I sat down with Pravin Halady, product manager at NodeSource, to discuss why enterprise developers might need a safer and more secure version of Node.js and npm and what it’s like running a business where your biggest competition is the creator of the product you sell.

Getting Started With NodeSource

After the call, I had a brief experiment with the software to see how well it worked and how easy it was to replace default node and npm with it. I found a couple of small, confusing points. For example, when I clicked ‘get started,’ I ended up going through a billing/trial setup that didn’t make it clear what to do next. So, I had to click back on the main logo to find installation instructions.

Certified Modules

First, install nscm and then use the signin subcommand to open a browser window and authenticate it with your NodeSource account. If you want to use an SSO provider, add it as a flag, for example --github .

npm -g install nscm nscm signin

Once you complete these steps, you are using the certified module repository and can use npm as you would normally use it.

Read this page to find out more about specific operations with the nscm command and the certification process.

N|Solid

N|Solid is available as a binary application for download, but sadly not as a Homebrew package on MacOS.

nsolid-console

You will be prompted for a license key, that strangely gets sent to you in an email. Initially, it looks like you can’t copy and paste it into the form field, but you can with some persistent copy and pasting.

Switch to the N|Solid shell:

source /usr/local/nsolid/nsolid-env

And run a node application and specify a name for it.

NSOLID_APPNAME="hello_node" node index.js

Read this documentation for more details on how to use N|Solid and what you can monitor with it.