Chris DeMars
Senior Developer Advocate at TuxCare
Detroit, Michigan, United States
Actions
Chris DeMars is a Senior Developer Advocate with over 20 years of technical experience. He speaks all over the world on web accessibility, feature flags, A/B testing, and CSS. For his community contributions, he holds awards as a Progress Champion and former Microsoft MVP, Google Developer Expert, Cloudinary Media Developer Expert, and Auth0 Ambassador. When he is not working on making the web great and accessible you can find him fishing, on the paintball field, rating Detroit Style pizza, and looking for UFO's.
Badges
Area of Expertise
Topics
The node_modules Iceberg: Mysteries Below the Waterline
What lurks below the tip of the iceberg? Well, if you look at it from the aspect of web and software it is our best friend, the node_modules. Have you ever jumped into your node_modules and looked around to see what the various packages of your packages are? Chances are, no. We don't have time for that...but we should! Let's dive in to the world of transitive dependencies and break down what they are. In this session you will learn what transitive dependencies are, how to list them, the risks they bring, and how to integrate TuxCare's ELS solution to fix them.
Possessed by Packages: Is Your JavaScript Haunted?
Is your app behaving strangely? Random network calls? Unexpected behavior? It might not be a bug, it might be possessed. In this spooky session, we’ll explore how malicious packages sneak into your codebase like ghosts through an open portal. You’ll learn how typo-squatting, dependency confusion, and supply chain attacks haunt the JavaScript ecosystem, and how to perform a proper exorcism. We’ll go beyond npm audit and explore tools and habits to stop the haunt before it begins. Leave this talk with a toolkit that wards off evil; digital and otherwise.
Know Your JS: SBOMs for Frontend Devs
Ever wonder what’s lurking in the dark corners of your node_modules, like unidentified flying dependencies sneaking aboard your project? In an age of escalating software supply chain attacks, knowing exactly what you're shipping is as vital as tracking strange lights in the sky. This talk will shine a beam on SBOMs (Software Bills of Materials), explaining why frontend developers should care and how to generate one using tools like CycloneDX and Syft. You’ll leave with the skills to map your entire dependency galaxy. No security clearance required, just your JavaScript and an explorer’s mindset.
Ghosts in the Machine: Tampering with the JavaScript Supply Chain
What if the code you’re shipping isn’t yours anymore? The scariest JavaScript bugs don’t always come from your team, they come from open-source packages that have been possessed. This talk digs deep into the dark world of supply chain tampering: what it looks like, how it happens, and what modern devs can do to protect themselves. We’ll talk tamper detection, package provenance, lockfile integrity, and even how to set up GitHub Actions to ward off malevolent merges. Come for the security, stay for the stories of cursed commits.
Close Encounters of the Data Kind: Exploring UFO Sightings with MongoDB and NextJS
Have you ever rewatched a shaky video over and over trying to tell if something was a UFO? Me too, but what if I told you there's a data driven way to get to the bottom of it all? In this session we will cover the process of storing UFO sightings in MongoDB, building a sleek and interactive user interface with NextJS, and deploying the app to the cloud. Discover how these technologies make UFO data easily accessible and analyzable, enhancing our understanding of close encounters.
CodeMash 2026 Sessionize Event Upcoming
Midwest Tech Conference Sessionize Event Upcoming
Atlanta Developers' Conference 2025 Sessionize Event
Devnexus 2025 Sessionize Event
NDC London 2025 Sessionize Event
CodeMash 2025 Sessionize Event
Chris DeMars
Senior Developer Advocate at TuxCare
Detroit, Michigan, United States
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top