Node.js v 12 arrived on schedule. It went into LTS in October and will be maintained until 2022. In the meantime, Node 14 became the Current version!

update node js latest version

Node.js LTS & Current Download for macOS:

Node.js LTS & Current Download for Windows:

For other downloads like Linux libraries, source codes, Docker images, etc.. please visit https://nodejs.org/en/download/

Node.js v14 just arrived!

The highlights in this release include improved diagnostics, an upgrade of V8, an experimental Async Local Storage API, hardening of the streams APIs, removal of the Experimental Modules warning, and the removal of some long deprecated APIs.

Node.js 14 replaces Node.js 13 as our current release line. Node.js 14 will be the Current release for the next 6 months, and then promoted to Long-term Support (LTS) in October 2020. As a reminder — both Node.js 12 and Node.js 10 will remain in long-term support until April 2022 and April 2021 respectively.

Node.js LTS v14 Changelogs

Changelog for Node v14.5.0 (Current)

  • V8 engine is updated to version 8.3

This version includes performance improvements and now allows WebAssembly modules to request memories up to 4GB in size. For more information, have a look at the official V8 blog post.

  • Initial experimental implementation of EventTarget

This version introduces an new experimental API EventTarget, which provides a DOM interface implemented by objects that can receive events and may have listeners for them. It is an adaptation of the Web API EventTarget.

Changelog for Node v14.4.0 (Current)

This is a security release. Vulnerabilities fixed:

  • CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
  • CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
  • CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Changelog for Node v14.3.0 (Current)

  • REPL previews improvements with autocompletion: The output preview is changed to generate previews for autocompleted input instead of the actual input. Pressing <enter> during a preview is now going to evaluate the whole string including the autocompleted part. Pressing <escape> cancels that behavior.

  • Support for Top-Level Await: It's now possible to use the await keyword outside of async functions, with the --experimental-top-level-await flag.

Changelog for Node v14.2.0 (Current)

  • Track function calls with assert.CallTracker: assert.CallTracker is a new experimental API that allows to track and later verify the number of times a function was called.

  • Console groupIndentation option: The Console constructor (require('console').Console) now supports different group indentations.

Changelog for Node v14.1.0 (Current)

  • deps: upgrade openssl sources to 1.1.1g
  • doc: add juanarbol as collaborator
  • http: doc deprecate abort and improve docs
  • module: do not warn when accessing __esModule of unfinished exports
  • n-api: detect deadlocks in thread-safe function
  • src: deprecate embedder APIs with replacements
  • stream:
    • don't emit end after close
    • don't wait for close on legacy streams
    • pipeline should only destroy un-finished streams
  • vm: add importModuleDynamically option to compileFunction

Changelog for Node v14.0.0 (Current)

  • Deprecations:

    • (SEMVER-MAJOR) crypto: move pbkdf2 without digest to EOL
    • (SEMVER-MAJOR) fs: deprecate closing FileHandle on garbage collection
    • (SEMVER-MAJOR) http: move OutboundMessage.prototype.flush to EOL
    • (SEMVER-MAJOR) lib: move GLOBAL and root aliases to EOL
    • (SEMVER-MAJOR) os: move tmpDir() to EOL
    • (SEMVER-MAJOR) src: remove deprecated wasm type check
    • (SEMVER-MAJOR) stream: move _writableState.buffer to EOL
    • (SEMVER-MINOR) doc: deprecate process.mainModule
    • (SEMVER-MINOR) doc: deprecate process.umask() with no arguments
  • ECMAScript Modules - Experimental Warning Removal

In Node.js 13 we removed the need to include the --experimental-modules flag, but when running EcmaScript Modules in Node.js, this would still result in a warning ExperimentalWarning: The ESM module loader is experimental.

As of Node.js 14 there is no longer this warning when using ESM in Node.js. However, the ESM implementation in Node.js remains experimental. As per our stability index: “The feature is not subject to Semantic Versioning rules. Non-backward compatible changes or removal may occur in any future release.” Users should be cautious when using the feature in production environments.

The ESM implementation in Node.js is still experimental but we do believe that we are getting very close to being able to call ESM in Node.js “stable”. Removing the warning is a huge step in that direction.

  • New V8 ArrayBuffer API src: migrate to new V8 ArrayBuffer API. Multiple ArrayBuffers pointing to the same base address are no longer allowed by V8. This may impact native addons.

  • Toolchain and Compiler Upgrades

    • (SEMVER-MAJOR) build: update macos deployment target to 10.13 for 14.x
    • (SEMVER-MAJOR) doc: update cross compiler machine for Linux armv7
    • (SEMVER-MAJOR) doc: update Centos/RHEL releases use devtoolset-8
    • (SEMVER-MAJOR) doc: remove SmartOS from official binaries
    • (SEMVER-MAJOR) win: block running on EOL Windows versions

It is expected that there will be an ABI mismatch on ARM between the Node.js binary and native addons. Native addons are only broken if they interact with std::shared_ptr. This is expected to be fixed in a later version of Node.js 14.

  • Update to V8 8.1 (SEMVER-MAJOR) deps: update V8 to 8.1.307.20

    • Enables Optional Chaining by default
    • Enables Nullish Coalescing by default
    • Enables Intl.DisplayNames by default
    • Enables calendar and numberingSystem options for Intl.DateTimeFormat by default
  • Other Notable Changes:

    • cli, report: move --report-on-fatalerror to stable
    • deps: upgrade to libuv 1.37.0
    • fs: add fs/promises alias module

Node.js v12 - New Features You Shouldn't Miss

Here is a list of changes we consider essential to highlight:

  • V8 updated to version 7.4
    • Async stack traces arrived
    • Faster async/await implementation
    • New JavaScript language features
    • Performance tweaks & improvements
    • Progress on Worker threads, N-API
  • Default HTTP parser switched to llhttp
  • New experimental “Diagnostic Reports” feature

You can browse the full changelog here and read our deep-dive on Node.js v12 here.

Node.js LTS v12 Changelogs

Changelog for Node v12.18.2

  • deps: V8: backport
    • Fixes memory leak in PrototypeUsers::Add
  • src: use symbol to store AsyncWrap resource
    • Fixes reported memory leak in #33468

Changelog for Node v12.18.1

  • deps:
    • V8: cherry-pick 548f6c81d424
    • update to uvwasi 0.0.9
    • upgrade to libuv 1.38.0
    • upgrade npm to 6.14.5

Changelog for Node v12.18.0

This is a security release. Vulnerabilities fixed:

  • CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
  • CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
  • CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Changelog for Node v12.17.0

  • ECMAScript Modules - --experimental-modules flag removal

The ESM implementation in Node.js is still experimental but we do believe that we are getting very close to being able to call ESM in Node.js “stable”. Removing the flag is a huge step in that direction.

  • AsyncLocalStorage API (experimental)

This API allows keeping a context across asynchronous operations. Use cases of this API include:

* Logging
* User identification
* Performance tracking
* Error tracking and handling
  • REPL previews

The REPL now supports previews similar to the Chrome DevTools console. An input suggestion is inserted as preview in case further input is predicable.

  • REPL reverse-i-search

The REPL supports bi-directional reverse-i-search similar to ZSH. It is triggered with <ctrl> + R to search backwards and <ctrl> + S to search forwards.

  • REPL substring-based search

It is now possible to access former history entries very fast by writing the first characters of the formerly entered code you are looking for. Then push <UP> or <DOWN> to go through the history entries that start with those characters.

  • Monitoring error events

It is now possible to monitor 'error' events on an EventEmitter without consuming the emitted error by installing a listener using the symbol EventEmitter.errorMonitor.

  • Monitoring uncaught exceptions

It is now possible to monitor 'uncaughtException' events without overriding the default behavior that exits the process by installing an 'uncaughtExceptionMonitor' listener.

  • File system APIs

    • New function: fs.readv: This new function (along with its sync and promisified versions) takes an array of ArrayBufferView elements and will write the data it reads sequentially to the buffers.

    • Optional parameters in fs.read: A new overload is available for fs.read (along with its sync and promisified versions), which allows to optionally pass any of the offset, length and position parameters.

    • Console groupIndentation option: The Console constructor (require('console').Console) now supports different group indentations.This is useful in case you want different grouping width than 2 spaces.

  • maxStringLength option for util.inspect()

It is now possible to limit the length of strings while inspecting objects. This is possible by passing through the maxStringLength option.

  • Stable N-API release 6

The following N-API features are now stable as part of the N-API 6 release:

* napi_set_instance_data
* napi_get_instance_data
* napi_key_collection_mode
* napi_key_filter
* napi_key_conversion
* napi_create_bigint_int64
* napi_create_bigint_uint64
* napi_create_bigint_words
* napi_get_value_bigint_int64
* napi_get_value_bigint_uint64
* napi_get_value_bigint_words
* napi_get_all_property_names
  • Stable diagnostic reports:

The Diagnostic Report feature is now stable and supports a new --report-compact flag to write the reports in a compact, single-line JSON format, more easily consumable by log processing systems than the default multi-line format designed for human consumption.

  • Increase of the default server headers timeout

The default value of server.headersTimeout for http and https servers was increased from 40000 to 60000 (60 seconds). This to accomodate for systems like AWS ELB that have a timeout of 60 seconds.

  • Other changes:

  • cli: Added a --trace-sigint CLI flag that will print the current execution stack on SIGINT

  • crypto: Various crypto APIs now support Diffie-Hellman secrets

  • dns: Added the dns.ALL flag, that can be passed to dns.lookup() with dns.V4MAPPED to return resolved IPv6 addresses as well as IPv4 mapped IPv6 addresses.

  • module: Added a new experimental API to interact with Source Map V3 data

  • worker: Added support for passing a transferList along with workerData to the Worker constructor.

Changelog for Node v12.16.3

  • Dependencies:
    • Updated OpenSSL to 1.1.1g
    • Updated c-ares to 1.16.0
    • Updated experimental uvwasi to 0.0.6
  • ESM (experimental):
    • Additional warnings are no longer printed for modules that use conditional exports or package name self resolution.

Changelog for Node v12.16.2

  • deps: upgrade npm to 6.13.6 and openssl to 1.1.1e

Changelog for Node v12.16.1

Node.js 12.16.0 included 6 regressions that are being fixed in this release:

  • Accidental Unflagging of Self Resolving Modules: 12.16.0 included a large update to the ESM implementation. One of the new features, Self Referential Modules, was accidentally released without requiring the --experimental-modules flag. This release is being made to appropriately flag the feature.

  • Process Cleanup Changed Introduced WASM-Related Assertion: A change during Node.js process cleanup led to a crash in combination with specific usage of WASM. This has been fixed by partially reverted said change. A regression test and a full fix are being worked on and will likely be included in future 12.x and 13.x releases.

  • Use Largepages Runtime Option Introduced Linking Failure: A Semver-Minor change to introduce --use-largepages as a runtime option introduced a linking failure. This had been fixed in master but regressed as the fix has not yet gone out in a Current release. The feature has been reverted, but will be able to reland with a fix in a future Semver-Minor release.

  • Async Hooks was Causing an Exception When Handling Errors: Changes in async hooks internals introduced a case where an internal api call could be called with undefined causing a process to crash. The change to async hooks was reverted. A regression test and fix has been proposed and the change could re-land in a future Semver-Patch release if the regression is reliably fixed.

  • New Enumerable Read-Only Property on EventEmitter breaks @types/extend: A new property for enumerating events was added to the EventEmitter class. This broke existing code that was using the @types/extend module for extending classses as @types/extend was attemping to write over the existing field which the new change made read-only. As this is the first property on EventEmitter that is read-only this feature could be considered Semver-Major. The new feature has been reverted but could re-land in a future Semver-Minor release if a non breaking way of applying it is found.

  • Exceptions in the HTTP parser were not emitting an uncaughtException: A refactoring to Node.js interanls resulted in a bug where errors in the HTTP parser were not being emitted by process.on('uncaughtException') when the async_hooks after hook exists. The fix to this bug has been included in this release.

Changelog for Node v12.16.0

  • New assert APIs: The assert module now provides experimental assert.match() and assert.doesNotMatch() methods. They will validate that the first argument is a string and matches (or does not match) the provided regular expression.

  • Advanced serialization for IPC: The child_process and cluster modules now support a serialization option to change the serialization mechanism used for IPC.

  • CLI flags:

    • The new --trace-exit CLI flag makes Node.js print a stack trace whenever the Node.js environment is exited proactively (i.e. by invoking the process.exit() function or pressing Ctrl+C).
    • The new --trace-uncaught CLI flag makes Node.js print a stack trace at the time of throwing uncaught exceptions, rather than at the creation of the Error object, if there is any. This option is not enabled by default because it may affect garbage collection behavior negatively.
    • The --disallow-code-generation-from-strings V8 CLI flag is now whitelisted in the NODE_OPTIONS environment variable.
  • New crypto APIs: For DSA and ECDSA, a new signature encoding is now supported in addition to the existing one (DER). The verify and sign methods accept a dsaEncoding option, which can have one of two values:

    • 'der' (default): DER-encoded ASN.1 signature structure encoding (r, s).
    • 'ieee-p1363': Signature format r || s as proposed in IEEE-P1363.
  • A new method was added to Hash: Hash.prototype.copy. It makes it possible to clone the internal state of a Hash object into a new Hash object, allowing to compute the digest between updates.

  • Dependency updates:

    • libuv was updated to 1.34.0. This includes fixes to uv_fs_copyfile() and uv_interface_addresses() and adds two new functions: uv_sleep() and uv_fs_mkstemp().
    • V8 was updated to 7.8.279.23. This includes performance improvements to object destructuring, RegExp match failures and WebAssembly startup time.
  • New EventEmitter APIs:

    • The new EventEmitter.on static method allows to async iterate over events.
    • It is now possible to monitor 'error' events on an EventEmitter without consuming the emitted error by installing a listener using the symbol EventEmitter.errorMonitor.
  • Performance Hooks are no longer experimental: The perf_hooks module is now considered a stable API.

  • Introduction of experimental WebAssembly System Interface (WASI) support: A new core module, wasi, is introduced to provide an implementation of the WebAssembly System Interface specification. WASI gives sandboxed WebAssembly applications access to the underlying operating system via a collection of POSIX-like functions.

Changelog for Node v12.15.0 (LTS)

This is a security release. Vulnerabilities fixed:

  • CVE-2019-15606: HTTP header values do not have trailing OWS trimmed.
  • CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
  • CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

Changelog for Node v12.14.1 (LTS)

  • crypto: fix key requirements in asymmetric cipher
  • deps:
    • update llhttp to 2.0.1
    • update nghttp2 to 1.40.0
  • v8: mark serdes API as stable

Changelog for Node v12.14.0 (LTS)

  • deps: update npm to 6.13.4

Changelog for Node v12.13.1 (LTS)

  • Experimental support for building Node.js with Python 3 is improved.
  • ICU time zone data is updated to version 2019c. This fixes the date offset in Brazil.

Changelog for Node v12.13.0 (LTS)

This release marks the transition of Node.js 12.x into Long Term Support (LTS) with the codename 'Erbium'. The 12.x release line now moves into "Active LTS" and will remain so until October 2020. After that time, it will move into "Maintenance" until end of life in April 2022.

Notable changes:

  • npm was updated to 6.12.0. It now includes a version of node-gyp that supports Python 3 for building native modules.

Changelog for Node v12.12.0 (LTS)

  • build: Add --force-context-aware flag to prevent usage of native node addons that aren't context aware
  • deprecations: Add documentation-only deprecation for process._tickCallback()
  • esm: Using JSON modules is experimental again
  • fs: Introduce opendir() and fs.Dir to iterate through directories
  • process: Add source-map support to stack traces by using --enable-source-maps
  • tls:
    • Honor pauseOnConnect option
    • Add option for private keys for OpenSSL engines

Changelog for Node v12.11.1 (LTS)

  • build: This release fixes a regression that prevented from building Node.js using the official source tarball
  • deps: Updated small-icu data to support "unit" style in the Intl.NumberFormat API

Changelog for Node v12.11.0 (LTS)

  • crypto:
    • Add oaepLabel option
  • deps: Update V8 to 7.7.299.11
    • More efficient memory handling
    • Stack trace serialization got faster
    • The Intl.NumberFormat API gained new functionality
    • For more information: https://v8.dev/blog/v8-release-77
  • events:
    • Add support for EventTarget in once
  • fs:
    • Expose memory file mapping flag UV_FS_O_FILEMAP
  • inspector:
    • New API - Session.connectToMainThread
  • process:
    • Initial SourceMap support via env.NODE_V8_COVERAGE
  • stream:
    • Make _write() optional when _writev() is implemented
  • tls:
    • Add option to override signature algorithms
  • util:
    • Add encodeInto to TextEncoder
  • worker:
    • The worker_thread module is now stable

Changelog for Node v12.10.0 (LTS)

  • deps:
    • Update npm to 6.10.3
  • fs:
    • Add recursive option to rmdir()
    • Allow passing true to emitClose option
    • Add *timeNs properties to BigInt Stats objects
  • net:
    • Allow reading data into a static buffer

Changelog for Node v12.9.0 (LTS)

  • crypto:
    • Added an oaepHash option to asymmetric encryption which allows users to specify a hash function when using OAEP padding
  • deps:
    • Updated V8 to 7.6.303.29
      • Improves the performance of various APIs such as JSON.parse and methods called on frozen arrays.
      • Adds the Promise.allSettled method.
      • Improves support of BigInt in Intl methods.
      • For more information: https://v8.dev/blog/v8-release-76
    • Updated libuv to 1.31.0
      • UV_FS_O_FILEMAP has been added for faster access to memory mapped files on Windows.
      • uv_fs_mkdir() now returns UV_EINVAL for invalid filenames on Windows. It previously returned UV_ENOENT.
      • The uv_fs_statfs() API has been added.
      • The uv_os_environ() and uv_os_free_environ() APIs have been added.
  • fs:
    • Added fs.writev, fs.writevSync and filehandle.writev (promise version) methods. They allow to write an array of ArrayBufferViews to a file descriptor
  • http:
    • Added three properties to OutgoingMessage.prototype: writableObjectMode, writableLength and writableHighWaterMark
  • stream:
    • Added an new property readableEnded to readable streams. Its value is set to true when the 'end' event is emitted.
  • Added an new property writableEnded to writable streams. Its value is set to true after writable.end() has been called.

Changelog for Node v12.8.0 (LTS)

  • assert:
    • Legacy mode deprecation (DEP0089) is revoked
  • crypto:
    • The outputLength option is added to crypto.createHash
    • The maxmem range is increased from 32 to 53 bits
  • n-api:
    • Added APIs for per-instance state management
  • report:
    • Network interfaces get included in the report
  • src:
    • v8.getHeapCodeStatistics() is now exported

Changelog for Node v12.7.0 (LTS)

  • deps:
    • Updated nghttp2 to 1.39.1
    • Updated npm to 6.10.0
  • esm:
    • Implemented experimental "pkg-exports" proposal. A new "exports" field can be added to a module's package.json file to provide custom subpath aliasing. See proposal-pkg-exports for more information
  • http:
    • Added response.writableFinished
    • Exposed headers, rawHeaders and other fields on an http.ClientRequest "information" event
  • inspector:
    • Added inspector.waitForDebugger()
  • policy:
    • Added --policy-integrity=sri CLI option to mitigate policy tampering. If a policy integrity is specified and the policy does not have that integrity, Node.js will error prior to running any code
  • readline,tty:
    • Exposed stream API from various methods which write characters
  • src:
    • Use cgroups to get memory limits. This improves the way we set the memory ceiling for a Node.js process. Previously we would use the physical memory size to estimate the necessary V8 heap sizes. The physical memory size is not necessarily the correct limit, e.g. if the process is running inside a docker container or is otherwise constrained. This change adds the ability to get a memory limit set by linux cgroups, which is used by docker containers to set resource constraints

Changelog for Node v12.6.0 (LTS)

  • build:
    • Experimental support for building Node.js on MIPS architecture is back
  • child_process:
    • The promisified versions of child_process.exec and child_process.execFile now both return a Promise which has the child instance attached to their child property
  • deps: Updated libuv to 1.30.1
    • Support for the Haiku platform has been added.
    • The maximum UV_THREADPOOL_SIZE has been increased from 128 to 1024.
    • uv_fs_copyfile() now works properly when the source and destination files are the same.
  • process:
    • A new method, process.resourceUsage() was added. It returns resource usage for the current process, such as CPU time
  • src:
    • Fixed an issue related to stdio that could lead to a crash of the process in some circumstances
  • stream:
    • Added a writableFinished property to writable streams. It indicates that all the data has been flushed to the underlying system
  • worker:
    • Fixed an issue that prevented worker threads to listen for data on stdin

Learn More Node.js from RisingStack

At RisingStack we've been writing JavaScript / Node tutorials for the community in the past 5 years. If you're beginner to Node.js, we recommend checking out our Node Hero tutorial series! The goal of this series is to help you get started with Node.js and make sure you understand how to write an application using it.

As a sequel to Node Hero, we have completed another series called Node.js at Scale - which focuses on advanced Node / JavaScript topics. Take a look!