Have a look at our selection of the finest JavaScript meetup videos from September 2020.
Building a Slack clone using Supabase
Supabase is a Singapore based, Y Combinator backed startup, building the open source Firebase alternative. Supabase adds realtime and restful APIs to your Postgres database without a single line of code.
This will be a quick demo on how to get started with Supabase.io as your data and authentication backend when building Jamstack apps as well as a quick look at how you can contribute to the Supabase project during Hacktoberfest.
A Neural Network Language Model-Guided JavaScript Engine Fuzzer
JavaScript (JS) engine vulnerabilities pose significant security threats affecting billions of web browsers. While fuzzing is a prevalent technique for finding such vulnerabilities, there have been few studies that leverage the recent advances in neural network language models (NNLMs). In this paper, we present Montage, the first NNLM-guided fuzzer for finding JS engine vulnerabilities. The key aspect of our technique is to transform a JS abstract syntax tree (AST) into a sequence of AST subtrees that can directly train prevailing NNLMs. We demonstrate that Montage is capable of generating valid JS tests, and show that it outperforms previous studies in terms of finding vulnerabilities. Montage found 37 real-world bugs, including three CVEs, in the latest JS engines, demonstrating its efficacy in finding JS engine bugs.
You Don’t Need All That JavaScript
JavaScript is your behaviour layer; the way to add interactivity to your sites, to provide a slick and delightful user experience, to make everything fast and easy and clean. But at some point everything changed: the tail started to wag the dog instead and development became Javascript-first.
We’ll talk about how you maybe shouldn’t rely on JS as much as you’re told to, and some practical strategies for how to build sites without reaching for a JS framework as first, last, and only tool for making the web happen.
What will the audience learn from this talk?
How to build sites without necessarily reaching for a framework, how that’s what the frameworks encourage, how everyone is already thinking the same as you, and a bit about <portal>
Does it feature code examples and/or live coding?
No live coding. There are some code examples but only in passing
2nd Generation JavaScript Frameworks & Libraries
An overview of an interesting new development over the past years. Many vendors, large and small, have been making their JavaScript-based technology stacks available on GitHub. What does that mean and how to evaluate this development? Find out in this session, which includes small code demos and tips and tricks. Did you know that over the past few years, large enterprises have been developing and open sourcing their JavaScript technology stacks? On GitHub, you’ll find solutions by ING, Uber, PayPal, the Financial Times, Oracle, Microsoft, and many others. Some of these are software vendors, while others are in a variety of other industries. Each of them start from open source frameworks and libraries and all of them are interested in contributions.
The session, with several live coding scenarios, focuses on something that’s been going on below the surface, mostly unseen. Large enterprises are using open source solutions in the JavaScript ecosystem, developing their own internal tech stacks, and then pushing these stacks out to GitHub.
Let’s explore the advantages of these and see what can be done and how practical these developments are.
Weak JavaScript HTTP 203
Surma and Jake take a look at ‘weak’ JavaScript, specifically WeakMap, WeakSet, and the new and shiny WeakRefs.