News and podcasts for developers

Vercel CEO Guillermo Rauch and JS Party panelist Amal Hussein join Jerod to discuss the state of the web platform! We opine on why it’s so important and unique, where it stands today, what modern web development looks like, and where the whole thing is headed in 2021 and beyond.

So the Tailscale team were using a single text file as a database (as you do) and it worked great… until it didn’t.

Even with fast NVMe drives and splitting the database into two halves (important data vs. ephemeral data that we could lose on a tmpfs), things got slower and slower. We knew the day would come. The file reached a peak size of 150MB and we were writing it as quickly as the disk I/O would let us. Ain’t that just peachy?

So, migrate to MySQL or PostgreSQL, right? Maybe SQLite?

Nope, Crawshaw had other ideas.

I won’t ruin the surprise and tell you what they went with, but I will say it’s a widely deployed system amongst cloud natives…

Preact creator Jason Miller joins Jerod and Nick to discuss WMR– the tiny all-in-one development tool for modern web apps.

We ask Jason what “modern web app” means, how WMR fits in to the JS tooling landscape, why the Preact team created it in the first place, and dig into all it has to offer. Where’s My Roomba?

What would happen if browsers came pre-installed with Node.js, an IDE, and a simple runtime environment?

…there’s been a kind of revolution around coding. “Javascript everywhere” (i.e. node.js) has really become the default web-development paradigm. Javascript is alluring - partly because every computer has a javascript GUI and runtime - the browser! You can code in javascript on your computer using a text editor and a browser - without ever touching the command line!

But, what if a full-fledged dev environment for JavaScript was just as ubiquitous as the runtime in the browser?

Drupal creator Dries Buytaert with lots of reason to celebrate:

On January 15, 2001, exactly 20 years ago, I released Drupal 1.0.0 into the world. I was a 22 years old, and just finished college. At the time, I had no idea that Drupal would someday power 1 in 35 websites, and impact so many people globally.

Quite the accomplishment. Congrats to Dries and the entire Drupal community!

In this post, he also shares why he’s still working on the project and details 3 birthday wishes for Drupal:

1. Never stop evolving
2. Continue our growing focus on ease-of-use
3. Economic systems to sustain and scale Open Source

Those sound like noble wishes to me. 💯

Penetration testing is when you (or someone you authorize) run a security assessment of a computer system by trying to break in to it.

In this repo, Carlos Polop (who is a pentester and cyber security researcher) shares his methodology for pentesting. This is just one piece of a larger collection of Carlos’ HackTricks book.

Continuous integration and continuous delivery are both terms we have heard, but what do they really mean? What does CI/CD look like when done well? What are some pitfalls we might want to avoid? In this episode Jérôme and Marko, authors of the book “CI/CD with Docker and Kubernetes” join us to share their thoughts.

Chip Huyen:

While looking for these MLOps tools, I discovered some interesting points about the MLOps landscape:

1. Increasing focus on deployment
2. The Bay Area is still the epicenter of machine learning, but not the only hub
3. MLOps infrastructures in the US and China are diverging
4. More interests in machine learning production from academia

If MLOps is new to you, Practical AI did a deep dive on the topic that will help you sort it out. Or if you’d prefer a shallow dive… just watch this.

There’s a new stack in town. PETAL. It destructures to Phoenix, Elixir, Tailwind, Alpine and LiveView. So what is it? Well, it helps you build web applications. Let me tell you about it…

tmpsms is a command line utility written in POSIX sh that allows you to get a temporary phone number and receive SMSes. It uses Upmasked temporary SMS service in order to receive the messages. This is a very useful tool for those who use are testing applications during bug bounty hunting or just need some privacy and don’t wan’t to use your personal phone number.

I don’t know when I’d ever use this, but I love that it’s POSIX compliant and depends on just a few other CLI tools (curl, jq, and fzf).

About 18 months ago I started a project which had to develop directly against containerd with a full Linux system.

This presented a problem which I’d not really encountered before - Docker and Kubernetes on my Mac were no longer enough, I needed a full Linux environment, and so did the community.

This is how it went and what we learned along the way.

Abhishek Chaudhary:

Websites are like a canvas. You have complete freedom to design them the way you want. But unlike a painting, not all people will view your site the way you want. This article discusses how Responsive Web Design (RWD) evolved.

David Hamp-Gonsalves created a really cool use for your old Kindle:

Second hand Kindles are waiting in drawers for someone to repurpose them into something great. Boasting large e-ink screens, wifi connectivity and ARM processors they are an amazing hacking platform.

In my case I created an information panel summarizing my day such as my calendar, surf and weather forecast, garbage schedule, school closures, etc. My favorite part is that any extra space is filled with a random Pokémon sprite which my kids(not me) like to come check in on.

Built with Rust plus some serverless backend data collection bits.

What are typosquatting attacks and how do they impact open source developers? If you’re a JavaScript developer then you should understand them and be conscious that you aren’t mistakenly installing a package such as electron-native-notify - because hey, that’s a malicious package!

JuiceFS is an open-source POSIX file system built on top of Redis and object storage (e.g. Amazon S3), designed and optimized for cloud native environment. By using the widely adopted Redis and S3 as the persistent storage, JuiceFS serves as a stateless middleware to enable many applications to share data easily.

This is a great rundown by José Valim of what the Elixir community has been up to recently and what’s coming in 2021. Exciting times! I’m particularly excited by the upcoming JIT compiler for the Erlang VM and what it might do to improve compilation times.

Just drop your icon onto the page, select which versions you want (iOS, Android, macOS, etc.), and click the “Generate” button. Nifty!

American Express is running what is perhaps the largest commercial ML model in the world; a model that automates over 8 billion decisions, ingests data from over $1T in transactions, and generates decisions in mere milliseconds or less globally. Madhurima Khandelwal, head of AMEX AI Labs, joins us for a fascinating discussion about scaling research and building robust and ethical AI-driven financial applications.

Alabe Duarte shares his personal exposure with TDD over the years. This includes:

1. why he believes TDD is important
2. the subjectiveness of “good design”
3. when doing TDD doesn’t help

It’s easy to agree we should be ethical in our work, but often harder in the moment when you’re asked to do something (or not do something) that crosses your ethical boundaries. In this thoughtful piece, Nikola Đuza explores these decisions and provides resources of the existing material on developer ethics.

I love posts like these from startups/projects that share how they’re doing over time:

Excalidraw started as a way to procrastinate on January 1st, 2020, and ended up being a fully fledged whiteboard product only one year later! In this post, we’ll go over the most important features that made Excalidraw great at being a virtual whiteboard for sketching hand-drawn like diagrams.

They detail their open source tech stack, new features the team shipped last year, cool things people are doing with the tool, and more.

(The tool itself, btw, looks totally rad and is definitely something I’ll be toying with over the coming weeks.)