Remote
In-person

Schedule

The time below is shown in EST, the local time zone of New York
2025-11-17T13:00:00.000Z
2025-11-17T14:00:00.000Z
2025-11-17T15:00:00.000Z
2025-11-17T16:00:00.000Z
2025-11-17T17:00:00.000Z
2025-11-17T18:00:00.000Z
2025-11-17T19:00:00.000Z
2025-11-17T20:00:00.000Z
2025-11-17T21:00:00.000Z
Community Track
2025-11-17T13:00:00.000Z
Registration
2025-11-17T14:15:00.000Z
Opening Ceremony
2025-11-17T14:40:00.000Z
The Human 30%: Thriving as a Developer in the Age of AI Coding Assistants
Addy Osmani
Google
As AI coding assistants like Cursor, Jules, Cline and Copilot revolutionize software development, a new reality emerges: while these tools excel at generating boilerplate and routine functions-roughly 70% of coding work-they struggle with the crucial final 30% that transforms a basic solution into production-ready software. This talk explores how developers can adapt to this paradigm shift by strategically embracing AI for what it does best while doubling down on uniquely human skills. Drawing from industry leaders' insights, we'll examine why AI struggles with essential complexity like system architecture, edge cases, and maintainability, and how developers can position themselves as indispensable collaborators rather than competitors with AI. Whether you're a senior architect seeking to amplify your impact or a junior developer navigating this rapidly evolving landscape, you'll leave with practical strategies to elevate your craft beyond what AI can generate.
2025-11-17T15:00:00.000Z
QnA with Addy Osmani
2025-11-17T15:10:00.000Z
Short break to switch halls
2025-11-17T15:20:00.000Z
Never Worry About CORS Again
Jarred Sumner
Oven
Fixing CORS errors is a frustrating rite of passage for every web developer. Bun's Rendering API makes it trivial to run your frontend and API on the same server, eliminating the entire category of cross-origin errors. Developers no longer need to wrestle with complex server-side headers or proxy requests just to fetch data from a different domain.
2025-11-17T15:40:00.000Z
QnA with Jarred Sumner
2025-11-17T16:00:00.000Z
Beyond Signals: The Next Big Shift in Web Reactivity
Ryan Carniato
Sentry
Signals and fine-grained reactivity have recently become staples in modern JavaScript frameworks. However, 9 years ago, when Ryan Carniato created SolidJS, the blueprint for the modern framework, that was not the case at all. Today more developers use Signals than ever before, but we are only at the beginning of the journey. Join Ryan as he looks to the future of fine-grained reactivity, web development, and explores what lies beyond Signals.
2025-11-17T16:20:00.000Z
QnA with Ryan Carniato
2025-11-17T16:30:00.000Z
Coffee Break
2025-11-17T16:50:00.000Z
Compilers, User Interfaces & the Rest of Us
Matheus Albuquerque
Medallia
Compilers have long been seen as one of the most complex topics in computer science. Nowadays, web frameworks are evolving from runtime libraries into optimizing compilers and reshaping how we build user interfaces. Different topics in front-end development—e.g., reactive programming—are now experiencing this era fueled by static-analysis-driven insights.This talk will explore how modern UI compilers are redefining performance and developer experience. We’ll discuss how some compilers are designed and different open-source solutions — including the React Compiler, Million.js, Svelte, and Marko, as well as enterprise apps, and the growing role of compilers in automating things.By the end of the session, you'll probably be optimistic about a future where compilers understand our entire code and offload a huge part of our mental burden related to manual tasks!
2025-11-17T17:10:00.000Z
QnA with Matheus Albuquerque
2025-11-17T18:00:00.000Z
Lunch
2025-11-17T18:50:00.000Z
Weaponizing LLMs to Hack JavaScript AI Applications
Liran Tal
Snyk
Developers have gone full-steam from traditional programming to AI code assistants and vibe coding but where does that leave application security? What are the risks of LLMs introducing insecure code and AI applications manipulated through prompt engineering to bypass security controls?In a series of real-world application hacking demos I’ll demonstrate how developers mistakenly trust LLMs in generative AI code assistants that introduce insecure code and result in vulnerable applications that attackers easily exploit against you. We don’t stop here. We’ll apply adversarial attacks on neural networks in the form of prompt injection payloads to compromise LLMs integrated into AI application workflows and weaponize them for SQL injection and other business logic bypass.Join me in this session where you’ll learn how security vulnerabilities such as path traversal, prototype pollution, sql injection and other AI security risks are impacting LLMs and how to leverage AI security guardrails to secure GenAI code.
2025-11-17T19:10:00.000Z
QnA with Liran Tal
2025-11-17T19:30:00.000Z
Lightning Talks
A JS Dev's Guide to Not Dismissing Blockchain — Brian Whippo
Backend-for-Frontend Auth: The Secure JS App Architecture — Kim Maida
Get Set Up for Performance Testing With DevTools — Nishu Goel
2025-11-17T20:00:00.000Z
Coffee Break
2025-11-17T20:20:00.000Z
Demystifying npm: What Actually Happens When You Install and Publish
Karen Li
GitHub
npm powers the JavaScript ecosystem, but many developers still treat it as a black box.This talk aims to demystify core npm workflows and give developers with various levels of experience a clearer mental model of how npm works behind the scenes. With the rise of AI-assisted coding, many engineers are shipping code that depends on npm without deeply understanding it. Meanwhile, seasoned developers often struggle with subtleties around publishing, dependency resolution, and security.This talk clarifies the install and publish lifecycle, surfaces modern best practices, and offers decision-making tools that help developers avoid surprises and regain control over their tooling.
2025-11-17T20:20:00.000Z
QnA with Karen Li
2025-11-17T20:40:00.000Z
QnA with Karen Li
2025-11-17T21:00:00.000Z
Fast and Furious 2025
Scott Tolinski
Co-host of Syntax.fm
Things are evolving constantly and it's hard to know what's worth your time. As someone who learns and teaches for a living, Scott explores the web platform and what really matters.
2025-11-17T21:20:00.000Z
QnA with Scott Tolinski
2025-11-17T21:30:00.000Z
Closing Ceremony
Residents Track
2025-11-17T15:20:00.000Z
Rethinking Bundling: Why You Don’t Need Less JavaScript
Daniel Roe
Nuxt
JavaScript represents a big part of page weight - and optimising for performance often requires trimming or optimising the bundle - albeit imperfectly. At the same time, bundlers have never been more important in full-stack JS frameworks. In this session we’ll be rethinking how bundlers can optimise JS, if we let go of some of our previous assumptions about what bundling means.
2025-11-17T15:40:00.000Z
QnA with Daniel Roe
2025-11-17T16:30:00.000Z
Coffee Break
2025-11-17T16:50:00.000Z
Lessons from Building Enterprise Remote MCP Server?
Hemanth HM
PayPal
This talk shares real-world lessons from building and operating remote MCP (Model Context Protocol) server. It covers the architectural decisions, technical challenges, and practical insights that came from enabling scalable, context-aware model execution in one of the world’s largest payment platforms.
2025-11-17T17:10:00.000Z
QnA with Hemanth HM
2025-11-17T17:30:00.000Z
TypeScript on the GPU – Bridging the Gap Between Realms
Iwo Plaza
Software Mansion
Join me for a technical deep-dive on TypeGPU which, among other things, allows your WebGPU shader to be made up of JavaScript either partially or entirely. This means a library can be written fully in WebGPU Shading Language, yet accept a JS callback that gets compiled and injected into the shader code. Improving APIs by going past just tweaking knobs and parameters.In my talk, I’ll be touching upon how we offload most of this work to a build-step while still supporting dynamic scenarios, how we mitigate the differences between JavaScript and WebGPU Shading Language, and how we leverage existing tooling like the TypeScript language server to make CPU and GPU code connect seamlessly through types.
2025-11-17T17:50:00.000Z
QnA with Iwo Plaza
2025-11-17T18:00:00.000Z
Lunch
2025-11-17T18:50:00.000Z
The Web Can Be Weird
Elian Van Cutsem
React Bricks
The web is capable of way more than we might think. During this talk, we'll explore some lesser known parts of the web. Did you know you can control the web via webHID or send and receive notes to devices via webMIDI? In this interactive talk we might make some music together, by controlling synthesisers and exploring the wide range of strange web API's.
2025-11-17T19:10:00.000Z
QnA with Elian Van Cutsem
2025-11-17T19:30:00.000Z
Meta Framework for Kubernetes: TypeScript Meets Cluster Control
Casey Wylie
Defense Unicorns
Kubernetes doesn’t have to be hard. In this talk, we’ll explore kubernetes-fluent-client, a TypeScript-based meta framework that makes working with the Kubernetes API intuitive even if you’ve never touched client-go. From building controllers to managing subresources like logs, scale, and proxy, this talk dives into how the fluent client simplifies cluster interaction through a clear, expressive API, server-side apply, and custom informers. Whether you’re writing automation or full-blown operators, you’ll walk away ready to build Kubernetes-native applications faster and with less boilerplate.
2025-11-17T19:50:00.000Z
QnA with Casey Wylie