The Changelog #426 – Pinned
News and podcasts for developers
Subscribe to get the latest news and podcasts for developers in your inbox, every week.
We make it super easy to keep up with developer news that matters.
Already a member? Sign in
An unlikely database migration
So the Tailscale team were using a single text file as a database (as you do) and it worked great… until it didn’t.
Even with fast NVMe drives and splitting the database into two halves (important data vs. ephemeral data that we could lose on a tmpfs), things got slower and slower. We knew the day would come. The file reached a peak size of 150MB and we were writing it as quickly as the disk I/O would let us. Ain’t that just peachy?
So, migrate to MySQL or PostgreSQL, right? Maybe SQLite?
Nope, Crawshaw had other ideas.
I won’t ruin the surprise and tell you what they went with, but I will say it’s a widely deployed system amongst cloud natives…
Waldo's My Roommate?
Preact creator Jason Miller joins Jerod and Nick to discuss WMR– the tiny all-in-one development tool for modern web apps.
We ask Jason what “modern web app” means, how WMR fits in to the JS tooling landscape, why the Preact team created it in the first place, and dig into all it has to offer. Where’s My Roomba?
Why can't I write code inside my browser?
What would happen if browsers came pre-installed with Node.js, an IDE, and a simple runtime environment?
…there’s been a kind of revolution around coding. “Javascript everywhere” (i.e. node.js) has really become the default web-development paradigm. Javascript is alluring - partly because every computer has a javascript GUI and runtime - the browser! You can code in javascript on your computer using a text editor and a browser - without ever touching the command line!
But, what if a full-fledged dev environment for JavaScript was just as ubiquitous as the runtime in the browser?
🎧 Chaos engineering
From Heroku’s Code[ish] podcast, Rick Newman (Director of Engineering at Heroku) talks with Mikolaj Pawlikowski, author of “Chaos Engineering.”
Chaos engineering is a way of testing your software predicated on the fact that something in your system, at some point, will break. By intentionally causing disruptions–for example, dropping network connections–and observing how your system responds, you’ll better prepare yourself for when the unexpected happens.
Happy 20th birthday, Drupal! 🎂
Drupal creator Dries Buytaert with lots of reason to celebrate:
On January 15, 2001, exactly 20 years ago, I released Drupal 1.0.0 into the world. I was a 22 years old, and just finished college. At the time, I had no idea that Drupal would someday power 1 in 35 websites, and impact so many people globally.
Quite the accomplishment. Congrats to Dries and the entire Drupal community!
In this post, he also shares why he’s still working on the project and details 3 birthday wishes for Drupal:
- Never stop evolving
- Continue our growing focus on ease-of-use
- Economic systems to sustain and scale Open Source
Those sound like noble wishes to me. 💯
An effective pentesting methodology
Penetration testing is when you (or someone you authorize) run a security assessment of a computer system by trying to break in to it.
In this repo, Carlos Polop (who is a pentester and cyber security researcher) shares his methodology for pentesting. This is just one piece of a larger collection of Carlos’ HackTricks book.
We're talkin' CI/CD
Continuous integration and continuous delivery are both terms we have heard, but what do they really mean? What does CI/CD look like when done well? What are some pitfalls we might want to avoid? In this episode Jérôme and Marko, authors of the book “CI/CD with Docker and Kubernetes” join us to share their thoughts.
The MLOps tooling landscape in early 2021 (284 tools)
Chip Huyen:
While looking for these MLOps tools, I discovered some interesting points about the MLOps landscape:
- Increasing focus on deployment
- The Bay Area is still the epicenter of machine learning, but not the only hub
- MLOps infrastructures in the US and China are diverging
- More interests in machine learning production from academia
If MLOps is new to you, Practical AI did a deep dive on the topic that will help you sort it out. Or if you’d prefer a shallow dive… just watch this.
PETAL – the end-to-end web stack
There’s a new stack in town. PETAL. It destructures to Phoenix, Elixir, Tailwind, Alpine and LiveView. So what is it? Well, it helps you build web applications. Let me tell you about it…
Feature flags (toggles) in DevOps
Feature flags (called feature toggles by some) are a software development and delivery technique that allows software teams to enable and disable parts of a codebase at the flip of a switch. Feature flags enable software teams to adopt DevOps practices, in so much as they help increase deployment speeds, system stability, and cross-team collaboration.
As a cultural shift, DevOps is meant to foster collaboration inside organizations, especially between development teams and operations teams. Feature flagging is a software development technique that has been growing and gaining popularity in recent times. However, some development teams still aren’t quite familiar with it.
This post offers an introductory guide on feature flags and how feature flagging supports DevOps.
A temporary SMS utility right from your terminal 📥
tmpsms
is a command line utility written in POSIXsh
that allows you to get a temporary phone number and receive SMSes. It uses Upmasked temporary SMS service in order to receive the messages. This is a very useful tool for those who use are testing applications during bug bounty hunting or just need some privacy and don’t wan’t to use your personal phone number.
I don’t know when I’d ever use this, but I love that it’s POSIX compliant and depends on just a few other CLI tools (curl, jq, and fzf).
containerd development with Linux and multipass
About 18 months ago I started a project which had to develop directly against containerd with a full Linux system.
This presented a problem which I’d not really encountered before - Docker and Kubernetes on my Mac were no longer enough, I needed a full Linux environment, and so did the community.
This is how it went and what we learned along the way.
A brief history of Responsive Web Design
Abhishek Chaudhary:
Websites are like a canvas. You have complete freedom to design them the way you want. But unlike a painting, not all people will view your site the way you want. This article discusses how Responsive Web Design (RWD) evolved.
Turn your Kindle into a HUD for every day life
David Hamp-Gonsalves created a really cool use for your old Kindle:
Second hand Kindles are waiting in drawers for someone to repurpose them into something great. Boasting large e-ink screens, wifi connectivity and ARM processors they are an amazing hacking platform.
In my case I created an information panel summarizing my day such as my calendar, surf and weather forecast, garbage schedule, school closures, etc. My favorite part is that any extra space is filled with a random Pokémon sprite which my kids(not me) like to come check in on.
Built with Rust plus some serverless backend data collection bits.
How typosquatting attacks are responsible for malicious modules in npm
What are typosquatting attacks and how do they impact open source developers? If you’re a JavaScript developer then you should understand them and be conscious that you aren’t mistakenly installing a package such as electron-native-notify
- because hey, that’s a malicious package!
A distributed POSIX file system built on top of Redis and S3
JuiceFS is an open-source POSIX file system built on top of Redis and object storage (e.g. Amazon S3), designed and optimized for cloud native environment. By using the widely adopted Redis and S3 as the persistent storage, JuiceFS serves as a stateless middleware to enable many applications to share data easily.
10 years(-ish) of Elixir
This is a great rundown by José Valim of what the Elixir community has been up to recently and what’s coming in 2021. Exciting times! I’m particularly excited by the upcoming JIT compiler for the Erlang VM and what it might do to improve compilation times.
Iconify – a quick-and-free web app for generating various app icons
Just drop your icon onto the page, select which versions you want (iOS, Android, macOS, etc.), and click the “Generate” button. Nifty!
The $1 trillion dollar ML model 💵
American Express is running what is perhaps the largest commercial ML model in the world; a model that automates over 8 billion decisions, ingests data from over $1T in transactions, and generates decisions in mere milliseconds or less globally. Madhurima Khandelwal, head of AMEX AI Labs, joins us for a fascinating discussion about scaling research and building robust and ethical AI-driven financial applications.
My personal journey with test-driven development (TDD)
Alabe Duarte shares his personal exposure with TDD over the years. This includes:
- why he believes TDD is important
- the subjectiveness of “good design”
- when doing TDD doesn’t help
Weighing the pros and cons of ethical programming
It’s easy to agree we should be ethical in our work, but often harder in the moment when you’re asked to do something (or not do something) that crosses your ethical boundaries. In this thoughtful piece, Nikola Đuza explores these decisions and provides resources of the existing material on developer ethics.
One year of Excalidraw
I love posts like these from startups/projects that share how they’re doing over time:
Excalidraw started as a way to procrastinate on January 1st, 2020, and ended up being a fully fledged whiteboard product only one year later! In this post, we’ll go over the most important features that made Excalidraw great at being a virtual whiteboard for sketching hand-drawn like diagrams.
They detail their open source tech stack, new features the team shipped last year, cool things people are doing with the tool, and more.
(The tool itself, btw, looks totally rad and is definitely something I’ll be toying with over the coming weeks.)
Podcasts from Changelog
Weekly shows about software development, developer culture, open source, building startups, artificial intelligence, brain science, and the people involved.

JS Party
- Subscribe
- Direct (RSS)
- Apple Podcasts
- Overcast
- Spotify
- Android
Your weekly celebration of JavaScript and the web.
Hosted by:

Go Time
- Subscribe
- Direct (RSS)
- Apple Podcasts
- Overcast
- Spotify
- Android
Your source for diverse discussions from around the Go community
Hosted by:

Backstage
- Subscribe
- Via Master
Your backstage pass to the people behind Changelog and the things that interest them.