurate resource about the current state of things.

With npm supply chain attacks on the rise, secure publishing practices are becoming a pressing concern for anyone maintaining npm packages. ⚠️ We've released updated guidance to help maintainers reduce exposure, strengthen release processes, and protect the ecosystem: openjsf.org/blog/publish...

Thanks for your hard work on this @notwes.bsky.social

Too many @nodejs.org users are running old versions 😬 The team is exploring changes to the release schedule to fix that. @rafaelgss.dev shares all the details in our latest JavaScript Security Snapshot. Be a part of the conversation on releases: github.com/nodejs/lts-s...

Ever wonder why @nodejs.org drops new versions like clockwork? Here’s the scoop. ⏱️ @rafaelgss.dev shares all the details about the Node.js release schedule in our new series, JavaScript Security Snapshot.

Done

i’m starting to get that “this word is weird now” feeling from hearing so many sentences like “releasers releasing releases” at the @nodejs.org collab summit

Starting the day at the Node.js Collab Summit #nodejs #javascript

Introducing 🥁🥁🥁 our JavaScriptLandia award recipients for this year! Beyond building new features, our recipients guide others, maintain essential systems, document the hard parts, and strengthen the community every step of the way. 💙 Read more about our honorees here: hubs.la/Q03NQvx10

I'm excited about net in permissions!

Node.js 25 is here! We have upgraded V8 to 14.1, bringing major JSON.stringify performance improvements and JIT pipeline optimizations. This release introduces the permission model --allow-net, Web Storage is enabled by default, and more! nodejs.org/en/blog/rele...

Node.js v24.10.0 is out. * Per-stream inspectOptions support in console * Removal of util.getCallSite (in favour of util.getCallSites) * Upgraded OpenSSL to 3.5.4 and npm to 11.6.1 * Various src and benchmark optimizations https://nodejs.org/en/blog/release/v24.10.0

Welcome @rafaelgss.dev to the @openjsf.org #CNA team! 👏 👏 👏 github.com/openjs-found...

Lots of GREAT progress and discussion on our @expressjs.bsky.social Performance Working Group. Thanks everyone who is participating as I think this is the second most (security comes first) impactful thing we could be working on. For anyone interested in helping out: github.com/expressjs/pe...

Our goal is to provide guidance and tooling for perf based decisions to the maintainers under our umbrella. Aligning our philosophy for how/what we monitor and how to interpret the results lets us be consistent across our 50+ packages. Ive been learning a lot so far, and big ty to @rafaelgss.dev

Node.js v24.6.0 is out💚 Highlights: * Use your system’s trusted certificates with NODE_USE_SYSTEM_CA=1 * crypto: ML-DSA (KeyObject/sign/verify) * http: server.keepAliveTimeoutBuffer * zlib: Zstd dictionary support * fs: Utf8Stream (from SonicBoom) Changelog: nodejs.org/en/blog/rele...

I'm live doing Node.js Core benchmark work! www.twitch.tv/rafaelgss

I've been working on something interesting (at least for me) github.com/nodejs/node/...

Hi folks, We will have a Node.js core mentoring live stream today Stay tuned!

Node.js v24.4.0 is out! 💚 What's new? • crypto.hash() supports outputLength (XOF) • fs.mkdtempSync() gets disposable mode • --watch-kill-signal lands • permission.has('addon') is now supported • spawn() propagates permission flags • sqlite adds readBigInts More in: nodejs.org/en/blog/rele...

Live on! twitch.tv/rafaelgss

A warm welcome to our newest Node.js TSC member: Filip Skokan! Happy to see you onboard! github.com/nodejs/node/...

Folks, right now @rafaelgss.dev is doing an awesome livestram on m.twitch.tv/rafaelgss talking about Node.js threads, memory management and perfs. Join us!

⚠️ Security release pre-alert: We will release new versions of v20.x, v22.x, v23.x, v24.x release lines on or shortly after May 14, 2025, in order to address: - 1 high severity issue - 1 moderate severity issue - 1 low severity issue Details: nodejs.org/en/blog/vuln...

I’d love to do something like that but in person… kind of collab summit workshop

Happy to announce @nodejs v24.0.0 💚! This release brings several updates, including the V8 13.6 and npm to version 11. As a reminder, Node.js 24 will enter long-term support (LTS) in October, but until then, it will be the "Current" release Check it nodejs.org/en/blog/rele...

A handy way to test Node.js release candidates. I suggest you have something similar in your test suite, so you can act before a semver-major release of Node.js gets out. github.com/fastify/fast...

RC.2 Node.js v24.0.0 github.com/nodejs/node/...

Recent updates on Node.js CVE to EOL lines. TL;DR The Node.js team has decided to update previous vulnerability specific CVEs to cover EOL releases, reflecting their ongoing security risks. See: nodejs.org/en/blog/vuln...

I'm live on Twitch again! www.twitch.tv/rafaelgss

I'm posting some shorts on Youtube/Instagram of my sessions teaching "How to contribute to Node.js core" on Twitch. Check my social media in github.com/RafaelGSS/Ra...

With this release we have also issued the CVEs to EOL versions of Node.js

We'll have a second session of Node.js mentoring today! Join us via OpenJS Foundation Slack (nodejs-mentoring channel). See you all in 30 minutes. Live: www.twitch.tv/rafaelgss

⚠️The @nodejs.org project will issue a security release for versions 23.x, 22.x, 20.x, 18.x on or shortly after, Tuesday, January 21. nodejs.org/en/blog/vuln...

Performance work can be disproportionate. @joyeecheung.bsky.social makes a one-line change to a build script to cure a 50% regression in startup time.

I wrote an alias to `npx` that sets the Permission Model node options. You can use it in the same way you use `npx` but, with Node.js Permission Model restrictions :) Put this in your .zshrc/.bashrc gist.github.com/RafaelGSS/f8...

Explore the GitHub Sponsors pages of the maintainers of your favorite OSS projects. Find an awesome folk who deserves more support, then press the sponsor button to show them we appreciate their work. Today is a good day to give back.

Live at www.twitch.tv/rafaelgss

Did you know you can run npx with permission model enabled by just passing it through the --node-options npx flag? github.com/nodejs/node/...

🚨 @nodejs.org will issue CVE for EOL (End-of-Line) release lines in the next security release. Read more at nodejs.org/en/blog/vuln...

Announcing bench-node officially! blog.rafaelgss.dev/bench-node-a...

With this PR you should be able to see clearly the Node.js threads and identify in some scenarios which thread is consuming more of your resources github.com/nodejs/node/... I started it in yesterday's livestream and made some progress today