~nodeweekly | Issue 570 - Node 20 gains require(esm) support by default (9)

OTPAuth: One Time Password (HOTP/TOTP) Library — When you log in to a site with 2FA and you’re asked for six digits from your authentication app, that’s a Time-based One-Time Password (or TOTP). This library for Node, Deno, Bun and the browser lets you work with both TOTPs and HOTPs (HMAC-based OTPs) from JavaScript.

Node.js Gets an Official Community Space on Discord — While there have been numerous IRC channels and Discord and Slack servers where Node developers can congregate, the Nodeiflux Discord server has been promoted to being an official one – here’s the invite link if you’re a Discord user. There are already 15k members, so it’s hopping.

Node v23.10.0 (Current) Released — Node gains a new --experimental-config-file option for writing a JSON-based config file that contains options that would otherwise litter your command line flags – ideal for configuring the test runner, say.

Node v20.19.0 (LTS) Released with require(esm) — Node v20 is in maintenance mode, which usually means no new features, but it lands a significant one here: support for require(esm) enabled by default. This means all Node v20+ releases now support loading native ES modules with require out of the box. Ideal if you have dependencies to update and you’re still on v20.

How to Get Deep Traces in Your Node Backend with OTel and Deno — The Deno project turns up the heat by demonstrating how to add OpenTelemetry to a Node app before showing how much easier it is with Deno (as long as your Node app runs well under it).

🔐 Protect.js: 'Encryption in Use' for Data in Node Apps — Designed to work with any Node framework or ORM, Protect.js provides AES-256 based ‘encryption in use’ functionality. GitHub repo.

Piscina 4.9: A Fast Worker Thread Pool Implementation — Node’s worker threads bring true multithreading to Node apps and Piscina is a pool for tracking and controlling the number of such threads.

Refractor 5.0: Virtual Syntax Highlighting using Prism — Wraps the powerful Prism syntax highlighter to output objects instead of an HTML string so you can manipulate and render it as you wish (e.g. in a VDOM or at the terminal). Lowlight, by the same author, offers the same functionality but backed by highlight.js.

Protect Against Bots, Fraud, and Abuse in Real Time — WorkOS Radar protects your app with advanced device fingerprinting — stop fake signups, free tier abuse, bot attacks and brute force attempts today.