Complex logic, whether on the backend or frontend, can make a developer lose sleep. State machines to the rescue!In this session, Laura will show off the utility of state machines on the backend by using Stately, XState, and WebSockets to build a multi-player white noise machine to help you sleep better at night. Join to learn about state machines and the benefits of visualising your logic; stay for the soothing visualisation and relaxing interactive soundscapes.
The ever-growing demand for highly performant and scalable systems has made caching an essential aspect of software development. Efficient caching strategies contribute significantly to improving user experience while reducing the burden on backend systems. In this talk, we will delve into the fundamentals of caching in Node.js, and introduce "layered-loader", a sophisticated open source Node.js caching library, designed and fine-tuned for the low-latency, high-throughput systems.
Different JavaScript runtimes — ranging from web browsers to Node.js — use different security mechanisms in order to isolate the potentially untrusted application from critical system resources. This talk outlines and compares the different approaches and explains which of them are suitable for Node.js. We will also discuss how on-the-fly process isolation might be a useful mechanism for limiting the impact of supply chain attacks on development environments.
Jest, Mocha, and Ava are the popular testing frameworks for nodejs. Also, new players are joining the scene, such as node:test, test and Playwright. If we are writing tests, we probably run our testing framework tens of times daily. But do we really know what are the main differences between them?In this talk, I will go over some of the implementation details of different frameworks to understand how they solve, or not, the same problem in different ways. We will talk about parallelism, isolation, watch mode, advanced JS support, and more.
Most of the code for applications running on Node.js are written in JavaScript. However, there is often the need to integrate existing components written in another language or to leverage native code for performance reasons. Enter native addons. They let you integrate existing components or code written in another language and use them just like they were written in JavaScript. The good news is that with Node-api and node-addon-api it’s now possible to do this with more than just C/C++ but also Rust, C#, Zig and more. As a bonus these addons will also now work with other JavaScript runtimes as well. This talk will help you understand how to build a native addon by walking through code examples helping you understand which of the different options for building native addons are the best fit for your use case.
Can we use HTTP for communication within the same Node.js instance? Let's imagine a world where we can call fetch() to retrieve a local resource without hitting the network. How many lines of code would be required?This talk describes the internals of Platformatic Runtime, Node.js Core fetch(), Undici and how they all combine to create an in-memory microservices network.
Get ready for a game-changing shift in application development! Node.js is shaking things up by reducing external dependencies and embracing core capabilities. Say goodbye to costly libraries because Node.js teams have been working tirelessly to introduce native tests, watch mode, and loader to the ecosystem, all without relying on external libraries.Unleash the true power of Node.js as developers can now ditch those expensive libraries and tap into streamlined core functionalities. This groundbreaking shift enables leaner and highly efficient application development, saving time and resources. Join us to explore the limitless possibilities and discover how you can revolutionize your development workflow with Node.js's core-driven approach.
The WebAssembly Component model is an early-stage WebAssembly specification enabling new forms of virtualization and runtime integrations across languages. Coinciding with the stabilization timeframe for Preview 2, this talk will showcase the latest release of the JavaScript toolchain projects. Live demos will be provided featuring workflows for seamless interop with compiled languages as well as how JavaScript itself can be virtualized.
Native ESM support for Node.js was a chance for the Node.js project to release official support for enhancing the module loading experience, to enable use cases such as on the fly transpilation, module stubbing, support for loading modules from HTTP, and monitoring.While CommonJS has support for all this, it was never officially supported and was done by hacking into the Node.js runtime code. ESM has fixed all this. We will look at the architecture of ESM loading in Node.js, and discuss the loader API that supports enhancing it. We will also look into advanced features such as loader chaining and off thread execution.
Malicious code is out to get you. Can you keep your app working as expected and hold on to your secrets? Come to this workshop and try! The entire workshop will be delivered as bite-sized hands-on exercises where increasingly advanced threats are presented and you get to defend.
We'll explore techniques allowing cooperation with packages that intend to steal your secrets and mess with built-in functionality of JavaScript via prototype-poisoning.
To measure the performance of distributed applications, it’s useful to see where an operation comes from, chain them together, and build a distributed trace. OpenTelemetry calls these ‘span IDs’. But how do you keep track of the current span in JavaScript? Node.js’s AsyncLocalStorage is one option that can work, but it is missing in some places (e.g., the browser) and has a performance cost associated with it. This talk introduces AsyncContext, a mechanism to make this possible across all JavaScript environments. AsyncContext is being proposed as a standard, in a collaboration between TC39 and WinterCG.
Node.js users have long needed to call native code. Sometimes for performance, sometimes for interacting with closed-source libraries. Finally, Node.js has an FFI system, enabling the usage of native code without complicated C++ binding code or additional compilation steps. This talk will cover the evolution of calling native code in Node.js, why FFI is a compelling feature, the long path to getting it available in Node.js core, and what's possible with this new functionality.
Observability tools for Node.js have been continuously improving recently, between diagnostics_channel and AsyncLocalStorage it has become easier than ever to build your apps and modules with observability in-mind. Let's build a basic structural tracer together to see how you can make your own apps more observable!
While socket APIs are not super exciting, they are extremely important. In this expanding world of JavaScript runtime interoperability, the fact that Node.js, Deno, Bun, and Workers all have different APIs for something as basic as opening a socket and sending data back and forth is unfortunate. We can do better while embracing interoperability with the web.
With the end of Dennard scaling, the cost of computing is no longer falling at the hardware level: to improve efficiency, we need better software. Competing JavaScript runtimes are sometimes faster than Node.js: can we bridge the gap? We show that Node.js can not only match faster competitors but even surpass them given enough effort. URLs are the most fundamental element in web applications. Node.js 16 was significantly slower than competing engines (Bun and Deno) at URL parsing. By reducing the number of instructions and vectorizing sub-algorithms, we multiplied by three the speed of URL parsing in Node.js (as of Node.js 20). If you have upgraded Node.js, you have the JavaScript engine with the fastest URL parsing in the industry with uncompromising support for the latest WHATGL URL standard. We share our strategies for accelerating both C++ and JavaScript processing in practice.
Claudio Wunder is a Software Engineer that works on HubSpot's Platform Engineering by maintaining their tracking & experimentation infrastructure. He's also a member of the GNOME Foundation and a CPC member of the OpenJS Foundation. He mentors, coaches, and contributes to open-source projects in his free time.
Node.js core is written roughly half in JavaScript, and half in C++. How the two layers talk to each other is something frequently asked by new contributors as well as users investigating challenging bugs. In this talk we are going to look at the constructs and machineries that Node.js and V8 use for JavaScript and C++ to work together.Join me on an insightful journey as we explore the creation of the Node.js Permission Model. As a Node.js TSC member and chair of the Node.js Security Working Group, I'll share the challenges, plans, and details of this experimental security feature.In this talk, I will uncover the motivations behind the Node.js Permission Model and the collaborative efforts that made it a reality. I'll share real-world examples and stories that highlight the obstacles we faced and the creative solutions we found.
Node.js HTTP parsing currently relies on llhttp, a parser which provides very good performance but has currently some challenges for the health of the runtime.Is it possible to create a modern, maintainable, well documented, secure and performant alternative? Yes it is!
Let me introduce you Milo, a new Rust based HTTP parser which I plan to integrate into Node.js and let me show you how you can help be a part of its first Rust component.
Node.js core is written roughly half in JavaScript, and half in C++. How the two layers talk to each other is something frequently asked by new contributors as well as users investigating challenging bugs. In this talk we are going to look at the constructs and machineries that Node.js and V8 use for JavaScript and C++ to work together.
In new V8 versions there are architectural changes which made v8 extremely fast . When V8 parses the code, part of it is interpereted and part of it compiles. V8 memory management has improved a lot and now presents sophisticated algorythms , as well as many interesting optimizations.
In this talk, Tamar will get into the internals of v8 in the new Node.js versions , from the code interpreters and compilers to the memory management : What was changed ? which layers were added ? Why it makes Node.js applications much faster and in which patterns has improved?
CommonJS has been the go-to module system for Node.js for more than a decade, but the ecosystem is slowly moving to ECMAScript Modules. CommonJS and ESM have different features, and they are not fully compatible with each other: should existing libraries migrate to ESM? Should they keep using ESM forever? Are JavaScript tools ready for native ESM? Babel is one of the most used packages on npm, and we have been slowly working to move away from CommonJS. What obstacles have we found? How did we overcome them? What have we learned in the process? How do we ensure a smooth transition for our users?