#api security

Let's explore how to create more resilient software systems employing API-first techniques. By utilizing the contract testing tool Specmatic and the Playwright test runner, we can develop tests that ensure our Nuxt applications work perfectly and communicate correctly with Microservices they rely on to get data.

We will take a closer look at how to write OpenAPI specifications that aid us in documenting our APIs and enable us to ensure they work correctly. Furthermore, we can use those specifications to automatically spin up a stub server, which we can use to test our application in a controlled environment with Playwright.

The techniques I'll show you will help you write tests that enable you to rapidly iterate without fearing regressions.

Learning Outcomes:

1. You know about the basic principles of Contract Testing and how it also helps drive our E2E tests.
2. You know to opt for Contract Testing when working with Microservices and BFFs, database seeding when using Nuxt with a database, and mocking when dealing with SPAs.
3. You know the steps to create your first OpenAPI specification and integrate Specmatic with Playwright or Cypress, and you are keen to apply this technique to your projects.

It's been half a decade since Mock Service Worker (MSW) has changed the way developers approach and think of API mocking in JavaScript. With all its innovation, I felt we could do more. I spent the last year making that happen. I can't wait to share it with all of you!

With StackHawk, engineering teams can run security tests against GraphQL APIs to find and fix vulnerabilities before they hit production. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder and Chief Security Officer Scott Gerlach for a quick overview of GraphQL security testing with StackHawk.

Traditional security testing for JS apps has focused on the front-end, but actual security issues most often lie in the backing REST API. Join StackHawk co-founder Scott Gerlach for a quick overview of why you need to rethink how you test your JS apps and how StackHawk can help you find and fix security bugs fast.

With StackHawk, engineering teams can run security tests against JS applications and the backing APIs to find and fix vulnerabilities faster. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder Scott Gerlach for a quick overview of JS application security testing with StackHawk.

TypeScript makes JavaScript safer adding static type definitions. Static definitions are wonderful; they prevent developers from making trivial mistakes ensuring every assignment and invocation is done correctly. A variable typed as a string cannot be assigned a number, and a function expecting three arguments cannot be called with only two. These definitions only exist at build time though; the code that is eventually executed is just JavaScript. But what about the response from an API request? In this talk Ethan Arrowood, Software Engineer 2 @ Microsoft, he will cover various solutions for safely typing dynamic data in TypeScript applications. This talk features popular technologies such as Fastify, JSON Schema, Node.js, and more!