Node Congress 2025

In modern software development, architecture is more than just selecting the right tech stack; it involves decision-making, trade-offs, and considering the context of the business and organization. Understanding the problem space and focusing on users' needs are essential. Architectural flexibility is key, adapting the level of granularity and choosing between different approaches. Holistic thinking, long-term vision, and domain understanding are crucial for making better decisions. Effective communication, inclusion, and documentation are core skills for architects. Democratizing communication, prioritizing value, and embracing adaptive architectures are key to success.

Today's Talk is about making Hono work on Node.js. Hono is a backend for web frameworks that supports TypeScript. It started as a Cloudflare workers framework and now supports multiple runtimes. The Node.js adapter allows Hono applications to run in Node.js by converting Node.js APIs into web standard APIs. Benchmark tests show that Hono is faster than Express but slower in some core areas. The Node.js adapter has been widely used and has undergone performance improvements. Overall, adding Node.js support to Hono has been successful in reaching more users and improving quality.

Hello, everyone. Welcome to my talk on running Java in Node.js with WebAssembly. Many organisations have a lot of Java code, and as they adopt newer technologies such as Node.js or CloudFloat workers, maintaining interoperability with this existing code becomes important. WebAssembly is a stack machine-based thing, like the JVM, but with a different instruction set. It improves over Asm.js with a new binary format and supports streaming compilation, SIMD, and 64-bit integers. Compiling Java code to WebAssembly involves converting JVM instructions, handling local slots, recovering if statements, and understanding control flow. Short circuit conditionals and loops are important to consider in the conversion process. Additionally, memory allocation, object creation, and program memory are key concepts. Overall, this talk explores the challenges and techniques involved in running Java in Node.js with WebAssembly.

Today's Talk discusses the integration of TypeScript in Node.js. The path to native TypeScript in Node.js is explored, including the history of user requests for native support. Implementing TypeScript in Node.js poses challenges due to differences in stability guarantees and tool compatibility. TypeStripping is a transpilation-focused implementation that removes non-JavaScript features, making it stable across TypeScript versions. The Amaro package, built on SWC, provides compatibility and speed for type stripping. Experimental Strip Types and Transform Types flags enable erasable TypeScript features. TypeScript has limitations such as namespace and enum support in JavaScript and code migration issues. TypeScript Import Types and Syntax Detection are ongoing developments. Ambiguity in syntax between JavaScript and TypeScript is addressed with an erasable syntax only flag. Future steps include bug fixing, performance improvements, and upcoming Node.js releases.

This talk focuses on the challenges of working with large codebases, such as unclear module boundaries, code repetition, and cluttered flows. Dead code is identified as a major problem that adds clutter and cognitive load to developers. The abstract syntax tree (AST) is introduced as a tool for systematically accessing code. TSmorf is recommended for finding and removing dead code by traversing and manipulating the AST. Cyclic dependencies are discussed as another issue, and MADGE is suggested as a tool for identifying and resolving circular references. Barrel files are presented as a method for organizing code and resolving cyclic references. The process of replacing imports and removing empty calls is explained. The key takeaways include the importance of a good layered architecture, eliminating dead code, breaking cyclic dependencies, and reducing barrel files.

Today's Talk discusses the transformation of performance monitoring with AI in Node.js. AI-powered tools can analyze massive amounts of data and provide actionable insights, making performance debugging faster and more efficient. Traditional profiling techniques are often time-consuming and require deep expertise. AI-powered diagnostics analyze data and provide recommendations for optimizing performance. AI-driven performance analysis correlates performance issues with system metrics and generates code optimization suggestions. Advancements in performance debugging include detecting CPU bottlenecks, memory leaks, and combining multiple data sources for context-aware insights. The AI-powered demo showcases the detection and optimization of performance issues in a Node.js application. Integrating AI-powered performance monitoring is straightforward and requires a mindset of continuous learning and curiosity in performance optimization.

The talk discusses the need to enhance auth security with Pixie Best Practices and the limitations of current standards like OAuth 2 and OpenID Connect. It introduces Pixie as an added layer of security over the authorization code flow and explains how it prevents code injection. Pixie enhances security by connecting client requests with responses from the authorization server, preventing cross-site request forgery attacks. It is recommended for public clients and will be required for all clients in the upcoming OAuth 2.1 spec. The talk also highlights the benefits of Pixie for enhancing security in web apps. Learn more about Pixie and best practices at FusionAuth, where Kim Meida, Senior Director of Developer Relations, provides developer-first auth and auth APIs.

Today's Talk explored combining Node.js and artificial intelligence to build smart applications. Two types of models, closed and open source, were discussed, with closed models accessed via an API and open source models hosted locally or on the cloud. The use of RAC (Retrieve of Method Generation) to enhance models was explained, along with the process of obtaining data and improving retrieval performance. Chunking, embedding, and vector databases were introduced as techniques for organizing and transforming data. The Talk also covered data retrieval using semantic search and the generation of human-readable answers using models. The concept of enhancing models with agents was discussed, focusing on how agents break down complex goals and utilize external functions. The use of tools and the React pattern in implementing agents was highlighted. Lastly, the Talk touched on implementing agent patterns and enhancing LLMs, with demos and code available for further exploration.

I'm going to talk about character encodings, specifically a Node.js bug related to UTF-8. Two popular encodings are UTF8 and UTF16. The bug was discovered in August 2024 and was traced to a specific pull request in the Node.js core repository. The bug is caused by an incorrect implementation of the fast write string method. Lessons learned include the importance of naming conventions and thorough testing beyond coverage analysis.

Thanks for a great talk. I'm Phil Hawksworth, head of developer relations at Deno. I'll be available for Q&A later. Connect with me on social media at philhawksworth. So he took Node and he split it, and he sorted it, and joined it, and Deno was born. But naming things is hard. I've been building for the web for 25 years. Across different places, I've observed that web developers tend to follow trends over the years. JavaScript has become ubiquitous, powering the web from the front end to the server and beyond. Node.js has played a significant role in bringing JavaScript into the mainstream, increasing its resilience. The natural evolution of JavaScript is exciting, with new tools emerging. Personally, I'm cautious about adopting new tools, but I stumbled upon Deno while building edge functions on Netlify. It is powered by Deno under the hood and resembles JavaScript. I was writing functions in JavaScript and TypeScript without realizing that Deno was powering them under the hood. I got excited about using a site generator called Loom, which led me to discover Deno. Installing Deno and running its commands got me started. Deno is an open source JavaScript, TypeScript, and WebAssembly runtime with secure defaults. It's built on V8, Rust, and Tokyo and offers a JavaScript runtime, TypeScript toolchain, package manager, and task runner. Deno is a tool that encompasses various functionalities, including testing, linting, formatting, benchmarking, and compiling. Its API is based on web standards, making it familiar to web developers. Enabling Deno in your IDE provides insights into your code and hinting across the Deno ecosystem. Deno package management allows you to import packages from the NPM or the node ecosystem to ease the transition. Managing dependencies and updating packages is simplified with Deno. Deno clean purges the cache, allowing gradual repopulation. Tasks in Deno are managed in Deno.json and can be run using the commands run or task. Deno's built-in test framework allows for running tests using the command denotest. Deno includes a built-in TypeScript and JavaScript toolchain, eliminating the need for additional configuration. Deno allows running TypeScript files without the need for compilation. It offers tools for type checking, generating type definitions, formatting code, and linting. Deno simplifies and unifies various tools, making it easier for teams to adopt a consistent toolset. Deno's security model and performance are robust. Explore examples, tutorials, the Deno Discord, Blue Sky updates, and a deep dive video to learn more about Deno. Thank you for your time!

In this Talk, the speaker covers the fundamentals of edge computing, cloud computing, and web assembly. They explore the synergy between WebAssembly (Wasm) and Edge computing and provide a use case demonstrating how Edge utilizes Wasm and edge computing. The evolution of cloud computing to edge computing is discussed, with a focus on adding computing to the CDN layer. The recent developments in compute capabilities on CDN networks, such as edge workers and serverless functions, are highlighted. The potential of WebAssembly for backend development and distributing portable binaries is showcased, along with its support in Node.js. WebAssembly runtimes and their role in enabling quick execution and secure sandboxing at the Edge are discussed. The talk also mentions the ability to perform secure data collection and the announcement of a component registry for WebAssembly components.

Hello, I'm grateful that you chose to watch my talk. Thank you. Last week, I had to run some unit tests while I was coding. Business performance can be awesome. It has very interesting and outstanding features. These test sets are overly complex. It's easy to find yourself troubleshooting for hours. VTest has almost 200 configuration options. By explaining how things work, we can answer questions about using complex third-party runners versus the built-in node.js runner. Understanding better helps avoid pitfalls, troubleshoot faster, and identify opportunities for configuring things better. The CLI layer does validation and hands over to the VTest class. It searches for test files, runs them efficiently using a pool of workers, and ensures isolation to prevent issues with dirty state. VTest uses the piscina library to facilitate work with multiple workers and improve performance. The workers prepare by setting the right globals, initializing snapshots, deciding the test runner file, and starting coverage collection. Each worker executes all the tests in a file and sends an RPC message when done. The decision to reuse or create a fresh worker is determined by the isolate configuration option. Consider spreading tests among more files to fully utilize the machine. Choose between process, thread, or VM as the worker type. In terms of isolation, you can choose between using a process, a thread, or a VM. Process is the heaviest in terms of performance cost, while thread is lighter. VM performance depends on known slower aspects like accessing globals. Process is the classic choice for stability, but thread has limitations and known issues. VM has reporting issues with memory leaks. Benchmark results showed that using multiple processes was 50% better for real-world applications, but for unit tests, one process was ten times faster. Thread was slightly faster than process, and VM was slower. The price of isolation with process worker types was approximately three minutes. Without isolation, the tests lasted only two minutes, much faster, but with a few failures. Threads showed similar results with a few failures. The risk of dealing with testing issues increases without isolation. By default, tests run sequentially inside workers, but you can configure them to run in parallel using the 'concurrent' keyword. However, tests still run sequentially despite specifying 'concurrent'. Concurrency in VTest is based on promises and requires asynchronous work. Unit tests run sequentially and concurrency has no isolation. Mocking in one test affects other tests running simultaneously. In choosing worker configurations, it depends on the context. In-file concurrency is best avoided, and the process worker type is recommended as the default. Isolation is crucial in integration tests but not mandatory in unit tests. Inside the worker, a TypeScript file is handled, and failures can occur when mocking functions. Mocking doesn't work in the worker. The worker handles TypeScript files and transpiles them using Vite server. Vite server replaces imports and hoists the mocking. Vite introduces a new module loader in the runtime. Vite hoisted the mock to the first line in the transform code to make it before the import. Additionally, Vite changes mocks to dynamic imports, ensuring that mocking works. Vite intercepts function calls on the file import level, but cannot intercept calls between functions in the same file. Moving function two to a different file or using an object export can solve this issue. Function one calls function two on the same object context. Use Spy to replace functions inside the object. Vite offers a range of plugins for different functionalities. You can fix import issues by customizing Vite's runtime. The Vite server handles dependency resolution and transformation. Consider using the built-in test runner or mockup for small-scale testing. Gain a better testing experience with Vite's customized runtime.

Hello, welcome to Node Congress 2025. Node is not dead and will remain popular for a long time. Node has a large number of downloads across different platforms. Despite known vulnerabilities, older versions of Node are still widely used. Node.js is an active and thriving project with a strong focus on security. Recent updates have introduced new features and improvements, including ESM support, stable threads, and web platform compatibility. Node is governed by the OpenJS Foundation and maintained by collaborators. Consensus-seeking is important for the project's development. Start contributing and be part of the future of Node.js.

WinterTC is working on standardizing JS runtimes to avoid vendor lock-in and provide a universal API. This involves defining which web APIs should be included, such as URL and WebAssembly. The goal is to create a definitive list of APIs for server-side JS runtimes.

Today we are going to talk about Adonis.js, a full-stack framework for creating web applications or JSON APIs in TypeScript and Node.js. Adonis.js is TypeScript first, embraces Node.js, and is designed for teams and individuals who prefer opinionated frameworks. We are going to build a simplistic version of Product Hunt called OS Hunt in Adonis.js. We will define routes, create a controller, and interact with the database. Adonis.js provides pre-configured tools for handling form submissions and validating user input. User authentication and registration can be implemented without third-party packages. Adonis.js integrates tightly with the Wine validation library and has support for email verification.