Medium Icon

Medium

A place to read, write, and interact with stories from the web.
medium.com • 24 Stories
All Sources

Richard Littauer Medium

How to get rid of maintainer guilt

If you're a maintainer who's feeling the burden of your open source software, you have a few options to consider according to Richard Littauer — you can... Onboard more maintainers - spread the burden to more of the community Clearly set expectations - explain your software is provided on an “as is” basis Hire a maintenance company - wait, what?! Is that we've come to? Are we now hiring code maintenance companies to maintain our open source? I'm actually quite interested in the economies around this, so let this post serve as an open invite to Richard to join me on Founders Talk for a discussion on the state of open source maintenance and his lessons learned building Maintainer Mountaineer.

read more...

Abhishek Singh Medium

Getting Alexa to respond to sign language using your webcam and Tensorflow.js

Abhishek Singh isn't deaf or mute, but that didn't stop him from asking the question: If voice is the future of computing interfaces, what about those who cannot hear or speak? This thought led to a super cool project wherein a computer interprets sign language and speaks the results to a nearby Alexa device. Live demo here and code here.

read more...

Evan You Medium

Vue CLI 3.0 is here!

Good news — the next generation of Vue CLI, the standard build toolchain for Vue applications, is here. Evan You writes: Vue CLI 3 is a completely different beast from its previous version. The goal of the rewrite is two-fold: Reduce configuration fatigue of modern frontend tooling, especially when mixing multiple tools together; Incorporate best practices in the toolchain as much as possible so it becomes the default for any Vue app. This means that any Vue CLI 3 project comes with out-of-the-box support most of today's preferred ways to build and ship applications.

read more...

Pia Mancini Medium

Open Collective's new tool helps you "Back Your Stack"

Pia Mancini, CEO of Open Collective: BackYourStack is the first step to help companies discover the dependencies in their stack that are seeking to become sustainable and a way to start subscriptions to them. Each collective can set up different tiers for their subscriptions such us brand visibility, support or in-house training. Just input your GitHub org and BackYourStack will generate a list of supportable projects by analyzing your dependencies. This is a great idea and a good first step toward making it easier for organizations to put their money where their source is. (YMMV as the results are a bit limited (and maybe buggy?) at the moment. Our report is saying we only rely upon 1 open source project, which definitely doesn't cover it.)

read more...

Eric Holmes Medium

Here's how Eric Holmes gained commit access to Homebrew in 30 minutes

This post from Eric Holmes details how package managers can be used in supply chain attacks — specifically, in this case, a supply chain attack on Homebrew — which is used by hundreds of thousands of people, including "employees at some of the biggest companies in Silicon Valley." On Jun 31st, I went in with the intention of seeing if I could gain access to Homebrew’s GitHub repositories. About 30 minutes later, I made my first commit to Homebrew/homebrew-core. If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it. If I can gain access to commit in 30 minutes, what could a nation state with dedicated resources achieve against a team of 17 volunteers?

read more...

Dion Almaer Medium

On a mission to improve the web ecosystem for developers

Dion Almaer (Google) writes on the Ben and Dion Medium publication: A few teams within Google have joined forces inside Chrome to focus on improving the Web ecosystem, focused on those who build experiences, and create on the Web. We want to make high quality experiences easy to build as that will enable more meaningful engagement on the Web for users and developers alike. This is an awesome breakdown of all the components required to deliver meaningful engagements and a roadmap to the future of the web platform.

read more...

Ives van Hoorne Medium

VSCode themes in CodeSandbox?

Ives van Hoorne writes on Medium: Personalizing color schemes is one of the most important things to have in an code editor. CodeSandbox didn’t have any way to personalize colors in the editor since release, but I’m happy to announce that we do now. The best part is that we were able to reuse a big chunk of logic from VSCode directly and also support any VSCode theme natively in CodeSandbox!

read more...

Ives van Hoorne Medium

CodeSandbox launched their dashboard and teams feature

I've been closely watching CodeSandbox and have been thoroughly impressed with the work Ives van Hoorne and the 75+ contributors have put into this online code editor for ... React, Preact, Vue, and more. I've been thinking about getting Ives on Founders Talk to talk about the business model behind CodeSandbox. It seems to have this interesting self baked, pay what you want, Patron model to cover the expenses of CodeSandbox. Most of the features are free with limits, and being a "Patron" lifts those limits + extra features, and supports the costs and development efforts.

read more...

Gabriel Peal Medium

React Native at Airbnb

This epic four part series from the Airbnb engineering blog showcases how React Native was used at Airbnb to enable their teams to move quickly and maintain a great developer experience. However, in the end, they decided to sunset React Native and focus on native — but their journey to that conclusion is well worth a read. Part 4: Sunsetting React Native — Although many teams relied on React Native and had planned on using it for the foreseeable future, we were ultimately unable to meet our original goals. In addition, there were a number of technical and organizational challenges that we were unable to overcome that would have made continuing to invest in React Native a challenge. As a result, moving forward, we are sunsetting React Native at Airbnb and reinvesting all of our efforts back into native. It's not all bad though. 63% of their engineers would have chosen React Native again given the chance and 74% would consider React Native for a new project. Gabriel went on to say: React Native is progressing faster than ever. There have been over 2,500 commits in the last year and Facebook just announced that they are addressing some of the technical challenges we faced head-on. Even if we will no longer be investing in React Native, we’re excited to continue following its developments. For a different perspective read Should we use React Native? — a follow-up post to this four part series.

read more...

Casper Beyer Medium

Is the internet at the mercy of a handful of developers?

In this post from Casper Beyer titled The Node.js Ecosystem Is Chaotic and Insecure, he cites examples like left-pad, is-odd, is-number — and goes on to say the way to be responsible with dependencies is... ...don’t trust package managers, every dependency is written by some random developer somewhere in the world and is a potential attack vector. ... Is this being too paranoid? Perhaps, or maybe it’s the healthy amount considering the massive reach these trivial packages can have. While this focuses on Node.js, the lessons learned apply anywhere you have dependencies in your code.

read more...

Medium Icon Medium

We do Scrum but…our management doesn’t.

Bummer. I've been there. It's so tough to make iterative change to software when those who are "in charge" of what you do everyday keeps interrupting or changing the rules to the game. Sjoerd Nijland writes on the Serious Scrum blog: As Scrum is a framework for developing, delivering, and sustaining complex products, and, if your management isn’t actively engaged in this exercise, it indeed may not make immediate sense for them to adopt the framework. Scrum could thus be perceived to be for developers only. Or perhaps Scrum was introduced by and is still contained to the development organization. In this case it may make sense to talk about the definition of ‘Product’. Would it make sense for the Management Team, to consider the organization itself as a product? If your team does Scrum, you should 100% read this.

read more...

Saron Yitbarek Medium

What are you optimizing for?

Saron Yitbarek, creator of CodeNewbie, says this is the one question that will change your life — it did for her. I encourage you to read this from end to end, and then truly ponder this question for your life. I don’t remember why he said it, but I remember the car we were in on our way to a fancy networking event full of important people doing boss shit when he looked at me and asked, "What are you optimizing for?" ... I don’t think he knew it was that deep. It was. If reading this makes a significant impact on your life, I want to hear about it. Tweet at us.

read more...

Medium Icon Medium

An Efail postmortem

Efail caused a panic at the disco: ... some researchers in Europe published a paper with the bombshell title “Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels.” There were a lot of researchers on that team but in the hours after release Sebastian Schinzel took the point on Twitter for the group. Oh, my, did the email crypto world blow up. The following are some thoughts that have benefited from a few days for things to settle. Lots of interesting insights here, perhaps most controversially how the EFF's handling of the situation may have done more harm than good in the author's opinion. Also: we could stand to have a renewed appreciation for OpenPGP’s importance to not just email crypto, but the global economy. I can say I definitely have more appreciation for it after reading this than I did before. I hadn't thought about its influence (which is huge) outside of encrypted email.

read more...

Jaana B. Dogan (JBD) Medium

Want to debug latency?

What is latency? And how exactly do you debug it? Jaana writes on the Observability+ blog: In the recent decade, our systems got complex. Our average production environments consist of many different services (many microservices, storage systems and more) with different deployment and production-maintenance cycles. Measuring latency and being able to react to latency issues are getting equally complex as our systems got more complex. This article will help you how to navigate yourself at a latency problem and what you need to put in place to effectively do so.

read more...

Anil Dash Medium

What if JavaScript wins?

Very insightful post from Anil Dash about the impact of network effects on JavaScript and coding culture. Anil writes on his Medium: What this suggests is that JavaScript may be reaching escape velocity as a network, and as an ecosystem of related technologies. To be clear, there’s no winner-takes-all here — domain-specific languages will always have their uniquely valuable areas of focus. But for general-purpose coding? Everything from spreadsheet macros to Internet of Things hardware seems to default to having JavaScript be one of the primary ways to make things programmable.

read more...

Ives van Hoorne Medium

Real time code collaboration in the browser 🔥

I started CodeSandbox with the ambition to make sharing and collaboration of web applications easier and more accessible. Nowadays it’s being used for documentation, job interviews, prototyping, troubleshooting, bug reports, workshops, and probably much more. Now you can click ‘Go Live’ to get a URL to share and collaborate with others. Plus, it's open source.

read more...

Medium Icon Medium

You’re not lazy

The subtitle here should have been “We’re all very !#$@%#$ afraid”. The reason I often hold back from doing something or when I self-sabotage a goal — the real reason is because I’m afraid of what will happen if this thing is actually successful??! Then, I’ll have to actually do it. 😱 John Gorman, writes for Personal Growth on Medium: Fear doesn’t manifest itself like you think, because often times we don’t give it the chance to. Fear isn’t always the sweaty palms that stop us cold in a job interview — fear is generally what prevents us from applying in the first place. Spend 8 minutes and read this.

read more...

Ashley McNamara Medium

Building bridges to GopherCon 2018

Ashley McNamara is doing a series of fundraisers starting now and ending on July 1st. The goal is to raise money for GoBridge and WomenWhoGo — two organizations who make it their mission to educate & empower underrepresented communities. I can't wait to see how many of these tees the community will be wearing at GopherCon later this year. I'm imagining a sea of Gophers rocking these shirts!

read more...

Medium Icon Medium

Why decentralization matters

Chris Dixon on Medium: Early internet protocols were technical specifications created by working groups or non-profit organizations that relied on the alignment of interests in the internet community to gain adoption. This method worked well during the very early stages of the internet but since the early 1990s very few new protocols have gained widespread adoption. Cryptonetworks fix these problems by providing economics incentives to developers, maintainers, and other network participants in the form of tokens. They are also much more technically robust. For example, they are able to keep state and do arbitrary transformations on that state, something past protocols could never do. What Chris is advocating is the protocols of the past weren't made for the internet of the future. The next era of the internet is being built with Web 3.

read more...

Medium Icon Medium

What I wish I knew when I became CTO

From David Mack, CTO and co-founder of SketchDeck: You can accumulate responsibility faster than you can learn how to harness it. I now appreciate that the infrastructure, frameworks, and languages you choose will stick with you for a really long time. Only hire when you feel you’re completely desperate for the role. Hire to keep up with growth, not to generate it. I really appreciated David's thoughts on hiring.

read more...

Medium Icon Medium

Announcing AI Fund

Andrew Ng shared his plans for his newly created AI Fund — with investments including NEA, Sequoia, Greylock Partners, SoftBank Group, and others. Andrew Ng: I am excited to announce the formation of the AI Fund. We have raised $175 million, and will be sequentially initiating new businesses that use AI to improve human life. In the early days of electricity, much of the innovation centered around slightly different improvements in lighting. While this was an important foundation, the really transformative applications, in which electric power spurred massive redesigns in multiple industries, took longer to be grasped. AI is the new electricity, and is at a similar inflection point. Given Andrew Ng's prominence and success in bringing AI to industry, and his partnership with some of the world's premier technology investment firms, this announcement may well signal the next wave of capitalization for AI-oriented startups.

read more...

Medium Icon Medium

Meltdown and Spectre Explained

If some or most of what you've heard or read about Meltdown and Spectre has gone over your head, then you should 💯 read this technical explainer from Matt Klein (also known for being the creator of Envoy). Matt: I have not seen a good mid-level introduction to the vulnerabilities and mitigations. In this post I’m going to attempt to correct that by providing a gentle introduction to the hardware and software background required to understand the vulnerabilities, a discussion of the vulnerabilities themselves, as well as a discussion of the current mitigations. Matt goes on to share graphic charts of CPUs, virtual memory, and code samples to breakdown the exploit.

read more...
0:00 / 0:00