20 ways to become a better Node.js developer in 2020

Don’t be that ‘screwdriver guy’, enrich your toolbox, diversify yourself

Short Intro

1. Use TypeScript features thoughtfully

  • Type Inference can help in reducing TypeScript verbosity and make it look more like vanilla JavaScript
  • Type aliases are an alternative simple and leaner way for defining constructs (comparing with interfaces).
  • Using TypeScript for encapsulation? access modifiers are coming soon to vanilla JS

2. Modernize your testing toolbox. Ava & Jest are changing the game

  1. Speed — modern test runners are faster thanks to the multi-process execution model. They also apply advanced optimizations like learning tests stats over time and prioritizing slow tests to run first. This is not only about test runners, but other tools also boost test speed: fake in-memory database allow testing with DB without the involvement of IO, some npm packages offer a local and in-memory version of popular cloud services. To name a few examples.
  2. Outstanding developer experience — modern test runners and tools are designed to accompany the coding experience and provide valuable insights. For example, should a test fail, Jest and Ava will not just report a failure rather extract the related code from the unit under test. Thanks to this, developers get much richer context which leads to a faster resolution
  • AVA & Jest are the new sophisticated kids in town
  • mongodb-memory server is amazing for testing with MongoDB server — it installs, instantiates and configures a local and real Mongo with in-memory engine
  • Cypress makes E2E testing, including backend’s API related tests, a delightful experience
  • aws-sdk-mock fakes many AWS services

3. Plan your ES6 modules usage strategy. See, it’s a bit tricky

4. Meet the latest JavaScript features that are turning green soon

Examples:

  • Optional chaining is at stage 4 and part of Node.js 13.3 behind a flag. This one is going to catch a lot of popularity. Some love it, others don’t
  • Private methods and fields are at stage 3 (active proposals) so if you’re opting for TypeScript only for encapsulation — now there is one more option to choose from
  • Nullish coalescing (stage 4) will finally put a stop to our nasty habit of checking for nulls & undefined using the !variableName syntax (which also includes zero and therefore is error-prone)
  • Promise.any is the latest edition to the promise.{something} family, unlike all the others (promise.all, promise.settleAll, promise.race) it will abort should any Promise resolve or reject. This is one of the final nails in the coffin of Promises helper libraries like ‘async’ and ‘BlueBird’

5. Experiment architectures outside of your comfort zone. Note how GraphQL is disrupting the traditional models

6. Check out the winner of the 2019 oscar — Nest.js

7. Apply gradual deployment techniques like feature-flagging, canary or traffic shadowing

8. Shift your testing left — test more things and sooner

  • Fast-check npm package for property-based testing allows invoking your units/API with many input permutations
  • Check our framework and tools for scanning docker containers for CVEs like snyk, Trivy, Quay
  • Tuning your real DB for in-memory operation without IO will make it practical to run api/component tests instantly almost like unit tests: this is how you would tune PostgreSQL (here is a ready-to-use dockerized version), mongodb-memory server will install and configure a local and real Mongo with in-memory engine.

9. Shift your testing right — test in/with production

10. Be ready to use your new async pocket knife — worker threads

11. Deepen your Docker and Kubernetes understanding. It highly affects your Node.js code.

12. Security: Learn to think like an attacker by skimming through vulnerable code examples

  • NodeGoat is a project that intentionally embodies security weaknesses for educational purposes. Don’t miss this doc page with attack examples
  • Read my list of Node.js Security best practices which contain 23+ attack ideas including JavaScript code examples
  • Conduct a monthly threats analysis meeting where the team tries to look at the application design and propose attacks. sound boring? not necessarily if you add some gamification and reward members that find an exploit, or run a competition between a blue team that designs a module vs the read team which tries to find exploits

13. Learn at least one: ELK or Prometheus

14. Use machine learning as a black-box product

  • ml.js — a swiss army knife of machine learning tools
  • Brain.js specializes in neural networks, has great docs and a free video course
  • Natural brings the world of NLP into Node land: text comparison and similarities, sentiment analysis, text classification and more

15. Sleep >7 hours a night. This matters far more than any technology you use and scientifically prooved to make you a better developer

16. Quit Express, it’s aged and not maintained properly. Fastify and Koa are great candidates in 2020

17. Revisit these bullets from last year — some are still highly relevant

  • Bullet number #4 — “Plan how to utilize Async-Hooks to reach better tracing and context”
  • Bullet number #11 — “Have a package update strategy. A lesson learned in 2018: updating too soon is a dangerous practice”
  • Bullet number #17 — “Deepen your Linux OS understanding, focus on the anatomy of a Linux process”
  • Bullet number #18 — “Dive deeper into the Node.js internals”

18. Enrich your CI with automated quality tools

  • Scan Docker containers for CVEs using tools like snyk, Trivy, Quay
  • lockfile-lint will detect attempts to inject malicious dependencies using the npm lock file (e.g. edit a dependency URL within the lockfile)
  • swagger-express-validator will ensure that your routes conform to the swagger schema
  • eslint-plugin-import is an outstanding linter that performs dozens of checks on module and dependencies resolution. For example, it can warn when import/require is not at the beginning, disallow mutable exports with var or let, discoverextraneous packages that aren't declared with package.json and much more
  • commitlint will enforce semantic commits which then can lead to automatic semantic versioning of Microservice and packages
  • dependency-cruiser is a CLI tool that allows declaring flexible policies on allowed and disallowed dependencies. Using this you can craft custom rules like what licenses are allowed, allowed paths and more

19. Enrich your mindset, diversify your toolbox

20. Get inspiration from these great 5 starter projects

  • node-api-boilerplate is a great showcase for DDD with an application layer that demonstrates organizing code by feature
  • dev-mastery comments-api is an excellent translation of clean architecture to Node.js and it comes with this super explainer video
  • Typescript-starter won’t teach you any architecture concepts but a nice showcase for TypeScript set up with modern libraries and great docs
  • nodejs-api-starter is the starter for those who seek a real-world GraphQL implementation including errors and auth
  • bulletproof-nodejs is a well-known starter that uses the 3-tier folder structure which is my personal and recommended way of structuring a Node.js app

Thank You. Other articles you might like

--

--

Software Architect, Node.JS Specialist. Consultant, blogger, conference speaker, open source contributor — author of the largest Node.js best practices guide

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Yoni Goldberg

Software Architect, Node.JS Specialist. Consultant, blogger, conference speaker, open source contributor — author of the largest Node.js best practices guide