Everything You Always Wanted to Know About Programming* (*but Were Afraid to Ask) en

Ever wondered what really happens when you hit "run" on your code? Let's take a closer look at how computers understand and execute instructions!

We'll explore the architecture of the CPU, why compilers are crucial, and what it means when we say "the computer speaks in binary." We'll also demystify terms like machine code, assembly language, and higher-level programming languages.

By the end of this talk, you'll have a better understanding of what really happens under the hood when you write and run code, and why it's important for programmers to understand these foundational concepts.

Server Components are React's superweapon in the Stack Wars: Can PHP strike back? en it

In this talk, we're going to have a little fun with the React community by revealing a secret: React has always had a plan to eliminate PHP from the world, and now we see the final superweapon! We'll dive into the world of React Server Components, exploring their origins, their impact on web development, and the obvious similarities between this (relatively) new pattern and PHP.

Through a technical exploration, we'll compare and contrast approaches to rendering, data handling, and more. We'll attempt to demystify hydration, server-side rendering, and bundling, and provide a comprehensive overview of these key concepts in web development.

We'll also reveal the fierce resistance of a group of veteran PHP developers nostalgic for the Empire who are standing up to the React Republic!

This talk aims to be an educational journey through one of the newest React patterns, revealing its similarities to one of the oldest languages on the web.

I Server Components sono la superarma di React nella Stack Wars: ma PHP può colpire ancora? en it

In questo talk, prenderemo un po' in giro la community di React rivelando un segretissimo: React aveva un piano per eliminare PHP fin dall'inizio, e ora abbiamo scoperto la superarma finale! Affronteremo il mondo dei React Server Components, esplorando le loro origini, il loro impatto sullo sviluppo web e le ovvie somiglianze tra questo (relativamente) nuovo pattern e PHP.

In particolare, confronteremo e contrapporremo gli approcci al rendering, alla gestione dei dati e altro ancora. Cercheremo di semplificare il concetto di hydration, rendering lato server e bundling e forniremo una panoramica su questi concetti chiave dello sviluppo web.

Scopriremo anche la feroce resistenza di un gruppo di sviluppatori PHP veterani, nostalgici dell'Impero, che si oppongono alla Repubblica di React!

Questo talk vuole essere un viaggio formativo e un po' giocoso attraverso uno dei più recenti pattern del mondo React, svelandone le somiglianze con uno dei più antichi (e bistrattati) linguaggi del web.

JavaScript and Node.js Security: How Are We Doing? en it

During this presentation, we will analyze the current state of security in the JavaScript and Node.js ecosystem. We will cover a range of topics, including common vulnerabilities, attack vectors, mitigation strategies, security tools and frameworks, and best practices. Additionally, we will discuss the role of OpenSSF, a collaborative initiative that aims to enhance the security of open source software. Node.js has been selected as the first project to receive funding and assistance from its Alpha-Omega initiative, which strives to improve the security of critical open source projects. By the end of this talk, you will have a clearer understanding of the current state of security in JavaScript and how we can improve our security practices.

Security in JavaScript e Node.js: come siamo messi? en it

Durante questa presentazione analizzeremo lo stato attuale della sicurezza nell'ecosistema JavaScript e Node.js. Tratteremo una serie di argomenti, tra cui le vulnerabilità più comuni, i vettori di attacco, le strategie di mitigazione, gli strumenti e i framework di sicurezza e le best practice. Inoltre, discuteremo il ruolo di OpenSSF, un'iniziativa collaborativa che mira a migliorare la sicurezza del software open source. Node.js è stato selezionato come il primo progetto a ricevere finanziamenti e assistenza dall'iniziativa Alpha-Omega, che mira a migliorare la sicurezza dei progetti open source critici. Alla fine di questo intervento, avrete una comprensione più chiara dello stato attuale della sicurezza in JavaScript e di come possiamo migliorare le nostre pratiche di sicurezza.

You don't have to contribute to Open Source en

There are amazing programmers out there who have zero commits to public GitHub repos, yet they work with open source projects every day. Sometimes focusing on work or perhaps a busy personal life makes it difficult to find time to contribute, and that’s not a problem, it shouldn’t make us feel guilty.
Helping a colleague use a technology, making it more accessible by spreading it among your peers, are examples of activities that truly benefit the entire ecosystem but do not entitle you to a badge.

If you really want to contribute to open source, you should first learn what Open Source really means, and then I can share some tips of how to effectively contribute.

But you don't have to. In this talk I will try to explain to you why.

Backstage: Platform Engineering Revolution powered by Open Source en

Backstage is an open-source platform that builds developer portals, streamlining and simplifying cloud-native development. It allows you to create a centralized software catalog that integrates with your existing tools and services, like repositories, CI/CD, monitoring, and more. Moreover, Backstage offers a versatile range of features and plugins that enable you to standardize, automate, and accelerate your development workflows, from code to production.
In this presentation, I’ll introduce the Backstage project and its advantages for platform engineering. I’ll demonstrate the installation and configuration of Backstage in your infrastructure, as well as the catalog’s addition and management of your software components, and the creation and documentation of your projects using Backstage software templates and tech docs. I will also show how you can expand Backstage with custom plugins, and install the ones provided by the community. By the end of this presentation, you will understand how Backstage can transform your platform engineering, enhancing productivity and promoting collaboration within your team!

The Origins of Modern Computing: The Story of John Von Neumann and Alan Turing en

We will delve into the fascinating history of two of the most important figures in the development of modern computing. We will explore the lives and work of John Von Neumann and Alan Turing, and examine how their pioneering contributions helped shape the field of computer science. From Von Neumann's groundbreaking work on the architecture of the modern computer, to Turing's foundational work in the areas of cryptography and artificial intelligence, this talk will provide a comprehensive overview of the early days of computing, and the visionary thinkers who helped bring it to life. Whether you're a computer scientist or simply interested in the history of technology, this talk is sure to leave you with a deeper appreciation for the groundbreaking work of these two remarkable individuals.

WebAssembly: The Next Frontier of Cloud Computing en it

In this talk, we will explore how WebAssembly (Wasm) is poised to become a major player in the future of cloud computing. Wasm is a binary format that can be compiled from many different languages and run on a variety of operating systems and architectures. Its near-native performance, portability, and security make it an ideal solution for addressing the challenges of distributed application development, deployment, and maintenance.

One of the fastest-growing Cloud Native trends is the adoption of Wasm, with projects such as Docker+Wasm (now in Beta) launched with a partnership between Docker and the CNCF’s Wasm runtime WasmEdge. Wasm's efficiency and speed make it ideal for on-demand scaling, while its sandboxed environment and deny-by-default approach to granting access to capabilities provide enhanced safety and security.

In this talk, we will delve into the key value propositions offered by Wasm and how it can help address the challenges posed by CPU diversity, multiple operating environments, security concerns, distributed application architecture, and scalability.

The talk will start with an introduction to WebAssembly and its relevance to cloud computing. I will discuss the growing adoption of Wasm in the cloud native community and the partnership between Docker and the CNCF’s Wasm runtime WasmEdge. I will delve into the key benefits offered by Wasm and provide examples of how it is being used in the cloud native space. Finally, I will summarize the main points of the talk and provide some final thoughts on the future of Wasm in cloud computing.

“Any application that can be written in JavaScript, will eventually be written in JavaScript.”

WebAssembly: The Next Frontier of Cloud Computing en it

In questo talk, esploreremo come WebAssembly (Wasm) sia destinato a diventare un protagonista importante nel futuro del cloud computing. Wasm è un formato binario che può essere compilato da molti linguaggi di programmazioni diversi ed eseguito su una varietà di sistemi operativi e architetture. Le sue prestazioni quasi native, la portabilità e la sicurezza lo rendono una soluzione ideale per affrontare le sfide dello sviluppo, del deployment e della manutenzione di applicazioni distribuite.

Una delle tendenze Cloud Native in più rapida crescita è l’adozione di Wasm, con progetti come Docker+Wasm (ora in Beta) lanciati con una partnership tra Docker e il runtime Wasm del CNCF, WasmEdge. L’efficienza e la velocità di Wasm lo rendono ideale per lo scaling on-demand, mentre il suo ambiente sandboxed e l’approccio deny-by-default all’accesso alle funzionalità offrono una maggiore sicurezza.

In questo talk, approfondiremo le key features offerte da Wasm e come può aiutare a risolvere le sfide poste dalle diverse CPU, dai diversi ambienti operativi, le preoccupazioni per la sicurezza, l’architettura delle applicazioni distribuite e la scalabilità.

Il talk inizierà con un’introduzione su WebAssembly e la sua rilevanza per il cloud computing. Discuterò della crescente adozione di Wasm nella comunità cloud native e della partnership tra Docker e il runtime Wasm del CNCF, WasmEdge. Approfondirò i principali vantaggi offerti da Wasm e fornirò esempi di come viene utilizzato nello spazio cloud native. Infine, riassumerò i punti principali del discorso e fornirò alcune riflessioni finali sul futuro di Wasm nel cloud computing.

“Any application that can be written in JavaScript, will eventually be written in JavaScript.”

The perfect CI/CD React Native pipeline with Fastlane en

React Native is a powerful framework for building mobile, desktop and even web applications, and with its CLI you can run a development version of a mobile app in an emulator or connected physical device almost with zero conf. Unfortunately, when you want to build and deploy for production, deal with code signing, certificates and keys, and share the development process across your team, it doesn’t offer a solution out of the box, and you still need to use platform-specific IDEs like Xcode and Android Studio.

But there’s an open source tool that fills this gap and provides a complete automation for the whole process, starting from the development build to the signed production bundle: Fastlane.

In this talk I will show you our Fastlane setup that lets us operate on cross-platform React Native projects as a team, integrate the CI/CD with GitHub Actions, and do almost everything from the CLI.

Software Supply Chain Security: A Primer en

During this presentation we will look at the current state of software supply chain security. We will try to understand what SSC is using a very simple metaphor to help envision the most concrete risks. We will cover a range of topics, including common vulnerabilities, attack vectors, mitigation strategies, security tools and frameworks, and best practices. In addition and most importantly we will discuss the role of OpenSSF, a collaborative initiative that aims to improve the security of open source software through advocacy, best practices, and tools.

By the end of this talk, you will have a clearer understanding of the current state of software supply chain security and how we can concretely improve our practices.