Node.js in 2026 with Rafael Gonzaga - Software Engineering Daily Recap

Podcast: Software Engineering Daily

Published: 2025-12-23

Duration: 53 minutes

Guests: Rafael Gonzaga

Summary

Rafael Gonzaga discusses the current and future state of Node.js, focusing on performance and security. He highlights upcoming features in Node.js 25.0 and the impact of V8 enhancements on performance.

What Happened

Rafael Gonzaga, a principal open source engineer at NodeSource and a member of the Node.js Technical Steering Committee, delves into the intricacies of Node.js performance and security. He explains that Node.js has become a crucial backend technology, powering millions of systems. Gonzaga has played a significant role in improving Node.js performance, primarily through enhancements to the V8 engine and migrating APIs from JavaScript to C++.

Node.js 25.0, which is set to include V8 version 14.1, promises improvements in JSON.stringify performance. This version will also introduce a new permission model, allowing developers to restrict network access using the --allow-net flag. Experimental web storage will be enabled by default, and APIs that were runtime deprecated will be removed, potentially breaking some applications.

Gonzaga emphasizes the importance of benchmarking, describing how Node.js performance tests can take up to 84 hours due to the complexity of measuring JavaScript code. He employs a student test approach, running each configuration 30 times before and after changes to ensure statistical significance, aiming for a p-value greater than 0.05 to validate improvements or regressions.

The episode highlights the use of Fastify as a faster alternative to Express for Node.js applications and recommends Pino.js for its efficient logging capabilities due to its non-blocking event loop design. Gonzaga also advises against using the 'delete' keyword in JavaScript to maintain hidden class optimizations.

Gonzaga's work extends beyond performance to security, with initiatives such as the creation of the 'isMyNodeVulnerable' package, which checks the security status of Node.js versions. His contributions to Node.js have also led to significant community engagement, including live streams to teach people how to contribute to the project, resulting in new contributors.

Finally, Gonzaga reflects on his journey from helping his blind father with computer accessibility as a teenager to becoming a prominent figure in the Node.js community. He stresses the career benefits of open-source contributions, including learning opportunities and global networking.

Key Insights