The NodeSource Blog

All Posts

npm-v12-install-scripts-not-a-silver-bullet

Blocking Install Scripts Is Not a Silver Bullet

In Security on Jun 19 2026

npm v12 blocks install scripts by default, but supply chain attacks won't disappear. Learn why runtime execution, the Node.js permission model, and sandboxing still matter.

How We Designed a Node.js Production Debugging Experience with AI

In ai on Jun 11 2026

Learn how the NodeSource team designed a Node.js production debugging experience for modern IDEs using AI tools, rapid iteration, and continuous developer feedback.

how-nodesource-remediated-21-nodejs-security-vulnerabilities

Security at Scale: How NodeSource Remediated 21 Vulnerabilities Across Enterprise Node.js Environments

In Security on Jun 04 2026

Discover how NodeSource engineers remediated 21 Node.js security vulnerabilities using backported patches, enterprise runtime maintenance, and validated releases.

The History of Date in JavaScript

In Node.js on May 22 2026

Discover the 31-year journey from JavaScript’s flawed `Date` API to Temporal in ECMAScript 2026 and Node.js 26. Learn how Temporal fixes time zones, parsing, immutability, and modern date handling in JavaScript.

nsolid-ide-vscode-extension-nodejs-monitoring-runtime-telemetry

Why Node.js Developers Need Production Context Inside the IDE

In NodeSource on May 21 2026

Discover N|Solid IDE, the VS Code extension for Node.js monitoring, diagnostics, runtime telemetry, and production insights directly inside your development workflow.

Node.js v26 Is Here: What Actually Changed

In Node.js on May 05 2026

Node.js v26 is now available. Here’s what actually changed: Temporal enabled by default, V8 14.6, Undici 8, and key deprecations.

devops-shift-left-runtime-intelligence-developer-workflows

DevOps Shifts Left to Developers

In Observability on Apr 28 2026

DevOps is shifting left. Learn how runtime intelligence, platform engineering, and AI are moving observability, security, and performance into developer workflows.

The Friction with Today’s Debugging Strategies

In Observability on Apr 23 2026

Debugging in modern systems is harder than ever. Explore the key friction points in today’s debugging strategies—from fragmented context to async complexity—and what’s changing next.

automatic-sourcemap-retrieval-nodejs-production

Automatic Sourcemap Retrieval in Production: Debugging Without the Friction

In NodeSource on Apr 21 2026

Learn how automatic sourcemap retrieval improves debugging in production Node.js systems. Reduce friction, resolve stack traces instantly, and streamline observability.

better-streams-model-javascript-taking-shape

A Better Streams Model for JavaScript Is Taking Shape

In Node.js on Apr 16 2026

JavaScript streams are evolving. Learn what’s changing, why it matters, and how a new model could simplify data flow in Node.js and the web.

anthropic-claude-code-source-leak-bun-bug

Anthropic Accidentally Leaked Claude Code's Entire Source — Here's What Was Inside

In Node.js on Apr 02 2026

Anthropic leaked Claude Code via source maps. A Bun bug, missing .npmignore, and weak release checks exposed 500k+ lines of code.

Why Node.js Upgrades Are Still Hard — And How OpenJS + NodeSource Are Addressing It

In Product on Mar 25 2026

Why Node.js upgrades remain difficult and how OpenJS Foundation and NodeSource help teams reduce risk and modernize production systems.