This was a talk given at HTML5DevConf SF in 2015.
Ever wanted to write your own Browserify or Babel? Maybe have an idea for something new? This talk will get you started understanding how to use a JavaScript AST to transform and generate new code.
Have you ever thought, “I wish it was easier to change JavaScript code programmatically?” Maybe you wanted to write or edit a configuration block in source code. Perhaps you wanted to generate customized algorithmic code. For many, this kind of thing seems inaccessible.
The tools exist, though. In this talk, Stephen Vance will look at how he has used recast and esprima to edit and rewrite JavaScript code, leaving the untouched code completely intact, including whitespace and comments. At the end, you should have enough knowledge to be dangerous and start to write the next automatic programming, AI, take-over-the-world, self-improving software.
ASTs are an incredibly powerful tool for understanding and manipulating JavaScript. We'll explore this topic by looking at examples from ESLint, a pluggable static analysis tool, and Browserify, a client-side module bundler. Through these examples we'll see how ASTs can be great for analyzing and even for modifying your JavaScript. This talk should be interesting to anyone that regularly builds apps in JavaScript either on the client-side or on the server-side.
Have you ever thought, “I wish it was easier to change JavaScript code programmatically?” Maybe you wanted to write or edit a configuration block in source code. Perhaps you wanted to generate customized algorithmic code. For many, this kind of thing seems inaccessible.
The tools exist, though. In this talk, Stephen Vance will look at how he has used recast and esprima to edit and rewrite JavaScript code, leaving the untouched code completely intact, including whitespace and comments. At the end, you should have enough knowledge to be dangerous and start to write the next automatic programming, AI, take-over-the-world, self-improving software.
ASTs are an incredibly powerful tool for understanding and manipulating JavaScript. We'll explore this topic by looking at examples from ESLint, a pluggable static analysis tool, and Browserify, a client-side module bundler. Through these examples we'll see how ASTs can be great for analyzing and even for modifying your JavaScript. This talk should be interesting to anyone that regularly builds apps in JavaScript either on the client-side or on the server-side.
Workshop JavaScript Testing. Frameworks. Client vs Server Testing. Jasmine. Chai. Nock. Sinon. Spec Runners: Karma. TDD. Code coverage. Building a testable JS app.
Presentado por ing: Raúl Delgado y Mario García
My JSConf.eu talk about next-gen JavaScript metaprogramming features, starting with ES5's new Object APIs and then focusing on the forthcoming Proxy object, approved for the next ECMA-262 Edition. This is beautiful work from Tom Van Cutsem and Mark Miller, with Andreas Gal helping on the implementation front -- proxies are already shipping in Firefox 4 betas.
Presentation I gave at a Rust Austin meetup in November 2018 about exploring different approaches for interpreting custom DSLs in Rust with varying speed characteristics and associated safety issues.
Powerful JavaScript Tips and Best PracticesDragos Ionita
Javascript Best Practices, IIFE, Immediately invoked function expressions, typeof, instanceof, constructor, random items from an array, generate an array of numbers, append an array to another array, is a number, is an array, remove an item from an array
This talk discusses various issues of low-level PHP performance, such as: When is it more efficient to use arrays or objects? What causes catastrophic garbage collection? Does adding type annotations make PHP faster or slower?
I will answer these types of question with a (shallow) dive into PHP internals, touching on various topics like value representation, bytecode optimization and GC.
PHP 8.0 is expected to be released by the end of the year, so it’s time to take a first look at the next major version of PHP. Attributes, union types, and a just-in-time compiler are likely the flagship features of this release, but there are many more improvements to be excited about. As PHP 8.0 is a major version, this release also includes backwards-incompatible changes, many of which are centered around stricter error handling and more type safety.
This talk will discuss new features already implemented in PHP 8, backwards-compatibility breaks to watch out for, as well as some features that are still under discussion.
Software development is riddled with explicit and implicit costs. Every decision you make has a cost attached to it. When you're writing code, you're making an investment, the size of which will for a long time define the costs of your future growth. In this talk you will learn how to see, understand and game some of these forces in your favour.
Great design patterns are reusable, modular expressions of what’s going on in your code. They allow you to communicate to other developers simply by the way you code, in addition to being easily maintainable themselves. Put simply, patterns are the available tools in the developer’s toolbox.
In this presentation, I review a few common patterns, their advantages/disadvantages, and how they can be implemented.
The source for this presentation can be found here: https://github.com/derekbrown/designpatterns
Love it or hate it, JavaScript is playing an increasingly important role in the next generation of web and mobile apps. As code continues to move from the server to the client, JavaScript is being used to do more than simple HTML manipulation. Be prepared for this transition and make sure the JavaScript you write is optimized and ready to perform on desktops and devices! In this session, you will learn ten practical tips that you can use today to write faster, more maintainable, memory friendly JavaScript.
Talk on code and craftsmanship delivered at KCDC. It's best to approach code the way people traditionally learned crafts. Go through the stages of apprentice, journeyman, master. Along the way, develop your ability to see, your ability to create, and your understanding of why things work.
Functional programming, though far from new, has gained much traction recently. Functional programming characteristics have started to appear in the PHP world, too. Microframeworks including Silex and Slim, middleware architectures (Stack) and even standards (PSR-7) rely on concepts such as lambdas, referential transparency and immutability, all of which come from functional programming.
I’ll give you a crash course in Erlang, a pragmatic functional language to make you feel familiar with the functional paradigm. By comparing code samples between Erlang and PHP, you’ll find out how and why you should employ functional programming in your PHP applications. You’ll see that functional programming is nothing to be scared of. On the contrary, understanding its concepts broadens your programming horizon and provides you with valuable solutions to your problems.
Fraud is a key--and evolving--challenge facing security teams today. This presentations highlight tactics organizations can deploy to dramatically reduce incidents of fraud, provides a high-level, technical overview of client-side attacks and demonstrates how man-in-the-browser attacks operate, reveals two techniques that can be used by a Web application to detect infected clients, and discusses practical aspects of implementing these two methods and how to use the output of the detection process in the application.
Workshop JavaScript Testing. Frameworks. Client vs Server Testing. Jasmine. Chai. Nock. Sinon. Spec Runners: Karma. TDD. Code coverage. Building a testable JS app.
Presentado por ing: Raúl Delgado y Mario García
My JSConf.eu talk about next-gen JavaScript metaprogramming features, starting with ES5's new Object APIs and then focusing on the forthcoming Proxy object, approved for the next ECMA-262 Edition. This is beautiful work from Tom Van Cutsem and Mark Miller, with Andreas Gal helping on the implementation front -- proxies are already shipping in Firefox 4 betas.
Presentation I gave at a Rust Austin meetup in November 2018 about exploring different approaches for interpreting custom DSLs in Rust with varying speed characteristics and associated safety issues.
Powerful JavaScript Tips and Best PracticesDragos Ionita
Javascript Best Practices, IIFE, Immediately invoked function expressions, typeof, instanceof, constructor, random items from an array, generate an array of numbers, append an array to another array, is a number, is an array, remove an item from an array
This talk discusses various issues of low-level PHP performance, such as: When is it more efficient to use arrays or objects? What causes catastrophic garbage collection? Does adding type annotations make PHP faster or slower?
I will answer these types of question with a (shallow) dive into PHP internals, touching on various topics like value representation, bytecode optimization and GC.
PHP 8.0 is expected to be released by the end of the year, so it’s time to take a first look at the next major version of PHP. Attributes, union types, and a just-in-time compiler are likely the flagship features of this release, but there are many more improvements to be excited about. As PHP 8.0 is a major version, this release also includes backwards-incompatible changes, many of which are centered around stricter error handling and more type safety.
This talk will discuss new features already implemented in PHP 8, backwards-compatibility breaks to watch out for, as well as some features that are still under discussion.
Software development is riddled with explicit and implicit costs. Every decision you make has a cost attached to it. When you're writing code, you're making an investment, the size of which will for a long time define the costs of your future growth. In this talk you will learn how to see, understand and game some of these forces in your favour.
Great design patterns are reusable, modular expressions of what’s going on in your code. They allow you to communicate to other developers simply by the way you code, in addition to being easily maintainable themselves. Put simply, patterns are the available tools in the developer’s toolbox.
In this presentation, I review a few common patterns, their advantages/disadvantages, and how they can be implemented.
The source for this presentation can be found here: https://github.com/derekbrown/designpatterns
Love it or hate it, JavaScript is playing an increasingly important role in the next generation of web and mobile apps. As code continues to move from the server to the client, JavaScript is being used to do more than simple HTML manipulation. Be prepared for this transition and make sure the JavaScript you write is optimized and ready to perform on desktops and devices! In this session, you will learn ten practical tips that you can use today to write faster, more maintainable, memory friendly JavaScript.
Talk on code and craftsmanship delivered at KCDC. It's best to approach code the way people traditionally learned crafts. Go through the stages of apprentice, journeyman, master. Along the way, develop your ability to see, your ability to create, and your understanding of why things work.
Functional programming, though far from new, has gained much traction recently. Functional programming characteristics have started to appear in the PHP world, too. Microframeworks including Silex and Slim, middleware architectures (Stack) and even standards (PSR-7) rely on concepts such as lambdas, referential transparency and immutability, all of which come from functional programming.
I’ll give you a crash course in Erlang, a pragmatic functional language to make you feel familiar with the functional paradigm. By comparing code samples between Erlang and PHP, you’ll find out how and why you should employ functional programming in your PHP applications. You’ll see that functional programming is nothing to be scared of. On the contrary, understanding its concepts broadens your programming horizon and provides you with valuable solutions to your problems.
Fraud is a key--and evolving--challenge facing security teams today. This presentations highlight tactics organizations can deploy to dramatically reduce incidents of fraud, provides a high-level, technical overview of client-side attacks and demonstrates how man-in-the-browser attacks operate, reveals two techniques that can be used by a Web application to detect infected clients, and discusses practical aspects of implementing these two methods and how to use the output of the detection process in the application.
Applications are constantly under attack. Unfortunately, nearly all applications have no capability of detecting an attacker or responding before a breach occurs. Those applications sit passively and allow the attacker to constantly unleash attack after attack. Let's change the game and equip our application with the resources to detect an attack with high accuracy and respond in real time to prevent a compromise by eliminating the threat from the system.
In this talk we'll cover the OWASP AppSensor project – a project that details how to instrument an application to become attack aware and immediately respond to neutralize threats. This project is backed by multiple talented security experts that have been advancing the project for the past three years. AppSensor has been featured in the Department of Defense Cross Talk journal, presented at the US Department of Homeland Security resilient software conference and at security conferences around the world.
Casting for not so strange Actos
- A presentation about the Actors pattern and a look at prototypes in 4 different programming languages - Jruby (Celluloid), Erlang, Elixir and Scala (Akka)
- Presented in "Strange Group Berlin" meetup on 12.03.2015 held at 6Wunderkinder
The following illustrates some of the common security challanges Node.js developers are up against. The presentation covers various types of JavaScript-related hacks and NoSQL injection hacking via Express and MongoDB.
jQuery Data Manipulate API - A source code dissecting journeyHuiyi Yan
Represent major data manipulate API in jQuery 1.6; such as .data(), removeData(), index(), globalEval() and so no. Also, HTML5 data-* attributes. I will walk you through with diving into jQuery source code and find out the killing techniques used in jQuery.
Lets look at writing a new Struts 2 application from square one, using the Yahoo User Interface (YUI) Library on the front end, and Struts 2 on the backend. YUI provides the glitz and the glamour, and Struts 2 provides the dreary business logic, input validation, and text formatting.
Ajax is the web's hottest user interface. Struts is Java's most popular web framework. What happens when we put Ajax on Struts?
In this session, we look at writing a new Struts 2 application from square one, using the Yahoo User Interface (YUI) Library on the front end, and Struts 2 on the backend. YUI provides the glitz and the glamour, and Struts 2 provides the dreary business logic, input validation, and text formatting.
During the session, we will cover
* How to integrate an Ajax UI with Struts 2
* Basics of the Yahoo User Interface (YUI) Library
* Business services Struts can provide to an Ajax UI
Who should attend: Ajax developers who would like to utilize Struts as a back-end, and Struts developers who would like to utilize Ajax as a front-end.
To get the most from this session, some familiarity with an Ajax library, like YUI or Dojo, is helpful.
Backbone.js — Introduction to client-side JavaScript MVCpootsbook
Using Backbone.js to move state to the client-side and the benefits of using a JavaScript MVC framework.
Delivered at SuperMondays, Newcastle upon Tyne, on 26th September 2011.
Sails.js is a realtime MVC framework for Node.js that is inspired by some of the best ideas behind Ruby on Rails and realtime frameworks like Meteor.js.
In this presentation I'll overview getting started with Sails.js, its architecture and features, as well as some advice on place to look at when you are getting started.
Learn a brand new way to think about web application development with Node.js!
AppSecCali - How Credential Stuffing is EvolvingJarrod Overson
This talk was given at AppSec California, January 2020.
Credential stuffing and other automated attacks are evolving passed every defense thrown in their way. CAPTCHAs don't work, Fingerprints don't work, Magical AI-whatevers don't work. The value is just too great.
How Credential Stuffing is Evolving - PasswordsCon 2019Jarrod Overson
Slides for talk given at PasswordsCon Sweden 2019. Credentials Stuffing is an automated attack that exploits users who reuse passwords by taking breached credentials and replaying them across sites.
Deepfakes - How they work and what it means for the futureJarrod Overson
Deepfakes originally started as cheap costing but believable video effects and have expanded into AI-generated content of every format. This session dove into the state of deepfakes and how the technology highlights an exciting but dangerous future.
Workshop slides originally given at the WOPR Summit in Atlantic City. Use JavaScript parsers and generators like Shift combined with Puppeteer and Chrome to reverse engineer web applications
The life of breached data and the attack lifecycleJarrod Overson
OWASP RTP Presentation on Data breaches, credential spills, the lifespan of data, credential stuffing, the attack lifecycle, and what you can do to protect yourself or your users.
Talk given at Mozilla's first View Source Conference in Portland, 2015. Details out the parallels between graphics and game developments compared to traditional web development.
Riot on the web - Kenote @ QCon Sao Paulo 2014Jarrod Overson
Slides for the keynote given at QCon Sao Paulo 2014. Talk goes into the problems scaling Riot and how we've tried to solve them as well as what we've learned from the web and what lies in store next.
This talk was given on Oct 23 at HTML5DevConf in San Francisco. The topic was Continuous Delivery as it relates to JavaScript applications, using tools like grunt and jenkins.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
32. • How do you get a JavaScript AST?
• How do you use it?
• How do you transform it?
• Building a transpiler.
33. Parsing JavaScript
• Esprima - Fast, conservative. Parses to ESTree format.
• Acorn - Error tolerant. Parses to ESTree format.
• Shift - Most spec-compliant. Parses to Shift format.
34. ESTree Shift
• Community effort
• Wide tool support
• Somewhat backwards
compatible with
SpiderMonkey AST
• Shape Security product
• Limited tool support
• Not compatible with ESTree
• Cross platform
• First spec-based AST
vs
Standardized AST formats
35. Why ever use Shift?
• Shift was developed by Ariya Hidayat (Esprima), Michael Ficarra
(CoffeeScript, loads of ES tools), and several others.
• Shift was designed specifically for simpler and more efficient
transformation and analysis code.
• Shift creators still contribute to ESTree.
• When in doubt, use ESTree for the community.
• If ESTree causes problems, consider Shift.
42. How do you transform an AST?
import {parseScript} from 'shift-parser';
import codegen from 'shift-codegen';
let ast = parse('let a = 2;');
ast.
statements[0].
declaration.
declarators[0].
binding.name = 'b';
let newSource = codegen(ast);
43. OK, Let's build a transpiler.
I really really like Arrow Expressions, how 'bout you?
44. Test first: what are we expecting?
(() => { return 2 })()
If we run* the following in an ES5 environment
it will return
2
* transpile and eval()
76. import {parseScript} from 'shift-parser';
import reduce from 'shift-reducer';
import codegen from 'shift-codegen';
import transpiler from './transpiler';
let ast = parseScript(source);
var result = reduce(transpiler, ast);
var newSource = codegen(result);
console.log(newSource);
78. Analyze Transform
• Linting
• Complexity
• Auto Documentation
• Type Checking
• API Conformance
• Transpiling
• Code generation
• Preprocessing
• Refactoring
• Reformatting
What can you do with an AST?
79. "The worst mistake man ever
committed was treating
source code as text."
- John Stamos
Season 3, episode 20 of "Full House"
80. When have you ever typed this
function greet(target) {
}
without this?
81. Have you ever been concerned about this string?
function greet(target) {
}