Notes from Nodevember 2015

notes.md

#Nodevember Nodes

Yahuda Keynote

• basically a ember 101 walk-thru
• fastboot early 2016 inc client-side re-hydration

Elijah Manor - Code Smells

• switch statement --> strategy pattern
• eslint allows custom plugins
• enable/disabled rules @ file level, or block
• fn(){}.bind(context) vs let self = this;
• forEach(fn(){}, context)
• fat arrow
• eslint-plugin-ember
• http://bit.ly/js-smells

Random Things

• node upgrade-ready checks if a project & deps can be upgraded to 4.x
• opbeat
• node-graph visualization between map services + datasets

Large Apis with Hapi :: @dschenkelman / Auth0

• validation all the things: then you know all errors are yours not bad data
• json-schema and ratify library
• api errors should be designed for developers z-schema-errors
• auto generate docs - use swagger or whatever for ui.
• jwt - all the auth things, w fine-grained access Auth0 docs - jwt.io
• rate-limiting - limitd server out front, as a token-bucket system
• http://dschenkelman.github.io/2015/03/12/patova-simple-throttling-for-hapi-js/
• zach - how github moves fast and breaks nothing
• feature-changes
• slides api-secrets-talk @ his gh repo

Microservices Hapi + Redis :: @jeffbski

• http://codewinds.com/nc2015
• database/datastore per-service model
• swappable services as system components
• http or messaging protocols to communicate
• system can withstand partial failures
• but! Need a few things
  • automated deploy
  • good cross-service logging
  • version management
  • service registry (?)
• redis has durability settings (how often it should sync to disk)
• ioredis supports pipelining natively
• brpoplpush - blocking pull off one list add to another list and return the value
• h2o2 proxy could act as a gateway
  • can also wrap a set of microservice calls on the backend

Electron :: @reverentgeek / David Neal

• why - same code on web and desktop and ios and android
  • simple install - it all packs up vs having any deps
  • no licensing cost @ dev or deploy
  • offline, local hardware, on-premise requirements
  • edit/access local files
  • kiosk apps
  • app stores
• update checking
• modules for having a native ui, and tighter OS integration (print menu etc)
• Electron Apps
  • slack client is electron
  • visual studio code
  • wagon - sql editor ui
  • speak - video conf w/ webrtc
  • jibo home robot thing
• npm i electron-prebuilt
• from the js code in the page, you can call directly to node
  • i.e. process.versions['electron'] in a script tag
  • full access to local machine fs
  • window.openDevTools({detach: true});
• add native menu items
• power monitoring
• tray notifications & icons
• clipboard
• crash reporter
• get number of screens, screen sizes, all sorts of display events
• shell access as well
• electron-mocha - provides access to node things that would not normally be accessible in your js code
• awesome-electron repo has lots of examples and resources

Hapi + Seneca :: @geek

• npm i nodevember-2015
• @geek / Wyatt Pruel / hapi maintainer
• Senseca
• Hapi plugin chairo brings seneca into hapi
• hapi-plugin:
  • mount a route in a hapi server
  • module === npm shareable
• Seneca
  • anything can be async
• Chairo
  • adds a seneca intance to request
• example code w/ docker stuff is in repo
• Really weak talk; 15min?

Derick Bailey - Messaging

• good talk - focused on the "why" less than details of how
• message patterns are everywhere - because they work
• nodevember - 20% off hist RabbitMQ content

Hardware :: Stacey Mulcahy

• IoT: Stuff & Thinks talking to webz
• analytics --> $$ for large-scale data streaming
• particle photon - wifi enabled - web ide
• tessle - aimed at js devs
• neopixels - addressable leds
• tweetheart - http://thebitchwhocodes.com/2014/12/22/pixelbeat-a-neopixel-heart-that-is-twitter-sensitive-iot/
• adafruit.com, sparkfun.com, make.com,
• parts: digikey.com,

Testing w Cypress.io :: Brian Mann

• product pitch
• replacement for selenium
• free from OSS projects
• cypress.io - signed up for early adopter

Rebooting to Javascript :: Aimee Knight

• check out nashville code school as recruiting target - 6mo intensive program
• codenewbie podcast
• for juniors
  • code reviews
  • mentoring
  • training
• "Practice Makes Permanent"
  • if you do sloppy things, that's how it will stay

SOA / Microservices at NPM :: Laurie Voss

• failure independent components
  • if failures cause cascades, your system is not independant -once you have actual independence,
  • scale independently
• 'tunable redundancy'
  • save energy/resources by deciding which parts need max redundancy
• uses less total resources === cheaper
• "boxes and arrows" level understanding is good-enough for most on the team
• allows smaller teams, focused on a service, reduces communication vectors
• having "hard-gaps" between services avoids code that falls into the "soft-gaps" in a monolith
• teams w/ strong ownership write better code
• failure-math: by spreading out the system, you may rarely be totally down, but you will likely be partially down
• everything needs to be redundant
  • thus automation MUST be simple
  • they use ansible, moving to terraform
  • the services are simple, but deployment complexity ^^
  • data isolation decisions can be complex
• shared logic
  • package management ftw-
• SOA's are good for v2 of a system
  • thus - we are in about the right place to start on this
  • esp. w the new functionality we are coming in
• why node:
  • perfrect for this - culture of small simple modules
  • good for io apps (aka web services)
  • node module loader & npm
  • npm will soon have orgs w/ fine grained control
  • npm on-site
• adding subdomains to npm to create "Ecosystems"
  • i.e. gulp, grunt, etc
• the use etc.d to manage configs
  • when a machine boots, it picks up it's config
  • they DO NOT push updates to individual servers (can cause cascade problems if bad config)
• this was a good talk, and good conversations afterword.

Static Sites :: Robert Pierce :: rpearce

• pretty sweet prject - npm i react-static

Node Security :: Adam Baldwin

• node security project
• npm package that will check all modules in a project for security bulletins

Project Seif :: Crockford

• Ambitious ideas about how to fix the funamental flaws in the curent web
• rebuild a new web based on security first
• new plugin to enable this new web to be parallel to current web
• WAT.
• dev't done using stripped down node + Qt as UI layer
• all urls are // 501 bit public key : hashed ipv6 address / hash-of-resource-requested
• WAT.
• Your devices 'know' your 501 bit private key (don't lose your device!)
• have to move your key onto a device using a non-network means
• keep keys on usb in a security deposit box at a bank you trust
• In general - WAT.