Distributing your PWA in the Mobile App Stores

This talk describes the process of developing and distributing your mobile PWA for the Apple App Store and Google Play Store covering both technical requirements, such as creating resources for and building the mobile apps, as well as store guidelines, like user data safety and UX concerns.

Service Discovery with Node.js and Consul

This talk will look at the technologies required to build a system of intercommunicating microservices. We’ll use Node.js for building two separate application tiers. Consul will maintain a registry of service instances, providing their hostnames and ports. Finally, we’ll use HAProxy to route client traffic to web services, dynamically reconfiguring it as instances come and go.

Attendees of this talk will understand how Service Discovery works and why it is needed in a dynamic microservice environment. This presentation includes working code samples and architectural diagrams.

Publishing a Technical Book

There are many ways to publish a technical book: One can self-publish, get approached by a publisher, pitch a new idea, or even send a cold-email to a publisher with a half written book attached. Write alone or with co-authors. Self-edit or have a publisher edit. As someone who's had luck with each approach I'll describe how each approach works.

We'll also look at the submission process and the questionnaires used by popular publishers—questions applicable even to the aspiring self-publisher! Next we'll look at the writing process, the importance of schedules, and writing a compelling Table of Contents. Finally we'll cover editing, technical review, forewords, testimonials, and the joys of marketing.

Thomas has published 5 books, the last two with O'Reilly.

Real World Attacks in the npm Ecosystem

In this talk we will examine some practical attacks against the npm package ecosystem. We will look at both theoretical attacks as well as attacks which have already happened.

The most recently publicized attack we’ll look at is the `event-stream` module. This will include a breakdown of functionality, why it was difficult to find, and why a static analysis tool will not protect from such an attack. We’ll also look at some other intentionally malicious modules like `getcookies` which have also been published.

We’ll also look at some theoretical attacks and incorporate research done by @ChALkeR and npm.

Content is based on these two posts of mine:
[The Dangers of Malicious Modules](https://medium.com/intrinsic/common-node-js-attack-vectors-the-dangers-of-malicious-modules-863ae949e7e8)
[Compromised npm Package: event-stream](https://medium.com/intrinsic/compromised-npm-package-event-stream-d47d08605502)

Observing Node.js Services

Logging, Metrics, and Distributed Tracing are three vital tools for observing Node.js services. In this talk we’ll consider the different scenarios in which each tool thrives, look at dashboards and visualizations, and even examine the code required to instrument these tools in a Node.js service.

Distributed Primitives

There are many simple data structures which are quite easy to implement within a single-threaded JavaScript program. However, how do you safely model such concepts as ID generation, counters, and list within a distributed environment?

In this talk we'll consider ways to leverage other services--such as Redis and ZooKeeper--to safely manage state in a distributed and highly available manner.

Advanced JavaScript Objects

In this talk we'll take a look at some advanced features in the JavaScript language, specifically features which have to do with objects and their properties. First we'll cover Property Descriptors which includes such descriptors as Enumerable, Configurable, and Writable. Under this same umbrella are Getter and Setter descriptors which trigger function calls. Finally we'll look at Proxies and their Traps, which are functions that are called when an object is used in a particular way (such as For/Of loops or reading the objects keys).