April 17, 2025
Node Congress
Online

Node Congress 2025

Master Fullstack: JS Backends, DevOps, Architecture

The conference on all things Node.js, DevOps, Edge-native workers (Cloudflare & others), Serverless, Deno & other JavaScript backend runtimes, gathering Back-end and Full-stack engineers across the globe.

This edition of the event has finished, the latest updates of this JavaScript Conference are available on the Brand Website.
The Hitchiker's Guide to Event Driven Architectures
30 min
The Hitchiker's Guide to Event Driven Architectures
Today's Talk introduced event-driven architectures with Node.js. The event loop in Node.js enables non-blocking interaction between components. The event emitter class is used to handle events synchronously. Redis and Apache Kafka are popular tools for event handling, with Kafka providing scalability and persistence. Kafka.js is a JavaScript library that supports transactions and compression. Server-sent events are used to send events to the client. A plugin and library are used to convert an event emitter to an async iterator. The client displays emojis and updates the vote count.
Thinking Like an Architect
23 min
Thinking Like an Architect
In modern software development, architecture is more than just selecting the right tech stack; it involves decision-making, trade-offs, and considering the context of the business and organization. Understanding the problem space and focusing on users' needs are essential. Architectural flexibility is key, adapting the level of granularity and choosing between different approaches. Holistic thinking, long-term vision, and domain understanding are crucial for making better decisions. Effective communication, inclusion, and documentation are core skills for architects. Democratizing communication, prioritizing value, and embracing adaptive architectures are key to success.
Make Hono work on Node.js
15 min
Make Hono work on Node.js
Today's Talk is about making Hono work on Node.js. Hono is a backend for web frameworks that supports TypeScript. It started as a Cloudflare workers framework and now supports multiple runtimes. The Node.js adapter allows Hono applications to run in Node.js by converting Node.js APIs into web standard APIs. Benchmark tests show that Hono is faster than Express but slower in some core areas. The Node.js adapter has been widely used and has undergone performance improvements. Overall, adding Node.js support to Hono has been successful in reaching more users and improving quality.
Running Java in Node.js with WebAssembly
19 min
Running Java in Node.js with WebAssembly
Hello, everyone. Welcome to my talk on running Java in Node.js with WebAssembly. Many organisations have a lot of Java code, and as they adopt newer technologies such as Node.js or CloudFloat workers, maintaining interoperability with this existing code becomes important. WebAssembly is a stack machine-based thing, like the JVM, but with a different instruction set. It improves over Asm.js with a new binary format and supports streaming compilation, SIMD, and 64-bit integers. Compiling Java code to WebAssembly involves converting JVM instructions, handling local slots, recovering if statements, and understanding control flow. Short circuit conditionals and loops are important to consider in the conversion process. Additionally, memory allocation, object creation, and program memory are key concepts. Overall, this talk explores the challenges and techniques involved in running Java in Node.js with WebAssembly.
The Path to Native TypeScript
24 min
The Path to Native TypeScript
Today's Talk discusses the integration of TypeScript in Node.js. The path to native TypeScript in Node.js is explored, including the history of user requests for native support. Implementing TypeScript in Node.js poses challenges due to differences in stability guarantees and tool compatibility. TypeStripping is a transpilation-focused implementation that removes non-JavaScript features, making it stable across TypeScript versions. The Amaro package, built on SWC, provides compatibility and speed for type stripping. Experimental Strip Types and Transform Types flags enable erasable TypeScript features. TypeScript has limitations such as namespace and enum support in JavaScript and code migration issues. TypeScript Import Types and Syntax Detection are ongoing developments. Ambiguity in syntax between JavaScript and TypeScript is addressed with an erasable syntax only flag. Future steps include bug fixing, performance improvements, and upcoming Node.js releases.
How to Simplify your Codebase
35 min
How to Simplify your Codebase
This talk focuses on the challenges of working with large codebases, such as unclear module boundaries, code repetition, and cluttered flows. Dead code is identified as a major problem that adds clutter and cognitive load to developers. The abstract syntax tree (AST) is introduced as a tool for systematically accessing code. TSmorf is recommended for finding and removing dead code by traversing and manipulating the AST. Cyclic dependencies are discussed as another issue, and MADGE is suggested as a tool for identifying and resolving circular references. Barrel files are presented as a method for organizing code and resolving cyclic references. The process of replacing imports and removing empty calls is explained. The key takeaways include the importance of a good layered architecture, eliminating dead code, breaking cyclic dependencies, and reducing barrel files.
What is a Vulnerability and What’s Not? Making Sense of Node.js and Express Threat Models
17 min
What is a Vulnerability and What’s Not? Making Sense of Node.js and Express Threat Models
In this talk, we will discuss security, vulnerabilities, and how to improve your overall security. We will explore various vulnerabilities and the difference between developer errors and misconfigurations. Understanding threat models is crucial in determining responsibility for vulnerabilities. Developers have the ultimate responsibility for handling user input, network data, and other factors. Understanding threat models, best practices, and taking ownership of dependencies are key to improving security. Security is an ongoing process that requires dedication and understanding.
Using AI as Your Performance Expert in Node.js
20 min
Using AI as Your Performance Expert in Node.js
Today's Talk discusses the transformation of performance monitoring with AI in Node.js. AI-powered tools can analyze massive amounts of data and provide actionable insights, making performance debugging faster and more efficient. Traditional profiling techniques are often time-consuming and require deep expertise. AI-powered diagnostics analyze data and provide recommendations for optimizing performance. AI-driven performance analysis correlates performance issues with system metrics and generates code optimization suggestions. Advancements in performance debugging include detecting CPU bottlenecks, memory leaks, and combining multiple data sources for context-aware insights. The AI-powered demo showcases the detection and optimization of performance issues in a Node.js application. Integrating AI-powered performance monitoring is straightforward and requires a mindset of continuous learning and curiosity in performance optimization.
It’s Not Magic: Elevate Auth Security with PKCE Best Practices
5 min
It’s Not Magic: Elevate Auth Security with PKCE Best Practices
The talk discusses the need to enhance auth security with Pixie Best Practices and the limitations of current standards like OAuth 2 and OpenID Connect. It introduces Pixie as an added layer of security over the authorization code flow and explains how it prevents code injection. Pixie enhances security by connecting client requests with responses from the authorization server, preventing cross-site request forgery attacks. It is recommended for public clients and will be required for all clients in the upcoming OAuth 2.1 spec. The talk also highlights the benefits of Pixie for enhancing security in web apps. Learn more about Pixie and best practices at FusionAuth, where Kim Meida, Senior Director of Developer Relations, provides developer-first auth and auth APIs.
NodeJS & AI: Building Smarter Applications
19 min
NodeJS & AI: Building Smarter Applications
Today's Talk explored combining Node.js and artificial intelligence to build smart applications. Two types of models, closed and open source, were discussed, with closed models accessed via an API and open source models hosted locally or on the cloud. The use of RAC (Retrieve of Method Generation) to enhance models was explained, along with the process of obtaining data and improving retrieval performance. Chunking, embedding, and vector databases were introduced as techniques for organizing and transforming data. The Talk also covered data retrieval using semantic search and the generation of human-readable answers using models. The concept of enhancing models with agents was discussed, focusing on how agents break down complex goals and utilize external functions. The use of tools and the React pattern in implementing agents was highlighted. Lastly, the Talk touched on implementing agent patterns and enhancing LLMs, with demos and code available for further exploration.
What's in a Node.js Bug – A Case Study
23 min
What's in a Node.js Bug – A Case Study
I'm going to talk about character encodings, specifically a Node.js bug related to UTF-8. Two popular encodings are UTF8 and UTF16. The bug was discovered in August 2024 and was traced to a specific pull request in the Node.js core repository. The bug is caused by an incorrect implementation of the fast write string method. Lessons learned include the importance of naming conventions and thorough testing beyond coverage analysis.
Dabbling With Deno — Tales From a Web Developer Playing With a New Toy
26 min
Dabbling With Deno — Tales From a Web Developer Playing With a New Toy
Thanks for a great talk. I'm Phil Hawksworth, head of developer relations at Deno. I'll be available for Q&A later. Connect with me on social media at philhawksworth. So he took Node and he split it, and he sorted it, and joined it, and Deno was born. But naming things is hard. I've been building for the web for 25 years. Across different places, I've observed that web developers tend to follow trends over the years. JavaScript has become ubiquitous, powering the web from the front end to the server and beyond. Node.js has played a significant role in bringing JavaScript into the mainstream, increasing its resilience. The natural evolution of JavaScript is exciting, with new tools emerging. Personally, I'm cautious about adopting new tools, but I stumbled upon Deno while building edge functions on Netlify. It is powered by Deno under the hood and resembles JavaScript. I was writing functions in JavaScript and TypeScript without realizing that Deno was powering them under the hood. I got excited about using a site generator called Loom, which led me to discover Deno. Installing Deno and running its commands got me started. Deno is an open source JavaScript, TypeScript, and WebAssembly runtime with secure defaults. It's built on V8, Rust, and Tokyo and offers a JavaScript runtime, TypeScript toolchain, package manager, and task runner. Deno is a tool that encompasses various functionalities, including testing, linting, formatting, benchmarking, and compiling. Its API is based on web standards, making it familiar to web developers. Enabling Deno in your IDE provides insights into your code and hinting across the Deno ecosystem. Deno package management allows you to import packages from the NPM or the node ecosystem to ease the transition. Managing dependencies and updating packages is simplified with Deno. Deno clean purges the cache, allowing gradual repopulation. Tasks in Deno are managed in Deno.json and can be run using the commands run or task. Deno's built-in test framework allows for running tests using the command denotest. Deno includes a built-in TypeScript and JavaScript toolchain, eliminating the need for additional configuration. Deno allows running TypeScript files without the need for compilation. It offers tools for type checking, generating type definitions, formatting code, and linting. Deno simplifies and unifies various tools, making it easier for teams to adopt a consistent toolset. Deno's security model and performance are robust. Explore examples, tutorials, the Deno Discord, Blue Sky updates, and a deep dive video to learn more about Deno. Thank you for your time!
Bull-Ish Your Queues With BullMQ
23 min
Bull-Ish Your Queues With BullMQ
Hello, and welcome to this talk where I talk about queues and Boolean Queue. Today I want to tell you a story of a team working on a client project that needed to handle a simple queue. They approached the platform team for help, but were only given one queue, which wasn't enough. The team had to find a solution using the tools they already had, such as Posgas SQL and Elastic Cache. The first possible solution was pgboss. If you don't know pgboss, it is a simple npm package that you can install in your node application and basically create a sort of queue system on top of Posgas SQL. And expose an API to call the queues and handle the queues inside of your application. The only solution left is Elastic Cache and Redis. And in this particular scenario, what shines is BoolMQ. BoolMQ is a simple npm library that implements a fast and robust queue system on top of Redis. It can be used to decouple your code and create a microservices architecture. You can create a flow by depending on different queues and creating the result based on each queue's result. Out of the box, BoolMQ provides parallelism and concurrency. Additionally, you can have OpenTelemetry set up and a UI dashboard for queue monitoring. To create a PullMQ queue, provide a name and a connection string to Redis. The code includes a run method that continuously pushes new temperatures into the queue. The consumer uses a worker to handle data and execute queries. Close the connection when closing the Node.js process. Run the publisher to push data and the consumer to receive data. Create multiple publishers or consumers as needed. The second demo shows how to set up OpenTelemetry in your Node.js environment to track what happens inside your queues. Use BullMQ Hotel and the BullHotel instance to track telemetry for your queues. The last demo demonstrates the use of Fastify with BullMQ to create a UI for managing queues. You can do whatever you want with OpenTelemetry. The last demo showcases a Fastify application within the UI. Fastify is a simple framework for handling Node.js APIs. Set up Fastify using the Fastify adapter exposed by BullMQ, BullBoard. Expose the '/UI' API to show the UI in the server. The UI allows you to interact with the queues and view completed items. BullMQ is a straightforward solution for handling queues and can be easily scaled using Redis. For most cases, using a queue is necessary and well-documented. However, it relies on Redis, which means data loss if Redis goes down. Additionally, you'll need to learn another library. Thank you for listening!
From Cloud to Edge Computing - Unleashing the Power of Webassembly at the Edge
21 min
From Cloud to Edge Computing - Unleashing the Power of Webassembly at the Edge
In this Talk, the speaker covers the fundamentals of edge computing, cloud computing, and web assembly. They explore the synergy between WebAssembly (Wasm) and Edge computing and provide a use case demonstrating how Edge utilizes Wasm and edge computing. The evolution of cloud computing to edge computing is discussed, with a focus on adding computing to the CDN layer. The recent developments in compute capabilities on CDN networks, such as edge workers and serverless functions, are highlighted. The potential of WebAssembly for backend development and distributing portable binaries is showcased, along with its support in Node.js. WebAssembly runtimes and their role in enabling quick execution and secure sandboxing at the Edge are discussed. The talk also mentions the ability to perform secure data collection and the announcement of a component registry for WebAssembly components.
Inside the Engine: How Modern JS Test Runners Work and the Traps They Hide
22 min
Inside the Engine: How Modern JS Test Runners Work and the Traps They Hide
Hello, I'm grateful that you chose to watch my talk. Thank you. Last week, I had to run some unit tests while I was coding. Business performance can be awesome. It has very interesting and outstanding features. These test sets are overly complex. It's easy to find yourself troubleshooting for hours. VTest has almost 200 configuration options. By explaining how things work, we can answer questions about using complex third-party runners versus the built-in node.js runner. Understanding better helps avoid pitfalls, troubleshoot faster, and identify opportunities for configuring things better. The CLI layer does validation and hands over to the VTest class. It searches for test files, runs them efficiently using a pool of workers, and ensures isolation to prevent issues with dirty state. VTest uses the piscina library to facilitate work with multiple workers and improve performance. The workers prepare by setting the right globals, initializing snapshots, deciding the test runner file, and starting coverage collection. Each worker executes all the tests in a file and sends an RPC message when done. The decision to reuse or create a fresh worker is determined by the isolate configuration option. Consider spreading tests among more files to fully utilize the machine. Choose between process, thread, or VM as the worker type. In terms of isolation, you can choose between using a process, a thread, or a VM. Process is the heaviest in terms of performance cost, while thread is lighter. VM performance depends on known slower aspects like accessing globals. Process is the classic choice for stability, but thread has limitations and known issues. VM has reporting issues with memory leaks. Benchmark results showed that using multiple processes was 50% better for real-world applications, but for unit tests, one process was ten times faster. Thread was slightly faster than process, and VM was slower. The price of isolation with process worker types was approximately three minutes. Without isolation, the tests lasted only two minutes, much faster, but with a few failures. Threads showed similar results with a few failures. The risk of dealing with testing issues increases without isolation. By default, tests run sequentially inside workers, but you can configure them to run in parallel using the 'concurrent' keyword. However, tests still run sequentially despite specifying 'concurrent'. Concurrency in VTest is based on promises and requires asynchronous work. Unit tests run sequentially and concurrency has no isolation. Mocking in one test affects other tests running simultaneously. In choosing worker configurations, it depends on the context. In-file concurrency is best avoided, and the process worker type is recommended as the default. Isolation is crucial in integration tests but not mandatory in unit tests. Inside the worker, a TypeScript file is handled, and failures can occur when mocking functions. Mocking doesn't work in the worker. The worker handles TypeScript files and transpiles them using Vite server. Vite server replaces imports and hoists the mocking. Vite introduces a new module loader in the runtime. Vite hoisted the mock to the first line in the transform code to make it before the import. Additionally, Vite changes mocks to dynamic imports, ensuring that mocking works. Vite intercepts function calls on the file import level, but cannot intercept calls between functions in the same file. Moving function two to a different file or using an object export can solve this issue. Function one calls function two on the same object context. Use Spy to replace functions inside the object. Vite offers a range of plugins for different functionalities. You can fix import issues by customizing Vite's runtime. The Vite server handles dependency resolution and transformation. Consider using the built-in test runner or mockup for small-scale testing. Gain a better testing experience with Vite's customized runtime.
The Alleged ‘End’ of Node.js Is Much Ado About Nothing
26 min
The Alleged ‘End’ of Node.js Is Much Ado About Nothing
Hello, welcome to Node Congress 2025. Node is not dead and will remain popular for a long time. Node has a large number of downloads across different platforms. Despite known vulnerabilities, older versions of Node are still widely used. Node.js is an active and thriving project with a strong focus on security. Recent updates have introduced new features and improvements, including ESM support, stable threads, and web platform compatibility. Node is governed by the OpenJS Foundation and maintained by collaborators. Consensus-seeking is important for the project's development. Start contributing and be part of the future of Node.js.
WinterTC and How Standards Help Developers
5 min
WinterTC and How Standards Help Developers
WinterTC is working on standardizing JS runtimes to avoid vendor lock-in and provide a universal API. This involves defining which web APIs should be included, such as URL and WebAssembly. The goal is to create a definitive list of APIs for server-side JS runtimes.
Introducing AdonisJS - Your Gateway to Full-stack TypeScript Applications
23 min
Introducing AdonisJS - Your Gateway to Full-stack TypeScript Applications
Today we are going to talk about Adonis.js, a full-stack framework for creating web applications or JSON APIs in TypeScript and Node.js. Adonis.js is TypeScript first, embraces Node.js, and is designed for teams and individuals who prefer opinionated frameworks. We are going to build a simplistic version of Product Hunt called OS Hunt in Adonis.js. We will define routes, create a controller, and interact with the database. Adonis.js provides pre-configured tools for handling form submissions and validating user input. User authentication and registration can be implemented without third-party packages. Adonis.js integrates tightly with the Wine validation library and has support for email verification.
Beyond Buzzwords: Practical Vector Search and RAG for Developers
Recording pending
Beyond Buzzwords: Practical Vector Search and RAG for Developers
Workshop
Shivay Lamba
Shivay Lamba
In this workshop we'll dive deep into integrating vector search into your applications. Over the course of this workshop, you'll not only grasp the core principles behind vector search but also cut through the buzzwords to understand its practical applications. We'll explore when vector search is the right tool for the job—and when it's not—so you can make informed decisions in your projects.By the end of the workshop, you'll have hands-on experience as we build a fully functioning application together, leveraging vector search to elevate the user experience. We'll also cover how to effectively test and optimize your implementation to ensure it meets real-world demands. Whether you're new to the concept or looking to refine your skills, this workshop will equip you with the knowledge and tools to integrate vector search confidently into your development workflow.Key takeaways:- Cut through the buzz and understand vector search's real-world applications to make informed choices in your projects.- Gain hands-on experience building an application with vector search to enhance user experience practically.- Learn best practices for testing and optimizing vector search implementations for robust, real-world performance.
Building a RAG System in Node.js: Vector Databases, Embeddings & Chunking
Recording pending
Building a RAG System in Node.js: Vector Databases, Embeddings & Chunking
Workshop
Alex Korzhikov
Pavlik Kiselev
2 authors
Large Language Models (LLMs) are powerful, but they often lack real-time knowledge. Retrieval-Augmented Generation (RAG) bridges this gap by fetching relevant information from external sources before generating responses. In this workshop, we’ll explore how to build an efficient RAG pipeline in Node.js using RSS feeds as a data source. We’ll compare different vector databases (FAISS, pgvector, Elasticsearch), embedding methods, and testing strategies. We’ll also cover the crucial role of chunking—splitting and structuring data effectively for better retrieval performance.Prerequisites- Good understanding of JavaScript or TypeScript- Experience with Node.js and API development- Basic knowledge of databases and LLMs is helpful but not required
Agenda📢 Introduction to RAG💻 Demo - Example Application (RAG with RSS Feeds)📕 Vector Databases (FAISS, pgvector, Elasticsearch) & Embeddings🛠️ Chunking Strategies for Better Retrieval🔬 Testing & Evaluating RAG Pipelines (Precision, Recall, Performance)🏊‍♀️ Performance & Optimization Considerations🥟 Summary & Q&A
SQLite in Node.js From Inside Out
Recording pending
SQLite in Node.js From Inside Out
Workshop
Edy Silva
Edy Silva
SQLite is having its Renaissance. It's being used in many projects and companies. Bun runtime has its implementation of sqlite, Turso is a product on top of SQLite, and the Ruby on Rails framework dropped all its dependency on Redis in favor o SQLite for things like Caching and Queues.Node.js version 22.5.0 introduced the `node:sqlite` module. It's an experimental module that allows you to use SQLite in a very Node.js way, without any external dependency.In this workshop, you will learn how to use SQLite in Node.js. We will explore the current `node:sqlite` features and how to use them. We will also explore the future of SQLite in Node.js.