Short notes on tech 37/2021

Week 37 of 2021

Software development

Give me /events, not webhooks
"This post clearly explains the benefits of using an /events endpoint + long polling. Simpler and more reliable than webhooks. On the web we don't have much of a choice, most platforms support webhooks and few support event streams. For internal applications don't go with webhooks as the first choice just because they're prevalent on the web." (from Weekend reading)

Writing JavaScript, but with types!
"I’ve often run into a situtation in which I’ve wished my JavaScript code would have types and they would be enforced. This would save me from a lot of runtime headache that can happen." But you can't use TypeScript to enforce it. The article explain one option to help your development.

Containers

A Security Review of Docker Official Images: Which Do You Trust?
This research demonstrates the importance of keeping track of the images that you use, and not assuming that even official images from Docker Hub will be maintained in perpetuity. (from Cloud Security Reading List)

Docker is Updating and Extending Product Subscriptions
"Docker Subscription Service Agreement includes a change to the terms for Docker Desktop: Docker Desktop remains free for small businesses (fewer than 250 employees AND less than $10 million in annual revenue), personal use, education, and non-commercial open source projects. It requires a paid subscription (Pro, Team or Business), starting at $5 per user per month, for professional use in larger businesses."

Cloud

So You Inherited an AWS Account
"Many engineers have found themselves in the unenviable position of being handed the keys to an AWS environment with absolutely no explanation of its contents, documentation, or training." (from Cloud Security Reading List)

Top things to do when setting up a new Org
"What you should do when setting up a new AWS Organization from scratch." (from Cloud Security Reading List)

Web development

How I Experience Web Today

Level up your CSS linting using Stylelint
"Lint all the things" (from CSS Weekly)

iOS

Automating App Store Screenshots
"Whenever I mention using fastlane's snapshot tool for App Store screenshots, I justify it by saying it'll save you time if you have "ten screenshots for every device type in different localisations". In reality, even if you have just two screenshots in one language for your app, you'll still save so much time by doing this. Let Daisy Ramos show you how to make the best of this fantastic tool." (from iOS Dev Weekly)

Something different

Branded in Memory
Iconic brands drawn from memory

Short notes on tech 28/2021

Week 28 of 2021

CSS

CSS system colors
"Jim Nielsen reveals the system colors we can use in CSS and how useful this can be for light and dark mode themes." (from WDRL)

Cloud

The Gamer Guide to Playing Amazon Web Services (AWS)
"This is such a nice article, sharing a getting started guide for AWS, in a similar style to the getting started guides that many experienced MMORPG players write for new players." (from Cloud Security Reading List)

Best practices for securing Identity and Access Management on AWS
"Post looking at different approaches to help keep IAM configuration tidy, auditable and right-sized." (from Cloud Security Reading List)

Uncomplicate Security for developers using Reference Architectures
"Walk through some of the salient features of a meaningful security reference architecture and the process required to develop one." (from Cloud Security Reading List)

Software development

A curated list of books on Software Architecture

Short notes on tech 26/2021

Week 26 of 2021

Team

An incomplete list of skills senior engineers need, beyond coding

  1. How to run a meeting, and no, being the person who talks the most in the meeting is not the same thing as running it
  2. How to write a design doc, take feedback, and drive it to resolution, in a reasonable period of time
  3. How to mentor an early-career teammate, a mid-career engineer, a new manager who needs technical advice
    (from Weekend Reading)

Learn

How to Handle Secrets on the Command Line
"Keeping secrets secret on the command line requires some extra care and effort."

Something different

Myths Debunked: Wide Tires Are NOT Slower

Short notes on tech 23/2021

Week 23 of 2021

Infosec

CitySec Mayhem presentations playlist
"Five Ways To Fail At Crime, Spotting the Storm: Attack Detection in the Cloud, Hunted: From Wanted Blackhat to Celebrated Whitehat, Plug - Silver Sparrow And The Tale Of The Mysterious Insu File, Forensics Crash Course, Find & kill your WordPress intruder with bare hands (and logs)"

Awesome Node.js Security resources
Static code analysis, input validation, middleware, reading material, and more.

Learning

Production Ready GraphQL book
Learn how to design and build predictable, performant, and secure GraphQL APIs at scale.

User interface and experience

Apple Design Resources

😈 Doom Captcha

Something else

Soviet Brutalist Architecture Photographed by Frederic Chaubin

Take a Ride With Me
"Watch cyclists ride down hill form the comfort of your own saddle. Better with sound on. Website takes forever to load, so open in background, and check on it in a minute." (from Weekend Reading)

Short notes on tech 20/2021

Week 2o of 2021

Learn

The UI & UX Tips Collection: Volume Two
Round two, more UI/UX tips, simply explained and beautifully illustrated. (from Weekend Reading)

Modern Javascript: Everything you missed over the last 10 years
"JavaScript has come a long way since I knew it as the “D” in DHTML. For anyone like me, who’s been reluctant to use the latest syntax that could require polyfills or a transpiler, I’ve written this cheatsheet to get you caught up on all the goodness that’s widely supported in modern browsers."

The Instagram ads Facebook won’t show you
Signal runs multi-variant Instagram ad that show people the data that Facebook collects about them. Not surprisingly, Facebook shut it down. (from Weekend Reading)

Software development

The 10 Best Practices for Remote Software Engineering
tl;dr;

  • Work on Things You Care About.
  • Define Goals for Yourself.
  • Define Productivity for Yourself.
  • Establish Routine and Environment.
  • Take Responsibility for Your Work.
  • Take Responsibility for Human Connection.
  • Practice Empathetic Review.
  • Have Self-Compassion.
  • Learn to Say Yes, No, and Not Anymore.
  • Choose Correct Communication Channels.

The True Meaning of Technical Debt
Reframing technical debt as a disagreement between business needs and how the software has been written. (from Weekend Reading)

AccessAbility Playbook
A fantastic guide to delivering accessible and inclusive client services. (from CSS Weekly)

Security

Docker Security Cheat Sheet
Cheat sheet aiming to provide an easy to use list of common security mistakes and good practices that will help you secure your Docker containers. (from Cloud Security Reading List)

Tools of the trade

Photopea: A free alternative to Photoshop used by millions of people
Made by one developer, Hacker news thread.

Short notes on tech 15/2021

Week 15 of 2021

Backend development

OpenAPI tools

Building REST API with Express, TypeScript and Swagger

A categorized list of all Java and JVM features since JDK 8 to 16
"Since the release of version 8, up to version 16, Java is shaped by 180 JDK Enhancement Proposals, each of which brings some improvement to the platform." The JDK you knew years ago is nowadays quite a different beast.

Learning

A11ycasts with Rob Dodson
"Want to build accessible apps? Rod Dodson is teaching those fundamentals in his new series dedicated entirely to the art of accessibility. Meet A11ycasts!"

Practical Cryptography for Developers
"A modern practical book about cryptography for developers with code examples"

A B2B Product Management Story
"On discovering problems that customers actually care about. Very visual story thread."

Security

kubernetes-simulator
"A distributed systems and infrastructure simulator for attacking and debugging Kubernetes: simulator creates a Kubernetes cluster for you in your AWS account; runs scenarios which misconfigure it and/or leave it vulnerable to compromise and trains you in mitigating against these vulnerabilities." (from Cloud Security Reading List)

The worst so-called “best practice” for Docker
"Please install security updates"

Tools of the trade

Icecream: Never use print() to debug again in Python

Something different

Meet Stretch from Boston Dynamics
"Prototype of robot designed to automate box moving tasks in warehouses and distribution centers: unloading trucks, building pallets of boxes and order building. Stretch makes warehouse operations more efficient and safer for workers."

Short notes on tech 13/2021

Week 13 of 2021

Learn

SMS: Substitutable Message Service
"Replacing the content of previously sent SMSs is actually possible."

Emoji under the hood
How “biggest innovation in human communication since the invention of the letter 🅰️” works under the hood.

Tools of the trade

Pyright
Static type checker for Python.

lazydocker
A simple terminal UI for both docker and docker-compose, written in Go with the gocui library.

Codetour
"CodeTour is a Visual Studio Code extension, which allows you to record and playback guided walkthroughs of your codebases. It's like a table of contents, that can make it easier to onboard (or re-board!) to a new project/feature area, visualize bug reports, or understand the context of a code review/PR change."

Responsively
"Develop responsive web apps 5x faster! A must-have DevTool for all Front-End developers."

Permissions
A simple site to test permission-related UI for web APIs.

Simulator Status Magic
"Modify the iOS Simulator so that it has a perfect status bar, then run your app and take perfect screenshots every time."

Cloud

Security Logging in Cloud Environments - GCP
"If you had to architect a multi-account security logging strategy, where should you start?" (from Cloud Security Reading List)

Something different

Ask HN: What was the biggest contributor to your happiness in the past year?
"Video walks on Youtube."

Short notes on tech 11/2021

Week 11 of 2021

Work life

Handbook for Remote employees
Read how Remote works as a company and take notes.

How to Deal with Difficult People on Software Projects

Your Thinking Rate Is Fixed
"You can’t force yourself to think faster. If you try, you’re likely to end up making much worse decisions. Here’s how to improve the actual quality of your decisions instead of chasing hacks to speed them up." (from Hackernewsletter)

Generalists vs specialists - who has a greater chance of success?
(from Hackernewsletter)

Learning

The Front-End Developer Learning Roadmap

AWS Cloud Development Kit Workshop
Learn CDK.

Software development

Best practices for REST API design
"In this article, we'll look at how to design REST APIs to be easy to understand for anyone consuming them, future-proof, and secure and fast since they serve data to clients that may be confidential." (from Hackernewsletter)

You really should use dev containers
tl;dr; "use development containers, indicating the act of running and compiling code inside a container, not on the host machine OS."

The case for and against Amazon Cognito

Information Security

How often should I rotate my ssh keys?
"More often than never! As often as you can. And make sure you retire old keys when you’re done with them." (from Hackernewsletter)

Tools of the trade

Helppo
"Instant admin UI for your database" Supports PostgreSQL and MySQL.

TSDX
Zero-config CLI for TypeScript package development

Colorful VSCode titlebars for better productivity
tl;dr;
"workbench.colorCustomizations": {
"titleBar.activeBackground": "#553955" // change this color!
}

Short notes on tech 10/2021

Week 10/2021

iOS development

Analyse, Design & Code the ClubHouse app with SwiftUI
This video from Franck Ndame on recreating the Clubhouse UI from scratch is incredibly well-produced and enjoyable to watch. Follow it up by checking out the Figma design and source code. (from iOS Dev Weekly)

Cloud

A Quick Look at GKE Autopilot (in 15 minutes)
"I was curious to take a look at GKE Autopilot, so if you don't have time to play with it, I did it for you. (from Cloud Security Reading List)"

Software development

Ethical Design Guide
Resources for creating ethical products that don't cause harm. (from Weekend Reading List)

Why is it so hard to see code from 5 minutes ago?
"Do you undo recent changes to remember what the code looked like a few minutes ago? Why can’t IDEs do that for us?" Waiting for "Yestercode" to be a VS Code extension. (from Weekend Reading List)

Modules, monoliths, and microservices
(from Hacker News comments)

Worklife

Things your manager might not know
If you never managed people before, it's not obvious how to manage your manager. Julia explains how to do that. (from Weekend Reading List)

How to be more productive without forcing yourself

Something different

Internet Archive Infrastructure
tl;dr; Lots of hardware.

Short notes on tech 9/2021

Week 9/2021

Tools of the trade

Uizard
"The design tool for everybody. Scan a paper scribble and you get a wireframe. Upload images and it will extract color and style to generate a matching theme." (from Weekend Reading)

Camo
Camo makes you look great on Zoom by using your iPhone as a webcam. You can control lighting, cropping, focus, Bokeh effect, stream 1080p with no stutter (needs cable), use front-facing, telephoto or wide lens. (from Weekend Reading)

Free for developers
List of free and free tier resources.

Cloud

Kubernetes README
"A collection of useful resources to read to learn more about Kubernetes." (from Cloud Security List)

Work

Unpacking Interview Questions
"Series sharing some of the questions the writer uses when he interviews for technical roles. He’ll unpack the question, when to ask it, and how to evaluate answers."

Something different

Scientists break through the wall of sleep to the untapped world of dreams
"Researchers at Paller’s lab at Northwestern University in Illinois, along with researchers in France, Germany and the Netherlands, have independently demonstrated two-way communication with people as they are lucidly dreaming during REM (rapid eye movement) sleep." (from Weekend Reading)