Do you like AI, but hate sharing data? What if I told you all the fun of Large Language Models like ChatGPT is available quickly, locally, and privately? With Langchain JS, an open-source framework for developing applications powered by language models, this dream becomes reality!
In this workshop, you will go from zero to hero by learning how LLMs and Langchain work and then we will build a node.js app bringing together your data with publically available LLMs - while also preventing your data and responses from going through third parties & keeping your data private.
Have you ever written an object literal and wanted to know how you can extract types from it? Ever wondered how Zod.infer works? Wonder no more! We will build the types for a rich Zod-like schema validator from the ground-up, leveraging the full range of TypeScript advanced types. We will cover mapped and conditional types, as well as other advanced patterns. By the end you will be a true TypeScript expert!
Malicious code is out to get you. Can you keep your app working as expected and hold on to your secrets? Come to this workshop and try! The entire workshop will be delivered as bite-sized hands-on exercises where increasingly advanced threats are presented and you get to defend.
Preparation for Training
In this workshop you're going to learn about many strategies to get to 100% test coverage when working with Node.js projects. Learn how to make sure that one edge case can be successfully asserted or how to catch that unexpected error that should never really happen in production.
You can also expect to be introduced to new Node.js test frameworks including the recent built-in test runner.
Promises and async/await are the right way to work with asynchronous code in Node.js. They're also both the easiest code constructs to introduce bugs with - and can be some of the hardest code to debug. We'll walk through:
- Refactoring pre-Promise callback hell to Promises
- Refactoring pre-async/await Promises to async/await
- Debugging with console logs and node --inspect
- "Floating" Promises (those created and not handled): detection with TypeScript ESLint, and error handling
- Sinking" Promises (those created and handled improperly): detection with TypeScript ESLint, and error handling
By the end of this workshop, you'll be fully prepared to debug even the gnarliest asynchronous shenanigans and write production quality asynchronous code.
Most app teams use external vendors for their authentication flow. Few teams actually understand whats happening under the hood. In this workshop we will give participants the opportunity to look beyond the shiny interfaces provided by oauth2 providers and gain an insight into the different stages of third party authentication.
Once participants have been introduced to these topics we will develop a barebones auth flow implementation using fastify and a third party oauth2 provider (Google, Facebook, Ping, Github, Microsoft etc)
A time to meet and discuss with people from the community while working on different topics which can include - but not limited to
- strategic initiatives
- core subject
Linters are a great tool that enable developers to create static analysis rules for their code base. While most coders use pre-built sets of rules baked into their linter of choice, these can also be adapted to custom needs.
Today's linters are highly evolved and make it possible to avoid static code and even to run SA checks through the development and CI cycles, but they are even more powerful and few developers take advantage of their many advanced features. With ESLint it is quite easy to create custom rules that can for both general usage––such as duck typing, code styling, or type checks, through more customized usage like maintaining clarity around internals, and enforcing org guidelines.
You will learn about the most common security vulnerabilities in node.js and see how you can fix them with real life code examples. I'm going to bring my experience as Node.js core collaborator and member of the security working group, and we will go through some of the vulnerabilities that have been fixed in the past. The goal of this workshop is to spread security best practices and spread awareness about some of the most common security vulnerabilities such as ssrf, csrf, injections, malicious json etc.
Have you ever wanted to build a truly cross platform application? Have you dreamed of writing your code once and running it anywhere? Maybe you don’t know where to start. Maybe you always assumed that it was “just a dream.” Join experienced react native developers who will guide you through building your first (or second or third) react native application They will be available to help troubleshoot any development environment issues and also to provide guided tours through specific areas of react native development. Attendees of all skill levels and experiences are welcome (learning the development process is beneficial to everyone involved in a project). Come and make your first React Native application!
Have you ever wanted to contribute to a foundational open source project like Node.js? Maybe you don’t know where to start. Maybe you always assumed that was work reserved for “someone else.” Join experienced contributors who will guide you through your first (or second or third or fourth) commit to the Node.js core. They will be available to help troubleshoot any development environment issues and also to provide guided tours through specific areas of the Node.js core source code. Contributors of all skill levels and experiences are welcome (not every contribution has to be a code change). Come and make your first Node.js core contribution!