Rafael Gonzaga
NodeSource, Principal Open Source Engineer
São Paulo, Brazil
Actions
Rafael is a Principal Open Source Engineer at NodeSource, working full-time on the Node.js runtime as a TSC (Technical Steering Committee) member, especially in the security working group.
He's also the maintainer of popular JavaScript libraries such as Fastify and Clinic.js, and he's specialized in performance enhancements and software architecture optimization
Links
Area of Expertise
Topics
The State of Node.js Security
In "The State of Node.js Security," I will provide an in-depth analysis of the initiatives led by the Node.js Security Team, exploring their significance and the benefits they bring to end-users.
Since 2022, we’ve accomplished a lot of tasks and the goal of this talk is to showcase the concluded initiatives, highlighting the advancements made in fortifying the security of Node.js applications. Furthermore, I'll unveil what you can expect from upcoming releases, offering a glimpse into the future of Node.js security.
From vulnerability management to secure coding practices and beyond, this talk will equip you with valuable insights into the measures taken to enhance protection and ensure a more secure Node.js environment.
The Journey of the Node.js Permission Model
Join me on a journey to explore the creation of the Node.js Permission Model (--experimental-permission). As a Node.js TSC member and chair of the Node.js Security Team, I'll share the challenges, plans, and details of this experimental security feature.
In this talk, I will uncover the motivations behind the Node.js Permission Model and the collaborative efforts that made it a reality. I'll share real-world examples and stories that highlight the obstacles we faced and the creative solutions we found.
Join me on this journey toward a more secure Node.js ecosystem. Whether you're a developer, security enthusiast, or part of the Node.js community, this talk will help you gain insights and contribute to the ongoing evolution of Node.js security.
State of Node.js Performance 2024
Discover the latest updates on Node.js performance in 2024. This talk draws heavy inspiration from my blog post, "State of Node.js Performance 2023," written last year.
This discussion reviews the current state of Node.js performance through various benchmarks, from internal micro-benchmarks to comparisons in libraries commonly used by Node.js developers. All Node.js modules, from async_hooks to the file system, are covered. The talk also examines the most used HTTP frameworks, highlighting the impact of Node.js updates on the throughput and requests per second of your application.
We delve into the approaches used to ensure the accuracy of results, ranging from using a dedicated machine to employing a null hypothesis algorithm for benchmark result confidence calculation. Join me to navigate the currents of Node.js performance, benchmarking, and intriguing initiatives that could influence the course of Node.js development.
Lies, Damn Lies, and Benchmark
Join me for a simplified dive into benchmarks and Node.js! Have you ever wondered about those bold claims stating one thing is better than another? Well, benchmarking, the process of comparing performance, can be quite tricky. It's like navigating through a maze of confusion, complexity, and potential errors.
In this talk, we'll unravel the mysteries of benchmarks, shedding light on why they can be unreliable, confusing, and sometimes just plain wrong. Just like how car brands only highlight stats that make their vehicles seem superior, benchmarks can often be skewed to favour certain outcomes. This talk will explore benchmark methodologies used in Node.js core.
Rafael Gonzaga
NodeSource, Principal Open Source Engineer
São Paulo, Brazil
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top