Summary

🤖 Development environment

Do not rely on OS system calls or core utilities without using an abstraction layer.
Test each OS with virtual machines and continuous integration.
Instead of nvm, use nvm-windows and npm-windows-upgrade on Windows.
nve and nvexeca can be used to run a single command with one or several different Node.js versions.
Run npm install -g windows-build-tools on Windows when installing C/C++ addons.

Keep the default encoding as UTF-8. File/terminal input should either be validated or converted to it (node-chardet).
Use editorconfig.
Use any characters from cross-platform-terminal-characters
Avoid printing Unicode characters (including emoji) except through projects like figures and log-symbols.
Use os.EOL when reading from or writing to a file, \n otherwise.
End files with a newline.
Avoid the substitute character (CTRL-Z) in non-binary files.

Use path.normalize() when writing a file path to a terminal or file. Otherwise use Unix paths (slashes).
Use url.fileURLToPath() with import.meta.url. Alternatively, use import.meta.filename and import.meta.dirname.
Only use lowercase a-z, 0-9 and -._,=() in filenames.
Avoid paths longer than 260 characters.
Copy files instead of symlinking them.
Use chokidar to watch files.
Avoid --watch-path
Avoid the O_NOATIME and UV_FS_O_FILEMAP flags of fs.open()
Avoid blksize, blocks, mode, uid, gid, atime, atimeMs, ctime, ctimeMs, birthtime and birthtimeMs returned by fs.stat().
Use global-cache-dir to retrieve the global cache directory.
Use env-paths for other common directories.

Fire shell commands with execa.
Keep shell commands to simple command arguments... calls.
Use npx or execa to fire local binaries.
Outside Node.js (e.g. in npm scripts), environment variables should be referenced and passed using cross-env.
Avoid redirecting to a file descriptor with the stdio option of child_process methods.

Avoid fs.chmod(), fs.access() (except F_OK), fs.open()'s mode, fs.mkdir()'s options.mode and process.umask().
Avoid os.userInfo().uid|gid, child_process's uid and gid, fs.chown() and the process methods getuid(), geteuid(), getgid(), getegid(), setuid(), seteuid(), setgid(), setegid(), getgroups(), setgroups() and initgroups().
Avoid --secure-heap

Use error.code instead of error.errno.
Use fkill to terminate processes.
Only use process.kill() with the following signals: SIGINT, SIGTERM, SIGKILL, SIGQUIT and 0.
Only use process.on(signal) with the following signals: SIGINT, SIGHUP and SIGWINCH.
Use ps-list, pid-from-port and process-exists to find and check for processes.
Sockets / named pipes must be prefixed with \\.\pipe\ on Windows.
TCP servers should not listen() on a file descriptor.
Do not use --diagnostic-report-on-signal

Use os Node.js core module and navigator when needed. If it lacks some information, use systeminformation instead.
When using OS-specific logic, identify the current OS with process.platform.
Do not assume process.hrtime() is nanoseconds-precise.
Avoid os.cpus()'s times.nice, os.loadavg() and process.resourceUsage()'s voluntaryContextSwitches and involuntaryContextSwitches.

Next (🤖 Development environment)
Top