Toasts are bad UX, ChartDB is a web-based database editor, code review antipatterns, scientists confirm flow state is real & more

Changelog News

Developer news worth breaking your flow

Jerod here! 👋

Waymo is really taking off in SF, but residents in the South of Market community wish they’d just take off altogether. Instead, a bunch of Waymo cars are gathering in a parking lot and honking at each other into the wee hours of the morning. Seriously.

After much negative social media (and eventually press) coverage, the company stated they know about the issue and are working on a fix. Much love to the dev who pulls that Jira ticket


Ok, let’s get into the news.

🎧 Simply the best pods for devs

💚 Threat hunter in the machine (Suz Hinton)
🚀 MySQL performance (Silvia Botros)
đŸȘ© There be a11y dragons (Eric Bailey)
đŸ€– Threat modeling LLM apps (Donato Capitella)
⏰ Lightning Talk life (Angelica & guests)

😅 What good programmers worry about

Leonardo Creed pulls together some wisdom from Linus Torvalds, who said:

Bad programmers worry about the code. Good programmers worry about data structures and their relationships.

plus The Art of Unix Programming, which said:

Data is more tractable than program logic. It follows that where you see a choice between complexity in data structures and complexity in code, choose the former. More: in evolving a design, you should actively seek ways to shift complexity from code to data.

To suggest the following:

Start with the data. Try to reduce code complexity through stricter types on your interfaces or databases. Spend extra time thinking through the data structures ahead of time.

This advice also comes from Leonardo’s own experience:

I once worked on a project where we spent quite a while optimizing complex algorithms, only to realize that by restructuring our data, we could eliminate entire classes of problems. We replaced a 500-line function with a 50-line function and a well-designed data structure. Not only was the new code faster, but it was also much easier to understand and maintain.

In politics, James Carville famously hung a sign on Bill Clinton’s wall that said, “The economy, stupid.” Because that’s what really mattered the most to get Clinton elected.

In software, we may need to hang a sign that says, “The data, stupid.”

đŸ» Toasts are bad UX

Max Schmitt makes the argument that toast notifications create a bad user experience. What are toasts? One good definition I found says:

A Toast is a non modal, unobtrusive window element used to display brief, auto-expiring windows of information to a user.

Sounds right to me. Why doesn’t Max like them?

The core problem is that toasts always show up far away from the user’s attention.

Sounds right to me. He goes on to give a couple of examples and how he’d redesign the interaction so it doesn’t need a toast notification.

📊 ChartDB: a web-based database diagramming editor

What’s cool about this open source, self-hostable web app is its instant schema import:

Run a single query to instantly retrieve your database schema as JSON. This makes it incredibly fast to visualize your database schema, whether for documentation, team discussions, or simply understanding your data better.

They give you a “magic query” that you take and run in your database (Postgres, MySQL, SQLite, etc.) and then paste the resulting JSON into ChartDB for it to visualize. From there you can use the interactive editor to fine-tune the schema.

An example ChartDB result page with tables listed in rows in the left panel and a visual layout of each table with its columns and relationships to other tables in the main panel.

💰 Top 5 launches of Supabase Launch Week 12

Thanks to Supabase for sponsoring Changelog News

  1. postgres.new – an in-browser Postgres sandbox with AI assistance. With postgres.new, you can instantly spin up an unlimited number of Postgres databases that run directly in your browser (and soon, deploy them to S3).
  2. Build Postgres Wrappers with Wasm. They released support for Wasm (WebAssembly) Foreign Data Wrapper. With this feature, anyone can create a FDW and share it with the Supabase community. You can build Postgres interfaces to anything on the internet.
  3. Bring-your-own Auth0, Cognito, or Firebase. This was actually a few different announcements: support for third-party Auth providers; Phone-based Multi-factor Authentication (that’s SMS and Whatsapp); and new auth hooks for SMS and email.
  4. Authorization for Realtime’s Broadcast and Presence is now public beta. You can now convert a Realtime channel into an authorized Channel using RLS Policies in two steps.
  5. They released Log Drains so you can export logs generated by Supabase products to external destinations, like Datadog or custom HTTP endpoints.

That’s the top five, according to us.

Head here for details on everything else! And for new users to Supabase head here for one month of Supabase Pro for FREE.

đŸ«Ł Code review anti-patterns

Simon Tatham:

When a code reviewer turns to the dark side, they have a huge choice of ways to obstruct or delay improvements to the code, to annoy patch authors or discourage them completely, or to pursue other goals of their own.

If you’ve only recently turned to the dark side, you might not have thought of all the possibilities yet. So here’s a list of code-review antipatterns, for the dark-side code reviewer who’s running out of ideas.

I love how Simon named each anti-pattern so it’ll be easy to identify and discuss with others. These names are great:

  • The Ransom Note
  • The Double Team
  • The Catch-22
  • The Flip Flop

You can almost imagine what each of these means in the context of code review, even without reading the explanations. But you should still read the explanations. They are so good/bad. For example, The Priority Inversion:

In your first code review passes, pick small and simple nits. Variable names are a bit unclear; comments have typos in.

Wait for the developer to fix those, and then drop your bombshell: there’s a much more fundamental problem with the patch, that needs a chunk of it to be completely rewritten – which means throwing away a lot of the nitpick fixes you’ve already made the developer do in that part of the patch.

Nothing says ‘your work is not wanted, and your time is not valued’ better than making someone do a lot of work and then making them throw it away. This might be enough to make the developer give up, all by itself.

🔬 Flow state confirmed by scientists

We all know that feeling when total absorption in an activity makes the rest of the world disappear (and all its troubles with it), but did you know scientists have been studying it for years?

The late Hungarian psychologist Mihály Csíkszentmihályi, who first coined the term flow, went as far as to call it “the secret to happiness”


Contrary to the assumption that we are happiest while resting, he found that the peaks often involved very high levels of mental focus. The specific activity did not seem to matter – it could be swimming, playing the violin or performing brain surgery. What counted was the feeling of immersion and mastery.

I’d argue that the reason many of us enjoy programming computers is because it’s an activity that easily evokes a flow state. The world-melting result of immersion coupled with the eventual feeling of mastery is a hell of a drug.

The linked article dives into some of the psychology and (attempted) scientific study of flow state. While scientists have confirmed that it’s a very real phenomenon, what causes it and how to achieve it have been harder for them to nail down. Maybe put down the petri dish and pick up a code editor
 😉

đŸŽžïž Clip of the week: Adam Lisagor

Our interview with Adam Lisagor from Sandwich was SO good (because he’s SO good)

Adam Lisagor’s wide-eyed face next to big text that says: Iteration in the Film Industry

🎼 RUn RemOte COmmand

Ruroco is a tool that lets you execute commands on a server by sending UDP packets. The commands are configured on the server side, so the client does not define what is going to be executed, it only picks from existing commands.

You can use this in all kinds of cool/weird scenarios: SSH port “knocking”, enabling & disabling services, stuff like that. But please note: this technique is, at its core, a form of security through obscurity. I wouldn’t deploy it as the only line of defense in front of anything slightly important. Still, I thought it’s clever/cool enough for me to pass along.

💰 Get unblocked, no matter the task

Thanks to Unblocked for sponsoring Changelog News

As developers, we know how to write code. What we’re often missing is the context to know what code to write. Unblocked gives engineering teams the answers we need to get our jobs done – without having to wait on or interrupt our teammates.

🙃 You are NOT dumb, you just lack the prerequisites

Lelouch:

Recently, after 150 days immersed in learning math, I had a stark realization. The struggle wasn’t because I wasn’t capable, but rather, I was simply missing a shit-ton of pre-requisite knowledge.

It’s like trying to defeat a Elden Ring boss
 at level 1.

It’s like walking into a movie halfway through—you can’t understand the plot because you missed the beginning.

The same goes for learning complex subjects like math, CS, whatever.

☎ Nomad Network - Communicate Freely

Nomad Network allows you to build private and resilient communications platforms that are in complete control and ownership of the people that use them. No signups, no agreements, no handover of any data, no permissions and gatekeepers.

build on LXMF and Reticulum (two words I’ve never heard previously)

Nomad Network terminal UI with a list of conversations in the left panel and the list of messages from a selected conversation in the main panel

📐 The best laid pyramid schemes


That’s the news for now, but we have some great episodes coming up!

Have a great week, forward this to a friend who might dig it & I’ll talk to you again real soon. 💚

–Jerod