Skip to main content
Category

OpenJS World

From OpenJS World 2022: Cory Doctorow, Science Fiction Author, Activist, and Journalist

By Blog, OpenJS World

Cory Doctorow, Science Fiction Author, Activist, and Journalist, gave a short presentation on technology scaling up, Competitive Compatibility (“ComCom”), and tech laws relevant to open source. Cory began the presentation by sharing certain practices of big tech firms like Facebook. He continued by mentioning problems with certain tech laws and the idea of restoring ComCom, as well as a real-world example. Cory closed the presentation with the element of government procurement and invited the audience to check out a couple of resources that can assist in such issues. 

Full keynote available here: https://www.youtube.com/watch?v=kPlQufpzywc 

Main Sections:

0:00 Introduction

0:50 Technology scaling up

3:51 Interop

5:24 Problems with tech laws 

9:15 Restoring ComCom

11:36 Real-world example

14:51 ComCom and mandates

16:10 Element of government procurement 

17:16 Closing

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: Embracing Open Source to Beat the Great Reshuffle – Joe Sepi, Program Director of Open Technology, IBM

By Blog, OpenJS World

Continuing on in our OpenJS World Keynote Series, we’re highlighting a presentation on Embracing Open Source to Beat the Great Reshuffle from the June conference. To view all of the keynotes and presentations, please visit the OpenJS YouTube Channel.

Joe Sepi, Program Director of Open Technology at IBM, gave a presentation on IBM practices to embrace open source to beat the great reshuffle. Integrating open source at the core makes good sense from a business perspective in a variety of ways. In this keynote, Joe focused on the people part of the benefits, from talent to culture. Empowering employees to be authentically engaged in open source can provide access to an excellent hiring pipeline, help insulate companies against the “great reshuffling,” and bring greater returns on investments.

Full keynote available here: https://www.youtube.com/watch?v=KxQkNVn9niM 

Main Sections

0:00 Introduction

3:14 Open Source at IBM 

4:25 Before Open Source was cool

8:02 Open Source contributions through time

9:08 Closing and thank you!

Main OpenJS Resources

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: The State of JavaScript Supply Chain Security in 2022 – Feross Aboukhadijeh, Founder & CEO, Socket

By Blog, OpenJS World

Continuing our OpenJS World Keynote Series, we’re highlighting a keynote on The State of JavaScript Supply Chain Security. To view all of the keynotes from the conference, please visit the OpenJS YouTube Channel.

Feross Aboukhadijeh, Founder & CEO of Socket, presented on the current state of software supply chain security in JavaScript at OpenJS World 2022 in June. Software supply chain attacks have exploded since 2021 and are accelerating in 2022. 

In the presentation, Feross provided examples of recent supply chain attacks and what concrete steps we can take as an ecosystem to protect ourselves from this emerging threat. Feross highlighted certain packages, their security issues, and things to look for to practice open source in the safest way. Feross continued his presentation by also sharing tools and systems that can assist in protecting against malware. Finally, the presentation closed with a “JavaScript Security Wishlist” and other goals for the community to aim for.

Full keynote available here: https://www.youtube.com/watch?v=PxLEjzi9rXQ 

Main Sections:

0:00 Introduction

1:25 Hacker story share 

6:00 Tip of the iceberg

7:17 Why is it happening now?

11:55 How does a supply chain attack actually work?

17:18 How can you protect your app?

21:14 How quickly should you update?

22:53 Standard dependency checklist 

25:10 What about a package doing something sketchy?

25:26 What about Malware?

30:50 Closing 

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: Hedy: Creating a Gradual Programming Language – Dr. Felienne Hermans, Leiden Institute of Advanced Computer Science

By Blog, OpenJS World

Dr. Felienne Hermans, from the Leiden Institute of Advanced Computer Science and founder of Hedy, presented on creating Hedy, a gradual programming language. Dr. Hermans began the presentation by giving some background history of the creation and goals of the project. After this, Dr. Hermans followed up with some of the issues encountered in her experience teaching children how to code. This sparked her idea of finding ways to manage cognitive load. 

There is a demonstration of Hedy including some key features like steps, cheat sheets, and language. Dr. Hermans closes the presentation with the impact of Hedy and the public response received from this gradual programming language. 

Full keynote available here: https://www.youtube.com/watch?v=PP83fW456QA 

Main Sections:

0:00 Introduction and history of Hedy

2:37 Compilers are lovely teachers… 

6:54 How do other fields manage cognitive load?

9:24 Can we teach code like reading?

10:32 Demo time

17:45 How it’s going

20:24 Thank you!

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: Securing JavaScript – Myles Borins, Product Manager, GitHub

By Blog, OpenJS World

Myles Borins, Product Manager at GitHub, presented on Securing JavaScript at OpenJS World this past June. The npm registry is the heart of the JavaScript ecosystem. Hear about the steps taken at GitHub to secure this important part of the software supply chain from enforcing software solutions such as automated malware scanning to policies such as enforcing two-factor authentication for high-impact packages. This talk covers what the team at GitHub shipped to respond to an increase in threats to their ecosystem and what they are working on next.

Full keynote available here: https://www.youtube.com/watch?v=eDZHrNbyK3c 

Main Sections:

0:00 Introduction

1:21 Account Takeovers (ATO)

2:50 What did we do right?

4:56 What did we learn?

6:20 The npm security roadmap

15:34 Demo 

16:32 Campaign using stolen OAuth tokens 

18:08 Validation with registry package signing 

19:12 What’s next?

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: The Human API: Building Your Project’s Second Source of Truth – Rachel Nabors, Principal Program Manager, Developer Education, Amazon AWS Amplify

By Blog, OpenJS World

In the fourth post of our OpenJS World Keynote Series, we’re highlighting a keynote on The Human API. To view all of the keynotes from the conference, please visit the OpenJS YouTube Channel.

The only thing harder than writing scalable, usable code is teaching others how to wield it. As the sum of human knowledge continues to grow, so do the challenges of teaching each other what we need to know. Not only to build toward the future but also to contribute to the tools of its construction. If only it were possible to transfer knowledge from one engineer directly into the minds of other engineers, like a human RAID! 

Rachel Lee Nabors, Principal Program Manager, Developer Education at Amazon AWS Amplify, loves building such mechanisms for knowledge transfer, from video guides to documentation to curricula. In this talk, they discussed what doesn’t work, what has worked on projects like React and React Native, and what can work for any other open source project today. Teaching is hard. But there are solid ways to approach knowledge transfer at scale.

Full keynote available here: https://www.youtube.com/watch?v=wWocgghZPOA 

Main Sections

0:00 Introduction
2:00 Once upon a time…
3:52 How do you transfer knowledge between humans?
5:05 Knowledge transfer starts with you
8:51 Set up a site
10:55 Mentor new core members
12:22 Engage your community to expand your content
15:01 Teach more effectively through repetition and interaction 
16:30 Make your documentation scale 
18:09 Your docs are your second source of truth 
20:19 Docs are not a sprint
22:35 Happily ever after… 

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 
Blog: https://openjsf.org/blog/ 
Join: https://openjsf.org/about/join/ 
Certification: https://openjsf.org/certification/
Twitter: https://twitter.com/openjsf
LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: Reading the Spec – Hemanth HM, PayPal & Jordan Harband, Coinbase

By Blog, OpenJS World

Hemanth HM, Engineering Manager at PayPal, and Jordan Harband, Staff Developer Relations Engineer at Coinbase, presented a session on Reading the Spec and other Javascript functions. Hemanth and Jordan walked through live coding with various language APIs in JavaScript. 

Both speakers gave an overview and walk the audience through the associated specification to give a deeper insight into the language and its constructs. Both share foundational skills required to read and understand the spec, translate spec to code, and more! 

Full session available here: https://youtu.be/uPFOdaGe9Zw. To view all of the keynotes and sessions from the conference, please visit the OpenJS YouTube Channel.

Main Sections:  

0:00 Introduction

2:54 Algorithm conventions

5:24 Runtime semantics

13:26 Demo with Q&A

1:04:39 Engine 262 and closing

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/

From OpenJS World 2022: Securing the Open Source Ecosystem – Brian Behlendorf

By Blog, OpenJS World

In this recap from the OpenJS World Keynote Series, we’re highlighting a keynote on open source security. To view all of the keynotes from the conference, please visit the OpenJS YouTube Channel.

Brian Behlendorf, General Manager for the Open Source Security Foundation (OpenSSF), presented at OpenJS World 2022 on Securing the Open Source Ecosystem. The presentation began with Brian explaining the problem of supply chain breaches and other factors that are affected by these vulnerabilities. He then follows with what OpenSSF is doing to make efforts in order to work across the supply chain and prevent these types of threats.

The presentation then covers an overview of the mobilization plan. Brian mentions this was planned after a meeting with a U.S federal agency to strengthen security and open source. There is also a quick run-through of the ten different mobilization plans including their goals from security education, risk assessment, incident response, SBOMS, and others. 

Full keynote available here: https://www.youtube.com/watch?v=wxDT-QQh50U 

Main Sections:

0:00 Introduction

1:24 Supply chain breaches

4:33 How OpenSSF Efforts work across the supply chain

11:04 Alpha engagement: Node.js

13:13 Mobilization plan origin story

15:01 Goals identified 

17:13 The open Source software security mobilization plan 

21:14 Initial pledges  

21:52 Get the plan!

Main OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/openjs-foundation/ 

From OpenJS World 2022: Welcome & Opening Remarks – Robin Ginn & Chris Gervang

By Blog, OpenJS World

In the first recap of our OpenJS World Keynote Series, we’ll highlight the opening remarks from OpenJS World 2022. To view all of the keynotes from the conference, please visit the OpenJS YouTube Channel.

In this recorded keynote, Robin Ginn, executive director of the OpenJS Foundation, and Chris Gervang, Senior Software Engineer, Visualization at Joby Aviation, give the opening remarks at the OpenJS World 2022, held in Austin, TX, June 6-10, 2022. Robin started the keynote by welcoming the audience to take a step back and take a look at their previous work. Robin emphasized the importance of looking back to make an impact without losing perspective. Robin shares a personal experience touching on some historical background and difficulties encountered in the open source community. She then proceeded to emphasize the importance of lifting each other up in communities. 

Chris Gervang followed the talk by giving a brief introduction of himself and sharing some of his work in Open Source. He also welcomes the community members who have joined the OpenJS Foundation. In his keynote, Chris notes the importance of community engagement for project sustainability. Additionally, Chris and Robin announced the Javascript security collaboration and the movement of two projects kepler.gl and VS.GL to the OpenJS Foundation. Robin finished off the presentation by touching on the themes of open governance, stability, and security, and the announcement of the new OpenJS Open Visualization Collaboration Space

Full keynote available here: https://youtu.be/5XYzyItEug4 

Main Sections:

0:00 Introduction 

1:38 Welcome

2:35 Historical perspective

4:33 Opportunity to pause

5:07 Your work matters

9:40 Introducing: Chris Gervang and Joby Aviation

17:52 Community engagement for project sustainability

18:47 Open governance, stability and security

20:39 Announcing Javascript security collaboration space

23:52 JavaScriptLandia

25:57 Thank you!

OpenJS Resources: 

Main Site: https://openjsf.org/ 

Blog: https://openjsf.org/blog/ 

Join: https://openjsf.org/about/join/ 

Certification: https://openjsf.org/certification/

Twitter: https://twitter.com/openjsf

LinkedIn: https://www.linkedin.com/company/r-co…

OpenJS World 2022 – Here’s what you missed!

By Blog, OpenJS World

Earlier this month, we hosted OpenJS World, the OpenJS Foundation’s event bringing together the JavaScript and web development community. Our event covered an incredibly wide array of technical and community topics, focusing on testing and security, and open visualization with the announcement that the Urban Computing Foundation (UCF) is merging with OpenJS. 

We hope everyone enjoyed the conference whether you attended virtually or in person with us in Austin! For those who did not attend the event, we have the conference keynotes and sessions available on our YouTube channel for you to watch back.

In security, Open Source Security Foundation (OpenSSF) selected Node.js as its initial project to improve supply chain security. Node.js is the first open source community to be supported by OpenSSF’s Alpha-Omega Project. Alpha-Omega committed $300k to bolster the Node.js security team and vulnerability remediation efforts through the rest of 2022, with a focus on supporting better open source security standards and practices.

In testing, the OpenJS Foundation recently announced that popular JavaScript testing framework Jest is joining as an Impact Project. Jest and its assets are being donated by Meta Open Source. 

Keynotes

Day One kicked off with Robin Ginn, OpenJS Foundation Executive Director welcoming everyone. She was joined by Chris Gervang, Senior Visualization Engineer at Joby Aviation to announce that OpenJS was adding UCF to its foundation family through the new OpenJS Open Visualization Collaboration Space. UCF has for years been a forum for developers to collaborate on a common set of open source tools connecting cities, people, and mobility. 

Other keynote speakers included:

Additionally, we featured more than 40 breakout sessions across a variety of topics from AI to application development and project-specific talks. All of these are available on demand.

OpenJS World News

We showcased several announcements at the conference that reinforce our community’s goals in testing, security and visualization. See below, as well as on our Day 1 blog for more details.

OpenJS Foundation Welcomes Urban Computing Foundation

The OpenJS Foundation announced that the Urban Computing Foundation (UCF) has partnered with OpenJS to form the Open Visualization Collaboration Space. The Open Visualization Collaboration Space provides a place to openly govern the most comprehensive and widely adopted visualization libraries based on WebGL. UCF is also merging its day-to-day operations and budgets into OpenJS where it will govern these projects and more under the new OpenJS Open Visualization Collaboration Space. Two of its most popular visualization projects – vis.gl and kepler.gl – are moving under the umbrella of the OpenJS Foundation.

Foursquare, HERE Technologies, Joby Aviation and Uber join The OpenJS Foundation

OpenJS has welcomed four UCF members who are now members of the OpenJS Foundation: Foursquare, HERE Technologies, Joby Aviation, and Uber. Open visualization technologies are core to each of these companies’ leadership positions in the market, and by supporting the foundation, they are supporting the infrastructure and long-term growth of key open source projects that they rely on.​

Announcing our First Ever JavaScriptLandia Awards

The OpenJS Foundation celebrated 6 key community leaders, honoring them with the first ever JavaScriptLandia Awards for contributions to education, standards, security and more. Award winners were recognized onstage at OpenJS World and received a plaque and digital badge.

JavaScriptLandia is the home of the OpenJS Foundation’s individual supporter program, where community members can pledge support for OpenJS projects, maintainers, and get more involved in the community while earning badges and other perks.

Congratulations to this year’s recipients, and read more about each of them in our JavaScriptLandia blog.

  • Bethany Griggs – Unsung Hero 
  • Matteo Collina – Leading By Example
  • Darshan Sen – Outstanding Contribution from a New Arrival
  • Tzviya Siegman – Pathfinder Award for Standards 
  • Liran Tal – Pathfinder Award for Security 
  • Wes Bos – Pathfinder Award for Education 

Jest Joins the OpenJS Foundation as an Impact Project

Prior to the conference, we recently announced that popular JavaScript testing framework Jest is joining as an Impact Project. Jest and its assets are being donated proudly by Meta Open Source. Jest is a JavaScript testing framework. It allows you to write tests with an API with little configuration.

Thank you

We’d also like to share a big thank you to this year’s sponsors who made this event possible. Thanks to Diamond Sponsor IBM and jFrog, Platinum Sponsor Nearform, Gold Sponsor Influx Data, Silver Sponsors Bloomberg, Hasura, MariaDB and Red Hat, Bronze Sponsor Stellate, and Diversity Scholarship Sponsor nStudio.

We hope to see everyone next year!