No developer is an island and no developer is perfect. This means that you cannot create anything without using components written by someone else and these components will have defects or missing features. At some point in our life we all asked for support to someone else.But being a maintainer is not an easy task at all. Think about receiving tons of reports with partial or missing information, or being yelled by strangers for not being responsive or fast enough.For the health of our industry we must love our maintainers more: in this talk I’ll show how to politely ask for help and how to make sure you provide all the necessary informations.

No developer is an island and no developer is perfect. This means that you cannot create anything without using components written by someone else and these components will have defects or missing features. At some point in our life we all asked for support to someone else.But being a maintainer is not an easy task at all. Think about receiving tons of reports with partial or missing information, or being yelled by strangers for not being responsive or fast enough.For the health of our industry we must love our maintainers more: in this talk I’ll show how to politely ask for help and how to make sure you provide all the necessary informations.

Node.js HTTP parsing currently relies on llhttp, a parser which provides very good performance but has currently some challenges for the health of the runtime.Is it possible to create a modern, maintenable, well documented, secure and performant alternative? Yes it is!Let me introduce you Milo, a new Rust based HTTP parser which I plan to integrate into Node.js and let me show you how you can help be a part of its first Rust component.

Web applications are commonly vulnerable to several Distributed Denial of Service attacks, sometimes in unexpected ways. An example is the SlowLoris attack, an exploit that leads to service interruption by simply sending the data to the server as slowest as possible.  In this talk I will tell the tale of how it took almost 13 years for Node to be completely protected by SlowLoris attack. I will also show that sometimes prioritizing performance can lead to incorrect fixes that can result in a false sense of protection.