Monthly notes 35

December is just around the corner but before that here’s monthly notes for November. More about leadership and stories, something about software development.

Issue 35, 13.11.2018


CSS and Network Performance
What are best network performance practices when it comes to loading CSS? How can we get to Start Render most quickly? Good article of how your page will only render as quickly as your slowest stylesheet. And what to do about it. tl;dr; “Lazyload any CSS not needed for Start Render”, “Avoid @import”, “Be wary of synchronous CSS and JavaScript order”, “Load CSS as the DOM needs it”. (from @csswizardy)

A React job interview — recruiter perspective
Good questions if you’re doing React interviews or being the interviewee, “A React job interview — recruiter perspective”. (from @walokra)

Tools of the trade

jp – Command line interface to JMESPath
I’ve been using jq for manipulating JSON on commandline but there’s better, more logical, alternative. jp is a cli interface to JMESPath expression language for manipulating JSON. And there’s tutorial. (from @walokra)

Bash-it is a collection of community Bash commands and scripts for Bash 3.2+. (And a shameless ripoff of oh-my-zsh😃). Includes autocompletion, themes, aliases, custom functions, a few stolen pieces from Steve Losh, and more.

Detecting Memory Leaks From a JVM Heap Dump (with JXRay)
Good article of learning about detecting memory leaks from a JVM heap dump and Garbage Collection. Unfortunately the tool used for analyzing heap dump is commercial and not open-source tools like Eclipse MAT or VisualVM. (from @java)


Can’t approve payroll? Blackhat sysadmin when my paycheck is on the line!
Interesting story from the trenches of how and what happened when infosec guy found vulnerabilities on Basware Banking software (from 2015. tl;dr; Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne. Unbelievable story especially how it was handled by vendor and related parties
(from @walokra)


Managing with the Brain in Mind
“Treat people fairly, draw people together to solve problems, promote entrepreneurship and autonomy, foster certainty wherever possible, and find ways to raise the perceived status of everyone”. Good read about SCARF. (from @walokra)

On Being A Senior Engineer
What makes for a good senior engineer? tl;dr; Be mature engineer. Good read for everyone regardless of the line of business.

  • Seek out constructive criticism of their designs.
  • Understand the non-technical areas of how they are perceived.
  • Do not shy away from making estimates, and are always trying to get better at it.
  • Have an innate sense of anticipation, even if they don’t know they do.
  • Understand that not all of their projects are filled with rockstar-on-stage work.
  • Lift the skills and expertise of those around them.
  • Make their trade-offs explicit when making judgements and decisions.
  • Don’t practice CYAE (“Cover Your Ass Engineering”)
  • Be empathetic.
  • Don’t make empty complaints.
  • Be aware of cognitive biases

The Ten Commandments of Egoless Programming
The Ten Commandments of Egoless Programming, as originally established in Jerry Weinberg’s book The Psychology of Computer Programming.

Something different

You work to live, not live to work
Remember, your job is not your life. You work to live, not live to work. Work on what makes you happy and not burn yourself out. Thread has good tips to recognize it and take control. (from @jevakallio)

Former CIA Chief Explains How Spies Use Disguises
Cool run down on the use of disguises by a former CIA Chief of Disguise.(from @TinkerSec)

Monthly notes 34

Autumn is well on it’s way and winds are bringing rains and clouds to the sky. Autumn also means that meetups are awaken and interesting stories from the field are presented. Here’s monthly notes for September. Start with writing readable code, continue to build React app with TypeScript, read how hacker puzzles can be solved and improve your designs with tactics instead of talent. Also use smarted command line tools and listen a Kubernetes security journey.

Issue 34, 29.9.2018

Software Development

10 practices for writing readable code
Writing readable code may seem subjective but there are core elements within all code which make it readable. Follow these 10 practices. Although I don’t quite agree with removing comments 😅
(from @walokra)

Software disenchantment
“As engineers, we can, and should, and will do better. Have better tools, build better apps, faster, more predictable, more reliable, using fewer resources”. But on the other hand people won’t pay for efficiency. They buy solutions to their problems. (from @walokra)


Fullstack Express-React App With TypeScript
Have you thought about starting a React app with TypeScript and integrating it with Travis CI and Heroku? Read this definitive guide and check the source of a starter kit for a full stack express-react app. (from @walokra)

Solving the Disobey 2018 puzzle
Great writeup of solving the 2019 hacker ticket puzzle. Shows you some tools and techniques you can use to progress with these kind of puzzles. Contains spoilers, so steer clear if you want the fulfilment and bliss that comes from solving it. (from @walokra)

This talk is about you [React Native Developer] (video)
Life of a React Native developer? Jani Eväkallio talks about you at React Native EU 2018. When building software products we’re focused on “how” but should ask also “what” and “why”. Not just be happy when tickets move from left to right side of the screen. (from @walokra)


Kubernetes Security Journey (video)
Jerry Jalava talked at Kubernetes Finland about Kubernetes and security. (from @walokra)


7 Practical Tips for Cheating at Design
“Improving your designs with tactics instead of talent.” Every web developer inevitably runs into situations where they need to make visual design decisions, whether they like it or not. There are a ton of tricks you can use to level up your work that don’t require a background in graphic design. Here are seven simple ideas you can use to improve your designs today.

Tools of the trade

CLI: improved
Command line is powerful tool but the common tools can be improved. Remy Sharp wrote his current list of improved CLI tools.

Open source, end-to-end distributed tracing to monitor and troubleshoot transactions in complex distributed systems.

Something different

How-To: Reduce iPhone screen brightness beyond stock levels (video)
Looking to reduce iPhone screen brightness beyond stock levels without resorting to jailbreaking? This handy accessibility tip will cause your eyes to thank you when reading in dark places.

How to Design for the Modern Web
Best Practices of Modern Web Development. “You are now also certified and ready to apply for top ranking sites like Reddit and Medium”. (from @walokra)

Monthly notes 33

Summer has turned to Autumn and it begins to show in the weather. Sun is setting earlier and soon it’s dark almost from dawn to dusk, rain clouds are gathering in the sky with cold winds. Good time to stay inside and read some articles and learn new things. Here’s the monthly notes for August.

Issue 33, 28.8.2018


Elements of Artificial Intelligence free online course
“Do you wonder what AI really means? Are you thinking about the kind of impact AI might have on your job or life? Do you want to understand how AI will develop and affect us in the coming years? Then this is the course for you!”

Microservices and cloud

Docker Pattern: The Build Container
Let’s say that you’re developing a microservice in a compiled language or an interpreted language that requires some additional “build” steps to package and lint your application code. This is a useful docker pattern for the “build” container.

Experiences with running PostgreSQL on Kubernetes
Gravitational CTO, Sasha Klizhentas, tells about his experience running PostgreSQL on Kubernetes. The challenges involved, open source and commercial tools that can help and other alternatives to managing stateful applications on Kubernetes.

Google Cloud Platform – The Good, Bad, and Ugly (It’s Mostly Good)
Deps developer tells his thoughts about Google Cloud Platform and splits them into good, meh, bad, ugly, and opportunities for improvement. He compares and contrasts with Amazon Web Services (AWS), the other hosting provider that he has the most experience with, and GCP’s biggest competitor.

Goodbye Microservices: From 100s of problem children to 1 superstar
Segment’s story of going to microservices architecture and back. “When deciding between microservices or a monolith, there are different factors to consider with each. In some parts of our infrastructure, microservices work well but our server-side destinations were a perfect example of how this popular trend can actually hurt productivity and performance. It turns out, the solution for us was a monolith.”


Introducing Teleport: Over-the-air hot reloading & debugging for PWA’s
“Wouldn’t it be great if you could instantly hot reload & debug PWA’s on any platform, by just opening a link?”

Have you ever needed to generate a random number in code?
Have you ever needed to generate a random number in code? whether it’s for rolling a dice, or shuffling a set, this tweet thread is here for you! There’s no reason that it should be easy or obvious, very experienced programmers repeat common mistakes. I did, before I learned … from (@colmmacc)

Tools of the trade

Semantic Commit Messages
See how a minor change to your commit message style can make you a better programmer. Format: <type>(<scope>): <subject>. <scope> is optional.

Something different

The Psychology of Money
“Let me tell you the story of two investors, neither of whom knew each other, but whose paths crossed in an interesting way.”

Creative burnout is inevitable. Here are 10 ways to beat it
“Ten pros share their tricks for staying engaged with your work.”

Monthly notes 32

Summer season is heating up and here’s the monthly notes for July. Something about JavaScript, little bit of design, touch of privacy and tools of the trade.

Issue 32, 23.7.2018


Defining Component APIs in React
Collects some of the best practices for working with React. “The following is a collection of thoughts, opinions, and advice for defining component APIs that are meant to be more flexible, composable, and easier to understand. None of these are hard-and-fast rules, but they’ve helped guide the way I think about organizing and creating components.” (from Weekend reading)

The Cost Of JavaScript by Addy Osmani at Fluent 2018
Strategies to deliver JavaScript efficiently while giving users a great expericence. i.a. audit, use code-splitting, prpl-pattern. “Improving performance is a journey.” (from @walokra)

TIL: node-jsmin (port of Crockford’s JSMin) was dropped from a lot of places as modified MIT license with “The Software shall be used for Good, not Evil” is not compliant with definition of open source software which doesn’t permit any restriction on how software may be used. (from @walokra)


Introducing Jib — build Java Docker images better
“Jib, an open-source Java containerizer from Google that lets Java developers build containers using the Java tools they know. Jib is a fast and simple container image builder that handles all the steps of packaging your application into a container image. It does not require you to write a Dockerfile or have docker installed, and it is directly integrated into Maven and Gradle.”


Brutalist Web Design
TL;DR; Content is readable on ~all screens & devices. Only hyperlinks & buttons respond to clicks. Hyperlinks are underlined, buttons are buttons. Back button works. View content by scrolling. Decoration when needed and no unrelated content. Performance is a feature. (from @walokra)

Little known trick: the <script> tag in html runs the code inside, and also hides it using css display:none. But I can change that to display:block, so that I can show sample code to the reader and also run it on the page to generate diagrams. (need to test across browsers). This also applies to <style> tags, where you can also use contentEditable to create a live editable css of the page you are on. (from @ Amit Patel)

Rebass: Flexible & functional React design system, built with styled-system
Rebass is a library of highly-composable, primitive UI components for React, built with styled-system to make building consistent, responsive web apps simpler and faster.

Tools of the trade

Terminal-based web browser renders everything a modern browser can (HTML5, CSS3, JS, video, even WebGL). Use case: run the browser in a data center with fast internet, and access it over SSH from a device that has slow/limited internet. (from Weekend reading)

@EricaJoy. Meanwhile, this hack mostly works.

“petition to make “paste and match formatting” the default paste option”


Riot Games Approach to Anti-Cheat
Riot Games published an article about their anti-cheating methods – nothing really fancy or new but, in the Hacker News thread there was an interesting comment by a cheat writer:

“The current Mac game client for League Of Legends contains full debug symbols and it doesn’t have Packman (the packer described in this article), which makes it quite easy to look through the symbols. Inside you can find all of the anti-cheat-related network packets. Now, I personally expect anti-cheat to snoop around my system when I’m doing something shady like scanning its memory. However, if I was a normal user of the game, I would be a bit concerned to know that it might be sending my recently used file names, drive names, system driver names, currently running processes, processor information, system state, and even entire binary files that it automatically deems as “suspicious”, to their servers.”

@aral and maya kosoff: “X is a service that enables you to control articles presented to your wife on the websites she usually visits, in order to influence her on a subconscious level to initiate sex. The best bit? It’s “just” adtech. It’s retargeting. It’s how Google makes money.” Also suggested use cases are “get your kid a dog” or “stop drinking” which eems to open up a whole new acquaintance micromarketing concept. Makes you think how you’re influenced and by whom.

“Imgur’s fake adherence to GDPR is exactly the kind of transgression that should trigger those multi-million euro fines. There are literally HUNDREDS and HUNDREDS of shady services getting your data. Only bulk link is to ALLOW ALL, which is also default. Tons you can’t opt-out. 👎”

Something different

“The StemCAPtain replaces the stem cap, aka top cap, piece of a threadless 1″ or 1 1/8″ headset with different functional accessories. In addition to the simple and elegant analog clock, we offer a thermometer, bottle opener, picture frame, compass, GPS mount, and USB charger”

Digital Laundry: how credit card thieves use free-to-play apps to launder their ill-gotten gains

Monthly notes 31

The first part of Summer has been great and holiday season is near. Here’s monthly notes for June with topics of microservices, kubernetes, design patterns and stories of how Shopify and Airbnb build their services. Also some tools like Kap. Happy reading.

Issue 31, 28.6.2018


7 tips for effective microservices
“Have a request-id/correlation-id for every request, Maintain backward compatibility of interfaces, Have a centralized logging system, Implement idempotency and retries, Be aware of language constraints, Have a single service to manage the system state, Strike a balance between in-memory-data and db persistence” (from The Microservice Weekly)


AWS Workshop for Kubernetes
“Self-paced workshop designed for Development and Operations teams who would like to leverage Kubernetes on Amazon Web Services (AWS).”

Kubernetes best practices: terminating with grace
“This episode of “Kubernetes Best Practices,” let’s take a look at how you can help Kubernetes do its job more efficiently and reduce the downtime your applications experience.”

Kubernetes Chaos Engineering: Lessons Learned — Part 1

Kubernetes and containers for enterprise developers
“O’Reilly Media Podcast talks with JP Phillips, platform engineer at IBM Cloud.”


xcprojectlint: A security blanket for Xcode project files
Would you like to automate some consistency in your Xcode project files with checks for settings defined at the project level (rather than in an xcconfig), missing files and empty file groups? This tool does exactly that, and more. Also, I like the way it’s described: “Provides a security blanket, ensuring neither your co-workers, nor git screw up your Xcode project file.” (from iOS Dev Weekly 353)

This app hacked the iPhone’s dual camera system, and you’ve never seen anything like it
Interesting: portrait mode collects 2D depth data along with the image itself. This app uses depth data to change the lightning source of photos after the fact. (from Weekend Reading)


Capture your screen
An open-source screen recorder built with web technology. Crafty for quick gif/mp4/webm/apng to issues, slack or other views.

Mozilla SSL Configuration Generator

How others are doing things

Shopify Infrastructure with Niko Kurtti
“Shopify has built its own platform-as-a-service on top of Kubernetes called Cloudbuddies. Niko Kurtti is a production engineer at Shopify joins the Software Engineering Daily show to describe Shopify’s infrastructure – how they run so many stores, how they distribute those stores across their infrastructure, and the motivation for building their own internal platform on top of Kubernetes.”

Building Services at Airbnb, Part 1
The first in a series on scaling service development, this article looks at the core structure, the Service IDL, underpinning the new Services Oriented Architecture at Airbnb.

Building Services at Airbnb, Part 2
The second in a series on scaling service development, this article looks at some of the key tooling that supports the new Services Oriented Architecture at Airbnb.


Dieter Rams 10 Principles of Good Design
“But what is good design?” It’s around structure, function and aesthetics. “Good design is as little design as possible” (from @sidebario)

Design Patterns on CodePen

Awesome design patterns
A curated list of software and architecture related design patterns. Software design pattern – A general, reusable solution to a commonly occurring problem within a given context in software design. It is a description or template for how to solve a problem that can be used in many different situations.

Something Different

Cool Backgrounds
Collection of tools to create compelling, colorful images for blogs, social media, and websites. Beyond backgrounds, the images generated can be used as 🖥 desktop wallpapers or cropped for 📱 mobile wallpapers.

Monthly notes 30

Summer is approaching and even in Finland the weather is sunny and warm. I’ve been busy as the Enduro-MTB racing season has started and most weekends are spent at the race track. But here’s monthly notes for May with topics of state of the Web, how geolocation in browsers work, and something about tools. Happy reading.

Issue 30, 30.5.2018


The State of the Web at Google I/O 2018
Service Worker, Progressive Web Apps (PWAs), WebAssembly, Lighthouse, AMP, Web Packaging, Polymer, Angular. (from @igrigorik)

Ever stop to think about geolocation in your desktop browser?
tl;dr; location is triangulated by location services like Mozilla & Google from scan of nearby Wi-Fi access points’ signal strength and their known locations. List is collected when people walk with a phone with GPS and Wi-Fi on which polls networks. (from @walokra)

Is GraphQL The Future?
If you are not sold on GraphQL then this post might tip you over the edge. Alan Johnson does a great job in explaining the awesomeness that GraphQL has to offer. (from Web Design Weekly 321)

Tools for making HTTP requests

Powerful HTTP and GraphQL tool belt. Debug APIs like a human, not a robot. Finally, a REST client you’ll love.

RESTed – Simple HTTP Requests
RESTed allows developers to quickly format and make HTTP requests and view the response. For Mac.

Paw is a full-featured HTTP client that lets you test and describe the APIs you build or consume. It has a beautiful native macOS interface to compose requests, inspect server responses, generate client code and export API definitions.


US cell carriers are selling access to real-time phone location data
Intriguing thoughts: “Access to your real-time phone location data is sold to companies and public has zero idea how much personal location data is available. It is done throughout the industrialized world to varying degrees.” e.g. stocks are traded based on where peoole go. (from @walokra)


`npm audit`: identify and fix insecure dependencies
“npm audit is a new command that performs a moment-in-time security review of your project’s dependency tree. Audit reports contain information about security vulnerabilities in your dependencies and can help you fix a vulnerability by providing simple-to-run npm commands and recommendations for further troubleshooting.” (from JavaScript Daily)

JavaScript Algorithms and Data Structures
A wide variety of algorithms (e.g. permutations, Levenshtein distance, binary search) and data structures (e.g. linked lists, trees, stacks) implemented in JavaScript with explanations and links to further reading. (from JavaScript Weekly 387)


Full Cycle Developers at Netflix — Operate What You Build
A look at how Netflix believes in ‘operating what you build’. (from Web Operations Weekly 167)

Something different

Unchained: A story of love, loss, and blockchain
> It was a smart contract that stipulated sexual fidelity and parental responsibilities. Tokens from their joint earnings paid the AI judges and IoT sensor oracles that monitored contract violations. On mornings like this, you really needed commitment that was mathematically provable, not just an empty promise at the altar.

Monthly notes 29

This month’s notes are about front-end technologies: Sneak peek beyound React 16 and videos from Vue and Angular conferences. Also CSS Blocks + OptiCSS is great and for us in EU it’s nice that Fargate is finally available in Ireland. Check also list of important podcasts for software engineers.

Issue 29, 29.4.2018


Computer security principles
One should keep in mind that there’s no such thing as perfect security. To put it another way, a 100% hack-safe systems do not exist. It’s all about the resources attacker(s) have, whether it is money, brain power, or equipment. Security standards and best practices changes quickly and therefore a system built five years ago is not inevitably conforming to current standards. So let’s look at some proactive measures that can be done to harden a system or code.


AWS DevDay Munich 2018: Deep Dive into AWS Fargate (video)
“The session covers the state of containerized application development and deployment trends, new container capabilities on AWS that are available now, options for running containerized applications on AWS, and how AWS customers successfully run container workloads in production.” And for us in the EU Fargate is now available in Ireland.

Deploying FARGATE services using CloudFormation
“TL;DR — Deploying Fargate services is not as straight forward as you may think, especially if you’re used to the current EC2 configuration and are now trying to migrate running services. I had to go through a couple of days and few dozens of CloudFormation deployment iterations to figure out my missing / wrong settings before I made it through my first running Fargate container.”

CloudFormation Templates for AWS Fargate deployments
Sample CloudFormation templates for how to run Docker containers in AWS Fargate with various networking configurations.


CSS at Scale: LinkedIn’s New Open Source Projects Take on Stylesheet Performance
“TL;DR: CSS Blocks + OptiCSS = :fire: So you get to write component-scoped CSS but end up with globally scoped, browser-friendly and compressed CSS classes (think atomic CSS). CSS Blocks does its magic with statically analyzing your markup and updating it with the new classes. It runs the OptiCSS as well, so you get tree-shaking and dead-code elimination also. Not 100% of the terms here, but basically unused code gets wiped.”

Sneak Peek: Beyond React 16
Intriguing ~30min talk with demos of what the future of React might look like showing off the new capabilities that async rendering unlocks for your components. Time Slicing lets you render and update large React component trees without blocking the user interactions. Suspense lets you render a component tree “in background” while components are fetching data, and display them only after the whole tree is ready. (from Twitter)

Talks from VueConf US 2018
The first ever VueConf US took place in New Orleans on March 26-28, 2018.

Talks from ng-conf 2018
Collection of all lectures that were presented during the conference. Each session includes a concise description and relevant slides.

To listen

Awesome list of Important Podcasts for software engineers
List of podcasts which are helpful for software engineers/programmers. Can’t pick any favorite from that list as I’m mostly listening to Finnish podcasts like ATK-hetki and

Something different

“Never mad over what I can’t change. Never stressed over what I can’t control.”
– from Rhay1991

Designer Challenges Himself To Create Logos With Hidden Meanings For A Year, And Result Is Amazing

Monthly notes 28

Winter refuses to make way for the Spring and March in Southern Finland has been quite cold despite warm and rainy week which melted away some of the already scarce snow. So, skiing mainly on artificial snow and mountainbiking on icy paths which is nice. But this also leaves time to read what has happened on software development field. This month it’s about tools and working methods.

Issue 28: 17.3.2018

Tools of the trade

Must have extensions for VS Code (according to me)
tl;dr; Auto import, Beautif, Clipboard History, Git History, Code Runner, Docker, Material Icon Theme, Path Intellisense. (from @ThePracticalDev)

Reclaim your abandonware
Super cool post about how to get the abandoned mac Twitter client to support 280 character tweets by modifying its assembly. (from @b0rk)

Keep calm and code on: Productivity tools for developers
Suggestion of tools for developers for different tasks. I didn’t agree all of them so my suggestions are in brackets. tl;dr; 1. actiTIME (or toggl) 2. Cold Turkey (or other pomodoro) 3. Strict Workflow 4. Habitica 5. Oh My Zsh (or Bash-it) 6. The Silver Searcher 7. UltraEdit (or Atom, VS Code etc.) 8. Homebrew 9. GitHub Changelog Generator. (from @ThePracticalDev)

Git aliases
If you use Git command-line a lot, you will probably grow your own list of Git aliases sooner or later. After simple standard aliases (ci -> commit, co -> checkout) you might want to see some advanced tricks you may find useful.

Get subdomains of an HTTPS website abusing Certificate Transparency logs. (from @KitPloit). Apparently also curl "" -sS | jq .name_value | uniq | tee output works.


Front-End Performance Checklist 2018
Unbiased and objective front-end performance checklist for 2018 — an overview of the issues you might need to consider to ensure that your response times are fast, user interaction is smooth and your sites don’t drain user’s bandwidth. (from @igrigorik)

Working methdods

Tim Ottinger: what once was thought impossibility is now commonplace in software development
TDD, pairing, mobbing, evolutionary design, self organizing, lean startup, commenting code, interpreted languages, beta, noestimates. “You have to ask, what impossible thing is going to be done next? We change how we think, and new vistas open up.”

Branching Is Easy. So? Git-flow Is Not Agile.
I wrote this blog post ages ago and I still stand firmly behind it trunk-based development 4ever. (from @skamille)

Getting Things Done – A Programmer Productivity Guide
“Everybody has some sort of system—even not having a system and trying to remember everything is technically a system. I wanted to share mine because it seems to work pretty well.” (from @ThePracticalDev)

Herding cats is easy compared to managing developers (video)
A short and sharp 10 minute guide to managing developers by Dom Millar at NDC Conference Sydney 2017.

Something different

10 x weekend brunches in Helsinki
Il Birricifio, Ipi Kulmakuppila, Sandro, Gastro Café Kallio, Yes Yes Yes!, Loop, Moko Market, Sue Ellen, Paulig Kulma and Krog Roba. My addition to the list is Rupla. (from @VisitHelsinki)

Monthly notes 27

For cold winter evenings here’s something to read. Monthly notes for February are about relearning and thinking.

Issue 27: 23.2.2018


Computer Science and why it’s necessary even for web developers
“Computer Science and why it’s necessary even for web developers I know that in some countries a degree in CS is expensive or unattainable, and that some companies do unnecessary algorithm interviews. This thread is not about degrees or interviews, it’s about CS itself.”

Free Intro to Web Development slides (with demos)
Slides of the Web Dev Intro labs for the “6.813 User Interface Design and Implementation” at MIT
(from Twitter)

The Four Rules of Simple Design (in order of importance)

  • Passes the tests
  • Reveals intention
  • No duplication
  • Fewest elements

And, yes, “fewest elements” is last, which means you only minimize classes and methods if everything else satisfied


When openssh port forwarding doesn’t cut it, use sshuttle: “Transparent proxy meets VPN meets ssh.”


The Death of Microservice Madness in 2018
There are many cases where great efforts have been made to adopt microservice patterns without necessarily understanding how the costs and benefits will apply to the specifics of the problem at hand. The post describes in detail what microservices are, why the pattern is so appealing, and also some of the key challenges that they present.

Should that be a Microservice? Keep These Six Factors in Mind
These days, you can’t swing a dry erase marker without hitting someone talking about microservices but few have spent any appreciable time asking if a given application should be a microservice. tl;dr; “1. Multiple Rates of Change; 2. Independent Life Cycles; 3. Independent Scalability; 4. Isolated Failure; 5. Simplify Interactions with External Dependencies; 6. The Freedom to Choose the Right Tech for the Job”.


A Guide to Web Performance Optimization with Webpack
This guide walks through how to effectively optimize site resources using webpack. This can help users load and interact with your sites more quickly. (from JavaScript Weekly 373)


face-verify.js: Monitoring who is physically looking at a website for additional security
Demo project showing how Machine Box tech can be integrated into JavaScript applications. Facebox takes an image and tells you how many faces it sees, as well as who those faces belong to provided you have shown it a single example previously. You can use this capability to build additional security into web apps so you can see how many people are watching the screen and who they are. Using the webcam with some JavaScript and Facebox, you can periodically check to ensure only authorised people can see the information that users consider sensitive.

Mac Privacy: Sandboxed Mac apps can record your screen at any time without you knowing
TL;DR Any Mac app can take screenshots of your Mac silently, and use basic OCR software to read all text on the screen. (from Weekend Reading)

To think about

Nick Stenning on Twitter
“Flat organisational structures do not exist. There are only organisations with visible structure and organisations with invisible structure”. (from Weekend Reading)

Developers On Call
Quite self-explanatory ideas for how to manage on-call rotations without burn out but maybe it’s not always that way. The linked Twitter thread is worth reading. (from Weekend Reading)

Something different

2017: The Year in Charts
These are the charts and themes that tell the story of 2017. I. The Year Volatility Died; II. Records Are Made to Be Broken; III. The World is Flattening; IV. Still Easy After All These Years; V. A Good Old-Fashioned Mania; VI. King Dollar Dethroned; VII. Wrapping Up: 1991-99 Redux?

Monthly notes 26

January finally brought snow also to Southern Finland and darkness is retreating slowly when the day becomes longer. This time monthly notes tells you about different JavaScript frameworks, making webpack perform better and looks into bootstrapping microservices and running docker securely. On programming side there are articles for best practices with Kotlin and about Kotlin stdlib. If you haven’t stumbled upon Kotlin, it’s good to check it out as it’s a nice language for building services targeting the Java Virtual Machine.

Issue 26: 23.1.2018

Web development

An Extensive Guide to JS Frameworks
The world is full of JavaScript frameworks and this roundup post goest through 52 of them and touches on their pros, cons, and distinctive features. (from JavaScript Weekly 369)

2017’s JavaScript Rising Stars
A look at what JS projects were hot or not in 2017 based on their GitHub star counts. (from JavaScript Weekly 369)

Keep webpack Fast: A Guide for Better Build Perf
webpack is a great tool for bundling frontend assets but it’s worth knowing what to do when it starts to get bogged down. (from JavaScript Weekly 369)


webpack: Plugin to Remove Unused Moment.js Locales


Bootstrapping a microservice architecture (screencast)
Screencasts to present an open source bootstrap project to help you with your next microservice architecture using Java. The repository addresses some common challenges that everyone faces when starting with microservices.

Top tips to keep Docker running securely in production (video)
Gianluca Arbezzano gave important tips on setting up a production environment, immutability, and security concepts for dockers in his session at the DevOpsCon 2017.


Idiomatic Kotlin. Best Practices.
“In order to take full advantage of Kotlin, we have to revisit some best practices we got used to in Java. Many of them can be replaced with better alternatives that are provided by Kotlin.”

Make your life easier with Kotlin stdlib
“Kotlin is not about big killer features but about a bunch of small improvements that have deep impact. Most of them are not built-in into the language, but are functions offered as part of the Kotlin standard library.” The post goes through a limited set of them, and describes how they can be used to improve the code.

Something different

The best science fiction, fantasy, and horror novels of 2017
The Verge lists great books of 2017 in science fiction, fantasy, and horror category which shined a light in the darkness. You newer know if a book is interesting by reading it’s description but these took my eye: Meg Howrey’s The Wanderers, Kameron Hurley’s The Stars are Legion, N.K. Jemisin’s Broken Earth trilogy, Zachary Mason’s Void Star, Joe M. McDermott’s The Fortress at the End of Time, Ian McDonald Luna: New Moon and Linda Nagata’s The Last Good Man.