JSFoo is in its ninth edition this year. Talks at JSFoo 2019 will cover the following topics:
- Component architecture – how different web components have been stitched together to build apps; outcomes on UI and performance as a result of architecture choices
- Deployment practices for front-end and how Kubernetes and CI/CD fall into this picture
- Developer experience (DX)
- Functional programming paradigms: ReasonML and ClojureScript
- Privacy and Content Security Policy (CSP)
- New developments such as SvelteJS
Speakers from Razorpay, CloudCherry, Myntra, Innovaccer, GitLab, Microsoft, Atlassian and Gramener will share their work and learnings on these topics.
Who should attend JSFoo:
JSFoo is a conference for practitioners, by practitioners. JSFoo 2019 is a conference for:
- Front-end engineers
- Senior software developers
- Team leaders and engineering managers
- Fullstack developers
- InfoSec professionals
JSFoo 2019 details:
Dates: 27 and 28 September
Venue: NIMHANS Convention Centre, Bangalore
The following workshops have been curated for before and after the conference:
For inquiries about conference tickets, workshop tickets and any other details, call JSFoo on 7676332020 or email firstname.lastname@example.org
JSFoo 2019 sponsors:
For tickets and sponsorships, contact email@example.com or call +91-7676332020. For queries about proposing talks, write to firstname.lastname@example.org
Lavakumar Kuppan, Co-founder at Ironwasp Security
Deploying and managing CSP: the browser-side firewallIntroduction to client-side Data Exfiltration attacks Introduction to Content-Security Policy Content Security Policy to prevent Data Exfiltration attacks ○ What is possible ○ What are the limitations How to design and deploy CSP to detect/prevent Data Exfiltration attacks How to monitor policy violations and alerts
Himanshu Kapoor, Senior front-end engineer at Gitlab.Inc
A spy in the battle of privacyIn this talk, I will talk about what goes behind the scenes when you click that little checkbox that says “I agree to the terms and conditions” of using a website. GDPR laws and active measures taken by browsers have made things a little better, but we still have a long way to go. I will talk about how you are being watched on the Internet, how every little mouse movement and every little keystroke is tracked, and where it all that information goes, other than your target website. Clear your cookies, clear your cache, use private browsing — do whatever you want — they still know who you are. If they don’t, they will lock you behind a paywall. This will also include things that may sound controversial. I will talk about double standards of some privacy advocates, including some major players, especially how they will only be pro-privacy in areas that don’t hurt their own business. (Disclaimer: this is purely my opinion.) Finally I will conclude with a few tips and tricks of keeping yourself and your data safe, especially the data is sensitive to you, like credit card numbers and passwords. And some other things like opting out of tracking, using browser plugins to block ads and trackers, fighting spam, identifying phishing attacks and using multi-factor authentication. This battle is far from over, and will rage on for years. But, for now, if us consumers can “opt out” of it, let us do that.
Reenu Saluja, Software engineer at Microsoft Corporation
Sponsored keynote: Enhancing Node.js apps outcomes with Kubernetes and CI/CDIn era of Agile Software development, when deploying applications most of the teams usually face a challenge between Dev and Ops because these two departments make the same application, but work completely in different ways. Let’s see how with Devops they work together without any misunderstandings and deploy NodeJS application on Kubernetes with CI/CD and result get benefits like shorten time to market, streamlined process, great user experience, less risky releases, less downtime and many more.
Lavakumar Kuppan, Himanshu Kapoor
Birds of Feather (BOF) session: On DevSecOps for front-end engineering
Rahul Gaur, UI/UX platform lead at Innovaccer
Breaking down the last monolithWith a monolithic frontend you never get the pliability to scale across groups as assured by microservices. Besides not being able to scale, there is also the classical overhead of a separate backend and frontend team. Each time there is a breaking change in the API of one of the services, the frontend has to be updated. Especially when a feature is added to a service, the frontend has to be updated to ensure your customers can even use the feature. If you have a frontend small enough it can be maintained by a team which is also responsible for one or more services which are coupled to the frontend. This means that there is no overhead in cross team communication. But because the frontend and the backend can not be worked on independently, you are not really doing microservices. This talk will describe our experiences, learnings and challenges that we encountered while breaking down our frontend monolith and running it in production since last 18 months.
Aravind Krishnaswamy, VP of Products at CloudCherry
How CloudCherry built a world-class Angular appThis talk will include Component Design - how do you approach building a large number of interrelated components in a fast changing environment? Architecture - how do you approach state management patterns? Design Systems - beyond just a UI toolkit, how do you establish principles for driving repeatable patterns? Performance - as your application gets more complex, how do you approach improving front-end performance? Ongoing Maintenance - how do you approach ongoing development with an eye towards ongoing maintenance as new releases come up? Hiring - how do you look for the best frontend talent? How long before new hires are productive? Career Paths - what are growth paths for the team? Full stack? Front-end architect?
Deepak Pathania, Senior software engineer at INDwealth
Building painless scheduling systems in NodeIntroduction Scheduling tasks Weapon of choice - Node cron (https://www.npmjs.com/package/cron) Code sample for a basic schedule. Pains Failure isolation Retry mechanisms for individual entries Monitoring Testing Idempotency Introduction Importance in scheduling Embracing failures and implicit retries Slack webhooks - monitoring 101 Stubbing your way around testing Conclusion
Upendra Dev Singh, Director of Engineering at Myntra Jabong
Rahul Kadyan, Senior software engineer at Myntra
Building for developer experienceAt Myntra, we have hundreds of micro applications built over a few years by a continuously changing team. Different people brought different ideas, and these applications became an amalgam of different design processes, themes, libraries, and tools with lack of any governing principles. These differences and no governance led to multiple forks in design and experience. Now, we have a solution which unifies the forks, makes it easier to deliver consistent user experience and much more. In this talk, I share the problems we faced: In maintaining a component library. In supporting hundreds of applications. In communicating design decisions. And how we ended up building tools for fixing broken developer experience, which in turn addressed the issues of user experience inconsistencies. In short, this is a story of re-making of a design system until it made sense to everyone.Non
Nadia Makarevich, Senior developer and tech lead at Atlassian
Sponsored talk: Jira Frontend architecture (r)evolution: a story of mistakes, revelations and human natureThis talk will cover: A bit of history of frontend in Jira How architecture of frontend looked like at the beginning How it changed in the following years and why How Jira’s frontend architecture looks like today and why
Rakesh Paladugula, Training manager for accessibility at Adobe
Three tips to make a rich component richerAccessibility is a buzzword in the front-end market. What does accessibility means to the world? Why is it important? What are the simple yet important things a UI developer should care for? How are popular frameworks doing behind the hoods? Is ARIA an area of importance? Let us get answers to these questions while learning good UI practices.
Jai Santhosh, Software developer at Microsoft Research
Developing in a large monorepoA closer look at package management Since there are 100+ highly inter-connected internal npm packages which declare over 2,500 external dependencies, we will briefly take a look at how packages and dependency management. We will discuss the structure of each package in the monorepo and how dependencies are expressed across these packages. We will also look at the .tsconfig file organization to understand package dependencies internally in the monorepo. The packages contain transpiled TypeScript code and bundles generated using webpack and the modules from these bundles are used across various product endpoints. Using yarn workspaces to handle external dependencies We use yarn workspaces to install our external dependencies and link the Midgard-hosted packages together based on the dependencies expressed in the package.json files. Faster type-checking across these packages The fastest validation is type-checking; when we produce invalid TypeScript code, IntelliSense gives us instant visual feedback within the editor. This is probably the most useful and loved validation step. So we want to make sure it works and it works fast. Using Test Apps to vaidate user behaviour To validate more complex component behaviors, like user interactions, we use test-apps. Test apps are either webpages or native applications which load our bundles to render our components for manual testing. This is probably the second most popular validation workflow, therefore we care a lot about it. Using Lerna to prepare packages TSC will produce the files described in the package.json file, so now the package is ready to be consumed. The *.js files are the JS files containing the code ready to be consumed. The *.d.ts files (DTS) are the files containing type information, they are used to type-check the code consuming this package. The *.d.ts.map are used by IntelliSense to enable cross-package code navigation. Because producing these files is necessary before a package can be consumed, we call this step “prepare”. Because a package can be prepared only if its dependencies are already prepared, we need to run the prepare script in all packages in topological order. We use Lerna to orchestrate this.We usually use Lerna to run the watch process in each package of the dependency tree of the component we work on. Improving “watch” across packages We will also briefly look at how we will manage watch processes across the packages and optimizing by exposing packages pubic interfaces from JS+DTS files to TS files for the monorepo-hosted packages. Its also important to discuss the Intellisense performance here. We will go over a sample monorepo structure to explain this in detail.
Jasim A Basheer, founder of Protoship
Learning to learn ReasonMLThis talk will cover: Unlearning: why, and what The three things to wield a language intimately: programming in the small, programming in the large, and tooling UI development with React and ReasonReact Functional Programming: why recursion? why lists? Types: what does it really mean to say there is no null Front-loading all the thinking to types, so you can program without thinking
Umang Galaiya, Senior front-end engineer at Razorpay
Rethinking front-end Apps with SvelteA bit about Svelte Introduction to Reactive Programming DX vs. UX, and what Svelte proposes Introduction to writing code in Svelte Similarities and differences with existing solutions Live examples in the REPL
Shivek Khurana, Fullstack Clojure developer at JUXT
Ritesh Pillai, Umang Galaiya
Birds of Feather (BOF) session: On exepriences using SvelteJS and why to choose it
Aram Bhusal Principal Engineer at Zoomcar
What or how not to do in Redis worldWhat you can expect from this session: Some of the common mistakes and a few stories of people having burnt themselves (Mis) Using redis as a Persistent storage Single thread headaches Where redis screams & then some (Did someone say rate-limiting?)