Node.js

Node.js is a JavaScript runtime built on Chrome's V8 engine that allows you to run JavaScript on the server.

Use cases: Web servers, APIs, CLI tools, build tools, real-time apps.

The mechanism that allows Node.js to perform non-blocking I/O despite being single-threaded.

The event loop continuously cycles through these phases.

• process.nextTick(): Executes immediately after the current operation, before the event loop continues. (Microtask queue)
• setImmediate(): Executes in the next iteration of the event loop, in the "check" phase. (Macrotask queue)

• Blocking: Execution waits for the operation to complete before moving on.
• Non-Blocking: Execution continues immediately; result is handled via callback/promise.

Rule: Never use blocking methods in production servers.

The equivalent of window in browsers. It contains globally available objects and functions.

Provides information and control over the current Node.js process.

1. Resolving: Find the file path
2. Loading: Read the file content
3. Wrapping: Wrap in a function to provide module scope
4. Evaluating: Execute the module code
5. Caching: Store in require.cache for future calls

Caching: Modules are cached after first load. Same require() returns cached result.

The manifest file for a Node.js project.

• dependencies: Required to run the app in production.
• devDependencies: Only needed during development (testing, building, linting).

Records the exact version of every installed dependency (and their dependencies).

Purpose:

• Ensures consistent installs across machines
• Faster installs (skips version resolution)
• Security auditing

Best practice: Always commit package-lock.json to version control.

Callbacks are functions passed as arguments to be called when an operation completes.

Callback Hell: Deeply nested callbacks that are hard to read and maintain.

Solutions: Promises, async/await, modularizing code.

Promises represent the eventual result of an async operation.

States: Pending → Fulfilled (resolved) or Rejected

Syntactic sugar over Promises for cleaner async code.

Converts callback-based functions to Promise-based ones.

Modern alternative: Most Node.js APIs now have .promises versions:

Streams handle data piece by piece (chunks) instead of loading everything into memory.

Types:

• Readable: Read data (fs.createReadStream, http request)
• Writable: Write data (fs.createWriteStream, http response)
• Duplex: Both read and write (TCP socket)
• Transform: Modify data as it passes through (zlib, crypto)

Connecting a readable stream to a writable stream.

Modern syntax (pipeline):

A fixed-size chunk of memory for handling binary data.

Using multer middleware with Express:

Native:

With Express:

Functions that have access to request, response, and next(). They execute in order.

Cross-Origin Resource Sharing allows/restricts cross-origin requests.

.env file:

Best practices:

• Never commit .env to version control
• Use different files per environment (.env.development, .env.production)
• Validate required variables at startup

1. Validate input (Joi, Zod, express-validator)

2. Use Helmet (security headers)

3. Rate limiting

4. Parameterized queries (prevent SQL injection)
5. HTTPS everywhere
6. Keep dependencies updated (npm audit)

Sync errors: Automatically caught

Async errors: Need try/catch or wrapper

With Mongoose:

MongoDB (Mongoose):

PostgreSQL (Prisma):

Vertical scaling: Use all CPU cores

Better: Use PM2

Horizontal scaling:

• Load balancer (nginx, HAProxy)
• Container orchestration (Kubernetes)
• Stateless design (no in-memory sessions)

Run CPU-intensive JavaScript in parallel threads (not just I/O).

Use cases: Image processing, video encoding, heavy computations, data parsing.