Category: Monthly notes

  • Short notes on tech 40/2024

    The holidays are long past and it’s time to get back to short notes. Software development On Being A Senior EngineerGreat article of what makes for a good senior engineer. Notes about time. Falsehoods programmers believe about time Storing UTC is not a silver bullet Web Design A (more) Modern CSS ResetOr use the archived…

  • Short notes on tech 29/2024

    Backend Why, after 6 years, I’m over GraphQLWhy, after 8 years, I still like GraphQL sometimes in the right contextTo use GraphQL or not 🤔 Decide yourself and think about your use cases.(from Changelog news) Your API Shouldn’t Redirect HTTP to HTTPS“Instead of redirecting API calls from HTTP to HTTPS, make the failure visible.… Jatka…

  • Short notes on tech 22/2024

    Integrating threat modeling with DevOps “Reflections on how it is possible to adopt threat modeling more effectively and efficiently, integrating it with modern DevOps methodologies and tools, and focusing on the value provided to all the various actors involved with the Software Development Lifecycle.” (from CloudSecList) Threat Modelling Cloud Platform Services by Example: Google Cloud Storage“A…

  • Short notes on tech 16/2024

    DevOps Processing Background Jobs: Lambda vs ECS vs ECS FargateGood article of comparing where to run background jobs and costs. API observability fundamentalsA course on API observability, covering an introduction to OpenTelemetry as well as lots of API-specific topics. Programming Code Review Security Checklist“A few handy checklists for security focused code review, for both server…

  • Short notes on tech 6/2024

    DevOps Continuous Integration“An updated long-form post on continuous integration. Although not a new practice, it’s often misunderstood.” Embracing the Future: DevOps in 2024“Some predictions for Devops in 2024, focused on the continued move to the cloud, the importance of a security-first approach, AI/ML adoption and more.” Web Design and Accessibility 12 Modern CSS One-Line Upgrades“Sometimes,…

  • Short notes on tech 51/2023

    This week short notes on tech is full of combination of software development (dev) and operations (ops). DevOps Spoofing Microsoft Entra ID Verified Publisher Status“It was possible to manipulate the consenting process of a legitimate verified publisher application to implant malicious unverified applications within a Microsoft Entra ID tenant.” (from CloudSecList) A Comprehensive Guide to…

  • Short notes on tech 46/2023

    CSS Naming Variables In CSS“Jonathan Dallas shares some thoughts related to naming CSS Custom Properties.” Good points and reminders how to write effective CSS. (from CSS Weekly) Using CSS custom properties like this is a waste“Kevin Powell explores how you can make your code a lot more efficient by leveraging pseudo-private custom properties.”… Jatka lukemista…

  • Short notes on tech 40/2023

    DevOps Source Code Management Platform Configuration Best Practices“Guide exploring the best practices for securing GitHub and GitLab, covering topics that include user authentication, access control, permissions, monitoring, and logging.” (from CloudSecList) GitHub Actions could be so much better“A good critical review of GitHub Actions, discussing some interesting security challenges, slow debugging cycles, the third party…

  • Short notes on tech 37/2023

    Short notes on tech 37/2023

    DevOps and security OWASP Kubernetes Top Ten“When adopting Kubernetes, we introduce new risks to our applications and infrastructure. The OWASP Kubernetes Top 10 is aimed at helping security practitioners, system administrators, and software developers prioritize risks around the Kubernetes ecosystem. The Top Ten is a prioritized list of these risks.… Jatka lukemista →

  • Short notes on tech 24/2023

    Software design 365 Days of iOS Accessibility365DaysIOSAccessibility series that Daniel Devesa Derksen-Staats posts to Mastodon and Twitter. (from iOS Dev Weekly) DevOps Using Act to Run Github Actions Locally“Act could be the end of commit messages littering history that say, “Tweaked workflow file, again! Fingers crossed that it works this time!”… Jatka lukemista →