Peace, Love and JavaScript

Rate this content
Bookmark

The stability and security of open source projects can be found in the people shaping the culture as much as the code they write. The Executive Director of the OpenJS Foundation will share lessons she learned along the way on how to build trust and transparency to minimize drama and overcome challenges in the JavaScript ecosystem. She will cover critical topics such as empowering projects with open governance, building an ecosystem around a community project, and how OpenJS supports essential projects such as Node.js.

Robin Ginn
Robin Ginn
17 min
04 Apr, 2024

Comments

Sign in or register to post your comment.

Video Summary and Transcription

The OpenJS Foundation supports the entire JavaScript ecosystem and thousands of open source projects. They follow a neutral nonprofit organization with separate business and technical governance to minimize drama. Rebooting governance and addressing intellectual property can also help reduce conflicts. OpenJS provides collaboration spaces and support in various areas for open source projects. They foster a collaborative environment and invite participation in their projects.

Available in Español

1. Introduction to OpenJS and its Projects

Short description:

I'm Robin Vendergian, the executive director of the OpenJS Foundation. OpenJS supports not only Node.js but the entire JavaScript ecosystem. Thousands of other open source projects are connected with ours. 99% of the world's websites rely on JavaScript. Our projects include Appium, Jest, jQuery, Webpack, and Node. Our foundation depends on our members for financial support and active participation in governance.

Hi, everyone. Hi, Node Congress friends. I'm Robin Vendergian. I'm here today to talk to you about peace, love, and JavaScript.

Now, you know, I've had the best jobs ever. I've got to spend, you know, most of my career working with open source and open standards communities like you. At that, the past 13 years, I've been working with the Node.js community. And for the past four plus, I have been the executive director of the OpenJS Foundation.

And if you don't know, OpenJS was created by the merger of the Node.js Foundation and the JS, the JavaScript Foundation, shortly before I joined. Now, here is my friend and predecessor, Michael Rogers. Michael was the first executive director of the Node.js Foundation, and he may not have described his job as the best job ever back in 2015. In a newly released Node.js documentary, he described the challenges facing the project at the time as there was so much drama. And you're going to have to take a look at the Node.js documentary that was just released on YouTube. It was released by Honeypot, who some are calling the Netflix for developers. And you may have seen their documentary on React or Kubernetes. And just want to really thank the Honeypot crew. They're a great job platform, particularly for folks in Europe.

And so if you look at OpenJS today, we not only support Node.js, we support the JavaScript ecosystem as a whole. And when you think about why do we have a foundation, and I often like to say when a piece of technology becomes super important to the world, it is often donated to a foundation. And we love our 35 projects, but there are thousands of other open source projects that are connected with ours. And did you know that 99% of the world's websites rely on JavaScript? So most people are using JavaScript, whether they know it or not. Folks like NASA, they use Node.js or spacesuit solutions to keep astronauts safe. So if you think about it, Node.js and open source really are mission critical to the world.

So let's just take a step back and give you a brief overview of our projects. Our projects are really critical to the web and beyond. We have Appium, we have Jest, jQuery, Webpack, and of course Node. And our foundation really could not survive without our members. They really make it happen. They provide the financial support to run our operations. And individually, they're also very active in our governance process.

2. Minimizing Drama in Open Source Projects

Short description:

To minimize drama in open source projects, OpenJS follows a neutral nonprofit organization with separate business and technical governance. The cross-project council sets best practices, and individual projects have their own technical steering committees. Open governance ensures democratic leadership and collaboration, where no one person or company controls Node.js. The technical steering committee is responsible for the project's direction, quality standards, governance, and more. Node.js is a community-led project with a governance model that sets best practices for open source projects.

And you know, if you take a look at the Node documentary, you'll find the drama was probably the result because it was missing a few key elements in those early days of Node. So today, I'm going to talk to you about the elements that are sort of critical to minimize drama in open source projects. And the first one is neutrality. And at OpenJS, we have policies in place as a neutral nonprofit organization to minimize drama. And by doing this, we really have a separate business and technical governance.

We have a board of directors that are comprised of our members that really sort of set the budget and in the kind of business operations of the foundation. And then we have a separate technical side that is unrelated to our membership. And we have the cross project council, which is typically what other foundations describe as a technical oversight committee. And they really take a look across the board at all of our projects and set best practices. And as an umbrella organization, one key thing that we put in place early on is to create a model that gives a strong voice to our individual projects. So each project has their own technical steering committee or core team that really drives and sets the technical direction of our projects. So if you'll take a look at it, our paid members have no influence on the technical direction of the projects.

Another key way to minimize drama is through open governance. And if you take a look at sort of open source, open source is really defining how software is distributed, the licensing, and more. But open governance really is about how the project is run. So if you take a look at open governance, the collaborators are typically nominated, and their leadership is elected in some democratic form. And if you're taking if you're sort of wondering if your favorite open source project has open governance, take a look at their repo and see if they have a governance page. So you'll find the Node.js governance page right here if you go on to GitHub. And what you'll find after you digest all of the information is that no one person can control Node.js. No one company can control Node.js. Each collaborator has to compromise to achieve their objectives. So Node, for example, has a technical steering committee, a TSC, and their responsible for all of the technical direction of the project, including the release quality standards, the project governance policies and process, the GitHub hosting, and any sort of conduct and mediation, and so much more. And if you take a look at the collaborators in the project, they own the repo for the Node.js slash Node GitHub repo, and collaborators have access, human access to that repo and access to the continuous integration, the CI jobs. And you know, if ever there is a disagreement with the project all up, and that's not just the collaborators, there's a lot of working groups as well, the TSC votes, and then there's some other neutrality pieces that are built into the Node governance. And one important piece is that of all of these people, no more than one fourth of those people can represent the same company. So again, we love Node, it's truly a community-led project. And their governance has really sort of set precedent in best practices for other open source projects. One other aspect of governance is sometimes the people in the governance project changes. And that's okay. Sometimes, you know, maintainers or the technical steering committee, they run out of time, energy, they may have changed jobs, where they don't have as much time.

3. Rebooting Governance and Intellectual Property

Short description:

Projects sometimes need to reboot their governance. Examples under the OpenJS Foundation include Mocap and the Express project. The community stepped in, with help from the Cross-Project Council, to address the security and stability risks of Express. They added new members to the technical committee and are rebooting its governance. Intellectual property is another way to minimize drama. The Node.js logo was transferred to the OpenJS Foundation, providing legal support and protecting the work of collaborators. Trademarks identify the specific source of the code and protect brand authenticity. Collaboration is also important in minimizing drama.

So sometimes we have projects where they need to sort of reboot their governance. And we've seen some wonderful examples under the OpenJS Foundation where this has happened. One was Mocap, for example, that was passed to new maintainers. And another recent example is, is the Express project. Express is a JavaScript web application framework. It has 29 million weekly downloads. And what we found is Express had sort of stalled if you've been tracking it. And we, you know, the community really thought that could be a security and a stability risk for millions of users and companies and others who rely on Express. So what was really cool to see is that the community members recently stepped in with help from the OpenJS Foundation Cross-Project Council. And they put together a plan that you'll see in the Express forward discussions folder, along with some of their top priorities to really move that project forward. So they've added new members to the technical committee. And they they're just really, you know, doing wonderful things. And we're really excited to see what that's happening. It is rare that this happens. But again, it's it's sometimes part of the normal ebb and flow of an open source project. And it's great to see the Express, Express rebooting its governance.

Another key way to minimize drama is intellectual property. And while you know, the Node Foundation, and then later the OpenJS Foundation, they brought neutrality and open governance to the Node project. It wasn't until seven years later, just a few years ago, where Joyent, who is now owned by Samsung, transferred the Node.js logo to the OpenJS Foundation. And you know, we at OpenJS had previously been granted kind of, you know, perpetual free use to use the Node trademark and logo for the past several years. But it just wasn't the same. And, you know, one of the key advantages to having an open source project hosted at a foundation like OpenJS is the legal support. And that includes the management of things like trademarks, and trademarks really protect the work of you, the collaborators who are working on these projects. And trademarks are important, not just for the protection of the brand, but it actually identifies to the specific source of the code. And there's many reasons why this is important. Think about the download link, super important. It also protects the authenticity of things like documentation, certification and training events, and perhaps the abuse of the trademark being used in commercial entities. So intellectual property was really key. And you can see that the community was really excited that Joyent and Samsung contributed the Node trademark to the foundation.

Another key way to minimize drama is collaboration.

4. Collaboration Spaces and Project Support

Short description:

At OpenJS, we have four collaboration spaces: open visualization, security, package metadata interoperability, and standards collab. These spaces focus on governing JavaScript libraries, setting policies and best practices, defining packages, and standards development. We also provide support in legal, security, marketing, and IT infrastructure for open source projects.

And at OpenJS, we operate in a better together kind of way. And you may see other foundations have things called working groups. You know, we're a little more JavaScripty, and we like to call our working groups collaboration spaces. We just think that that's like a little bit more collaborative and inclusive. And it's a way to really reach broader audiences. And so we have four collaboration spaces underway right now. And you're all invited to join these anytime all of our meetings are public. And I'll share more information about that. But let me just give you a quick overview of our cloud spaces. First, we have the open visualization cloud space. They actually have their own website open visualization.org. And they really govern the really cool libraries based on JavaScript and WebGL. So think about Kepler, vis GL, deck GL, some really great work happening in the open vis space. We have a security cloud space, setting policies and best practices, not just for our projects, but hopefully for the JavaScript ecosystem as a whole. And part of that has been caring, undertaking some work that was funded by the German government sovereign tech fund, and really excited about the work there. A lot of that is taking a lot of the security best practices that are being developed at the Open Source Security Foundation, the open SSF, and customizing that for JavaScript. And we're also going to be rolling out some trainings and other things this year. We also have a package metadata interoperability collapse space. We recently blogged on why you should care about package metadata interop. But there's some really interesting work happening, where the committee is working to define packages across all of the ecosystems dealing with package JSON. And last but not least, we have a standards collab space. It's kind of a who's who in the collab. In the standards world, we have representatives from ECMA TC 39 TC 53. There are TC 39 is defining the ECMAScript standard, we have W3C, we have Winter CG, and we have also the Unicode consortium, which actually defines emojis, which is super cool. So again, these groups meet bi weekly, and we'd love to have you participate. And if you think about open source projects, you know, there's a lot more that goes into it than just code. So I talked a little bit about how the foundation supports projects with legal and some of the security work. We also do a lot of marketing to sort of help drive the adoption of the projects. And we also host the IT infrastructure for these open source projects. And I like to describe what we do is, you know, think about if you work at a big company, and you have the dev team building, you know, the product.

5. Supporting Open Source Projects

Short description:

For us, the product is the open source project. We go beyond code to support maintainers and foster trust in contributions. Open JS Foundation's diverse and vibrant culture creates a collaborative environment where company and country lines dissolve. With the success of Node.js and ongoing efforts, we invite you to participate in our projects and collaborate with us.

For us, the product is the open source project. And we are like the product team around that. So we do everything beyond code, that just really helps her to remove the friction for the maintainers to build the best open source project that they that they can, that they can do.

And then what's kind of extra special about us is, is again, that neutrality. So when people are contributing, you want to think about who do you trust to send your contributions for the future. And then one really wonderful thing about the Open JS Foundation is our culture. We are diverse, we're vibrant. I like to think we're fun, creative, collaborative. So it's been a wonderful way from COVID even on where you're going to make new friends, you'll find that company lines and country lines just dissolve as you meet and collaborate people who are passionate about open source, and about Node.js.

So if I were to think about the Hollywood ending for the node 2024, movie sequel, because if you look at the documentary that was released recently, that really ended at 2015. And while we have come a long way since 2015, so so many great data points happening in the community, as I mentioned, that open governance, that really did set a de facto standard for Node.js. And contributed to its success. So since 2015, that team has been shipping every six months, gosh, last year, over 2 billion downloads, we'd like to say it's probably on every developer's laptop. And all of the recent work they've done with security has been outstanding. So really excited about the future of Node.js. So if you would like to participate in any way, whether it's Node or any of our projects, take a look. You also can go to our website. Our Slack is open. There's a link for Slack, our public calendar, more information about our collaboration spaces. So really, we would love to have you collaborate with us. And thanks Node Congress friends for having me. Thanks a lot.

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

Scaling Up with Remix and Micro Frontends
Remix Conf Europe 2022Remix Conf Europe 2022
23 min
Scaling Up with Remix and Micro Frontends
Top Content
Do you have a large product built by many teams? Are you struggling to release often? Did your frontend turn into a massive unmaintainable monolith? If, like me, you’ve answered yes to any of those questions, this talk is for you! I’ll show you exactly how you can build a micro frontend architecture with Remix to solve those challenges.
Full Stack Components
Remix Conf Europe 2022Remix Conf Europe 2022
37 min
Full Stack Components
Top Content
Remix is a web framework that gives you the simple mental model of a Multi-Page App (MPA) but the power and capabilities of a Single-Page App (SPA). One of the big challenges of SPAs is network management resulting in a great deal of indirection and buggy code. This is especially noticeable in application state which Remix completely eliminates, but it's also an issue in individual components that communicate with a single-purpose backend endpoint (like a combobox search for example).
In this talk, Kent will demonstrate how Remix enables you to build complex UI components that are connected to a backend in the simplest and most powerful way you've ever seen. Leaving you time to chill with your family or whatever else you do for fun.
Making JavaScript on WebAssembly Fast
JSNation Live 2021JSNation Live 2021
29 min
Making JavaScript on WebAssembly Fast
Top Content
JavaScript in the browser runs many times faster than it did two decades ago. And that happened because the browser vendors spent that time working on intensive performance optimizations in their JavaScript engines.Because of this optimization work, JavaScript is now running in many places besides the browser. But there are still some environments where the JS engines can’t apply those optimizations in the right way to make things fast.We’re working to solve this, beginning a whole new wave of JavaScript optimization work. We’re improving JavaScript performance for entirely different environments, where different rules apply. And this is possible because of WebAssembly. In this talk, I'll explain how this all works and what's coming next.
Debugging JS
React Summit 2023React Summit 2023
24 min
Debugging JS
Top Content
As developers, we spend much of our time debugging apps - often code we didn't even write. Sadly, few developers have ever been taught how to approach debugging - it's something most of us learn through painful experience.  The good news is you _can_ learn how to debug effectively, and there's several key techniques and tools you can use for debugging JS and React apps.
Webpack in 5 Years?
JSNation 2022JSNation 2022
26 min
Webpack in 5 Years?
Top Content
What can we learn from the last 10 years for the next 5 years? Is there a future for Webpack? What do we need to do now?
Towards a Standard Library for JavaScript Runtimes
Node Congress 2022Node Congress 2022
34 min
Towards a Standard Library for JavaScript Runtimes
Top Content
You can check the slides for James' talk here.

Workshops on related topic

Using CodeMirror to Build a JavaScript Editor with Linting and AutoComplete
React Day Berlin 2022React Day Berlin 2022
86 min
Using CodeMirror to Build a JavaScript Editor with Linting and AutoComplete
Top Content
WorkshopFree
Hussien Khayoon
Kahvi Patel
2 authors
Using a library might seem easy at first glance, but how do you choose the right library? How do you upgrade an existing one? And how do you wade through the documentation to find what you want?
In this workshop, we’ll discuss all these finer points while going through a general example of building a code editor using CodeMirror in React. All while sharing some of the nuances our team learned about using this library and some problems we encountered.
Testing Web Applications Using Cypress
TestJS Summit - January, 2021TestJS Summit - January, 2021
173 min
Testing Web Applications Using Cypress
WorkshopFree
Gleb Bahmutov
Gleb Bahmutov
This workshop will teach you the basics of writing useful end-to-end tests using Cypress Test Runner.
We will cover writing tests, covering every application feature, structuring tests, intercepting network requests, and setting up the backend data.
Anyone who knows JavaScript programming language and has NPM installed would be able to follow along.
0 to Auth in an Hour Using NodeJS SDK
Node Congress 2023Node Congress 2023
63 min
0 to Auth in an Hour Using NodeJS SDK
WorkshopFree
Asaf Shen
Asaf Shen
Passwordless authentication may seem complex, but it is simple to add it to any app using the right tool.
We will enhance a full-stack JS application (Node.JS backend + React frontend) to authenticate users with OAuth (social login) and One Time Passwords (email), including:- User authentication - Managing user interactions, returning session / refresh JWTs- Session management and validation - Storing the session for subsequent client requests, validating / refreshing sessions
At the end of the workshop, we will also touch on another approach to code authentication using frontend Descope Flows (drag-and-drop workflows), while keeping only session validation in the backend. With this, we will also show how easy it is to enable biometrics and other passwordless authentication methods.
Table of contents- A quick intro to core authentication concepts- Coding- Why passwordless matters
Prerequisites- IDE for your choice- Node 18 or higher
Build a powerful DataGrid in few hours with Ag Grid
React Summit US 2023React Summit US 2023
96 min
Build a powerful DataGrid in few hours with Ag Grid
WorkshopFree
Mike Ryan
Mike Ryan
Does your React app need to efficiently display lots (and lots) of data in a grid? Do your users want to be able to search, sort, filter, and edit data? AG Grid is the best JavaScript grid in the world and is packed with features, highly performant, and extensible. In this workshop, you’ll learn how to get started with AG Grid, how we can enable sorting and filtering of data in the grid, cell rendering, and more. You will walk away from this free 3-hour workshop equipped with the knowledge for implementing AG Grid into your React application.
We all know that rolling our own grid solution is not easy, and let's be honest, is not something that we should be working on. We are focused on building a product and driving forward innovation. In this workshop, you'll see just how easy it is to get started with AG Grid.
Prerequisites: Basic React and JavaScript
Workshop level: Beginner
JavaScript-based full-text search with Orama everywhere
Node Congress 2023Node Congress 2023
49 min
JavaScript-based full-text search with Orama everywhere
Workshop
Michele Riva
Michele Riva
In this workshop, we will see how to adopt Orama, a powerful full-text search engine written entirely in JavaScript, to make search available wherever JavaScript runs. We will learn when, how, and why deploying it on a serverless function could be a great idea, and when it would be better to keep it directly on the browser. Forget APIs, complex configurations, etc: Orama will make it easy to integrate search on projects of any scale.
Back to the basics
Node Congress 2022Node Congress 2022
128 min
Back to the basics
WorkshopFree
Guillermo Gutierrez Almazor
Guillermo Gutierrez Almazor
“You’ll never believe where objects come from in JavaScript.”
“These 10 languages are worse than JavaScript in asynchronous programming.”
Let’s explore some aspects of JavaScript that you might take for granted in the clickbaitest nodecongress.com workshop.
To attend this workshop you only need to be able to write and run NodeJS code on your computer. Both junior and senior developers are welcome.
Objects are from Mars, functions are from Venus
Let’s deep-dive into the ins and outs of objects and then zoom out to see modules from a different perspective. How many ways are there to create objects? Are they all that useful? When should you consider using them?
If you’re now thinking “who cares?“, then this workshop is probably for you.
Asynchronous JavaScript: the good? parts
Let’s have an honest conversation.
I mean… why, oh why, do we need to bear with all this BS? My guess is that it depends on perspective too. Let’s first assume a hard truth about it: it could be worse… then maybe we can start seeing the not-so-bad-even-great features of JavaScript regarding non-blocking programs.