Open Source Security Foundation (OpenSSF) Selects Node.js as Initial Project to Improve Supply Chain Security
From: Brian Behlendorf, OpenSSF Foundation, and Robin Bender Ginn, OpenJS Foundation
From: Brian Behlendorf, OpenSSF Foundation, and Robin Bender Ginn, OpenJS Foundation
OpenJS recently spoke with Yavor Georgiev, Co-Founder, and Head of Product at Fusebit, to learn more about how his product leverages Node.js and other benefits of the open source ecosystem. Fusebit prides itself on being a “developer-first” focused product that takes the pain out of implementing SaaS integrations. Yavor and one of his co-founders at Fusebit previously had worked at Microsoft specifically on bringing support for Node.js to the Azure Cloud.
We touched on the issue of security. Two of the co-founders of Fusebit were previously employees at Microsoft and later at Auth0, an identity and access management platform on which Fusebit’s security is based. Were it not for Node.js and companies like Auth0 being invested in securing the open source ecosystem, the Fusebit product itself wouldn’t be where it is today. They also leverage modules from npm where developers constantly update code and patch vulnerabilities.
The Fusebit service is like “Stripe for SaaS integrations.” So if you’re a developer working on a SaaS application and you need integrations to third-party SaaS products like Slack or JIRA, Fusebit provides the integrations in a turnkey way. Based on Node.js, there’s an infinite ability to customize solutions. As a result, Fusebit achieves great problem-solution-fits for their customers, unlike some low-code and no-code solutions. Another reason their product is focused on a developer audience is data fidelity is essential when connecting business software to something like Salesforce or other SaaS products. Someone has to have the right technical mindset to create that type of integration.
The Fusebit team is also a proud contributor to open source development. Most of their source code is available on GitHub, so customers can go in and fork features, SaaS connectors, etc., and make them their own.
We talked about everynode, a new project that Fusebit recently contributed to the open source ecosystem that lets developers run any version of Node.js, including the most recent builds on AWS Lambda. Lambda sometimes doesn’t have the latest versions available. The Fusebit team initially built it internally for integrations that required newer versions of Node.js and needed to run on AWS.
The Fusebit team routinely takes pieces of the Fusebit service and makes them available to the public, whether it’s npm packages, repositories, or other content. The team also contributes by filing issues and contributing fixes to OSS projects and Node.js itself when needed. On making parts of their code public, Yavor commented, “You know, selfishly, it’s actually better for more developers to be familiar with it instead of keeping it secret. The more people are familiar with aspects of Fusebit that we’ve made open source, the better for us.”
Fusebit thanks the Node.js community and everybody who’s contributing unpaid hours to make Node.js and the package ecosystem great. According to Yavor, the Node.js community has been a tremendous help to their product. They also give back to our community by hiring folks with Node.js in their skillset.
We at the OpenJS Foundation appreciate Yavor sharing his thoughts and experience.
As of October 2021, we have three new faces on the OpenJS Foundation Board of Directors. They are filling positions on the Platinum level, Gold level, and Community level. We welcome their collective experience and energy!
The Board sets technical policy, including “mission and vision statements, describing the overarching scope of foundation initiatives, technical vision, and direction.”
From our bylaws:
Each Platinum member is entitled to appoint one Director to the board, and the Platinum Directors are eligible to serve as chairperson and vice-chairperson. Gold and Silver members vote among themselves to select their representatives. The board also includes community representation, with up to 3 Community Director positions nominated by the CPC and its chartered committees.
PLATINUM DIRECTOR, MICROSOFT
Shayne is currently a Principal Program Manager, leading the Developer Experiences team focused on cloud developer experiences for VS Code, Visual Studio and Azure. He has been leading teams in developer advocacy, enterprise, open source, web and the cloud for more than 10 years.
GOLD DIRECTOR, GODADDY
END-USER DIRECTOR, NETFLIX
Alex is the Engineering Manager for the Node.js Platform team at Netflix responsible for curating the Node.js development experience for hundreds of engineers across the company. His team builds on the shoulders of the incredible open source communities that have found a home in the OpenJS Foundation, and advocates for the continued support and sustainability of the vibrant communities that have made today’s ecosystem possible.
We sat down with Nick O’Leary to learn more about the current status of Node-RED and how they are helping users who are not typical software developers.
This post was written by the Node.js Mentorship Initiative and was first published on Node.js Medium Account.
The Node.js Mentorship Initiative is excited to announce a new opening. We are looking to add a new mentee to our initiative. We, therefore, invite developers who are passionate about the Node.js ecosystem and are willing to learn and contribute towards its growth and development to apply to this opportunity.
The Mentorship initiative prides itself in identifying specific needs of Working Groups and Initiatives within Node.js and posts applications for available opportunities.
Over the past year, we have helped the Examples Initiative and the N-API working group to recruit new mentees, which is in line with our objective of helping to bring more and more contributors into the Node.js ecosystem, and eventually the broader OpenJS ecosystem.
We’re looking for someone with a decent knowledge of GitHub, good technical and communication skills, as the responsibilities of a mentee will include routine repo maintenance, communication with other initiatives to gather feedback, and the design of technical challenges to be completed by applicants.
This is a great opportunity to make a meaningful impact on Node.js while learning from industry leaders and world-class software engineers. Please apply here by May 13th, 2021. We look forward to receiving your application.
We are thrilled with how OpenJS World 2021 is coming together! The global event is happening virtually on June 9, 2021 and the call for speaking sessions is OPEN! You can submit your OpenJS World talk here: https://cfp.openjsworld.com/
Quality content is a keystone priority for the OpenJS World program committee and we want to help people get a leg up in submitting thoughtful and relevant content.
While it’s never our intention to provide strict directives on how to prepare your speaking submission, we do have some general guidelines serves to help you prepare the best submission possible.
As you get started, here are three things that you should consider before submitting your proposal:
There are plenty of ways to give a presentation about projects and technologies without focusing on company-specific efforts. Remember the things to consider that we mentioned above when writing your proposal and think of ways to make it interesting for attendees while still letting you share your experiences, educate the community about an issue, or generate interest in a project.
OpenJS World is a way to get to know the community and share your ideas and the work that you are doing and we strongly encourage first-time speakers to submit talks. In the instance that you aren’t sure about your abstract, please check out the #cfp-mentorship channel in the OpenJS Foundation Slack Channel.
You can join the slack channel here: https://communityinviter.com/apps/js-foundation/join-openjs-foundation-on-slack
In addition to the Slack channel, we are hosting an OpenJS AMA all around submitting great talks to OpenJS World. You can submit your questions here: https://forms.gle/fAjVWYEiNveo6BqS7
Additionally, tune in live on Feb 3 at 9 am PT: https://youtube.com/channel/UCjxM1d3fv_mSEBsyp5MTFrg/live
Ready to submit? Follow this link: https://cfp.openjsworld.com/