The Node Community Moves Fast & Books Get Left in the Dust

I’m learning to develop apps using Node.js and Express. My text of choice at the moment is Ethan Brown’s excellent book Web Development with Node & Express. It’s really been a great reference and Ethan has been so responsive to my questions. I seriously recommend it if you’re looking to get into Node development.

But as with any book that tries to cover a quickly evolving technology like Node.js, I’m finding hiccups that can lead to confusion and lost productivity. I don’t blame any author at all for this because it’s just the nature of projects like this that are working in an open and fast environment. There’s no way to keep the text up-to-date short of self-publishing.

I’ve found that the issue isn’t with the Node.js server itself but primarily in npm packages that die or evolve and introduce updated methods and interfaces. The net result is that you’re following along in the book and it could be hit or miss.

A couple of examples:

This is a package to offer a headless browser for unit testing and it gets a fairly sizeable mention in the book. The problem is that the project has been dormant (perhaps dead…or undead (ha!)) for some time and clearly people are wondering why pull requests are not being handled. Trying to build the cross-page tests mentioned in the book throws errors because of issues with newer versions of Node.js & with Zombie’s author not really tending to the project, this has prompted Ethan to look towards removing it in the next edition of his book.

This is an awesome middleware package to help in defining and managing REST APIs. But it too had some issues mainly because the maintainers deprecated functionality and improved the package as a whole in v2+. Of course, when you have a two year old book that uses code based on deprecated functionality, you’ll feel pain since you have to refactor code and try to understand how the new code syntax fits into the structure and concepts of what the book is trying to teach you.

Thankfully, the maintainers of connect-rest have been absolutely awesome. When I reached out to them, they explained the issues with code I was using and were genuinely excited that their project was mentioned in Ethan’s book. Enough so that, immediately after receiving my issue report, they sent a pull request to Ethan with the updated way of using their package. WIN!

Use npm Packages with Care

With that said, it’s a clear cautionary tale of how the Node community is moving fast and breaking things. I’m not saying whether it’s good or bad since I’ve already had plenty of ideological debates with people about this but if you’re building apps in Node, chances are you’ll need to use npm packages and if consistency & stability are important to you, you’ll need to really plan ahead.

Originally published at Rey Bango.



Tinkering in cybersecurity at Veracode and helping developers build secure software. Fortis Fortuna Adiuvat. Opinions are mine.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rey Bango

Tinkering in cybersecurity at Veracode and helping developers build secure software. Fortis Fortuna Adiuvat. Opinions are mine.