Category: Programming
-
Jailbreak detection with jail-monkey on React Native app
Mobile device operating systems often impose certain restrictions to what capabilities the user have on the device like which apps can be installed on the device and what access to information and data apps and user have on the device. The limitations can be bypassed with jailbreaking or rooting the device which might introduce security risks to your app running on the device so you might want to detect if your app is run on jailbroken device.… Jatka lukemista
-
Notes from React Native EU 2022
React Native EU 2022 was held couple of weeks ago and it’s a conference which focuses exclusively on React Native but consists also on general topics which are universal in software development while applied to RN context. This year the online event provided great talks and especially there were many presentations about apps performance improvements, achieving better code and identifying bugs.… Jatka lukemista
-
Override nested NPM dependency versions
Sometimes your JavaScript project’s dependency contains a library which has a vulnerability and you’re left with a question how to solve the issue. If the nested dependency (with vulnerability) is already fixed but the main dependency isn’t, you can use overrides field of package.json as explained in StackOverflow answer.
You’ll need a recently new version of npm cli v8.3.0 (2021-12-09) which comes with Node.js… Jatka lukemista
-
Using CASL and roles with persisted permissions
How do you implement user groups, roles and permissions in a multitenant environment where you have multiple organizations using the same application and each have own users and groups and roles? There are different approaches to the issue and one is to implement Attributes-based access control (ABAC) in addition with roles (RBAC).… Jatka lukemista
-
Create secure code with Secure Code Bootcamp
Software development contains many aspects which the developer has to take care and think about. One of them is information security and secure code which affects the product and its users. There are different ways to learn information security and how to create secure and quality code and this time I’ll shortly go through what Secure Code Warrior Secure Code Bootcamp has to offer.… Jatka lukemista
-
Linting GraphQL Schema and queries
Analyzing code for compliance with guidelines is one part of the code quality assuarance and automating it with tools like ESLint and binding the checks with build process is common and routine operation. But what about validating GraphQL schema and queries? Here are some pointers to tools you can use to start linting your GraphQL schema.… Jatka lukemista
-
Visual Studio Code Extensions for better programming
Visual Studio Code has become “The Editor” for many in software development and it has many extensions which you can use to extend the functionality for your needs and customize it. Here’s a short list of the extensions I use for frontend (React, JavaScript, Node.js), backend (GraphQL, Python, Node.js, Java, PHP, Docker) and database (PostgreSQL, MongoDB) development.… Jatka lukemista
-
Running static analysis tools for PHP
We all write bug free code but analyzing your code is still important part of software development if for some reason there could’ve been some mishap with typing. Here’s a short introduction how to run static analysis for PHP code.
Static analysis tools for PHP
The curated list of static analysis tools for PHP show you many options for doing analysis.… Jatka lukemista
-
What software and hardware I use
There was a discussion in Koodiklinikka Slack about what software people use and that people have made “/uses” pages for that purpose. And inspired by Wes Bos /uses from “Syntax” Podcast here’s my list.
Check my /uses page to see what software and hardware I use for full-stack development in JavaScript, Node.js,… Jatka lukemista
-
Generating JWT and JWK for information exchange between services
Securely transmitting information between services and authorization can be achieved with using JSON Web Tokens. JWTs are an open, industry standard RFC 7519 method for representing claims securely between two parties. Here’s a short explanation and guide of what they are, their use and how to generate the needed things.
… Jatka lukemista“JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.