POPULARITY
2 episodes with laurie voss
2 episodes with laurie voss
2 episodes with laurie voss
2 episodes with laurie voss
2 episodes with laurie voss
2 episodes with laurie voss
2 episodes with laurie voss
In this QUICK episode, we cover "The Great Gaslighting of the JavaScript Era" by Jared White. This article is a series of spicy takes on how Javascript frameworks took over the world of web development, and how it didn't happen by accident. If you're even remotely interested in the state of JS on the web, this one is worth a listen. We attempt to present a modest viewpoint on the proliferation of frameworks but Evan ends up adding a conspiracy theory of his own. We bring in one article in support of frameworks - "The case for frameworks" by Laurie Voss, and two articles that rail against frameworks - "The Market for Lemons" by Alex Russel and "A historical reference of React criticism" by Zach Leatherman. Also, we talk about space solar. Make sure to check out Runtime Rundown to suggest new ideas, comment on episodes, and yell at us about mistakes!
Listen to The Right Track: https://www.heavybit.com/library/podcasts/the-right-track/ep-6-domain-expertise-with-laurie-voss-of-netlify/TranscriptStefania: I wanted to maybe shift a little bit in terms of how the industry is changing before we move on to how you have seen data cultures being built and data trusts being undermined and all those things.Can you talk a little bit about how you see the industry has changed in the past few years?Laurie: Yeah. I wrote a blog post about this recently.I think it's probably the thing that spurred you to invite me to this podcast in the first place.Stefania: Correct.Laurie: Which is about nine months ago, I was introduced to DBT. DBT has been around for awhile now, I think five or six years, but it was new to me nine months ago.And it definitely seems to be exponentially gaining in momentum at the moment.I hear more and more people are using it and see more and more stuff built on top of it.And the analogy that I made in the blog post is as a web developer, it felt kind of like Rails in 2006.Ruby on Rails very fundamentally changed how web development was done, because web development prior to that was everybody has sort of like figured out some architecture for their website and it works okay. But it means that every time you hire someone to a company, you have to teach them your architecture. And it would take them a couple of weeks, or if it was complicated, it would take them a couple of months to figure out your architecture and become productive. And Ruby on Rails changed that.Ruby on Rails was you hire someone and you say, "Well, it's a Rails app."And on day one, they're productive.They know how to change Rails apps.They know how to configure them.They know how to write the HTML and CSS and every other thing.And that taking the time to productivity for a new hire from three months to one month times a million developers is a gigantic amount of productivity that you have unlocked.The economic impact of that is huge. And DBT feels very similar.It's not doing anything that we weren't doing before.It's not doing anything that you couldn't do if you were rolling your own, but it is a standard and it works very well and it handles the edge cases and it's got all of the complexities accounted for.So you can start with DBT and be pretty confident that you're not going to run into something that DBT can do.And it also means that you can hire people who already know DBT.We've done it at Netlify. We've hired people with experience in DBT and they were productive on day one.They were like, "Cool. I see that you've got this model. It's got a bug. I've committed a change. I've added some tests. We have fixed this data model."What happens on day two? It's great.The value of a framework is that a framework exists more than like any specific technical advantage of that framework.Stefania: Yeah. I love that positioning of DBT.Do you have any thoughts on why this has not happened in the data space before?We have a lot of open source tools already built.We had like a huge rise in people using Spark and Hadoop and all those things for their data infrastructure awhile ago, maybe 10 years ago, and that's still happening in some of the companies.What are your thoughts on why this is happening now?Laurie: I think it was inevitable.I mean, the big data craze was 10 years ago.I recently was reminded by somebody that I wrote a blog post.It was literally 10 years ago. It was like July 15th 2011.I was like, statisticians are going to be the growth career for the next 10 years, because all I see is people collecting data blindly.They're just creating data warehouses and just pouring logs into them and then doing the most simple analyses on them.They're just like counting them up.They're not doing anything more complicated than counting them up.A lot of companies in 2010 made these huge investments and then were like, "What now?"And they were like, "Well, we've sort of figured we'd be able to do some kind of analysis, but we don't know how. This data is enormous. It's very difficult to do."It was inevitable that people would be trying to solve this problem.And lots of people rolled their own over and over.Programmers are programmers, so when they find themselves rolling their own at the third job in a row, that's usually when they start writing a framework.And that seems to be what DBT emerged from.I think it's natural that it emerged now. I think this is how long it takes.This is how much iteration the industry needed to land at this.Stefania: Yeah. That's a good insight.I maybe want to touch on then also another thing that a lot of people talk about.And ultimately, I mean, I think what most companies want to strive for, although it remains to be defined what it literally means, are self-serve analytics.What does that mean to you and how does that fit into the DBT world?Laurie: I have what might be a controversial opinion about self-serve analytics, which is that I don't think it's really going to work.There are a couple of problems that make self-serve analytics difficult.What people are focusing on right now are like just the pure technical problems.One of the problems with self-serve analytics is that it's just hard to do.You have to have enormous amounts of data.If people are going to be exploratory about the data, then the database needs to be extremely fast.If queries take 10 minutes, then you can't do ad hoc data exploration.Nobody but a data scientist is going to hang around for 10 minutes waiting for a query to finish.Stefania: Finishing your query is the new-- It's compiling.Laurie: But even when you solve that problem, and I feel like a lot of companies now solve that problem, you run into the next problem, which is, what question do I ask?What is the sensible way to ask?And also, where is it?Discovery is another thing.If you've instrumented properly, you're going to have enormous numbers of data sources, even if you're using DBT.And they're all neatly arrayed in very nicely named tables and the tables of documentation, you're going to have 100, 200, 300 tables, right?You have all sorts of forms of data.And unless somebody goes through every table by name and tries to figure out what's in that table.And does it answer my question?The data team knows where the data is and it's very hard to make that data automatically discoverable.I don't think people have solved that problem.Even if you solved that problem, the chances are that somebody whose job isn't data is going to run into traps.They're going to run into obvious data problems that a professional data person would avoid.The simplest one is like people who are using an average instead of a median.They're like, "The average is enormously high. So we don't have to care about this."And I'm like, "No, no, no, no. The median is two."And that's different from an average of 10.You've just got a couple of outliers that are dragging your average up.I solve that problem for stakeholders in our organization multiple times a week.It's like correcting them just on that particular point.And that's not even a particularly subtle question about data.There's lots of ways that somebody who doesn't spend all of their time thinking about how to present and analyze and question data is going to mislead themselves if they are self-serve.So that doesn't mean that they don't think self-serve should happen.I think one of the most productive ways that I interact with my colleagues outside of the data department is we have self-serve analytics.There's no barrier.They can go in and write their own queries and build their own dashboard.And they get like 80% of the way.And then they come to me and they're like, "Is this right? Does this say what I think it says?"And some of the time I'll be like, "Yes," some of the time I'll be like, "Nope, you're being misled by this. Sorry about that. You looked at the wrong table or you misunderstood what that problem was for."And sometimes it will be, "You're almost there. I need to make a couple of tweaks to fix this source of error," that kind of stuff.They can get a lot of the way, but I think being a hundred percent self-serve is not a practical. No.Stefania: I think that's a really good way to put it.Another way also I like to think about it is there are layers of self-serve and it depends on your audience, what that means.So self-serve to a very non-technical product manager, providing self-serve analytics to a non technical product manager means one thing, and then providing self-serve analytics to a very technical backend engineer that wants to answer some question because he's deciding how to architect their API or something like that are two very different things.And this touches a little bit on sort of, who are your stakeholders as a data team? I think.Laurie: I agree.Stefania: But it sounds like you have already built some sort of self-serve analytics and it depends on people knowing SQL.Is that right?Laurie: We have a couple of tools. We have a bunch of dashboards.We use Mode and we have a bunch of dashboards in Mode where if you have one of the set of questions that the exploration tools for these visualizations we've already built can answer, then you can completely self-serve using just point-and-click.If that doesn't work for you, Mode will let you write your own SQL.We have recently adopted a new tool called Transform, whose whole raison d'etre is to be a source of consistently defined metrics across the business.So you give it a metric and then it gives you quite expressive ways of slicing and dicing that metric, filtering it and resorting it and stuff like that.So we believe our goal is to have most of our metrics be in Transform and have people be able to examine them there and be confident that that data is correct and that those metrics mean what they think it means, which I think is going to lead us naturally to the next part of our conversation.And Mode is going to become more about ad hoc analysis, one-off reports, very detailed explorations of specific questions, not everyday metrics.Stefania: Yeah. Exciting, exciting times.
Was haben die JavaScript Pakete left-pad, color, faker und cross-env gemeinsam? Alle waren in npm Package Sicherheits-Incidents involviert.Wenn man sich die Anzahl von Javascript Abhängigkeiten bei Mittelgroßen Projekten ansieht, ist eine dreistellige Anzahl an JavaScript Paketen nicht unüblich. Das liegt primär an der überschaubaren Größe der Pakete und somit der Funktionalität. Alles nur, um Pakete verwaltbarer zu halten. Doch dieser Umstand macht das JavaScript-Ecosystem so attraktiv für Angreifer oder kann zu extremen Seiteneffekten führen. In dieser Episode sprechen wir drei npm Package Incidents durch, was es damit aufsich hatte, welche Attack-Möglichkeiten es noch gibt und wie man sich als Software Entwickler dagegen schützen kann.Bonus: Was Bademeister, Blubberwasser und eine ASCII-Repräsentation von Uncle Sam und der amerikanischen Flagge mit JavaScript zu tun haben.Feedback an stehtisch@engineeringkiosk.dev oder via Twitter an https://twitter.com/EngKioskLinksFilm "Die Bademeister": https://www.imdb.com/title/tt0202806/Open Source Studien: https://t3n.de/news/wirtschaft-open-source-nutzt-5-1451923/ und https://www.bitkom.org/Presse/Presseinformation/Open-Source-ist-in-der-deutschen-Wirtschaft-angekommen Media Tech Lab: http://jump.engineeringkiosk.dev/media-tech-lab Buch "Working in Public: The Making and Maintenance of Open Source Software": https://www.amazon.de/Working-Public-Making-Maintenance-Software/dp/0578675862Auch Python und PHP sind betroffen: https://twitter.com/s0md3v/status/1529005758540808192 und https://twitter.com/s0md3v/status/1529049336268869633JavaScript left-pad: https://www.npmjs.com/package/left-padMessaging-App Kik: https://www.kik.com/E-Mail-Verkehr zwsichen npm, Kik und Azer Koçulu zum left-pad Paket: https://medium.com/@mproberts/a-discussion-about-the-breaking-of-the-internet-3d4d2a83aa4dStatement vom npm CTO "Laurie Voss" zur Wiederherstellung des left-pads Paket: https://twitter.com/seldo/status/712414588281552900Zalgo Text: https://en.wikipedia.org/wiki/Zalgo_textDev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps: https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/node-ipc: Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers: https://www.vice.com/en/article/dypeek/open-source-sabotage-node-ipc-wipe-russia-belraus-computerstyposquatting-Attacke mit npm Paketen (u.a. cross-env): https://snyk.io/blog/typosquatting-attacks/Bank pushed privaten Code mit npm: https://twitter.com/seldo/status/110515328771872358412 Factor App: https://12factor.net/de/GitHub DMCA Takedowns: https://github.com/github/dmcanpm package scopes: https://docs.npmjs.com/about-scopesDependabot: https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/ Harden GitHub Actions - Pin actions to a full length commit SHA: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actionsWeitere nicht behandelte Incidentsua-parser.js (malicious code / account hijack): https://github.com/advisories/GHSA-pjwm-rvh2-c87wcoa (malicious code): https://github.com/advisories/GHSA-73qr-pfmq-6rp8rc (malicious code): https://github.com/advisories/GHSA-g2q5-5433-rhrfpurescript (malicious code by dependencies): https://harry.garrood.me/blog/malicious-code-in-purescript-npm-installer/event-stream (new maintainer injected code to steal bitcoins / social engineering): https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incidentgetcookies (backdoor): https://blog.npmjs.org/post/173526807575/reported-malicious-module-getcookies.htmlSprungmarken(00:00:00) Intro(00:00:35) Intro: 10.000 Downloads und Die Bademeister(00:01:42) Wie viele Firmen setzen (bewusst) Open Source ein? (00:04:09) Wie viele Firmen unterstützen Open Source finanziell?(00:06:22) Open Source Funding via Media Tech Lab(00:08:11) Das Management von Software-Dependencies anhand des JavaScript-Ecosystems via npm(00:08:59) Warum JavaScript als Beispiel genutzt wird und die Theorie warum JavaScript Pakete so klein sind und viele Abhängigkeiten haben(00:15:06) npm Package Incident: Das Paket "left-pad" wurde aus der npm Registry entfernt (unpublished)(00:23:06) npm Package Incident: Die Pakete "color" und "faker" geben Textmüll auf der Konsole aus(00:27:29) npm Package Incident: Das Paket "cross-env" und der typosquatting-Angriff mit "crossenv"(00:33:01) Weitere Angriffs-Vektoren in Bezug auf Software Dependencies: Böswilliger Maintainer, Schadcode in Sub-Dependency, Account-Übernahme und die falsche Package Registry(00:40:23) Ein Lösungsweg: npm package scopes(00:42:02) Weitere Lösungswege: Schadcode und frühere Fraud-Detection auf Plattform-Seite, die Überwachung von direkten Dependencies und Version-Pinning(00:47:40) Dependabot: Versionen von Dependencies automatisch updaten und auf neue Dependencies achten(00:53:44) Der gesunde Streit: Zanken und Bierchen(00:54:17) OutroHostsWolfgang Gassler (https://twitter.com/schafele)Andy Grunwald (https://twitter.com/andygrunwald)Engineering Kiosk Podcast: Anfragen an stehtisch@engineeringkiosk.dev oder via Twitter an https://twitter.com/EngKiosk
In episode 6 of The Right Track, Stef Olafsdottir speaks with Laurie Voss of Netlify. They discuss the roles in modern data teams, how Netlify uses data, insights on early data hires, and whether or not self-serve analytics will ever work.
In episode 6 of The Right Track, Stef Olafsdottir speaks with Laurie Voss of Netlify. They discuss the roles in modern data teams, how Netlify uses data, insights on early data hires, and whether or not self-serve analytics will ever work.
In episode 6 of The Right Track, Stef Olafsdottir speaks with Laurie Voss of Netlify. They discuss the roles in modern data teams, how Netlify uses data, insights on early data hires, and whether or not self-serve analytics will ever work. The post Ep. #6, Domain Expertise with Laurie Voss of Netlify appeared first on Heavybit.
Laurie Voss is a senior data analyst at Netlify, makers of a serverless platform designed to help teams build, deploy, and collaborate on web apps more effectively. Previously, Laurie worked as Chief Data Officer at npm, Inc., co-founded Snowball Factory, Inc., was a technical lead at awe.sm, and worked as a developer at Yahoo, among other positions. Join Corey and Laurie as they talk about what Netlify does, how Laurie moved from CTO to COO to CDO at npm, how Laurie ended up at Netlify, what the Netlify tech stack looks like, the Google Sheets vs. Excel debate, why most companies confuse data science problems with data engineering problems, why a data scientist should be the fifth hire of your team, how working on Hadoop was akin to selling the Kool Aid instead of drinking it, how Laurie worked with people whose jobs were managing SSL certificates and how that task is now a checkbox in the background, and more.
NPM's CEO Bryan Bogensberger resigns, Google's new Play Pass subscription service and their Kotlin bootcamp are announced. Plus some noteworthy updates for ulauncher and ReactOS.
Show Description****************Laurie Voss is the co-founder and Chief Data Officer of npm and he stopped by the show to talk a bit about npm's history, some of the issues it faces now, as well as what's in store for the web in 2019. Listen on Website →Links***** Typescript npms.io Yarn ReactJS Sponsors********
On this week's episode, Chris is joined by Eebs Kobeissi, a developer in our Boston studio, for a discussion encompassing the front end, back end, and everything in between. They start by discussing Eebs' recent work with both Elm & TypeScript, and the relative merits of these two strongly typed languages for the front end. From there they move on to a discussion around the different communities and rates of change in each. Shifting gears, Chris then asks Eebs about his experience with more distributed systems and technologies like JSON Web Tokens, ElasitcSearch, RabbitMQ, Kafka, and more. They round out the conversation with a discussion around some recent security discussions in package managers and their collective surprise that things work at all. chruby asdf Matz replies to post around Ruby moving slowly TypeScript Elm TypeScript Growing Popularity on State of JS 2018 JSON Web Tokens (JTW) RSA Public Key Cryptography OAuth RabbitMQ ElasitcSearch Postgres Full Text Search Kafka Event Sourcing Details about the event-stream incident Heartbleed Transcendence and the Future of React with Laurie Voss Thank you to One Month for sponsoring this episode.
Laurie Voss is the Co-founder/COO of npm. He’s traveling the world and telling developers about npm and the future of JavaScript. Chantastic asks about his bold predictions for 2019, what the future brings for React, and how React could beat web components. They talk about fresh npm commands and security features, why teams are picking Vue or Ember, some sad truths about maintaining a diverse company, and the lgbtq.community slack.
In this special episode of JS Party, KBall and Nick are on location at Node + JS Interactive in Vancouver. They talks with Laurie Voss, co-founder and COO of npm Inc. They chat about his talk, “npm and the Future of JavaScript”, JavaScript frameworks, and how the definition of “the fundamentals of the web” is constantly changing.
In this special episode of JS Party, KBall and Nick are on location at Node + JS Interactive in Vancouver. They talks with Laurie Voss, co-founder and COO of npm Inc. They chat about his talk, “npm and the Future of JavaScript”, JavaScript frameworks, and how the definition of “the fundamentals of the web” is constantly changing.
Recording date: 2018-10-25 Tweet John Papa https://twitter.com/john_papa Ward Bell https://twitter.com/wardbell Dan Wahlin https://twitter.com/dan wahlin Tierney Cyren https://twitter.com/bitandbang Show Notes: (0:01:11) Ward reads the mailbag about Node versioning (0:01:39) Tierney talks about Node.js versioning https://nodejs.org/en/ (0:01:56) Tierney discusses the Node.js LTS schedule (0:02:18) Ward asks how he would go about moving from v8 to v10 of Node.js (0:02:48) John asks if the code needs to change or just recompile (0:04:40) Tierney explains the node.js release lines work https://nodesource.com/blog/understanding-how-node-js-release-lines-work/ (0:05:10) Tierney explains there can be more than one active LTS at a time (0:05:39) John dsicusses how the Node.js LTS chart is helpful https://github.com/nodejs/Release#release-schedule (0:06:10) Ward asks what is he missing if he doesn;t move to a new release (0:06:30) Tierney explains vthat you may miss vulnerability patches (0:07:30) Tierney explains how he recommends thinking about how long you should stay on a release line (0:08:10) Tierney says Laurie Voss https://twitter.com/seldo of npm had a talk about the Fortune 50 companies who use Node.js (0:08:46) Ward asks what the relationship is between Node.js and npm (0:09:00) Tierney says npm is a company https://npmjs.com (0:09:39) Tierney mentions Isaac - CEO of npm https://twitter.com/izs?lang=en (0:12:32) John asks Tierney what the performance is of Node.js (0:14:11) Tierney talks about how LinkedIn used Node.js (0:14:33) Tierney says Paypal is the largest public deployment of Node.js on the planet (0:14:50) Tierney says Walmart uses Node.js which helps them with Black Friday sales (0:16:04) tc39 spec https://tc39.github.io/ecma262/ (0:16:48) Node.js performance tips https://www.smashingmagazine.com/2018/06/nodejs-tools-techniques-performance-servers/ (0:17:01) Ward asks what level of javascript features are implemented in Node.js (0:17:40) Tierney talks about ESM (module system) (0:19:40) John and Tierney talk about tools for application performance monitoring (0:21:04) New Relic and AppDynamics are great tools for this (0:21:40) Tierney talks about when the event loop is blocked (0:21:45) JSON.parse can sneak up on you, as it blocks the event loop (0:22:46) NSolid is a replacement for node.js runtime - does perf monitoring too https://nodesource.com/products/nsolid (0:22:50) John asks if you can use NSolid for production deployments without slow-downs (0:22:50) Tierney talks about the performance impact of using NSolid for monitoring (0:23:30) John talks about an AST http://www.syntaxsuccess.com/viewarticle/javascript-ast (0:26:10) Async hooks is a new tool that ships in node that pulls data out to help APM's (App Performance Monitoring) help get data (0:27:00) Ward asks if there are tools that will check for anti patterns, for CI (0:27:50) Tierney talks about tools that NodeSource has written to help look for issues in Node code (certified modules) (0:28:57) ncm-ci is the tool https://github.com/nodesource/ncm-ci (0:29:11) Ward mentions tools like Lighthouse for chrome https://chrome.google.com/webstore/detail/lighthouse/blipmdconlkpinefehnmjammfjpmpbjk?hl=en (0:29:15) Tierney commits to writign Lighthouse for Node.js by the end of the podcast (jokingly) (0:30:32) Greenkeeper is a github integration app that auto checks dependencies https://greenkeeper.io/ and analyzes your npm package (0:31:09) Snyk looks for security vulnerabilities in packages https://snyk.io (0:32:01) Node awesome list https://github.com/sindresorhus/awesome-nodejs (0:33:14) Tierney has his own list for Node.js https://github.com/bnb/awesome-awesome-nodejs (0:33:30) Ward asks Tierney whaat the top 10 Node.js tools everyone needs (0:36:00) Ward says he is looking for a middle ground between all of the tools and just the most important tools (0:37:49) John asks what you can do to secure Node.js apps (0:39:50) Tierney talks about how you can submit vulnerabilities to https://hackerone.com/nodejs-ecosystem (0:40:09) John asks Tierney about npm vs yarn (0:50:51) Yarn https://yarnpkg.com/en/ (0:42:20) Tierney talks about his interest in Go https://golang.org/ (0:43:30) Tierney talks about how Ryan Dahl created Node.js https://jaxenter.com/ryan-dahl-fixing-node-deno-146190.html (0:45:01) Someone to follow - Dave Geddes at https://gedd.ski/ (0:45:58) Someone to follow - Sherry List https://twitter.com/sherrrylst (0:46:41) Someone to follow - Franziska Hinkelmann https://twitter.com/fhinkel Resources Node.js Everywhere with Environment Variables https://medium.com/the-node-js-collection/making-your-node-js-work-everywhere-with-environment-variables-2da8cdf6e786 by John Papa Eleven Tips to Scale Node.js https://medium.com/microsoftazure/eleven-tips-to-scale-node-js-65cbf6deef6e by Brian Holt async await in Node.js https://blog.risingstack.com/mastering-async-await-in-nodejs/ Certified Modules from Node Source https://nodesource.com/products/certified-modules Blog posts by Tierney https://nodesource.com/blog/author/bitandbang Node Collection - medium blog https://medium.com/the-node-js-collection Tierney says use security tools like helmet https://github.com/helmetjs/helmet Ryan Dahl - creator of Node http://tinyclouds.org/ npm audit in ci system https://docs.npmjs.com/getting-started/running-a-security-audit WardInSpace: https://docs.npmjs.com/cli/audit NPM Audit Node security working group https://medium.com/the-node-js-collection/meet-the-node-js-security-working-group-30b9f00b678 WardInSpace: Node Security Working Group https://github.com/nodejs/security-wg Tierney-Cyren: https://internetbugbounty.org/ WardInSpace: https://www.rust-lang.org/en-US/ Rust
Recording date: 2018-09-20 Tweet John Papa https://twitter.com/john_papa Ward Bell https://twitter.com/wardbell Sam Julien https://twitter.com/samjulien ** Rob Wormald** https://twitter.com/robwormald Notes: (0:01:20) Mailbag https://twitter.com/D2KX_/status/1052980944389513217 about Polymer's life and web components (0:01:30) Polymer https://www.polymer-project.org/ (0:02:44) Rob says that more common features will move to the platform for web components (0:03:45) Rob talks about how his role is to talk to folks who build apps with JavaScript (0:05:04) Rob talks about solving the problem of recreating the same component over and over (DatePicker as an example) (0:05:26) DatePicker in Angular Material https://material.angular.io/components/datepicker (0:05:46) Rob talks about solving the problem of recreating the same component over and over (DatePicker as an example) (0:06:31) Dan talks about jQuery and the plugins for extensibility (0:08:00) Ward asks if people are looking for an Angular version of a control or a more generic JavaScript one (0:08:33) Ward asks Rob if he sees people want to interop between platforms (0:09:12) Rob talks about how Google has various internal tools (0:10:20) Angular's new Ivy compiler https://www.youtube.com/watch?v=dIxknqPOWms&feature=youtu.be&t=1360 (0:10:37) John asks Rob to explain the Ivy compiler (0:11:15) Tree shaking https://developer.mozilla.org/en-US/docs/Glossary/Tree_shaking (0:11:30) Rob talks about how an Angular app will be about 15kb with Ivy (0:14:00) John asks Rob if sharing company specific UI libraries is one of the goals of Angular Elements (0:14:32) Angular Elements https://angular.io/guide/elements (0:15:32) Ward asks Rob about dynamic forms and how Angular Elements may address it (0:17:44) Ward asks about the value of AngularElements talking to each other! Vanilla web components are stand alone. Great. But I build apps and apps are components that talk to each other. If I'm building with AE, I get that inter-comm among elements, yes? How does that work? (0:19:08) Dan asks Rob about how this impacts big companies (0:20:26) Rob talks about SkateJS https://github.com/skatejs/skatejs (0:21:09) Ward asks Rob about vanilla web components. (0:21:19) Ward says components should be able to talk to each other. (0:22:37) Rob addresses how components can talk to each other with Angular Elements (0:23:30) Dan says a lot of the companies he works with have islands of apps and want to take a feature and drop it in with a tool like Angular Elements. (0:24:00) Ward says he loves Sharepoint (0:24:29) Rob explains how Sharepoint users are one of the larger consumers of Angular Elements (0:24:45) Ward says there may be similar things in the Salesforce world too (0:26:52) John asks Rob how much Angular comes along for the ride with Angular Elements (0:27:17) Rob explains the basic steps to create a component with Angular Elements. (0:28:11) Rob says the way you author a component doesn't change, just how you bootstrap it. (0:28:35) Dan asks if he needs the CLI to create and build Angular Elements (0:29:38) Ward asks if DI works across the elements (0:32:06) Ward asks Rob how he sees the other frameworks handling this problem. (0:32:00) Rob talks about his experience with React and Vue's approaches to custom elements. (0:32:56) Rob says the React team is talking with the Angular team about this, but he does not know of their plans. (0:34:13) Rob says Vue provides the ability to publish component from inside of Vue, as far as he knows (0:35:30) Rob talks about their relationship and cooperation with Ionic https://ionicframework.com/ (0:37:53) Someone to follow - Thierno Thiam https://twitter.com/localhost_droid and https://twitter.com/dakarPromiseJs (0:48:42) Someone to follow - Minko Gechev https://twitter.com/mgechev (0:39:30) Someone to follow - is Laurie Voss, https://twitter.com/seldo COO and co-founder of npm http://our-origins.com/post/171840751116/laurie-voss-co-founder-and-coo-at-npm (0:40:00) Someone to follow - Jason Miller author of preact https://twitter.com/_developit https://twitter.com/preactjs
We're joined by Laurie Voss, co-founder and COO of npm to discuss the larger package community, audit and fix functionality, npm's growth pains in dealing with security as well as insight on how experience correlates with best practices. The post Episode 15: We Need to Make Bill Wink (LIVE AT NEJS) appeared first on TalkScript.FM.
We're joined by Laurie Voss, co-founder and COO of npm to discuss the larger package community, audit and fix functionality, npm's growth pains in dealing with security as well as insight on how experience correlates with best practices. The post Episode 15: We Need to Make Bill Wink (LIVE AT NEJS) appeared first on SitePen.
02:01 – Superpowers: Kenzi = Consensus Building; Laurie: Confuging Apache Quickly Conversation Context (https://twitter.com/seldo/status/937772610997313536) 03:35 – Trans-Inclusive Policy at npm and Cloud City Kaiser (https://healthy.kaiserpermanente.org/) TriNet (https://www.trinet.com/) 12:41 – Determining Whether Insurance is Trans-Friendly “Transgender insurance benefits employer guide” Google Search (https://www.google.com/search?q=transgender+insurance+employer&oq=transgender+insurance+employer&aqs=chrome..69i57.12196j1j4&sourceid=chrome&ie=UTF-8) The Transgender Law Center (https://transgenderlawcenter.org/) 15:16 – Biases Exist in Healthcare Broken Arm Syndrome (https://www.dailydot.com/irl/trans-broken-arm-syndrome-healthcare/) 20:54 – The Problem with Primary Care Physicians and Care 26:44 – Feedback from Doctors 32:00 – Why This Topic is Becoming More Commonplace and Important in Society 37:39 – Trans-Inclusive Healthcare as a Business Advantage for Companies 42:22 – How To Be an Ally in the Fight for Trans-Inclusive Healthcare 46:37 – What can primary care doctors do to signal they care about these issues? Reflections: Laurie: Do the legwork for your trans employees. John: Once you cover the edge cases, it makes the happy path even happier. Coraline: The additional challenges of non binary people. Kenzi: We have a responsibility as tech workers when we are building the system to be better about it. Carina C. Zona: Schemas for the Real World Jessica: You can’t come out as something you don’t know exists. This episode was brought to you by @therubyrep (https://twitter.com/therubyrep) of DevReps, LLC (http://www.devreps.com/). To pledge your support and to join our awesome Slack community, visit patreon.com/greaterthancode (https://www.patreon.com/greaterthancode). To make a one-time donation so that we can continue to bring you more content and transcripts like this, please do so at paypal.me/devreps (https://www.paypal.me/devreps). You will also get an invitation to our Slack community this way as well. Amazon links may be affiliate links, which means you’re supporting the show when you purchase our recommendations. Thanks! Special Guests: Kenzi Connor and Laurie Voss.
npm, Inc. co-founder and COO Laurie Voss joins the show to talk about trends in web development — frameworks, component architectures, performance and more. Laurie provides more than a technical view; he offers a nuanced, bigger-picture perspective about trends reflecting evolution and pushing innovation. We talk about the practical pros and cons of implementing a trend like React, but also how trends offer even broader benefits to the industry overall. < Download MP3 > < Listen on ctrlclickcast.com > Show Notes: Every Bootstrap Website Ever Web development has two flavors of graceful degradation Stuff Everybody Knows LBGTQ in Technology Sponsored By
My JS Story 023 Laurie Voss This week we have another My JavaScript story. This week’s guest is Laurie Voss. Laurie has worked with NPM from the start and has been a vital piece to getting it off the ground. Hear how Laurie got interested in computers, how Laurie got started with NPM, as well as a few things about the newly released NPM 5. How did you get into programming? Laurie started by going into a computer camp, at the time Laurie hadn’t spent time around computers, and it wouldn’t be until the second time that he went to the computer camp that he would see a computer again. Laurie grew up in Trinidad where not many people could afford computers. He started making his first website in Angelfire using HTML before CSS became a thing. How did you go from web development to hardcore Javascript? Laurie had been writing JavaScript since it was invented. Laurie started a web development company in high school using JavaScript. Laurie met Issac while working at Yahoo and he introduced Laurie to Node which was a starting point to taking JavaScript more seriously for Laurie. When Node was ready in 2013, NPM Inc was on it’s way. What do you do at NPM Inc? IN the beginning of 2014, Laurie was doing a lot of the JavaScript and was the CTO. Laurie says that part of his strategy has always been to hire JavaScript developers that are better at writing JavaScript that he is. Making him the worst JavaScript programmer at NPM. Laurie’s main job was doing what was needed to get NPM happen, including talking to layers and the business side of things. There are many companies that don’t understand how open source works, and in many cases it leads to run ins with lawyers. Many times NPM acts as an umbrella for open source tools that aren’t able to fight overzealous corporations. What do you think is your biggest contributions to NPM? Laurie expresses that it has changed over the years. A year ago he would say that he would have to say it leans towards the piece of software that is the registry. It’s very scalable and has worked great for small scale up to very large scale. Laurie works hard to gather funds and help make NPM grow as well as be scalable. He says that he is very proud that he build something that let’s others build things. How did you get involved? Laurie has been with NPM since the beginning. He tells us how Issac had been running NPM on donated hardware in spare time while working with Node. NPM would break a lot and be down due to the borrowed equipment. They decided that they needed to create a business model around NPM to help it grow. Laurie had just finished working on a startup and knew how to get funding and got their first round in 2014. How did you get to being profitable? Laurie talks about making sure that their plan is in line with their customers. NPM could easily charge for many parts of NPM but they would rather charge for things that make sense to charge, so in this case the private packages. Enough people are using the private package to getting NPM to profitability. Laurie says that even if money stopped coming in they would have to git rid of a few employees but would be able to keep a small team and sustain the NPM registry, but would never build anything new. It’s always between being profitable or using money to build new things. What are you working on now? NPM 5 was just released and it’s much faster, five times faster. Laurie talks about being excited about the team and what they are putting into it. Things like making deployments easier. Many developers use NPM to put code together as well as to deploy it. If you didn’t have a lock file, it’s possible that it would change. But the lock file can take a long time, and you already know what needs to go there so they are adding npm store and npm fetch making deploys much faster. Additionally they will be adding a feature called insights. They are able to see information about different users packages, security information, performance information, etc. They can use that information to help developers with suggestions based off of data gathered by what other people are doing. Charles adds that it would be great for coming up with topics for the podcast. Anything else? Laurie reminds everyone about NPM Organizations as well as NPM Enterprise. NPM Organizations is a way to organize packaging as well as teams of developers and helps you to collaborate. NPM Enterprise allows for single sign on support, license auditing, and features that corporations care about. Picks Laurie Zite and NextJS Slides.com Charles VMWorld Tweet or email if you’re looking at resources for learning VR AI or Iot Links Twitter NPM Organizations NPM Enterprise
My JS Story 023 Laurie Voss This week we have another My JavaScript story. This week’s guest is Laurie Voss. Laurie has worked with NPM from the start and has been a vital piece to getting it off the ground. Hear how Laurie got interested in computers, how Laurie got started with NPM, as well as a few things about the newly released NPM 5. How did you get into programming? Laurie started by going into a computer camp, at the time Laurie hadn’t spent time around computers, and it wouldn’t be until the second time that he went to the computer camp that he would see a computer again. Laurie grew up in Trinidad where not many people could afford computers. He started making his first website in Angelfire using HTML before CSS became a thing. How did you go from web development to hardcore Javascript? Laurie had been writing JavaScript since it was invented. Laurie started a web development company in high school using JavaScript. Laurie met Issac while working at Yahoo and he introduced Laurie to Node which was a starting point to taking JavaScript more seriously for Laurie. When Node was ready in 2013, NPM Inc was on it’s way. What do you do at NPM Inc? IN the beginning of 2014, Laurie was doing a lot of the JavaScript and was the CTO. Laurie says that part of his strategy has always been to hire JavaScript developers that are better at writing JavaScript that he is. Making him the worst JavaScript programmer at NPM. Laurie’s main job was doing what was needed to get NPM happen, including talking to layers and the business side of things. There are many companies that don’t understand how open source works, and in many cases it leads to run ins with lawyers. Many times NPM acts as an umbrella for open source tools that aren’t able to fight overzealous corporations. What do you think is your biggest contributions to NPM? Laurie expresses that it has changed over the years. A year ago he would say that he would have to say it leans towards the piece of software that is the registry. It’s very scalable and has worked great for small scale up to very large scale. Laurie works hard to gather funds and help make NPM grow as well as be scalable. He says that he is very proud that he build something that let’s others build things. How did you get involved? Laurie has been with NPM since the beginning. He tells us how Issac had been running NPM on donated hardware in spare time while working with Node. NPM would break a lot and be down due to the borrowed equipment. They decided that they needed to create a business model around NPM to help it grow. Laurie had just finished working on a startup and knew how to get funding and got their first round in 2014. How did you get to being profitable? Laurie talks about making sure that their plan is in line with their customers. NPM could easily charge for many parts of NPM but they would rather charge for things that make sense to charge, so in this case the private packages. Enough people are using the private package to getting NPM to profitability. Laurie says that even if money stopped coming in they would have to git rid of a few employees but would be able to keep a small team and sustain the NPM registry, but would never build anything new. It’s always between being profitable or using money to build new things. What are you working on now? NPM 5 was just released and it’s much faster, five times faster. Laurie talks about being excited about the team and what they are putting into it. Things like making deployments easier. Many developers use NPM to put code together as well as to deploy it. If you didn’t have a lock file, it’s possible that it would change. But the lock file can take a long time, and you already know what needs to go there so they are adding npm store and npm fetch making deploys much faster. Additionally they will be adding a feature called insights. They are able to see information about different users packages, security information, performance information, etc. They can use that information to help developers with suggestions based off of data gathered by what other people are doing. Charles adds that it would be great for coming up with topics for the podcast. Anything else? Laurie reminds everyone about NPM Organizations as well as NPM Enterprise. NPM Organizations is a way to organize packaging as well as teams of developers and helps you to collaborate. NPM Enterprise allows for single sign on support, license auditing, and features that corporations care about. Picks Laurie Zite and NextJS Slides.com Charles VMWorld Tweet or email if you’re looking at resources for learning VR AI or Iot Links Twitter NPM Organizations NPM Enterprise
My JS Story 023 Laurie Voss This week we have another My JavaScript story. This week’s guest is Laurie Voss. Laurie has worked with NPM from the start and has been a vital piece to getting it off the ground. Hear how Laurie got interested in computers, how Laurie got started with NPM, as well as a few things about the newly released NPM 5. How did you get into programming? Laurie started by going into a computer camp, at the time Laurie hadn’t spent time around computers, and it wouldn’t be until the second time that he went to the computer camp that he would see a computer again. Laurie grew up in Trinidad where not many people could afford computers. He started making his first website in Angelfire using HTML before CSS became a thing. How did you go from web development to hardcore Javascript? Laurie had been writing JavaScript since it was invented. Laurie started a web development company in high school using JavaScript. Laurie met Issac while working at Yahoo and he introduced Laurie to Node which was a starting point to taking JavaScript more seriously for Laurie. When Node was ready in 2013, NPM Inc was on it’s way. What do you do at NPM Inc? IN the beginning of 2014, Laurie was doing a lot of the JavaScript and was the CTO. Laurie says that part of his strategy has always been to hire JavaScript developers that are better at writing JavaScript that he is. Making him the worst JavaScript programmer at NPM. Laurie’s main job was doing what was needed to get NPM happen, including talking to layers and the business side of things. There are many companies that don’t understand how open source works, and in many cases it leads to run ins with lawyers. Many times NPM acts as an umbrella for open source tools that aren’t able to fight overzealous corporations. What do you think is your biggest contributions to NPM? Laurie expresses that it has changed over the years. A year ago he would say that he would have to say it leans towards the piece of software that is the registry. It’s very scalable and has worked great for small scale up to very large scale. Laurie works hard to gather funds and help make NPM grow as well as be scalable. He says that he is very proud that he build something that let’s others build things. How did you get involved? Laurie has been with NPM since the beginning. He tells us how Issac had been running NPM on donated hardware in spare time while working with Node. NPM would break a lot and be down due to the borrowed equipment. They decided that they needed to create a business model around NPM to help it grow. Laurie had just finished working on a startup and knew how to get funding and got their first round in 2014. How did you get to being profitable? Laurie talks about making sure that their plan is in line with their customers. NPM could easily charge for many parts of NPM but they would rather charge for things that make sense to charge, so in this case the private packages. Enough people are using the private package to getting NPM to profitability. Laurie says that even if money stopped coming in they would have to git rid of a few employees but would be able to keep a small team and sustain the NPM registry, but would never build anything new. It’s always between being profitable or using money to build new things. What are you working on now? NPM 5 was just released and it’s much faster, five times faster. Laurie talks about being excited about the team and what they are putting into it. Things like making deployments easier. Many developers use NPM to put code together as well as to deploy it. If you didn’t have a lock file, it’s possible that it would change. But the lock file can take a long time, and you already know what needs to go there so they are adding npm store and npm fetch making deploys much faster. Additionally they will be adding a feature called insights. They are able to see information about different users packages, security information, performance information, etc. They can use that information to help developers with suggestions based off of data gathered by what other people are doing. Charles adds that it would be great for coming up with topics for the podcast. Anything else? Laurie reminds everyone about NPM Organizations as well as NPM Enterprise. NPM Organizations is a way to organize packaging as well as teams of developers and helps you to collaborate. NPM Enterprise allows for single sign on support, license auditing, and features that corporations care about. Picks Laurie Zite and NextJS Slides.com Charles VMWorld Tweet or email if you’re looking at resources for learning VR AI or Iot Links Twitter NPM Organizations NPM Enterprise
In this episode, we’re joined by Jyri Tuulos and Josh London to help discuss reusable components and building style guides. Jyri is a Staff Engineer at AdRoll and Josh is a Senior Designer at Netflix. We discuss best practices companies are leveraging style guides and reusable components. We also share the positives and negatives to having a style guide. Items mentioned in the episode: AdRoll, Netflix, JavaScript, CSS, CSS Preprocessor, PHP, LinkedIn, LinkedIn Learning, Jennison Asuncion, Accessibility episode, Atlassian, Bitbucket, Evernote, Storybook, npm, Slack, Laurie Voss, React, Angular, React plus X: Best Practices for Reusable UI Components, Forward JS, React Style Guide Generator, Pattern Lab, Brad Frost, Dave Olson, Atomic Design, JQuery, JQuery Widgets, Sketch, SASS, Bootstrap, React Bootstrap, Starbucks Style Guide, Styleguides.io Guests: Jyri Tuulos - @jtuulos Josh London - @joshualondon Panelists: Ryan Burgess - @burgessdryan Augustus Yuan - @augburto Jem Young - @JemYoung Derrick Showers - @derrickshowers Mars Jullian - @marsjosephine Stacy London - @stacylondoner Picks: Jyri Tuulos - AdRoll style guide Jyri Tuulos - Reasonably Sound Josh London - InspiRock Josh London - React Sketch App Ryan Burgess - XLR8 Connect Diaper Backpack Ryan Burgess - Bosch Augustus Yuan - Quick Draw! Google Dataset Augustus Yuan - Style Guides Augustus Yuan - Google I/O videos Jem Young - Why did the chicken cross the road Jem Young - ES6 Proxies and Reflection Derrick Showers - Instacart Derrick Showers - Blue Apron Mars Jullian - Single Div Mars Jullian - Detour Stacy London - AtlasKit Stacy London - Actually Smiling by Geotic
00:16 – Welcome to “Yes, SJWs Do Actually Code” …we mean, “Greater Than Code!” 01:22 – Superpower Origin Story 06:00 – “Real Programming” 08:45 – Being Gay in the Tech Industry; Micro Activism (http://www.microactivist.com/) 16:17 – Setting Workplace Culture 21:20 – Working in Open Source While Working in a Company like npm (https://www.npmjs.com/) 25:50 – Monetizing npm npm Enterprise (https://www.npm-enterprise.com/) 32:55 – npm@5 42:00 – The 10x Engineer 44:19 – Technical Hiring 49:53 – Why Whiteboarding and Code Exercises Don’t Work 51:51 – Organizing Engineers Turn the Ship Around!: A True Story of Turning Followers into Leaders (https://www.amazon.com/gp/product/1591846404/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=therubyrep-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=1591846404&linkId=c494a8d5b6315f65af8e4f4a31c3f450) Reflections: Astrid: Not being concerned with how other people view you as a programmer. Coraline: Remembering good hiring practices to influence others. Sam: Making your interview process focus on having people talk to each other about software. Rein: Becoming a Change Artist by Gerald Weinberg (https://www.amazon.com/gp/product/B004SCRVIK/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=therubyrep-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=B004SCRVIK&linkId=841afede1e410cba5f9277716d97f581) Laurie: Organizing large groups of people to get stuff done. This episode was brought to you by @therubyrep (https://twitter.com/therubyrep) of DevReps, LLC (http://www.devreps.com/). To pledge your support and to join our awesome Slack community, visit patreon.com/greaterthancode (https://www.patreon.com/greaterthancode). To make a one-time donation so that we can continue to bring you more content and transcripts like this, please do so at paypal.me/devreps (https://www.paypal.me/devreps). You will also get an invitation to our Slack community this way as well. Amazon links may be affiliate links, which means you’re supporting the show when you purchase our recommendations. Thanks! Special Guest: Laurie Voss.
In this episode, we are joined by Laurie Voss, the COO and former CTO at npm. Npm, also known as Node Package Manager has been an important tool in the JavaScript community and has helped engineers share their code. In today’s episode, we’ll be discussing how we leverage npm and find out what we can expect from npm 5. Laurie also teaches us some cool tricks that exist in the npm cli. Items mentioned in the episode: Node, npm, Ruby, Python, Java, Back End Happy Hour, CommonJS, CocoaPods, Stack Overflow, Github, Babel, Webpack, Closure Compiler, Rollup, Browserify, Yarn, npm Enterprise, Left-pad, Express, Google, Monster Cable, Gold Apple Watch, I am rich, Semver.org Guests: Laurie Voss - @seldo Panelists: Ryan Burgess - @burgessdryan Augustus Yuan - @augburto Jem Young - @JemYoung Derrick Showers - @derrickshowers Mars Jullian - @marsjosephine Picks: Laurie Voss - npm 5 Laurie Voss - Slides.com Laurie Voss - Next.js Ryan Burgess - Moment Lens Ryan Burgess - Lin Clark - A Cartoon into Fiber - React Conf 2017 Ryan Burgess - The Founder Augustus Yuan - Deco IDE Augustus Yuan - Mocktails Mixer by Deeplocal Jem Young - Aviation Jem Young - Music to Draw To: Satellite Derrick Showers - How I built this podcast Derrick Showers - Containers podcast Derrick Showers - Jackbox TV Mars Jullian - Spotify Mood playlists Mars Jullian - SkyGuru
Managing the world’s largest software registry: this week Paul and Rich talk to Laurie Voss, chief operating officer of npm, the JavaScript package manager that gives 7 million programmers worldwide access to hundreds of thousands of packages. They discuss how npm works and the details of its past, present, and future—as well as how removing one tiny piece from it can break the entire internet. They also discuss managing a large community of users, where the 0.1%’s complaints always seem to outweigh the 99.9%’s praise.
“Node doesn’t have dependency hell – JavaScript absolutely does.” Node.js powers an increasing number of applications in the modern web. As node’s popularity grew, npm evolved in parallel as its default package manager and it has become a robust system for sharing and developing node programs. Yet today, npm is growing beyond its roots, and The post npm with Laurie Voss appeared first on Software Engineering Daily.
The panelists discuss npm, Inc. with Isaac Schlueter, Laurie Voss, and Rod Boothby.
The panelists discuss npm, Inc. with Isaac Schlueter, Laurie Voss, and Rod Boothby.
The panelists discuss npm, Inc. with Isaac Schlueter, Laurie Voss, and Rod Boothby.
© 2020-2025 Ivy Podcast Discovery LLC
