Category

Blog

Production Loading Performance 10 Years Later

By Blog, OpenJS World

Nicole Sullivan, Product Manager for Chrome at Google, recently hosted an informative keynote presentation with Google software engineer Shubhie Panicker on production loading performance during OpenJS World. Their collaboration in this area spans over 10 years, and the presentation begins with a look back at loading performance issues and then opens into how steps are being taken to improve performance currently. 

The discussion ranges from problems with loading to how OpenJS is helping partners to develop and test programming. This video can help individuals interested in systemic web performance issues and current projects to solve them. It may also be of interest to individuals who own domains with retention issues based on loading times. 

You can watch the full interview here: 

Full Video Here

Introductions (0:00)

Loading Performance Then and Now (1:00)

Developer’s Tooling (3:30)

What’s the Problem with Loading? (4:15)

First Interaction Delay (6:00)

You COULD Solve These Problems By Yourself… (8:12)

What are SDKs? (9:50)

Next.js and React  (11:05)

Initial Perf Wins (12:19)

Tested Concurrent Mode (14:00)

What’s Next? (16:18)

Much thanks to Nicole and Shubhie!

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

OpenJS Node.js Certification Exams Now Available in Chinese

By Blog, Certification, Node.js

We are thrilled to share that the OpenJS Node.js Application Developer (JSNAD) and OpenJS Node.js Services Developer (JSNSD) certification exams are now available in Chinese! 

China holds one of the largest populations of Node.js users in the world and the newly translated exams broadens the availability of these certifications internationally. We are pleased to announce that the two virtual exams have been translated into Chinese, and are now available, along with a native-speaking proctor.

Launched in October 2019 by the Linux Foundation and the OpenJS Foundation, the Node.js certification exams have become a highly sought after credential for web application and services developers around the world. For developers looking to showcase their own skill sets this performance-based, verifiable certification exam helps instill confidence and provides a straightforward way for potential employers to validate that a candidate possesses the necessary skills to be successful. 

The JSNAD certification is designed for anyone looking to demonstrate competence with Node.js to create applications of any kind, with a focus on knowledge of Node.js core APIs. The JSNSD certification is designed for anyone looking to demonstrate competence in creating RESTful Node.js Servers and Services (or Microservices) with a particular emphasis on security practices. Both exams are conducted online with remote proctoring, take two hours to complete, and are performance-based, meaning test takers perform tasks and solve problems in real-world situations. 

The exam content was developed in partnership with NearForm and NodeSource. The OpenJS Foundation would like to offer thanks to Khaidi Chu, a Node.js project collaborator from the Node.js infrastructure team at Alibaba who helped with the translations. 

We also offer a prep course for the JSNAD exam, although this is currently only in English. A bundle of the English course and Chinese JSNAD exam is available. 

Learn more about all Chinese-language certifications and exams offered by the Linux Foundation at https://training.linuxfoundation.cn.

Getting Certified: How and Why

By Blog, Certification, Node.js, OpenJS World

During OpenJS World, Luca Maraschi, Chief Architect, Telus Digital, sat down with David Mark Clements, Tech lead/primary author of OpenJS Foundation JSNAD & JSNSD Certifications, for an in-depth interview on getting certified with Node.js. The interview spans questions from why there are two certifications to how the certification process has been impacted by COVID. This Q&A can help serve individuals looking to get their Node certification but who are unsure where to begin. You can watch the full interview below. 

Full Video Here

Introductions (0:00)

Getting Started (1:00)

2 Certifications (2:00)

Who should take which exam? (3:30)

What Should People Read Before Trying To Get Certified? (5:30)

How To Train During And Beyond COVID? (8:15)

Do You See A Future Where We Stay Adapted? (14:00)

How Do You See Day-to-Day Enterprise Being Impacted (16:45)

Your POV on Workshops (23:20)

How Does Certification Impact Community? (27:00)

How Can People Contribute? (29:30)

Learn more about Node.js Certification today.

OpenJS World Keynote Fireside Chat: JavaScript Security

By Blog, OpenJS World

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

In a recent Keynote Fireside Chat, three security experts discussed how open source software, such as JavaScript, is utilized in critical infrastructure and medical devices. Appropriate open source security helps improve cybersecurity and the safety of medical patients. The panel was moderated by Michael Dawson, IBM Community Lead for Node.js. Jessica Wilkerson, a Cyber Policy Advisor for the Food and Drug Administration (FDA), and Adam Baldwin, Sr. Product Manager at GitHub, joined the call to provide their perspectives on JavaScript security.   

Wilkerson started the talk by explaining how open source software has made its way into critical services used by the FDA, including medical devices. The prevalence of open source software, such as JavaScript, requires a more careful consideration of security risks and vulnerabilities. For example, medical devices are submitted with a list of software they are built with, and it is important for developers to understand vulnerabilities in the packages they use — the responsibility does not fall solely on the maintainers. 

All members agreed that in order to make JavaScript more secure it is important for maintainers and bug reporters to work together to solve security issues. When a bug is difficult to identify, tension can develop between vulnerability reporters and maintainers. Ultimately, improving communication and protocol between these two groups can make JavaScript safer. 

Full video here

Broken down by section: 

Member introductions 0:15 

How is JavaScript used in critical infrastructure? 1:32

Improving security: Increased support from organizations 3:20

Responsibility: Final goods assembler 4:23

“Tooling” in software development 05:58

Using automation to identify and remove risks 07:03

What can the OpenJS Foundation do to improve security? 08:45

Tension between maintainers and vulnerability reporters 10:11

Improving communication between maintainers and researchers 13:53

Government approach to security vulnerabilities 14:41

Improving collaboration between all parties 16:15

Current security practices 18:01

Closing thoughts and call to action 19:31

Thank you Adam, Jessica and Michael for your insights on this very important topic!

OpenJS World Keynote: Reaching Your Dreams In Tech and Science – Christina H. Koch, NASA Astronaut

By Blog, OpenJS World

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

Robin Ginn, OpenJS Foundation Executive Director,  hosted a Q and A with astronaut Christina H. Koch, NASA Astronaut, on reaching her dreams in STEM on June 25th, 2020. The interview begins with a presentation by Koch and then opens into a Q&A. Koch touches on what life is like in outer space as an international crew member of the ISS among other topics. The Q&A ranges from questions about being a female in STEM to how life on the ISS mirrored the world we live in today. This galactic keynote can help serve young people – particularly young women – interested in STEM to feel impassioned about the science they can create. 

You can watch the full interview here: 

Full Video Here

Introductions (0:00)

Where We Are Today In Space Travel (2:13)

Coming Back To Earth (11:00)

Software In Space (16:40)

Do You Have Wifi In Space? Can You Use StackOverflow? (17:53)

What’s the sharing culture like at NASA? (19:24)

How Has Aerospace Benefited From Open Source?  (20:29)

Are There Security Attacks in Space?  (21:13)

How Did University Prepare You to be an Astronaut? (23:00)

Advice to Women in Tech (24:35)

Space Walk Talk (28:50)

What Do You Miss About the ISS, Given The State Of The World Today? (31:20)

What Is The Hardest Technical Issue You Solved? (32:08)

What’s a Good Day at Work for You? (34:17)

In addition to this keynote, Christina also participated in an interview with Jason Perlow of the Linux Foundation. Read the entire post here. Thanks again to Christina for sharing her inspiring story and for all she does to advance science in space!

OpenJS World Keynote: Communities at Work – Juan Pablo Buriticá, Latam — Stripe

By Blog, OpenJS World

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

Juan Pablo Buriticà of Stripe gave an in-depth interview on what a good community is to him on June 25th, 2020. The interview spans questions from why “like a family” is a bad analogy for a team to how safety is important to a successful and positive environment. This thought piece can inspire individuals to think critically about how they frame their teams and communities. 

You can watch the full interview: 

Full Video Here

Introductions (0:00)

Like A Family (0:50)

Sports (2:05)

Music Communities (3:40)

Collectivity (5:25)

Education (6:18)

Culture (7:34)

Care (8:45)

Community Leadership (9:34)

Safety (11:10)

Self-Administration (13:08)

Thanks Juan Pablo! Check out the entire OpenJS World playlist here.

Node.js Security Working Group AMA Recap

By AMA, Blog, Node.js

Members of the Node.js Security Working Group recently answered questions regarding what their group does, and how the security of Node.js can be improved. The Node.js Security Working Group is a community driven project that investigates security reports to reduce the vulnerability of the Node.js ecosystem. Liran Tal, a senior developer advocate at Snyk served as the moderator for the AMA series. Vladimir de Turckheim, a developer at Sqreen, and Michael Dawson, IBM community lead for Node.js, answered questions and discussed topics posed by viewers of the live stream. 

Full panel discussion available here 

The content of the AMA generally fell into two categories: a discussion of how the Security  Working Group functions or a response to a viewer’s security concern. The talk began with a discussion of “bug bounties” — monetary rewards given to developers who report potential security vulnerabilities in the Node.js ecosystem. Dawson and Turckheim discussed problems with this system, challenges that the working group has faced and the future of the group in a changing landscape. 

Dawson and Turckheim also addressed security concerns that viewers of the live stream had. The questions spanned a wide range of topics, from identifying security risks to using https to protect online data. Finally, the members of the panel reviewed how people can join working groups. They admitted that working groups take up a lot of time, but are a good way to give back to the community, and meet people who share similar interests. 

A summary of the video is available below: 

Panel starts 0:25

Member introductions 1:33

What is the Node.js Security Working Group? 04:52

How the members got started, what current members do (Vladimir) 10:18

Bug Bounties 12:13

Where can you find the Security Working Group? 14:43

How Bug Bounties can create tension 15:21

Potential alterations to the Bug Bounty system 19:19

How to roll out a patch to the Node.js ecosystem 23:04

Challenges that the Security Working Group faces 24:19

Interactions with the OpenJS and larger Node.js community 33:58

Using pattern searches to detect security issues early 40:09

How to secure JSON data transmissions 43:30

Should a best practice security guide be created? 46:50

Are malicious modules as common as they used to be? 50:30 

How to tell between unintended bugs and malicious modules 53:35 

Closing thoughts 55:28  

OpenJS World Keynote Series: Prosper Otemuyiwa, CTO at Eden, “Media Performance at Scale”

By Blog, OpenJS World

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

The recent pandemic has changed the way people work and spend their time. Significantly, many activities have shifted online, resulting in a 1000x increase in media files being shared across the internet. The increased demand for fast, high quality delivery of content has revealed several issues with media performance — the speed at which photos, videos and other files are delivered to the user. Prosper Otemuyiwa, CTO at Eden, addresses these problems in his Keynote address on June 25, 2020. In this talk he explains why pages and files load so slowly, and how these issues can be solved. By following his advice developers can optimize their projects to deliver high quality image and video files without atrocious loading times. 

Full Video Here 

Otemuyiwa begins his talk by explaining what media performance is and what the major bottlenecks are. He emphasizes that users will become frustrated with long loading times and constant video buffering without proper optimization of media files. Next, he describes how developers can improve content delivery. Otemuyiwa provides specific examples of services/code that convert, compress and load files in order to make web pages load at lightning speeds. You can find the Keynote broken down by section below:

What is Eden?: 0:09

2020 Pandemic Era, Media Increase: 01:34

What is Media Performance? 02:30

Bottlenecks for Media Performance: 03:07

Scaling Media Performance in Your Own Apps: 

  1. Leverage CDNS for Globally Distributed Caching: 04:20
  2. Compress Image Files (without visible loss of quality): 05:39
  3. Lazy Load Content: 07:08
  4. Avoid Image Resizing on the Browser: 08:36
  5. Don’t Hide Images with CSS: 09:15
  6. Avoid PNG Files (Use JPG/WebP instead!): 09:48
  7. Use CSS Image Sprites To Load Multiple Logos at Once: 12:26
  8. Respect the User’s Hardware! 13:48
  9. Set Up Performance Budgets for Images: 14:39
  10. Convert Gifs to Videos (.MP4): 15:30
  11. Preload Your Videos: 16:27
  12. Utilize Adaptive Bitrate Streaming for Faster Video Playback: 16:48

Conclusion: Remember MOM (Measure, Optimize, Monitor): 18:28

Thanks to Prosper for this valuable information!

OpenJS World Keynote Series: Cassidy Williams, “Learning by Teaching for Your Community”

By Blog, OpenJS World

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

As a developer it can be tempting to tunnel vision into the code and churn out app after app with relative ease. However, engaging with the community can be a rewarding experience that ultimately deepens understanding and fosters useful relationships. Cassidy Williams, Principal Developer Experience Engineer at Netlify, highlights the personal and communal benefits of interacting with other developers in her Keynote address. Williams emphasizes that the best way to learn is to teach. In doing so, one may create an invaluable resource for themselves and others. 

Full Video 

Williams starts off by stating that “plans aren’t real.” This assertion carries significant weight in light of changes that have taken place due to the pandemic. Williams uses her own experiences to guide her talk — she explains how creating tutorials, newsletters and giving talks forced her to become more knowledgeable. Additionally, connecting with developers within her workplace formed a community that helped her to find new opportunities. Williams ends her talk by explaining that it is best to build up relationships before you need them so that others are excited to talk and interact with you. The relationships that one builds with other people are relatively constant, and developers can support each other through tumultuous times. 

You can find the Keynote broken down by section below:

Introduction 1:27

Plans Aren’t Real 5:12

Embrace Your Community 7:05

The Best Way to Learn is to Teach Your Community 08:15

Be a Giver, Not a Taker 11:40

Be the Community Member You Want To See in the World 15:27

Thanks to Cassidy for joining us at OpenJS World this year!

OpenJS World Keynote Series: Anil Dash, CEO at Glitch, “We Don’t Code Alone”

By Blog, OpenJS World

During the OpenJS Foundation global conference, OpenJS World, we heard from many inspiring leaders. In this keynote series, we will highlight the key points from the keynote videos. 

Anil Dash, the CEO of Glitch, gave a Keynote address on June 25th, 2020. Glitch is a web based application that allows anyone to create full stack web applications in their browser. This Keynote, titled “We Don’t Code Alone”, addresses the question “What is JavaScript?” as well as discusses the intersection between software and social issues.  

Full Video Here

The video begins with a series of thoughts on what JavaScript has evolved into and why Glitch chose to run on JS. Dash then moves on to discuss the ways that technology has failed us as a people outside the world of development, because software impacts the real world in ways that are not always positive. You can find the Keynote broken down by section below: 

What Is Glitch? (0:03)

We Don’t Code ALone (0:39)

Supporting JavaScript (1:23)

What Is JavaScript? (1:58)

JavaScript as a Network (3:14)

JavaScript as a Social Network (4:45)

Networks Have Power (7:45)

A Small Example (8:08)

“Software is Eating the World” (9:36

Technology Is Not The Answer (12:05)

A Powerful Example (13:40)

Our Challenge (15:40)

Who’s Choices? (16:25)

We Don’t Code Alone (18:40

Thanks to Anil for joining us at this year’s event!