Node.js 24 LTS: Essential New Features Guide
Introduction
You've likely heard the buzz around Node.js 24 LTS—codename "Krypton"—now in Active LTS since October 2025. As a backend developer, upgrading to the latest LTS means accessing stabilized features that enhance security, performance, and developer experience in production environments.
Compared to Node.js 22 and earlier, version 24 delivers mature implementations of previously experimental tools, a major V8 upgrade, and refined core APIs. You'll see improvements in context tracking, HTTP clients, testing, and more—all designed for real-world scalability.
This complete guide covers every major new feature in Node.js 24 LTS with practical explanations and code. You'll build a production-grade REST API incorporating these updates, complete with security restrictions, tracing, external fetches, and tests. By the end, you'll know exactly how to leverage Node.js 24 for robust applications.
Prerequisites
To follow along, ensure you have:
- •Experience with Node.js 18+ and ESM
- •Familiarity with async/await, HTTP servers, and core modules
- •Node.js 24 LTS installed (verify with node -v)
- •Basic command-line knowledge
What You'll Build
You'll create a secure REST API that:
- •Loads environment variables natively
- •Uses the stabilized permission model
- •Tracks requests with optimized AsyncLocalStorage
- •Fetches data via enhanced global fetch
- •Matches routes with global URLPattern
- •Includes comprehensive tests with the improved runner
- •Demonstrates modern JavaScript features
This example highlights production-ready patterns.
Major New Features in Node.js 24 LTS
Node.js 24 focuses on stability and performance. Here's a comprehensive breakdown.
V8 Engine 13.6: Modern JavaScript Capabilities
The V8 upgrade to 13.6 introduces several ECMAScript features, now stable for production use.
Key additions:
- •Float16Array for memory-efficient floating-point operations
- •Explicit resource management with using declarations
- •RegExp.escape() for safe regex building
- •Resizable ArrayBuffers
Example: Explicit Resource Management
// resource.js
class DatabaseConnection {
constructor() {
console.log('Opening DB connection');
}
query(sql) {
console.log(`Executing: ${sql}`);
}
[Symbol.dispose]() {
console.log('Closing DB connection');
}
}
function performQuery() {
using db = new DatabaseConnection(); // Auto-disposed at end of scope
db.query('SELECT * FROM users');
// Connection closes automatically
}
performQuery();This ensures cleanup without try/finally blocks.
Stabilized Permission Model
The permission model, experimental since Node.js 20, is now stable. Use the simplified --permission flag to restrict access to filesystem, workers, and more.
Example: Secure Startup
node --permission=--no-fs --permission=--allow-net server.jsThis denies filesystem access while allowing network operations—ideal for sandboxing.
Optimized AsyncLocalStorage
AsyncLocalStorage now defaults to the faster AsyncContextFrame implementation, improving performance for tracing and logging in high-concurrency apps.
Example: Request Tracing
// tracing.js
import { AsyncLocalStorage } from 'node:async_hooks';
const asyncLocalStorage = new AsyncLocalStorage();
export function runWithTrace(fn, traceId = crypto.randomUUID()) {
return asyncLocalStorage.run({ traceId }, fn);
}
export function getTraceId() {
return asyncLocalStorage.getStore()?.traceId ?? 'none';
}No flags needed—faster by default.
Undici 7: Enhanced HTTP Client and WebSocketStream
The built-in HTTP client upgrades to Undici 7, bringing stricter fetch compliance, interceptors, and a new WebSocketStream for WebSocket handling.
While not a full browser-like WebSocket server, WebSocketStream enables efficient client and streaming connections.
Example: Global fetch with Proxy
// client.js
const response = await fetch('https://api.example.com/data', {
headers: { Authorization: `Bearer ${process.env.API_KEY}` }
});
const data = await response.json();
console.log(data);Example: Basic WebSocketStream Client
// websocket.js
import { WebSocketStream } from 'undici';
const ws = new WebSocketStream('wss://echo.websocket.org');
const { readable, writable } = await ws.opened;
writable.getWriter().write('Hello');
for await (const message of readable) {
console.log('Received:', message);
break;
}
await writable.getWriter().close();Global URLPattern
URLPattern is now available globally—no imports required—for powerful route matching.
Example: Route Matching
const pattern = new URLPattern({ pathname: '/users/:id' });
console.log(pattern.test('https://example.com/users/123')); // true
console.log(pattern.exec('https://example.com/users/123').pathname.groups.id); // '123'Native .env File Support
Node.js supports loading .env files natively via the --env-file flag (introduced earlier but refined). No more third-party dotenv required.
Example: Loading Environment Variables
node --env-file=.env server.jsCreate .env:
API_KEY=your-secret-key
PORT=3000Access via process.env.API_KEY.
Enhanced Built-in Test Runner
The test runner auto-awaits subtests, supports global setup/teardown, and reduces boilerplate.
Example: Test Suite
// test-api.js
import { test, before, after } from 'node:test';
import assert from 'node:assert';
before(() => console.log('Setup'));
after(() => console.log('Teardown'));
test('basic assertion', async (t) => {
await t.test('subtest passes', () => {
assert.strictEqual(1 + 1, 2);
});
});Run with node --test.
npm 11 Bundled
Node.js 24 ships with npm 11, featuring better performance, vulnerability scanning, and modern package support.
Hands-On: Building the Production-Grade API
- •Initialize Project
mkdir nodejs-24-app && cd nodejs-24-app
npm init -y
touch server.js tracing.js .env- •Add .env File
PORT=3000
EXTERNAL_API=https://jsonplaceholder.typicode.com- •Implement Tracing (tracing.js from earlier).
- •Build the Server
// server.js
import { createServer } from 'node:http';
import { runWithTrace, getTraceId } from './tracing.js';
const server = createServer(async (req, res) => {
await runWithTrace(async () => {
const url = new URL(req.url, `http://${req.headers.host}`);
const pattern = new URLPattern({ pathname: '/posts/:id' });
if (req.method === 'GET' && pattern.test(url)) {
const { id } = pattern.exec(url).pathname.groups;
const external = await fetch(`${process.env.EXTERNAL_API}/posts/${id}`);
const post = await external.json();
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ traceId: getTraceId(), post }));
} else {
res.writeHead(404);
res.end();
}
}, req.headers['x-request-id'] ?? crypto.randomUUID());
});
server.listen(process.env.PORT || 3000, () => console.log('Server running'));- •Add Tests (from earlier example).
- •Run Securely
node --env-file=.env --permission=--no-fs --permission=--allow-net --test test-api.js
node --env-file=.env --permission=--no-fs --permission=--allow-net server.jsCheckpoint: Test the endpoint with curl http://localhost:3000/posts/1. Verify tracing and external data.
Troubleshooting
- •Permission Denied: Adjust --permission scopes carefully.
- •Env Variables Missing: Ensure --env-file=.env flag is used.
- •WebSocketStream Errors: Import from 'undici' and handle connection states.
- •Test Failures: Remove manual awaits in subtests.
- •Deprecation Warnings: Migrate from url.parse() to URL API.
Conclusion
Node.js 24 LTS matures essential features for production: a stable permission model, faster context tracking, powerful Undici 7 (including WebSocketStream), global URLPattern, native .env support, and modern JavaScript via V8 13.6.
You've built a working example incorporating these updates. Upgrade your production backends to Node.js 24 LTS today for enhanced security, performance, and maintainability.
Start migrating—your applications will run safer and faster.
Next Steps (further learning)
- •Read official Node.js 24 release notes and changelogs (nodejs.org).
- •Explore V8 explicit resource management docs and TC39 proposal details.