How Frontend Teams Master Safety Production: Insights from Alibaba’s D2 Forum

About A Da

He joined Taobao in 2009, initially handling ticket and lottery services, later contributing to e‑commerce, search, and Xianyu. In 2012 he moved to Yitao, focusing on frontend engineering, and returned to Taobao’s frontend team in 2013, promoting Git‑based frontend development and incubating the DEF platform, which later evolved into Alibaba Group’s Frontend Engineering Platform serving thousands of engineers with over 2,500 daily active developers. In 2019 he proposed an IDE strategy, built the internal IDE Framework KAITIAN, applied it across many IDE scenarios, and now leads frontend engineering safety production.

A Da introduces D2 safety production session

As frontend boundaries expand with serverless, micro‑frontend, AI, and other emerging technologies, frontend engineers now handle core business logic. This session focuses on safety production, revealing Alibaba’s achievements and offering new insights.

Quick Q&A

Why a dedicated frontend safety production session?

Alibaba’s tech line has four battles: two business‑oriented, one cloud‑native, and safety production, which is the “bottom of the bucket” ensuring stability. Frontend is the last line of defense for user experience, requiring rapid response and robust plans.

How does frontend safety production differ from general security?

General security covers many aspects; safety production is a sub‑field focused on the production (development) process, involving standards, code quality, workflow guarantees, monitoring, and emergency response.

How to handle the extra workload from safety processes?

Safety aims to protect developers and business stability; while it adds some cost, it should be balanced. Like traffic rules evolve with more vehicles, safety measures need continuous optimization based on real conditions and awareness.

How is asset loss prevention implemented?

Asset loss is mitigated through three steps: analyzing past frontend incidents and defining standards; static code scanning for risky operations; and using machine‑learning‑driven UI scanning with snapshot comparison.

How to embed safety awareness into everyday development?

Regular safety newsletters, post‑mortems, internal talks, and integrating safety checks into the development pipeline—code review, static scans, performance evaluation, change requests, gray‑release verification, and monitoring—ensure low‑cost, near‑invisible safety enforcement.

What is the current productization level of safety production?

The Frontend Safety Production team, formed in June, built a unified monitoring and attack‑defense platform, aiming for seamless integration with low manual cost. Ongoing work includes a metadata platform to unify change data across the ecosystem.

What topics and speakers will the D2 session feature?

The session will showcase Alibaba’s safety production thinking and invite frontline frontend engineers from other internet companies to share their approaches, offering valuable takeaways for teams balancing high‑quality development with rapid iteration.