Security News
Internet Archive Hacked, 31 Million Record Compromised
The Internet Archive's "Wayback Machine" has been hacked and defaced, with 31 millions records compromised.
Security News
Sarah Gooding
September 11, 2024
Cloudflare is expanding Node.js compatibility for Workers and its JAMstack Pages platform with a major update combining polyfills and native code. This opens access to more Node.js APIs and platform-specific features, making it possible for developers to use more npm packages.
Traditionally, running npm packages in environments like Cloudflare Workers has been challenging due to missing APIs and dependencies that are built with only Node.js in mind.
Using the v2 compatibility flag in their wrangler.toml
files, developers who are writing Workers can now unlock some of the most commonly used libraries that enable more complex applications and seamless integration with popular backend services:
Packages that could not be imported with nodejs_compat, even as a dependency of another package, will now load. This includes popular packages such as body-parser, jsonwebtoken, pg, got, passport, md5, mongodb, knex, mailparser, csv-stringify, cookie-signature, stream-slice, and many more.
Cloudflare plans to roll this out as the default behavior for all Workers with the existing nodejs_compat compatibility flag enabled plus a compatibility date of 2024-09-23 or later.
Although Workers have had polyfill support since 2021, Cloudflare acknowledged that many modules cannot be polyfilled with fast enough code or cannot be polyfilled at all. This update expands native support for some Node.js APIs in the Workers runtime through what Cloudflare identified as a hybrid approach:
This approach lifts limitations that were previously roadblocks for using many npm packages. The announcement cites several examples how developers can use module aliasing in cases were an npm package relies on a Node.js API that isn’t yet implemented in the Workers runtime or as a polyfill.
Cloudflare’s popular serverless platform is used by more than one million developers for creating applications without having to manage the infrastructure behind it. Workers are an important part of Cloudflare’s ecosystem, which handles around 20% of all internet traffic across its global network.
This compatibility update strengthens integration with the Node.js ecosystem, allowing developers to work with a broader array of libraries in serverless environments. It streamlines development processes for those migrating from traditional Node.js environments and positions Cloudflare as a more versatile platform in competition with other serverless providers.
This could lead to greater adoption of serverless technologies for a broader range of applications, allowing developers to take advantage of the performance and scalability benefits of edge computing without having to manually modify or refactor npm libraries for compatibility.
It also opens the door for npm packages to be more widely utilized in a serverless context, broadening the ecosystem's reach. Cloudflare’s approach of combining polyfills and native code is a strategic move that could impact how developers think about serverless architecture, as they now have access to more tools while writing less platform-specific code.
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Try it now
Security News
The Internet Archive's "Wayback Machine" has been hacked and defaced, with 31 millions records compromised.
Security News
TC39 is meeting in Tokyo this week and they have approved nearly a dozen proposals to advance to the next stages.
Security News
Our threat research team breaks down two malicious npm packages designed to exploit developer trust, steal your data, and destroy data on your machine.