JSNation US 2025

Matteo Collina presents an updated talk on Node.js, discussing roles, open-source projects, and dispelling myths. He highlights Node.js vitality, contrasts with legacy technologies like COBOL and jQuery. The talk covers Node.js popularity, software reuse, module growth, and download stats. It addresses risks of not updating Node.js, LTS support phases, version updates, adoption rates, security measures, Node 24 features like ESM support and stable permissions. Collaboration processes, TSC role, governance, and benefits of Platformatic VAT for app development are also discussed.

In the Talk, the focus is on understanding software determinism and the implications for AI implementation. It delves into the importance of trustworthiness, reliability, and consistency in deterministic systems. The discussion also explores non-deterministic behavior in AI, emphasizing the pros and cons of unpredictability. The significance of measuring entropy tolerance in AI integration and business processes is highlighted, along with the value assessment based on tolerance levels. Additionally, the Talk touches on hybrid collaboration in AI utilization, showcasing examples of low, medium, and high entropy tolerance scenarios, and the role of AI in security auditing and high-tolerance tasks.

Starting a Greenfield project involves choosing frameworks, testing tools, linting, formatting, and runtime with the aim of unifying frameworks and tooling using Rust. The End of Framework Fragmentation with Rust aims for a great Developer Experience (DX) by choosing frameworks and tools based on ease of use, integration, documentation, ecosystem, speed, reliability, and future-proofing. Development benefits from the Vite server with HMR, native ESM, and optimized production builds, aiming to unify tools into the Rolldown bundler. Understanding dependency graphs, build steps, JSX, TypeScript, and bundle optimization are crucial for code organization and user experience enhancement. Bundling optimizes code for faster load times, while tool selection streamlining simplifies production builds. Vappack and OXE offer optimization features, and module resolution, code transformation, build transformation, and minification optimization play key roles in performance. Benchmarking shows SWC and OXC Minify performance comparison, and linting and formatting tools like OxLint and OXC Minify enhance development efficiency. VTest provides seamless testing, aiming for performance and compatibility, with plans for roll on Vite to become the default bundler for smoother processes.

Peter discusses building durable workflows in pure JavaScript, highlighting challenges in creating reliable systems, especially in complex applications like Money Transfer. Failures can occur due to various reasons, including process crashes, resource issues, timeouts, and API failures. Durable workflows involve checkpointing for recovery, traditionally involving heavyweight external orchestration systems. Designing a JavaScript workflow library aims for simplicity and durability, enabling checkpointing directly on app servers. Implementing the library includes checkpoints for safety, recovery, and workflow integrity maintenance.

Ayole Aonseola discusses converting web apps into desktop applications using Electron, emphasizing challenges with code signing, CI CD, and industrial scaling. Electron architecture focuses on security with context isolation and node integration. Engineering hurdles include distributing applications across OSs, implementing automation for error prevention, and ensuring app authenticity through code signing. Mac-specific configurations, like app bundle ID and notarization, are crucial. Building universal apps for Mac and Windows requires understanding differences in building environments and certificate access. Automation of signing processes with Azure and GitHub streamlines workflows, handling EV tokens and securely managing certificates. CICD automation includes base64 certificate encoding and triggering build processes on tag pushes.

Welcome to JS Nation. Marco Ippolito discusses NodeJS and TypeScript integration, challenges, and growth. TypeStripping in Node.js removes TypeScript syntax for execution. Efficient TypeStripping in Node 22 skips SourceMaps, aligns with TypeScript versions. Enhanced features in Node 22 support experimental TypeScript features with limitations. Node.js supports TypeScript features with erasable syntax and namespace in Node 23.8. Importing types correctly crucial to avoid errors. Node.js TypeScript integration update includes switching to TypeScript, browser support, and community involvement.

Will Klein shares insights on effective tool usage, exploring various DevTools in browsers. Discussing the evolution of browser features, maximizing benefits with Dev releases, and diverse perspectives in browser DevTools. Exploring color accessibility tools, font and color handling in Safari and Firefox DevTools. Highlighting unique features like font sliders in Firefox and debugging capabilities in Safari. Emphasizing the importance of accessibility tools, using multiple browsers for development, and understanding web workings over relying solely on AI and MCP for debugging.

Speaker reflects on the importance of testing, shares insights from the state of JS survey, and discusses future plans for JavaScript testing in 2025. Companies are exploring testing tools and methodologies based on surveys and personal data. Evolution of testing practices from browser to node-based environment with VTest adoption. Advancements in testing technology include VTest's role, Playwright for end-to-end testing, and comprehensive testing solutions. Progress in self-healing tests, AI integration, and tool resurgence like Storybook and MSW for API mocking. Diverse opinions on testing in 2025, with a focus on static analysis, VTest, and end-to-end testing resurgence to browser.

We all have those repetitive web tasks we wish would just handle themselves – sorting through data, extracting information from multiple pages, or customizing content for different audiences. What if your JavaScript application could do this autonomously, right in the browser?This talk demonstrates how to create intelligent AI agents in JavaScript that eliminate tedious tasks without sending sensitive data to the cloud. We'll combine modern web technologies with client-side AI techniques like RAG (Retrieval-Augmented Generation) and function calling to build applications that understand content, make decisions, and take actions based on user goals.

Riccardo, a developer advocate at Figma, discusses the challenges of transitioning from design to code and the role of a developer advocate in bridging the gap between designers and developers. Figma's tools like DevMod, Code Connect, and Figma MCP server aim to bridge the gap by providing seamless connections between design and code. The Figma MCP server enhances design-to-code workflow by improving agent understanding of design elements, resulting in better code generation and alignment with design intent. Recommendations for optimizing design-to-code output include reusing components, implementing Code Connect, connecting design variables to code tokens, naming layers appropriately, utilizing AutoLayout, and adding annotations for clarity and context in the code. Building and sharing a design system involves generating iOS UI code with specific language and framework, and open-sourcing a design system with custom rules and guidelines for agents. Enhancing agent capabilities through multiple MCP server connections for efficient design-to-code synchronization and communication is crucial.

The Talk delves into JavaScript artwork creation, debunking misconceptions and exploring its evolution from basic animation to advanced web development innovations. It discusses the development of animation technologies in JavaScript, comparing Canvas and WebGL, and emphasizes the diversity of tools available. The session focuses on using Canvas Sketch for creating custom and abstract designs, detailing rendering, saving points, working with coordinates and styles, and utilizing animation for interactivity. It also covers specifying animation parameters and exploring options for connectivity.

Joana Santos, a Fullstack Product Engineer at Synvertec 6, shares insights on the benefits of 10-Stack Router and discusses modern React app routing challenges. The discussion covers features like type-safe URLs, data loading, nested routes, dynamic parameters, and search parameter integration in 10-Stack Router. It also delves into dynamic URLs with type-safe parameters and search parameter integration, along with advanced routing capabilities such as authentication, masking URLs, and smart data fetching offered by TimeStack Router for enhanced user experience.

Online talk discussing web overlays, ads, models, and cookie banners. Focus on dialogues, popovers, and their history in web design. Emphasis on accessibility and successful UI strategies. Introduction of non-modal dialogues and popovers in web design. Insights on implementing model dialogues, popovers, and managing Z-index values. Exploration of Z-index challenges, top layer concepts, and dialogue accessibility. Analysis of dialogue opening, focus management, and urgent model dialogues. Implementation of advanced popover features, CSS anchor usage, and dialogue comparisons.

Introduction to Web Monetization and Payment Systems at SmallPDF with a Focus on Braintree Integration Issues. Challenges of Braintree Integration and Subscription Processing Impacting SmallPDF's Operations. Struggles with Global Payment Systems and Localization Impact on SaaS Platforms. Optimizing Local Payment Methods for Global Impact. Managing Compliance Challenges in Global Payments. Managing Global Payment Challenges. Managing Payment Risks and Uptime. Payment Orchestration for Enhanced Reliability. Front End Payment Orchestration. Handling Multiple Payment Gateways and SDKs. Rules Configuration for Payment Gateways and Scaling Benefits. Dynamic Payment Methods Based on Country and A-B Testing. Fast Detection of Payment Anomalies and Easy Gateway Rerouting

Leon, a developer advocate at Zencoder, discusses the power of spec-driven development and how past projects lay the foundation for strong specifications. Exploration of past project experiences and their conversion into strong specifications that form the basis for spectrum development, leading to effective collaboration with agents in planning and technology selection for project implementation. Utilizing agentic runs to efficiently complete tasks, track progress, and facilitate seamless project continuation for enhanced resource allocation and project completion.

Alfonso delves into AI in Node.js, focusing on AI agents and the Model Context Protocol (MCP). The discussion covers reasons for building MCP servers, secure code execution using Node.js and Docker, and customization for running code securely. Enhancements in LLM capabilities, Docker integration, and security measures are highlighted. Features like working directory snapshots, file updates comparison, and emphasizing security in MCP servers stand out.

Node.js offers significant capabilities for efficient file handling, emphasizing the importance of processing files effectively to avoid crashes and memory issues. Understanding streams, backpressure, and stream concepts like readable, writable, duplex, and transform streams is crucial for efficient file handling. Streams enable working with data in chunks, ensuring stable memory usage and efficient applications. Backpressure in streams optimizes memory usage by processing data incrementally, unlike loading entire files into memory. Utilizing readable streams in processing improves concurrency and avoids blocking the event loop.

The speaker delves into the integration of AI and eye tracking technology to enhance user interactions and experiences, emphasizing the need for cost-effective solutions with standard hardware. The advancement of AI models for local device execution is highlighted, enabling cross-platform data privacy and offline usage. MediaPipe Solutions, particularly Face Landmark Detection, offer detailed facial information in real-time, and iris feature extraction is utilized for precise gaze prediction. Model calibration and mapping techniques are discussed for improving gaze interaction accuracy and reliability.

Rethinking collaborative app development for offline and online usage, introducing LocalFirst paradigm. Challenges of offline usage in collaborative app development and potential solutions. Benefits of the local first paradigm for user data control and offline work in collaborative apps. Exploring the local first app demo with Yjs technology for collaborative features and offline functionality. Exploring Yjs for collaborative data management and synchronization in React components, enabling a shift to a local first approach. Exploring the reduced role of the server in synchronization, emphasizing user ownership of data. Using Yjs shared types for familiar CRUD operations, introducing Yjs providers for real-time collaboration, and leveraging IndexedDB for offline data storage. The y-index-db-provider persists the document locally, and the y-web-socket-provider relays updates for collaborative scenarios, ensuring consistent list management. While offline, users make individual additions to a shared document. Upon reconnecting, Yjs ensures consistent ordering of concurrent offline changes, guaranteeing a synchronized state across all clients. What happens when clients edit the same item in Yjs is demonstrated. The last write wins register in Yjs ensures the last operation prevails. CRDTs handle concurrent edits and deletions, favoring removals for definitive operations. Yjs provides an elegant solution with conflict-free replicated data types.

Ryan Feigenbaum highlights the risks of poor feature flag management, emphasizing the complexity and potential costs involved. Challenges in feature flag complexity are categorized into visibility, life cycle, and architecture. Enhancing visibility through clear naming conventions is crucial for preventing conflicts. Code graphs aid in evaluating feature flag logic, while the Piranha utility automates flag removal. Testing challenges include testing combinations, critical paths, safe rollouts, and simulating flag states. Edge flag evaluation is favored for rendering, and efficient flag management involves automated cleanup, testing tools, and regular reviews.

Talk on Data Analysts' Needs for JavaScript Developers. Aya K. Belispaeva, senior BI analyst, discusses bridging the gap between analysts and developers through real-life examples and challenges in healthcare finance. Physician Productivity Dashboard Challenges with Time Zones in Data Handling and Solutions in Healthcare Finance. Lessons from Healthcare Finance and Power BI Dashboard Performance Optimization. Optimizing JavaScript in Power BI for Improved Dashboard Performance and User Trust. Importance of Interface Optimization for Handling Massive Healthcare Datasets. Developers' Insights for Effective Healthcare Dashboards: Transparency over polish, smart defaults, and performance. Building Flexible Healthcare Billing Logic, Early Analyst Involvement, Accuracy Over Elegance, Empathy in Dashboard Design, Human-Technical Design Translation Challenges.

This talk emphasizes the importance of accessibility in app development for all users, highlighting various types of disabilities and the need for inclusive design. Neglecting accessibility poses legal, financial, and reputational risks, with active enforcement of regulations. Accessibility improves usability for all users, enhances user retention, and provides SEO benefits. React Native and proper element labeling play a crucial role in enhancing app accessibility. Dynamic content accessibility, text scaling optimization, and incorporating AI for accessibility enhancement are essential for creating inclusive and user-friendly apps.

Introduction to Generative Engine Optimization (GEO) for AI-discoverable websites. Importance of adapting to AI-driven search engines like LLM, chat GPT, and Perplexity. Shift from traditional SEO to focus on content readability and trustworthiness for machines. Key pillars of GEO: structured, semantic, fast, and sighted. Implementing AI-dedicated JSON endpoints for machine readability. Integrating AI text for structured data discovery through modern URI approach. Enhancing service information clarity with GO. Optimizing websites for AI discoverability by focusing on structure, mobile-first indexing, and AI optimization.

Nathan discusses the significance of WebAssembly for handling CPU intensive tasks efficiently. The comparison between Rust and JavaScript processing showcases the superior speed of Rust with WebAssembly. WebAssembly excels in CPU-intensive tasks like image processing, showing faster processing times and efficiency. The optimization of image filters with RUST.VASM.js demonstrates enhanced performance through importation of methods from Rust projects. The interface between JavaScript and WebAssembly is crucial for balancing tasks and optimizing performance, as seen in examples from Figma and eBay.

People often multitask during meetings, leading to lack of engagement. Importance of effective technical meetings for job satisfaction and career growth highlighted. Strategies for engaging and productive technical meetings through purposeful facilitation. Ways to make meetings engaging and goal-oriented, encouraging diverse thoughts in problem-solving. Varied participation styles create inclusivity and enhance meeting dynamics. Strategies to address meeting pitfalls include time limits, addressing lack of understanding, managing attendees, and ensuring discussions lead to action items.

The role of the software engineer is undergoing a fundamental shift. As AI becomes deeply integrated into our workflows, a new paradigm is emerging: the AI-Native Software Engineer. This isn't about being replaced; it's about amplification. This talk presents a practical playbook for developers to transition to AI being a versatile partner across the entire software development lifecycle.We'll explore the crucial mindset shift required to see AI as a productivity multiplier, not a threat. You will learn how to effectively orchestrate AI agents and tools - including the new Chrome DevTools MCP - to delegate routine tasks and free yourself to focus on high-level problem-solving, architecture, and innovation. We will move beyond basic code generation and discuss applying AI to system design, testing, debugging, and operations, transforming your role from a code writer to a systems thinker. Join me to discover how to "trust, but verify," maintain ultimate ownership and quality, and become an indispensable AI-native engineer who is shaping the future of software.

Fixing CORS errors is a frustrating rite of passage for every web developer. Bun's Rendering API makes it trivial to run your frontend and API on the same server, eliminating the entire category of cross-origin errors. Developers no longer need to wrestle with complex server-side headers or proxy requests just to fetch data from a different domain.

Things are evolving constantly and it's hard to know what's worth your time. As someone who learns and teaches for a living, Scott explores the web platform and what really matters.

Signals and fine-grained reactivity have recently become staples in modern JavaScript frameworks. However, 9 years ago, when Ryan Carniato created SolidJS, the blueprint for the modern framework, that was not the case at all. Today more developers use Signals than ever before, but we are only at the beginning of the journey. Join Ryan as he looks to the future of fine-grained reactivity, web development, and explores what lies beyond Signals.

JavaScript represents a big part of page weight - and optimising for performance often requires trimming or optimising the bundle - albeit imperfectly. At the same time, bundlers have never been more important in full-stack JS frameworks. In this session we’ll be rethinking how bundlers can optimise JS, if we let go of some of our previous assumptions about what bundling means.

Developers have gone full-steam from traditional programming to AI code assistants and vibe coding but where does that leave application security? What are the risks of LLMs introducing insecure code and AI applications manipulated through prompt engineering to bypass security controls?In a series of real-world application hacking demos I’ll demonstrate how developers mistakenly trust LLMs in generative AI code assistants that introduce insecure code and result in vulnerable applications that attackers easily exploit against you. We don’t stop here. We’ll apply adversarial attacks on neural networks in the form of prompt injection payloads to compromise LLMs integrated into AI application workflows and weaponize them for SQL injection and other business logic bypass.Join me in this session where you’ll learn how security vulnerabilities such as path traversal, prototype pollution, sql injection and other AI security risks are impacting LLMs and how to leverage AI security guardrails to secure GenAI code.

Modern apps face significant security threats, especially for browser-based JavaScript apps. This short talk will help you understand how app architecture and auth security impact each other. You will learn the most secure, standards-based architecture pattern for implementing auth for JS apps.

AI coding assistants are great at completing small tasks or features. However, what do you do when you are working with more complex code bases, and you need to build in-depth features that need upfront planning?This talk explores spec-driven development as a solution to this problem. I'll show you how modern AI coding assistants (like Kiro) can help break down complex tasks into three distinct phases. We'll look at the real-world tradeoffs of this approach, and most importantly and how you can use it in your own projects right away.

Setting up our beloved devtools with the right performance testing setup! Are you navigating through your performance panel right? Are you leveraging all the amazing performance features from the devtools? Got the right browser extensions installed?

This talk shares real-world lessons from building and operating remote MCP (Model Context Protocol) server. It covers the architectural decisions, technical challenges, and practical insights that came from enabling scalable, context-aware model execution in one of the world’s largest payment platforms.

You'll learn how to move beyond basic prompting to create comprehensive workflows to give your AI coding assistants all the architecture, best practices, project rules, code examples, and validation processes it needs to get the job done effectively. Through hands-on exercises with Claude Code, we'll demonstrate how proper Context Engineering unlocks a whole new level of agentic engineering while teaching practical techniques, templates, and best practices that help AI assistants understand your project standards and deliver production-ready code consistently.

Still wondering what blockchain is actually good for? This talk breaks it down in clear, developer-friendly terms: what makes it different and where it's useful. You'll explore real-world examples and see how AlgoKit 3.0 adds a powerful new tool to your stack — enabling you to build full decentralized applications, including smart contracts, using one familiar language: TypeScript.

Join me for a technical deep-dive on TypeGPU which, among other things, allows your WebGPU shader to be made up of JavaScript either partially or entirely. This means a library can be written fully in WebGPU Shading Language, yet accept a JS callback that gets compiled and injected into the shader code. Improving APIs by going past just tweaking knobs and parameters.In my talk, I’ll be touching upon how we offload most of this work to a build-step while still supporting dynamic scenarios, how we mitigate the differences between JavaScript and WebGPU Shading Language, and how we leverage existing tooling like the TypeScript language server to make CPU and GPU code connect seamlessly through types.

Compilers have long been seen as one of the most complex topics in computer science. Nowadays, web frameworks are evolving from runtime libraries into optimizing compilers and reshaping how we build user interfaces. Different topics in front-end development—e.g., reactive programming—are now experiencing this era fueled by static-analysis-driven insights.This talk will explore how modern UI compilers are redefining performance and developer experience. We’ll discuss how some compilers are designed and different open-source solutions — including the React Compiler, Million.js, Svelte, and Marko, as well as enterprise apps, and the growing role of compilers in automating things.By the end of the session, you'll probably be optimistic about a future where compilers understand our entire code and offload a huge part of our mental burden related to manual tasks!

Discover Firebase Studio, Google's new AI-powered, cloud-based workspace designed to supercharge your JavaScript development. Integrating a CodeOSS IDE, Gemini AI assistance, and Firebase JS SDK, Studio streamlines building, testing, and deploying full-stack JavaScript apps. Learn how Studio's AI accelerates coding, how templates get you started faster, and how to securely infuse your apps with the Gemini API using the production-ready Vertex AI in Firebase SDK. Key Takeaways: Leverage Firebase Studio for JavaScript; Boost productivity with AI assistance; Integrate Gemini securely via Vertex AI; Streamline your workflow from idea to deployment.

Kubernetes doesn’t have to be hard. In this talk, we’ll explore kubernetes-fluent-client, a TypeScript-based meta framework that makes working with the Kubernetes API intuitive even if you’ve never touched client-go. From building controllers to managing subresources like logs, scale, and proxy, this talk dives into how the fluent client simplifies cluster interaction through a clear, expressive API, server-side apply, and custom informers. Whether you’re writing automation or full-blown operators, you’ll walk away ready to build Kubernetes-native applications faster and with less boilerplate. KFC is the Kubernetes Client that serves as the engine for Pepr (An Admission Controller and Operator Framework built in TypeScript) and is an npm package.

npm powers the JavaScript ecosystem, but many developers still treat it as a black box.This talk aims to demystify core npm workflows and give developers with various levels of experience a clearer mental model of how npm works behind the scenes. With the rise of AI-assisted coding, many engineers are shipping code that depends on npm without deeply understanding it. Meanwhile, seasoned developers often struggle with subtleties around publishing, dependency resolution, and security.This talk clarifies the install and publish lifecycle, surfaces modern best practices, and offers decision-making tools that help developers avoid surprises and regain control over their tooling.