5 Things Ryan Dahl Regrets About Node.js

5 Things Ryan Dahl Regrets About Node.js

Daily short news for you
  • Competition in the model race is becoming increasingly fierce, with tech companies not wanting to be left behind. Llama 4 Scout and Llama 4 Maverick are the latest open-source models from Meta, touted for their superior performance, even surpassing the most advanced models like GPT-4.5, Claude Sonnet 3.7, and Gemini 2.0 Pro... However, alongside this, Scout and Maverick are facing criticism over cheating allegations. Should we trust Meta once again? 🤔

    Llama 4 Scandal: Meta’s release of Llama 4 overshadowed by cheating allegations on AI benchmark

    » Read more
  • Today, I accidentally came across the website notes.andymatuschak.org which has a very interesting note-taking method. Clicking on a link opens a new tab next to it. Each time you click, it continues to open. Just like filing cabinets.

    This presentation style is not only easy to follow but also aligns with the flow of thought. It's a pity that I can't find the author of this open-source project. I wonder if there's anything similar out there 🤔

    » Read more
  • Instagram has just introduced a video editing app for content creators called Edits. This is a direct competition with popular apps on the market. However, it might take some time because looking at the features, they are still quite basic, just enough to use.

    By the way, I've been "playing" on IG for over 10 years now. Anyone with IG, please leave your account for me to check out 🥳.

    My IG is hoaitx_

    » Read more

Introduction

Node.js was first introduced by Ryan Dahl in 2009. And 9 years later, it was also Ryan Dahl who brought another platform called Deno. Like Node, Deno provides a powerful server-side JavaScript runtime environment. In a 2018 video, Ryan Dahl gave a presentation on "10 Things I Regret About Node.js" just before announcing Deno.

So why was Deno created if Node.js was already good enough? In today's article, I would like to extract 5 things that Ryan Dahl regrets about doing/not doing with Node.js.

NPM and package.json

NPM & package.json

After going through many ups and downs, Node.js and npm are like a team that always goes together. npm is known as a repository of dependencies for Node. npm is a centralized and controlled repository.

Because of its centralization, npm has often become a target for attacks aimed at injecting malicious code into packages, such as the case of Popular NPM Package Hijacked to Publish Crypto-mining Malware or attacks aimed at deleting user data like Dev Sabotages Popular NPM Package to Protest Russian Invasion.

Npm came up with package.json, which is a file that records information such as the packages used, license information, repository, description, and many other seemingly unnecessary details.

node_modules

node_modules black hole

Have you ever heard the comparison of node_modules to a black hole in the universe? Or if you have about 10 Node.js projects on your machine, it means you're ready to have 10 more black holes.

node_modules is a directory created to store all the necessary packages for a project. It doesn't use a centralized storage called NODE_PATH, but instead stores them in each project. Even the father of Node.js admits that node_modules is an irreparable mistake and apologizes for it.

Promise

Javascript Promise

Node.js did not immediately embrace Promise from the beginning, as evidenced by many APIs in Node still using callbacks for handling asynchronous operations. Nowadays, Promise has become very powerful, especially when combined with async/await, and that is something the father of Node.js regrets but cannot easily fix.

Security

Node.js security

If you run a Node.js application, it will have full access to files/folders, networks, and environment variables. Obviously, this can be a security risk if you accidentally run a project that contains malicious code, or attackers can exploit this to compromise Node.js servers.

The Build System (GYP)

GYP

The father of Node.js shared that GYP is a very difficult tool to build with, but because V8 of Chrome initially used GYP, Chrome eventually removed it, leaving Node.js as the only user of GYP.

To perform tasks outside the Event Loop, we have to directly interact with V8 by building C++ Addons. Many people complained about this and suggested switching to a more user-friendly solution like the Foreign Function Interface (FFI), but unfortunately, he overlooked them.

He also shared that he didn't like libuv because it uses autotools!?

Conclusion

Some mistakes can be fixed, but some cannot. This article presents 5 mistakes that the father of Node.js shares with us to let us know what he regrets. But no matter what, Node.js has grown and has a solid position in the global community and industry.

References:

Premium
Hello

The secret stack of Blog

As a developer, are you curious about the technology secrets or the technical debts of this blog? All secrets will be revealed in the article below. What are you waiting for, click now!

As a developer, are you curious about the technology secrets or the technical debts of this blog? All secrets will be revealed in the article below. What are you waiting for, click now!

View all

Subscribe to receive new article notifications

or
* The summary newsletter is sent every 1-2 weeks, cancel anytime.

Comments (3)

Leave a comment...
Avatar
Thành Đỗ2 years ago
Có một sự thật là Ryan đã khắc phục tất cả vấn đề trên với Deno. Mà de-no <=> no-de 😁
Reply
Avatar
Long Domi2 years ago
Cái node gyp kia luôn là ác mộng, lúc build lỗi ấy
Reply
Avatar
Vũ Mạnh Đức2 years ago
Node_modules so sánh với black hole hài hước
Reply