Security News
crates.io Ships Security Tab and Tightens Publishing Controls
crates.io adds a Security tab backed by RustSec advisories and narrows trusted publishing paths to reduce common CI publishing risks.
By Sarah Gooding - Jan 27, 2026
🚀 Launch Week Day 5:Introducing Immutable Scans.Learn More →
@rushstack/node-core-library
Advanced tools
@rushstack/node-core-library
This library provides a conservative set of "core" NodeJS utilities whose purpose is to standardize how we solve common problems across our tooling projects. In order to be considered "core", the class must meet ALL of these criteria:
-
small and self-contained (i.e. quick to install)
-
solves a ubiquitous problem (i.e. having one standardized approach is better than allowing each developer to use their favorite library)
-
broad enough applicability to justify imposing it as a dependency for nearly every NodeJS project
-
code is design reviewed, API approved, and documented
Examples of "core" functionality that meets this criteria:
- basic file/folder manipulation
- JSON file loader/saver/validator
- package.json parser
- build performance timers
- executing shell commands
This package is NOT intended to be a dumping ground for arbitrary utilities that seem like they might be useful. Code should start somewhere else, and then graduate to node-core-library after its value has already been demonstrated. If in doubt, create your own NPM package.
Links
- CHANGELOG.md - Find out what's new in the latest version
- API Reference
@rushstack/node-core-library is part of the Rush Stack family of projects.
Other packages similar to @rushstack/node-core-library
fs-extra
fs-extra extends the Node.js native fs module with additional methods, such as copy, move, and remove, making it a popular choice for file system operations. Compared to @rushstack/node-core-library, fs-extra focuses more exclusively on file system enhancements.
winston
winston is a versatile logging library for Node.js. It supports multiple transports (e.g., console, file, HTTP) for logging messages. While @rushstack/node-core-library provides basic logging capabilities, winston offers more extensive features for custom logging scenarios.
chalk
chalk is a library for styling terminal text with colors and styles. Unlike @rushstack/node-core-library, which includes a broader set of utilities, chalk focuses specifically on enhancing terminal output aesthetics.
FAQs
Core libraries that every NodeJS toolchain project should use
The npm package @rushstack/node-core-library receives a total of 4,119,941 weekly downloads. As such, @rushstack/node-core-library popularity was classified as popular.
We found that @rushstack/node-core-library demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 08 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious Chrome Extension Performs Hidden Affiliate Hijacking
A Chrome extension claiming to hide Amazon ads was found secretly hijacking affiliate links, replacing creators’ tags with its own without user consent.
By Kush Pandya - Jan 27, 2026
Security News
curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports
A surge of AI-generated vulnerability reports has pushed open source maintainers to rethink bug bounties and tighten security disclosure processes.
By Sarah Gooding - Jan 23, 2026