IT'S NODE ROCKET SCIENCE

In this talk, we will have fun trying to tamper with a running Node.js process to change its behavior at runtime. Without changing the code or restarting the process, we will find a way to inject our own logic into it and start to do the things we want. What are the limitations of such an approach? Is there part of it that can be used in real life scenarios? Come and find out! Yes, there will be some live demo.

This talk explores the power of tech infrastructure as code, allowing organizations to quickly, reliably and reproducibly build up, scale, and tear down real-world infrastructure as needed — with a focus on NodeJS stacks.

Topic: Node.js in the Cloud

Panelists:

• Eran Hammer (Hapi.js Core Contributor),

• Slobodan Stojanović (AWS Serverless Hero, Claudia.js core team member, co-author of “Serverless Applications with Node.js” book),

• Ali Spittel (Senior Developer Advocate on the AWS Amplify team),

• Ruben Casas (Software Engineer & Architect at American Express),

• Alejandro Oviedo (Works with Web security, Node.js performance and Serverless)

Moderator: Nikolay Matvienko (Node Congress Program Committee member, https://notjs.blog/ author)

Imagine your productivity and confidence developing web apps without chrome dev tools. Many do exactly that with Node.js.

It is important to observe and learn what’s happening in your app to stay competitive and create the most performant and efficient Node.js applications, following the best practices.

In this talk, we will explore useful tools to examine your Node.js applications and how observability will speed up development, produce better code while improving reliability and uptime. Don’t miss it!

How do you know your feature is working perfectly in production? If something breaks in production, how will you know? Will you wait for a user to report it to you? What do you do when your staging test results do not reflect current production behavior? In order to test proactively as opposed to reactively, try testing in production! You will have an increased accuracy of test results, your tests will run faster due to the elimination of bad data, and you will have higher confidence before releases. This can be accomplished through feature flagging, canary releases, setting up a proper CI/CD pipeline, and data cleanup. You will leave this talk with strategies to mitigate risk, to better your understanding of the steps to get there, and to shift your company’s testing culture, so you can provide the best possible experience to your users. At the end of the day, we don't care if your features work in staging, we care if they work in production.

In this talk, Zoe Steinkamp will talk about Giraffe, an open source visualization library that powers data visualizations in the InfluxDB 2.0 UI. Giraffe can be used to display your data within your own app and is Fluxlang-supported! It uses algorithms to handle visualizing high volumes of time series data that InfluxDB can ingest and query.

Stop wrestling with UI libraries, hacking together data sources, and figuring out access controls. All internal tools are made from the same building blocks: tables, buttons, forms, etc. Instead of building internal tools from scratch, we'll show you how to use the Retool visual programming IDE so you can ship apps 10x faster and save hundreds of hours.

The benefits of Node.js to develop real-time applications at scale are very well known. As Node.js architectures get more and more complex, visualization of your microservice-based architecture is crucial. However, the visualization of microservices is incredibly complex given the scale and the transactions across them. You not only need to visualize your Node.js applications but also analyze the health, flow, and performance of applications to have a complete observability solution. In this talk, we'll go over the challenges of scaling your Node.js applications and tools (such as distributed tracing) available to you to scale with confidence.

With StackHawk, engineering teams can run security tests against JS applications and the backing APIs to find and fix vulnerabilities before they hit production. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder Ryan Severns for a quick overview of JS application security testing with StackHawk.

Do you have a way to quickly check all of your repos for any vulnerabilities to various attacks? Do you know which attacks you should be preparing your applications for? In this talk, we will cover the top 10 attacks on Node applications and how to handle all of them. Multiple tools will be covered, all of which have been used in production across different back-end architectures.

A few of the areas that will be covered include securing dependencies, securing data, and securing your server. By the end of this talk, attendees should have a full security toolbox and they will know how to implement it quickly. This will help with production applications because you will still get through your sprints on time and you will be able to rest knowing you have security measures in place.

The Node.js HTTP client is a fundamental part of any application, yet many think it cannot be improved. I took this as a challenge and I’m now ready to present a new HTTP client for Node.js, undici, that doubles the throughput of your application The story behind this improvement begins with the birth of TCP/IP and it is rooted in one of the fundamental limitations of networking: head-of-line blocking (HOL blocking). HOL blocking is one of those topics that developers blissfully ignore and yet it deeply impacts the runtime experience of the distributed applications that they build every day. Undici is a HTTP/1.1 client that avoids HOL blocking by using keep-alive and pipelining, resulting in a doubling of your application throughput.

Pictionary with Speakers

QuakeJS Tournament

Networking with Community

How do you scale a web application to be developed by thousands of engineers and upgrade it to use the latest Javascript technologies (Nodejs + React)? The answer is, using Micro-Frontends!

American Express is a pioneer in the usage of this architecture using it in production since 2016 and transforming the face of a website used by millions of users worldwide.

Building a serverless function or an API is easy. However, things get a bit more complicated as your application grows. What works for a few functions often don't work for hundreds of functions. As your application grows, you'll need to evolve your architecture, deployment, monitoring, and many other things. This talk is a case study of an evolution of the serverless startup's architecture. We started with a single Lambda function in early 2018 and evolved our application through multiple stages and architectures. At the moment application uses GraphQL and more than 100 Lambda functions and serves millions of requests. We faced and solved many issues during the last three years, learned many things, and managed to keep our infrastructure costs low.

Today it is possible to write complex applications with only a handful of developers in a short time frame by relying upon Frameworks and tooling. But what happens when the application crashes with out of memory errors? How is it possible to guarantee fast response times? These problems are still considered difficult to solve.

Let's dive into the Node.js internals and learn about profilers and the garbage collector. Understanding how the system works in depth let's you write code that is safer, faster and less error prone.

Let's make sure you always provide the best experience for everyone. Yourself and your customer. Let us find that memory leak and fix it.

Learnings

• Participants understand the Node.js memory handling and their shortcomings.
• Participants know when to profile their application to identify memory leaks and slow code.
• Participants are able to find and address most memory leaks.

TypeScript makes JavaScript safer by adding static type definitions. Static definitions are wonderful; they prevent developers from making trivial mistakes by ensuring every assignment and invocation is done correctly. A variable typed as a string cannot be assigned a number, and a function expecting three arguments cannot be called with only two. These definitions only exist at build time though; the code that is eventually executed is just JavaScript. But what about the response from an API request? In this talk by Ethan Arrowood, Software Engineer 2 @ Microsoft, he will cover various solutions for safely typing dynamic data in TypeScript applications. This talk features popular technologies such as Fastify, JSON Schema, Node.js, and more!

Node.js core does not have an official roadmap - it’s the sum of the interests and efforts of the contributors that determines the future direction of the project. The evolution of a new feature in Node.js can take different twists and turns. Some new features land as experimental, to give time to gather user feedback before they’re considered stable. Other features will land as stable from the start. So, what’s in the pipeline? This talk will take a look at some of the new and experimental features in Node.js core.

When troubleshooting complex Node.js applications recollecting information about the network, filesystem or external dependencies is always useful. Even when working with a new codebase insights on how the application is built, which asynchronous calls are being used or how often. In this talk I want to introduce "instrument", a tool I've created for this which is also Open Source.

Write and deploy machine learning models easily in Nodejs using Tensorflow.js.

Consider how many notifications you get per day... and now consider the millions of other people who are also receiving notifications. 16 million notifications a day that have places to be and people to see, in a race against time, load, and latency.
So what happens behind the scenes to ensure that all those notifications get where they need to go, and quickly? A combination of auto-scaling, rabbitMQ, scrupulous monitoring, and a tireless dev team. In this talk I’ll discuss the functionality of the message bus at the core of Vonage’s communications platform, the powerful Node scripts that power the entire operation, and how you can use similar solutions for a number of different challenges.

Nodejs runs big systems today. Sometimes, you can improve user experience and save on cloud expanses by optimizing your nodejs scripts. In this talk I will share tips from production on how to improve nodejs runtime performance.

For years AWS has offered CloudFormation as an approach to Infrastructure as Code (IaC). CloudFormation allows application stacks to be provisioned from JSON or YAML formatted templates. Unfortunately, due to their size and complexity, CloudFormation templates have earned a reputation as being unwieldy to work with.

The AWS Cloud Development Kit (CDK) mitigates some of the complexity associated with CloudFormation by allowing developers to programmatically define their cloud architecture using familiar high-level languages such as JavaScript and TypeScript. CDK projects can then be deployed via CloudFormation, while retaining all of the benefits of CloudFormation, such as repeatable deployments and drift detection. This talk will introduce the CDK in the context of Node.js and demonstrate how it can be leveraged to provision cloud native architectures.

Logging, Metrics, and Distributed Tracing are three vital tools for observing Node.js services. In this talk we’ll consider the different scenarios in which each tool thrives, look at dashboards and visualizations, and even examine the code required to instrument these tools in a Node.js service.

Node.js is famously a JavaScript runtime that encourages using asynchronous operations wherever possible – but what happens when you really, really need to do synchronous I/O? Anna gives an overview over the – surprisingly many – different ways to achieve this, and what we can learn about how the language and Node.js internals work from them.