Hono tops developer satisfaction, but Express still leads

#​610 — February 5, 2026

Read on the Web

The State of JavaScript 2025: Backend Frameworks — The results of the popular annual JavaScript survey are out, and we’re focusing on the most relevant bit to Node.js: backend frameworks. Express still leads the way, but NestJS continues to grow rapidly. Meanwhile, Hono comes top in developer satisfaction.

Devographics

Node.js 25.6.0 (Current) Released — async_hooks can now opt out of Promise tracking to cut instrumentation overhead in production. The built-in test runner supports per-run env injection (see the env option here), TextEncoder gets some SIMD-backed speedups, and the URL parser updates to Unicode 17.

Antoine du Hamel

Stop AI Agents from Generating Outdated Clerk Code — Cursor, Copilot, and Claude Code are trained on old Clerk patterns. Clerk Skills is a one-command way to give your agent up-to-date knowledge to build auth flows, sync users to databases, set up organizations, and more. One command, and it knows how to build auth the right way.

Clerk sponsor

IN BRIEF:

Check out a sneak preview of the new design for Node’s official docs. You’re encouraged to file issues if you encounter any problems.

😂 npm’s current 64-character limit on package names didn’t stop someone from grandfathering in a 214-character monster back in 2012. It’s too long to share here without breaking the email, so here you go.

🔒 vm2 is a sandbox for running untrusted code within the same process as your app. A critical vulnerability was announced which warrants an immediate upgrade to v3.10.4.

Vercel has added zero-config deployment support for Koa apps.

How to Migrate from Chalk to Node’s styleText — Chalk is great for terminal styling, but Node’s built-in styleText handles most of the same tasks with no dependency required. There’s even a codemod to migrate automatically.

Richie McColl

Explicit Resource Management in JavaScript — You can use using for deterministic cleanup, calling Symbol.dispose/asyncDispose at scope exit without try/finally. A small fix for leaks and forgotten teardowns in streams, observers, locks, and similar APIs.

Matt Smith

Why JSBin Went Down for 3 Days (and How It Was Fixed) — JSBin, the long-running collaborative JavaScript pastebin, went offline for roughly three days in January after a huge traffic spike overwhelmed its tiny single-CPU server. Node.js wasn’t the root cause, but running an ancient Node 7(!) runtime amplified the failure. Remy tells the full story.

Remy Sharp

How to Tinker with Node.js Core on ARM64 Windows — Building Node on ARM64 Windows? The toolchain setup has some gotchas. Luckily, Joyee walks us past them.

Joyee Cheung

Skip the Second Database for Analytics — Analytics on live data, no second database. TimescaleDB extends Postgres so you scale without splitting. Try free.

Tiger Data sponsor

📄 Changes to Environment Variable Access in Cypress v15.10.0+ Jenna Beckett (Cypress)

📄 Measuring SVG Rendering Time with Node.js Stoyan Stefanov

🛠 Code & Tools

🕒 Croner 10.0: Cron-Style Triggers and Evaluation — Trigger functions on any cron schedule using cron syntax. It can also evaluate cron expressions to give you a list of upcoming times. v10.0 brings full OCPS (Open Cron Pattern Specification) 1.4 compliance and even more scheduling options.

Hexagon

🔐 OTPAuth: One-Time Password (HOTP/TOTP) Library — When you log in to a site with 2FA and you’re asked for six digits from your authentication app, that’s a Time-based One-Time Password (or TOTP). This library for Node, Deno, Bun and the browser lets you work with both TOTPs and HOTPs (HMAC-based OTPs).

Héctor Molinero Fernández

log-update 7.1: Log by Overwriting Previous Output in the Terminal — Imagine a console.log that overwrites its output on the same line. Think progress updates, animations, etc. v7.1 gains synchronized output rendering.

Sindre Sorhus

💡 Sindre has also just updated his ‘ora’ terminal spinner library.

💡 Nanoclaw: A Personal Claude Assistant That Runs in macOS Containers — OpenClaw (née Clawdbot) is incredible, yet slightly scary. If you want something lighter and safer to hack on, Nanoclaw is simpler and uses macOS Tahoe’s native container support to stay sandboxed.

Gavriel C

🎥 simple-ffmpegjs: A Helper for Complex FFmpeg Operations — A helper library to simplify programmatic video composition, transitions, and audio mixing without complex raw FFmpeg commands. Think crossfade transitions, text overlays with animations, and audio track mixing, etc.

Brayden Blackwell

💡 Prefer something lower level? node-av offers Node bindings to FFmpeg’s C APIs.

🎮 node-hid v3.3.0 – Access USB HID devices (except keyboard/mouse).

MongoDB Node.js Driver v7.1.0 – Official driver for MongoDB in Node.

pg-boss 12.9.0 – Postgres-powered background job processing.

jsdom 28.0 – Pure JS implementation of various web standards.

WebDAV v5.9.0 – WebDAV client library.

📰 Classifieds

🔮 Debug smarter: See how Sentry’s AI-agent Seer analyzes Node errors & logs to pinpoint root causes and propose fixes.

🎉 Hear from the minds shaping the web! Thousands of devs, food trucks & Amsterdam vibes. Don’t miss JSNation — 10% off with JSWEEKLY.

📢  Elsewhere in the ecosystem

A roundup of some other interesting stories in the broader landscape:

The Deno team has made Deno Deploy generally available. Despite the name, you can use it to smoothly run Node projects in the cloud, as well as Deno ones. They’ve also introduced Deno Sandbox as a way to programmatically manage microVMs for executing code securely.

📱 Someone claims to have compiled Node 18 to run on the iPhone to run Claude Code natively on device. There’s nothing but a Hacker News post and a ▶️ YouTube Short so far.

If your node_modules folder is just too much for your existing servers to handle, Amazon EC2 has new C8id, M8id, and R8id instances with up to 22.8 TB local NVMe storage attached.. 😅

A Daily WTF post showing off a way you shouldn’t parse numbers in JS.

🤖 An exploration of how some recent Node and React security vulnerabilities were found using AI.