A brief history of front end engineering and why understanding the f2e technology stack is important for developers. An introduction to YUI 3 and the YUI Gallery project and overview of how contributing to OSS is good for the resume and good for the soul.
Since a couple of years, the NoSQL movement has developed a variety of open-source document stores. They are focused on high availability, horizontal scalability, and are designed to run on commodity hardware. These products have gained great traction in the industry to store large amounts of flexible data. Arguably, the next step for the NoSQL community is on harnessing flexible data processing.
The aim of this presentation is to introduce JSONiq: the SQL of NoSQL.
Front End Intelligence for Large scale Application Oriented IoT - Ahmed Bader, Hakkim Gazzai, Muhammed Alouini, Abdhulla kadri.
Published in IEEE Open Access Journal, July 2016.
How to Build Front-End Web Apps that Scale - FutureJSPhil Leggetter
Developing large apps is difficult. Ensuring that code is consistent, well structured, tested, maintainable and has an architecture that encourages enhancement is essential. When it comes to large server-focused apps, solutions to this problem have been tried and tested. But, with the ongoing dramatic shift of functionality into the browser, how do you achieve this when building Front-End Web Apps?
In this talk we’ll cover the signs to watch out for as your HTML5 SPA grows and provide examples of some of the tooling types that can contribute-to - as well as ease - the growing pains. Finally, we’ll demonstrate how tooling can be used to support a set of conventions, practices and principles that enable a productive developer workflow where the first line of code is feature code, features can be developed in isolation, code conflicts are avoided by grouping assets by feature and features are composed into apps.
The demonstrations will use the BladeRunnerJS open source developer toolkit, but the concepts are widely applicable.
Since a couple of years, the NoSQL movement has developed a variety of open-source document stores. They are focused on high availability, horizontal scalability, and are designed to run on commodity hardware. These products have gained great traction in the industry to store large amounts of flexible data. Arguably, the next step for the NoSQL community is on harnessing flexible data processing.
The aim of this presentation is to introduce JSONiq: the SQL of NoSQL.
Front End Intelligence for Large scale Application Oriented IoT - Ahmed Bader, Hakkim Gazzai, Muhammed Alouini, Abdhulla kadri.
Published in IEEE Open Access Journal, July 2016.
How to Build Front-End Web Apps that Scale - FutureJSPhil Leggetter
Developing large apps is difficult. Ensuring that code is consistent, well structured, tested, maintainable and has an architecture that encourages enhancement is essential. When it comes to large server-focused apps, solutions to this problem have been tried and tested. But, with the ongoing dramatic shift of functionality into the browser, how do you achieve this when building Front-End Web Apps?
In this talk we’ll cover the signs to watch out for as your HTML5 SPA grows and provide examples of some of the tooling types that can contribute-to - as well as ease - the growing pains. Finally, we’ll demonstrate how tooling can be used to support a set of conventions, practices and principles that enable a productive developer workflow where the first line of code is feature code, features can be developed in isolation, code conflicts are avoided by grouping assets by feature and features are composed into apps.
The demonstrations will use the BladeRunnerJS open source developer toolkit, but the concepts are widely applicable.
Here are the slides from my talk at @media in London two weeks ago titled "Professional Frontend Engineering." I had four goals for the talk.
Put a stake in the ground.
Reiterate our values.
Advocate the discipline.
Nurture a healthy Web.
The goals were threaded throughout the four sections of the talk::
Historical Perspective
Our Beliefs & Principles
Knowledge Areas & Best Practices
Why It All Matters
The professionalization of frontend engineering is a topic I'm passionate about. I think it is critical to the advancement of the Internet.
Presented May 30th, 2008, in London at the @media conference in the plenary opening day two.
Building Cross Platform Mobile Web AppsJames Pearce
Frameworks like Sencha Touch are heralding a new way of building mobile services using Javascript, HTML5 and CSS3. If you want to discover how to use standard web technologies to reach your mobile users in beautiful app-like ways, this session is for you.
We explore the possibilities that each of these rich, standards-based libraries can bring, we show how the mobile device is fast becoming a first-class Javascript run-time environment, and we discuss how we might be on the dawn of a new web age, where mobile and client-side applications can immerse billions of users with exciting, contextually-aware experiences.
Building Cloud-Based Cross-Platform Mobile Web AppsJames Pearce
As presented at http://www.meetup.com/MobileCloud/events/17159747/
The web is always evolving, but we're witnessing a significant architectural shift as services migrate to the cloud, business logic moves to ever-thicker clients, and the web escapes the desktop to become a beautifully mobile medium.
In this environment, web application frameworks like Sencha Touch offer a new way of building mobile services using HTML5, CSS3, and JavaScript. We'll explore the possibilities that this rich, standards-based approach can bring, how to develop mobile web apps that look and feel native on iPhone, Android, and BlackBerry touch devices, and how to leverage the power of cloud-based services to provide scalable and compelling applications in this new world.
Java Framework for Database-Centric Web EngineeringBeat Signer
Presentation given at WebE 2001, 4th Workshop on Web Engineering (in conjunction with 10th International World Wide Web Conference), Hong Kong, May 2001
ABSTRACT: We present a database-centric approach to web site development in which both application and web content data are managed by a database. The development process is based on three main stages of information modelling, document content design and presentation specification. A Java framework based on the OMS object-oriented data management system has been developed to support the development life cycle from rapid prototyping through to operation. We describe how the framework supports access from heterogeneous clients and how it has been extended to include a web content manager.
Our favorite language is now powering everything from event-driven servers to robots to Git clients to 3D games. The JavaScript package ecosystem has quickly outpaced past that of most other languages, allowing our vibrant community to showcase their talent. The front-end framework war has been taken to the next level, with heavy-hitters like Ember and Angular ushering in the new generation of long-lived, component-based web apps. The extensible web movement, spearheaded by the newly-reformed W3C Technical Architecture Group, has promised to place JavaScript squarely at the foundation of the web platform. Now, the language improvements of ES6 are slowly but surely making their way into the mainstream— witness the recent interest in using generators for async programming. And all the while, whispers of ES7 features are starting to circulate…
JavaScript has grown up. Now it's time to see how far it can go.
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
Browsers are escalating their feature set to accommodate new specifications like HTML 5, XHR Level 2 and DOM Level 3. It is forming the backbone of next generation applications running on mobile, PDA devices or desktops. The blend of DOM (Remote Execution stack) , XHR L2 (Sockets for injections) and HTML5 (Exploit delivery platform) is becoming an easy victim for attackers and worms. We have already witnessed these types of attacks on popular sites like Twitter, Facebook and Yahoo. It is of the essence to understand attack surface and vectors to protect next generation applications. We have an enormous expansion of attack surface after inclusion of features like audio/video tags, drag/drop APIs, CSS-Opacity, localstorage, web workers, DOM selectors, Mouse gesturing, native JSON, Cross Site access controls, offline browsing, etc. This extension of attack surface and exposure of server side APIs allow attacker to perform following lethal attacks and abuses.
XHR abuse with attacking Cross Site access controls using level 2 calls
JSON manipulations and poisoning
DOM API injections and script executions
Abusing HTML5 tag structure and attributes
Localstorage manipulation and foreign site access
Attacking client side sandbox architectures
DOM scrubbing and logical abuse
Browser hijacking and exploitation through advanced DOM features
One-way CSRF and abusing vulnerable sites
DOM event injections and controlling (Clickjacking)
Hacking widgets, mashups and social networking sites
Abusing client side Web 2.0 and RIA libraries
We will be covering the above attacks and their variants in detail along with some real life cases and demonstrations. It is also important to understand methods of discovering these types of vulnerabilities across the application base. We will see some new scanning tools and approaches to identify some of these key issues.
Creating hypermedia APIs in a few minutes using the API Platform frameworkLes-Tilleuls.coop
**Download the PPT to see screencasts**
API Platform is new open source PHP framework dedicated to the creation of modern web APIs.
It allows to bootstrap a fully featured API (pagination, validation, filtering, sorting, automatically generated documentation, HTTP cache, OAuth and JWT auth...) in just a few minutes.
It exposes out of the box popular API formats including Swagger, JSON-LD, Hydra, HAL, JSONAPI and Schema.org.
It is extensible and can be specialized with ease. Because it is built on top of the industry-leading Symfony framework, it already counts hundreds of available extensions (bundles).
In this talk, I'll show how to create a hypermedia API in just a few lines of codes, then take a look to the main features of the framework.
Covers a few very core ideas about promises in JS:
1. What they are
2. How to use the then() method to access value or rejection reason
3. Promise chaining
4. Passing values through promise chains
5. Promise callbacks returning promises are waited for
Demystifying the magic behind YUI 3 Attributes. A look at what's there, how it's broken down, what you can do, what you should and shouldn't do, and some help in answering the question "should I use a property or an attribute?"
More Related Content
Similar to Front end engineering, YUI Gallery, and your future
Here are the slides from my talk at @media in London two weeks ago titled "Professional Frontend Engineering." I had four goals for the talk.
Put a stake in the ground.
Reiterate our values.
Advocate the discipline.
Nurture a healthy Web.
The goals were threaded throughout the four sections of the talk::
Historical Perspective
Our Beliefs & Principles
Knowledge Areas & Best Practices
Why It All Matters
The professionalization of frontend engineering is a topic I'm passionate about. I think it is critical to the advancement of the Internet.
Presented May 30th, 2008, in London at the @media conference in the plenary opening day two.
Building Cross Platform Mobile Web AppsJames Pearce
Frameworks like Sencha Touch are heralding a new way of building mobile services using Javascript, HTML5 and CSS3. If you want to discover how to use standard web technologies to reach your mobile users in beautiful app-like ways, this session is for you.
We explore the possibilities that each of these rich, standards-based libraries can bring, we show how the mobile device is fast becoming a first-class Javascript run-time environment, and we discuss how we might be on the dawn of a new web age, where mobile and client-side applications can immerse billions of users with exciting, contextually-aware experiences.
Building Cloud-Based Cross-Platform Mobile Web AppsJames Pearce
As presented at http://www.meetup.com/MobileCloud/events/17159747/
The web is always evolving, but we're witnessing a significant architectural shift as services migrate to the cloud, business logic moves to ever-thicker clients, and the web escapes the desktop to become a beautifully mobile medium.
In this environment, web application frameworks like Sencha Touch offer a new way of building mobile services using HTML5, CSS3, and JavaScript. We'll explore the possibilities that this rich, standards-based approach can bring, how to develop mobile web apps that look and feel native on iPhone, Android, and BlackBerry touch devices, and how to leverage the power of cloud-based services to provide scalable and compelling applications in this new world.
Java Framework for Database-Centric Web EngineeringBeat Signer
Presentation given at WebE 2001, 4th Workshop on Web Engineering (in conjunction with 10th International World Wide Web Conference), Hong Kong, May 2001
ABSTRACT: We present a database-centric approach to web site development in which both application and web content data are managed by a database. The development process is based on three main stages of information modelling, document content design and presentation specification. A Java framework based on the OMS object-oriented data management system has been developed to support the development life cycle from rapid prototyping through to operation. We describe how the framework supports access from heterogeneous clients and how it has been extended to include a web content manager.
Our favorite language is now powering everything from event-driven servers to robots to Git clients to 3D games. The JavaScript package ecosystem has quickly outpaced past that of most other languages, allowing our vibrant community to showcase their talent. The front-end framework war has been taken to the next level, with heavy-hitters like Ember and Angular ushering in the new generation of long-lived, component-based web apps. The extensible web movement, spearheaded by the newly-reformed W3C Technical Architecture Group, has promised to place JavaScript squarely at the foundation of the web platform. Now, the language improvements of ES6 are slowly but surely making their way into the mainstream— witness the recent interest in using generators for async programming. And all the while, whispers of ES7 features are starting to circulate…
JavaScript has grown up. Now it's time to see how far it can go.
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
Browsers are escalating their feature set to accommodate new specifications like HTML 5, XHR Level 2 and DOM Level 3. It is forming the backbone of next generation applications running on mobile, PDA devices or desktops. The blend of DOM (Remote Execution stack) , XHR L2 (Sockets for injections) and HTML5 (Exploit delivery platform) is becoming an easy victim for attackers and worms. We have already witnessed these types of attacks on popular sites like Twitter, Facebook and Yahoo. It is of the essence to understand attack surface and vectors to protect next generation applications. We have an enormous expansion of attack surface after inclusion of features like audio/video tags, drag/drop APIs, CSS-Opacity, localstorage, web workers, DOM selectors, Mouse gesturing, native JSON, Cross Site access controls, offline browsing, etc. This extension of attack surface and exposure of server side APIs allow attacker to perform following lethal attacks and abuses.
XHR abuse with attacking Cross Site access controls using level 2 calls
JSON manipulations and poisoning
DOM API injections and script executions
Abusing HTML5 tag structure and attributes
Localstorage manipulation and foreign site access
Attacking client side sandbox architectures
DOM scrubbing and logical abuse
Browser hijacking and exploitation through advanced DOM features
One-way CSRF and abusing vulnerable sites
DOM event injections and controlling (Clickjacking)
Hacking widgets, mashups and social networking sites
Abusing client side Web 2.0 and RIA libraries
We will be covering the above attacks and their variants in detail along with some real life cases and demonstrations. It is also important to understand methods of discovering these types of vulnerabilities across the application base. We will see some new scanning tools and approaches to identify some of these key issues.
Creating hypermedia APIs in a few minutes using the API Platform frameworkLes-Tilleuls.coop
**Download the PPT to see screencasts**
API Platform is new open source PHP framework dedicated to the creation of modern web APIs.
It allows to bootstrap a fully featured API (pagination, validation, filtering, sorting, automatically generated documentation, HTTP cache, OAuth and JWT auth...) in just a few minutes.
It exposes out of the box popular API formats including Swagger, JSON-LD, Hydra, HAL, JSONAPI and Schema.org.
It is extensible and can be specialized with ease. Because it is built on top of the industry-leading Symfony framework, it already counts hundreds of available extensions (bundles).
In this talk, I'll show how to create a hypermedia API in just a few lines of codes, then take a look to the main features of the framework.
Covers a few very core ideas about promises in JS:
1. What they are
2. How to use the then() method to access value or rejection reason
3. Promise chaining
4. Passing values through promise chains
5. Promise callbacks returning promises are waited for
Demystifying the magic behind YUI 3 Attributes. A look at what's there, how it's broken down, what you can do, what you should and shouldn't do, and some help in answering the question "should I use a property or an attribute?"
This presentation will be a quick introduction to YUI version 3.3.0 and some of its core functions that should be most useful for building your hacks. We'll cover DOM manipulation and event subscription, animations, drag and drop, Ajax and YQL, and how to use CSS Grids for layout.
A review of some common pitfalls and how to avoid or discover them. Includes a quick overview of some of the debugging tools available (as of late 2009). Generic web dev content as well as YUI-specific content.
YUIConf 2010. A look at the how and why of YUI 3's module infrastructure and DOM abstraction layer (Node) and how to add special attributes, new methods, and synthetic DOM events for Node.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
4. Browser wars
1994 - 2000
• Very young web
• Immature concept of what a browser is
• Rush to push features
• Many many bugs
• Internet Explorer wins
5. Reflective years
2001 - 2005
• Dot com bubble bursts
• Internet Explorer 6
• Many more people on the web
• Emergence of professional web developers
6. The web grows up
2006 - 2007
• Explosion in new web content
• Internet Explorer 7, Firefox, Safari, Opera
• Professional front end engineering
• The web development environment is bad
• JavaScript libraries
7. Browser wars (take 2)
2008 - present
• Web is the game
• IE8, FireFox 3.6, Safari 4, Opera 10, Chrome
• Focus on technologies that power the web
• JavaScript libraries mature + CSS libraries
• F2E development tooling
8. Take away:
Today, more new development is
being done on the web than in
any other environment.
And the rate is increasing
9. 1997 2010
Still accessible Still fast Much more interactive
16. (X)HTML
Specification
Implementation
Bugs
server
17. (X)HTML
Specification
Implementation
Bugs
[ Theory / Practice ]
server
18. CSS
BOM API
(X)HTML DOM JavaScript
DOM API
Specification
Data Transport
mixed: new (x)html
data: custom, xml,
Implementation
json
behavior: js
Bugs
[ Theory / Practice ]
server
19. Safari Firefox Chrome IE6, 7, 8 Opera 10,000+ UAs
CSS
BOM API
(X)HTML DOM JavaScript
DOM API
Specification
Data Transport
mixed: new (x)html
data: custom, xml,
Implementation
json
behavior: js
Bugs
[ Theory / Practice ]
server
20. Macintosh Windows Linux, Unix, Mobile
Safari Firefox Chrome IE6, 7, 8 Opera 10,000+ UAs
CSS
BOM API
(X)HTML DOM JavaScript
DOM API
Specification
Data Transport
mixed: new (x)html
data: custom, xml,
Implementation
json
behavior: js
Bugs
[ Theory / Practice ]
server
21. Macintosh Windows Linux, Unix, Mobile
Safari Firefox Chrome IE6, 7, 8 Opera 10,000+ UAs
CSS
BOM API
(X)HTML DOM JavaScript
DOM API
Specification
mixed: new (x)html,
data: custom, xml,
Data Transport
Implementation
behavior: js
json
Defects
[ Theory / Practice ]
server
22. Macintosh Windows Linux, Unix, Mobile
Safari Firefox Chrome IE6, 7, 8 Opera 10,000+ UAs
knowledge areas: 7
CSS
(X)HTML
dimensions: xJavaScript
DOM
4 BOM API
DOM API
platforms: x 3
Specification
mixed: new (x)html,
data: custom, xml,
browsers perDefects platform: x 5
Data Transport
Implementation
behavior: js
json
rendering modes: x 2
[ Theory / Practice ]
server
=840
46. Thanks!
Luke Smith
lsmith@yahoo-inc.com
yuilibrary.com: lsmith
twitter: @ls_n
Editor's Notes
- Like Node, the event object passed back to each event handler is also a facade
- Reasons for the event facade are the same as they are for Node
- Unlike Node, Event properties can be accessed directly since the event is transitory. This also aids performance for cases like mousemove event.
- halt() = preventDefault() + stopPropagation()
- event properties that reference DOM elements (e.target) contain Node instances