Core Code
Core Code Modern Dev Handbook
NODEJS Contents
Foundations & Runtime
Node.js HOME Node.js Intro: What Problem Does It Solve? Event Loop Explained Get Started: Install Node and Run Your First Script System Requirements and LTS Strategy Node.js vs Browser JavaScript V8, libuv, and the Node Runtime Model Node Architecture: Threads, I/O, and the Main Loop Event Loop Basics (What Actually Runs When) Microtasks vs Macrotasks (Promises vs Timers) Concurrency Model: Non-blocking I/O Explained The process Object: Args, Env, Exit Codes Environment Variables: Patterns and Gotchas TypeScript-first Node: Project Setup (Minimal Tooling) JS vs TS in Node: Quick Differences You’ll See Often Node LTS, Releases, and Upgrade Strategy When NOT to Use Node.js (Real Tradeoffs)
Async Programming
Async in Node: Mental Model Callbacks (Why They Still Matter) Promises Deep Dive (Chaining, States, Errors) Async/Await Under the Hood Error Propagation Across Async Boundaries try/catch Pitfalls with Async Code Timeouts & Retries (Without Making a Mess) AbortController in Node (Canceling Work) Parallel vs Concurrent Work in Node Unhandled Rejections: What to Do in Production Common Async Bugs and How to Avoid Them
Modules & Tooling
Modules Overview: CommonJS vs ES Modules ES Modules in Node (import/export, package.json type) CommonJS (require/module.exports) in Legacy Code How Node Resolves Modules (Paths, Exports, Conditions) package.json Essentials (name, main, exports, types) npm Basics: Installing, Lockfiles, and Reproducibility npm Scripts: Dev/Build/Test Workflow Managing Dependencies: Semver, Updates, and Audits Monorepo Basics (When It Helps, When It Hurts) Project Structure: Feature vs Layer Folders Linting & Formatting (ESLint/Prettier strategy)
Core Modules
fs Basics: Reading and Writing Files Safely path vs URL: Correctly Handling Paths and Links Streams Intro: Why Streams Exist Backpressure: The Real Reason Your Server Slows Down Buffer: Binary Data Without Fear events & EventEmitter: Patterns and Pitfalls crypto Basics: Hashing vs Encryption Timers: setTimeout/setInterval and Drift readline: CLI Input for Real Tools util & Debugging Helpers (inspect, promisify) dns Module: When You Actually Need It
HTTP & Networking
Raw HTTP Server: A Minimal API Without Frameworks Routing Basics Without Express Parsing JSON Bodies Safely Status Codes That Don’t Hurt Users HTTPS/TLS Basics for Backend Devs CORS Basics (and Why It’s Not “A Backend Bug”) HTTP/2 Overview (What Changes, What Doesn’t) WebSockets Overview (When REST Isn’t Enough) Socket.IO vs ws: Tradeoffs HTTP Timeouts (Server, Client, and Proxies) Streaming Responses (SSE/Chunked) Overview
Express.js
Express Intro What Express Is (and What It Isn’t) Express + TypeScript: Minimal Setup Routing Patterns (params, query, nesting) Middleware Concept: The Request Pipeline Error Middleware: One Place to Handle Failures Validation Strategy (DTOs + schema validation) Async Errors in Express (the safe pattern) Request Context (correlation id, per-request state) Serving Static Files (and when not to) Rate Limiting: Basic Protection Security Headers with helmet (baseline) HTTP Logging Middleware (what to log) Express Best Practices Checklist Standard Error Response Format in Express Request Validation Pattern (DTO + schema)
API Design
REST vs RPC: Picking the Right Style Resource Modeling: URLs, nouns, and hierarchy DTOs: Input/Output Shapes That Don’t Leak Internals API Versioning Without Chaos Pagination Patterns (cursor vs offset) Filtering & Sorting Patterns Consistent Error Responses (problem details style) Idempotency for Real APIs (POST without duplicates) OpenAPI/Swagger: Practical Documentation Workflow Auth Integration Points (where auth belongs) Node APIs with Frontend Apps (CORS, cookies, tokens) API Rate Limiting Strategy (Concept) Caching Basics for APIs (Where It Fits)
Database Integration
Connection Pooling Transactions Raw SQL vs Query Builder Repository Pattern Migration Strategy Indexing Basics N+1 Query Problem When MongoDB Makes Sense MongoDB Query Patterns Preventing SQL Injection DB Connection Lifecycle (Open/Close, Pool Hygiene) Query Timeouts and Slow Query Diagnosis
Auth Overview
Session vs JWT Password Hashing Basics Refresh Token Flow (Concept) Auth Middleware Pattern Role-Based Access Control Permission Modeling Cookies vs Authorization Header Common Auth Mistakes
Errors & Logging
Operational vs Programmer Errors Centralized Error Handling Structured Logging Correlation IDs Log Redaction Metrics Basics Monitoring & Alerts Debugging Production HTTP Access Logs (what to capture) Tracing Overview (OpenTelemetry concept)
Testing
Why Testing Matters Node Test Runner Unit Testing Integration Testing Testing Express APIs Mocking Strategy Fixtures & Test Data CI Testing Strategy
Performance
Event Loop Lag Profiling CPU & Memory Cluster Module Worker Threads Child Process Memory Leak Detection Scaling Strategy
Deployment
Environment Strategy Process Managers (PM2) Docker Basics CI/CD Basics Reverse Proxy Concept Production Checklist Health Checks & Readiness Probes
Architecture Patterns
Layered Architecture Clean Architecture in Node Feature-Based Structure Monolith vs Microservices API Gateway Concept Event-Driven Architecture Production Folder Template Boundaries & Dependency Direction (Practical)

npm Scripts: Dev/Build/Test Workflow

Learn how to design npm scripts for a clean dev/build/test workflow, avoid cross-platform pitfalls, and keep production execution predictable.
On this page

Why npm Scripts Matter

npm scripts are the simplest way to standardize workflow across a team. In production-first projects, consistency beats cleverness: everyone should run the same commands locally, in CI, and in deployment.

Core Workflow Scripts

A solid baseline for backend projects:

{
  "scripts": {
    "dev": "tsx watch src/index.ts",
    "build": "tsc -p tsconfig.json",
    "start": "node dist/index.js",
    "test": "node --test",
    "lint": "eslint ."
  }
}

dev vs start

  • dev: fast feedback, runs TypeScript directly (or watches)
  • start: production-like, runs compiled JavaScript

Mixing these leads to “works on my machine” problems.

Passing Arguments

You can pass args after --:

npm run test -- --watch

Pre and Post Scripts

npm supports lifecycle hooks. Example:

{
  "scripts": {
    "prebuild": "rimraf dist",
    "build": "tsc",
    "postbuild": "node dist/healthcheck.js"
  }
}

Use these carefully. Hidden behavior can confuse teams.

Environment Variables in Scripts

Cross-platform issue: setting env vars differs between Windows and Unix shells.

Unix Style

PORT=3001 node dist/index.js

Windows CMD Style

set PORT=3001 && node dist/index.js

Production-Friendly Solution

Avoid shell-specific tricks. Prefer reading environment variables from the environment (set by your process manager, CI, or server config) rather than baking them into scripts.

Common Script Patterns

  • dev: run local server with watch
  • build: produce artifacts
  • start: run artifacts
  • test: run tests in CI
  • lint: enforce code quality

CI/CD Tip

In CI, prefer deterministic installs and explicit steps:

npm ci
npm run build
npm test

Production Insight

Keep scripts boring. Scripts are infrastructure. Complexity here becomes operational cost later.

Next Step

Next we will cover dependency management strategies: semver, updates, audits, and keeping your backend stable over time.

Managing Dependencies: Semver, Updates, and Audits →