-
Short notes on tech 25/2022
Tools
CyberChef
Simple, intuitive web app for analysing and decoding data without having to deal with complex tools or programming languages. CyberChef encourages both technical and non-technical people to explore data formats, encryption and compression.Software development
The Art of Code Comments
Sarah Drasner talked at JSConf Hawaii 2020 about how commenting code is a more nuanced thing than we give it credit for.… Jatka lukemista -
Learn to write secure code with DevSecLab
There are lots of pitfalls in software development and creating a secure Web application needs some thought and keeping especially the OWASP Top-10 in mind. One effective way to learn secure software development is to learn by doing and that’s what DevSecLab by Fraktal provides: teach developers to write secure code with hands-on exercises.… Jatka lukemista
-
Short notes on tech 22/2022
Worklife
GitLab’s Guide to All-Remote
Good writeup of remote work in GitLab, i.a. it’s benefits and drawbacks and tips to better remote.DevOps
Honeycomb’s O’Reilly Book Observability Engineering
“Achieving Production Excellence by Charity Majors, Liz Fong-Jones, and George Miranda”Set up a Terraform Pipeline with GitHub Actions and GitHub OIDC for AWS
A walkthrough of a Terraform pipeline setup.… Jatka lukemista -
Override nested NPM dependency versions
Sometimes your JavaScript project’s dependency contains a library which has a vulnerability and you’re left with a question how to solve the issue. If the nested dependency (with vulnerability) is already fixed but the main dependency isn’t, you can use overrides field of package.json as explained in StackOverflow answer.
You’ll need a recently new version of npm cli v8.3.0 (2021-12-09) which comes with Node.js… Jatka lukemista
-
Using CASL and roles with persisted permissions
How do you implement user groups, roles and permissions in a multitenant environment where you have multiple organizations using the same application and each have own users and groups and roles? There are different approaches to the issue and one is to implement Attributes-based access control (ABAC) in addition with roles (RBAC).… Jatka lukemista
-
Short notes on tech 15/2022
Week 15 of 2022
Before leaving for a short Easter holiday here are some links to go through.
Security
Automagically Auditing GitHub (Actions) Security using OpenSSF Scorecards “How to use the OpenSSF Scorecards GitHub Action to audit your GitHub and GitHub Actions configuration, and a breakdown of some of the issues raised by it.”… Jatka lukemista
-
Short notes on tech 13/2022
Learning
Personal Goal Setting Playbook
“Setting personal goals can be used in many contexts to help people achieve tasks, objectives or improvements of any kind, big or small.”Design
A Designer’s Guide to Documenting Accessibility & User Interactions
Understanding Figma’s interactive components feature
(from WDRL)Backend
How to design better APIs
15 language-agnostic, actionable tips on REST API design.… Jatka lukemista -
Learning secure code by identifying vulnerable code and solutions
The DevOps Conference was held this week and on the Expo there were companies showing their services. One of those was Secure Code Warrior which provides a learning platform for teaching developers the skills they need to produce secure code. Last year I wrote about their bootcamp but now it was time to participate in their “The DEVOPS Secure Coding Tournament!”… Jatka lukemista
-
Short notes on tech 10/2022
Week 10 of 2022
Web development
The State of JavaScript 2021 Survey Results
“69% use TypeScript; React held the top spot for 6 years; Vue.js is on track to overtake Angular as the second place framework; 2021 has been the year of Vite with 98% satisfaction.” (from WDW)The baseline for web development in 2022
“Now that Internet Explorer seems to die really in June this year, so now we should focus on low-spec Android devices, older Safari versions or slow networks.”… Jatka lukemista -
Short notes on tech 7/2022
Short notes on tech, week 7 of 2022
Software development
Frontend Predictions for 2022
The return of micro-frontends, functional JavaScript & the death of Jamstack as we know it. (from Web Design Weekly)Cloud
AWS Elastic Kubernetes Service (EKS) Review
“If you are considering going with EKS, understand you are going to need to spend a lot of time reading before you touch anything.… Jatka lukemista