JavaScript Jabber

• Guarding the JavaScript Supply Chain: Preventing NPM Attacks with Feross Aboukhadijeh - JSJ 695

  Hey everyone—it’s Steve Edwards here, and in this episode of JavaScript Jabber, I’m joined by returning guest Feross Aboukhadijeh, founder of Socket.dev, for a deep dive into the dark and fascinating world of open source supply chain security. From phishing campaigns targeting top NPM maintainers to the now-infamous Chalk library compromise, we unpack the latest wave of JavaScript package attacks and what developers can learn from them.Feross explains how some hackers are even using AI tools like Claude and Gemini as part of their payloads—and how defenders like Socket are fighting back with AI-powered analysis of their own. We also dive into GitHub Actions vulnerabilities, the role of two-factor authentication, and the growing need for “phishing-resistant 2FA.” Whether you’re an open source maintainer or just someone who runs npm install a little too often, this episode will open your eyes to how much happens behind the scenes to keep your code safe.🔗 Links & ResourcesSocket.dev – Protect your open source dependenciesFeross Aboukhadijeh on X (Twitter)GitHub Actions Security Best PracticesTruffleHog Blog – On secrets exposure in Git reposBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

  --------  

  1:00:01

  --------

  1:00:01
• Making Monorepos Breakproof with Anton Stoychev - JSJ 694

  In this solo-hosted episode, I (Steve Edwards) dive deep into the world of modern monorepos with special guest Anton Stoychev from Yotpo. Anton shares his journey from the early days of PHP and IE6 nightmares to his current work in front-end infrastructure, performance optimization, and developer tooling.We talk about the challenges of managing dependencies, upgrading tools without breaking your codebase, and the evolution of developer experience across teams and companies. Anton also introduces Breakproof, Yotpo’s open-source monorepo template designed to make dependency management and tool upgrades painless—even when working with multiple Node.js versions, runtimes like Bun and Deno, and complex CI environments.If you’ve ever struggled with upgrading Jest, ESLint, or TypeScript in a large monorepo, or you’re curious how to isolate dependencies to keep your codebase maintainable over time, this episode is a must-listen.🔗 Links & Resources🔧 Breakproof on GitHub: breakproof.dev🧠 Yotpo LTD on GitHub: Yotpo Breakproof Base Monorepo💬 Follow Anton Stoychev: stoychev.dev on BlueSkyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

  --------  

  1:13:36

  --------

  1:13:36
• Spec-Driven Development and the Future of AI IDEs with AWS’s Kiro - JSJ 693

  In this episode of JavaScript Jabber, I sit down with AWS’s Clare Liguori and Erik Hanchett to talk about Kiro, a brand-new AI-powered IDE that’s reimagining the way developers build software. We dive into how Kiro takes “AI-assisted coding” to a new level through spec-driven development — a process that focuses on defining requirements and collaborating with AI to break projects into clear, manageable tasks.We unpack what sets Kiro apart from tools like Cursor and Copilot, explore its supervised vs. autopilot coding modes, and even talk about how it handles UI design, planning, and complex legacy codebases. Clare and Erik share behind-the-scenes insights on how Kiro was built using Kiro itself, what’s coming next for the platform, and how developers can join the early-access community to help shape its future.🔗 Links & Resources:🌐 Kiro Official Site🧠 AWS Developer Advocate TeamBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

  --------  

  43:55

  --------

  43:55
• Modern JavaScript Testing: Integration, Contract Testing & AI Tools - JSJ 692

  In this episode of JavaScript Jabber, I sit down with Dan Shapir and our special guest, Yoni Goldberg, to dive deep into the ever-evolving world of JavaScript testing. Yoni, a consultant who’s worked with over 40 organizations to refine developer workflows, shares valuable lessons learned from helping teams design efficient and reliable tests.We explore emerging trends in testing, including the rise of browser-based test runners, the shift from unit testing toward more integration and component testing, and how modern frameworks like Playwright, Vite Test Browser Mode, and Storybook are changing the way developers think about confidence in their code. We also tackle the role of AI in writing and maintaining tests, the pros and cons of mocking vs. real backends, and why contract testing is becoming essential in 2025.If you’ve ever struggled with flaky end-to-end tests, wondered how to balance speed with confidence, or wanted a clear breakdown of modern testing tools, this conversation will give you practical insights and fresh perspectives to take back to your projects.Links & ResourcesYoni Goldberg’s GitHubGoldbergYoni.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

  --------  

  1:06:28

  --------

  1:06:28
• The Comeback of RPC: SolidJS, TanStack, and the Future of JavaScript Frameworks with Ryan Carniato & Tanner Linsley - JSJ 691

  In this episode of JavaScript Jabber, I sit down with Ryan Carniato, creator of SolidJS, and Tanner Linsley, the force behind TanStack, for a deep-dive conversation on the resurgence of Remote Procedure Calls (RPC) in modern web development. We explore why RPC is making a comeback, how frameworks like Solid, TanStack, and others are shaping the way we think about data fetching, and the technical innovations that are driving this movement forward.From streaming and serialization to type safety and the future of client-server communication, Ryan and Tanner share their experiences, insights, and the unique challenges they’ve faced building cutting-edge tools for developers. If you’ve been curious about where RPC fits in today’s frameworks—or just love geeking out about performance, signals, and developer experience—this is one episode you won’t want to miss.Links & ResourcesRyan Carniato on SolidJSTanStack (React Query, Router, Table, and more)Sentry – where Ryan is currently workingCreate TanStackSolidJS DiscordRyan CarniatoRyan Carniato is the creator of SolidJS, a high-performance JavaScript framework built on fine-grained reactivity. He’s also a Senior Software Engineer at Sentry, where he explores new approaches to front-end architecture and developer experience. Through his open-source contributions, talks, and in-depth content, Ryan has become a trusted voice in the web development community, helping developers think differently about building fast, reactive applications.Tanner LinsleyTanner Linsley is the founder of TanStack, the home of widely adopted open-source libraries like TanStack Query (formerly React Query), TanStack Router, Table, Virtual, and more. A full-time open-source entrepreneur, Tanner has redefined how developers manage state, caching, and data fetching in modern applications. With a focus on performance, simplicity, and type safety, his tools power some of the most advanced applications on the web today.Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

  --------  

  1:29:52

  --------

  1:29:52

More Business podcasts

Trending Business podcasts

About JavaScript Jabber

JavaScript Jabber: Podcasts in Family