Chris Coyier CSS-Tricks

Images are hard.

I believe Chris Coyier put that period at the end of this post title for a reason:

Putting images on websites is incredibly simple, yes? Actually, yes, it is. You use <img> and link it to a valid source in the src attribute and you’re done. Except that there are (counts fingers) 927 things you could (and some you really should) do that often go overlooked. Let’s see…

He goes on to list 15 bullet points of things to consider. This images situation is actually a microcosm of the web (and all software?) itself: it appears easy/simple at first, but the deeper you go, the more dizzying the depth.

Lars Wikman underjord.io

My trust in software, an all time low

I don’t think I’ve ever had more distrust and as a consequence distate for software than in recent years. I don’t think its just me as a tech-nerd with artisanal tech-carpentry aspirations. I want people to build well, treat their users right and generally exercise some actual restraint. I see it very clearly and I react more viscerally than anyone non-technical in my surroundings. However, I see the frustrations and the consequences everywhere…

RudderStack Icon RudderStack – Sponsored

Reinventing the on-prem deployment model

logged by @logbot permalink

There’s a new architecture and deployment paradigm that is gaining momentum and addresses the issues we have today by merging the best from both worlds, on-prem and SaaS.

The SaaS software delivery model has completely transformed the industry and for a good reason. It offers an amazing combination of easiness and maintainability that wasn’t possible in the past with older software delivery models. It works amazingly well when we want to deliver software like CRMs, Marketing platforms, etc.

Regardless of its success, there are still challenges with the adoption of SaaS, especially in the enterprise market where security and compliance are of great importance. Today, with the rapid growth of data-related products, the SaaS model is getting even more challenged while compliance and security are not just an enterprise concern anymore.

This post shares in more detail why we need a new paradigm and what this new model has to offer.

Alex Ellis blog.alexellis.io

I wrote a book about Everyday Go

This is my third eBook on Go, and it’s one of the ways I’m supporting my time to make open source contributions and lead the OpenFaaS community. The book covers samples, examples and techniques that I’ve learned over the past 5-6 years.

The point is not to be an 800-page tomb with tenuous links between content, but code from real open source applications that are run in production at scale.

There’s been over 300 copies sold already and I’m offering a money back guarantee if anyone should feel it didn’t meet their expectations.

Raspberry Pi github.com

A low power 1U Raspberry Pi cluster server

There are server colocation providers that allow hosting a 1U server for as low as $30/month, but there’s a catch: There are restrictions on power usage (1A @ 120v max, for example) because they’re expecting small and power-efficient network equipment like firewalls.

This repo is about designing a server that fits within the 1U space and 1A @ 120v power constraint while maximizing computing power, storage, and value.

A low power 1U Raspberry Pi cluster server

JavaScript github.com

Solid – a declarative JavaScript library for creating user interfaces

Solid… does not use a Virtual DOM. Instead it opts to compile its templates down to real DOM nodes and wrap updates in fine grained reactions. This way when your state updates only the code that depends on it runs.

Solid takes a lot of cues from React, but sets itself apart in that it doesn’t use a Virtual DOM. Here’s what Michel Weststrate had to say about it on Twitter:

Not a revolution, but really solid (pun) evolution; clean component model, really efficient run-time model, deeply embedded reactivity. Definitely think it’s worth giving it a shot in fresh new, limited scope projects!

Kubernetes ably.com

No, we don’t use Kubernetes

At Ably, we run a large scale production infrastructure that powers our customers’ real-time messaging applications around the world. Like in most tech companies, this infrastructure is largely software-based; also like in most tech companies, much of that software is deployed and runs in Docker containers.

As you might expect if you’ve been following the technology scene at all, the following question comes up a lot:

“So… do you use Kubernetes?”

Ably doesn’t, and Maik explains in this artiicle why.

We talked with @lawik about the same topic a few weeks back on Ship It! #7. We even did a follow-up YouTube stream. I think that a conversation with Maik would be really interesting 🎙

Learn rexegg.com

The best regex trick

This post does a great job of laying out all of the cumbersome/verbose ways you can solve a problem with regular expressions and then showing the tricky way of doing the same thing without all the hassle. With this trick up your sleeve, you’ll be able to answer all of these questions:

  • How do I match a word unless it’s surrounded by quotes?
  • How do I match xyz except in contexts a, b or c?
  • How do I match every word except those on a blacklist (or other contexts)?
  • How do I ignore all content that is bolded (… and other contexts)?

Teleport Icon Teleport – Sponsored

Comparing SSH keys - RSA, DSA, ECDSA, or EdDSA?

logged by @logbot permalink

What’s worse than an unsafe private key? An unsafe public key.

The “secure” in secure shell comes from the combination of hashing, symmetric encryption, and asymmetric encryption. Together, SSH uses cryptographic primitives to safely connect clients and servers. In the 25 years since its founding, computing power and speeds in accordance with Moore’s Law have necessitated increasingly complicated low-level algorithms.

As of 2020, the most widely adopted asymmetric crypto algorithms in the PKI world are RSA, DSA, ECDSA, and EdDSA. So which one is best? Well, it depends.

Windows win11.blueedge.me

Windows 11 in React

This open source project is made in the hope to replicate the Windows 11 desktop experience on web, using standard web technologies like React, CSS (SCSS), and JS.

The project description says “in React”, but the source code is comprised of 93.5% CSS. I love this portion of the README that addresses why the author built it (I assume they get this question a lot).

WHY NOT? Why not just waste a week of your life creating a react project just to coverup your insecurities of how incompetent you are. Just Why not!

Windows 11 in React

Databases sqlbolt.com

SQLBolt – quickly learn SQL right in your browser

This series of interactive lessons and exercises is a great place to start if you want to learn SQL. And trust me: if you don’t know SQL, you want to learn SQL. Of all the technologies and tools I’ve picked up over the course of my career, SQL has had one of the highest ROIs. It’s portable across languages/runtimes and has incredible staying power in terms of skill relevancy.

Zach Bloomquist zach.bloomqu.ist

Reliable, deliverable, self-hosted email

This sounds too good to be true, because it kind of is. There is no escaping the cloud (because of email trust) or the requirement of sysadmin’ing this setup (sending/receiving email is critical). If you slack on the details or upkeep, it’s your email.

I have been on an ongoing quest to free myself from cloud services for years now. During this time, I have hosted my personal email (@bloomqu.ist) on a Google Apps G Suite Google Workspace account, which, while convenient, also means that my personal emails are at the whims of one of the world’s most privacy-hostile companies.

Don’t get me wrong – what Zach shared is quite possible, but it’s still too time consuming and difficult to host your own email. It’s untenable long-term. There’s a billion dollar business there waiting for someone to seriously compete with Google on email, and not be evil. Fastmail comes to mind. I could be wrong, but I would characterize them as being an alternative, not seriously competing with Google.

Productivity monocle.surge.sh

Monocle is a universal, personal search engine

Monocle is my universal, personal search engine. It can query across tens of thousands of documents from my blog posts, journal entries, notes, Tweets, contacts, and more to act as my extended memory spanning my entire life. Monocle is designed with a focus on speed, privacy, and hackability. It’s built to be very specific to the particulars of my personal workflow around data, so probably won’t work for anyone else.

I’m logging this for your inspiration, not because you should download it and give it a try. I just love the idea of outsourcing large swaths of your memory to a personal search engine. Also it’s built with Ink (a programming language) and Torus (a UI framework), both of which are the author’s creations.

Dan Abramov overreacted.io

npm audit: broken by design

Dan Abramov cuts right to the chase:

Have you heard the story about the boy who cried wolf? Spoiler alert: the wolf eats the sheep. If we don’t want our sheep to be eaten, we need better tools.

As of today, npm audit is a stain on the entire npm ecosystem. The best time to fix it was before rolling it out as a default. The next best time to fix it is now.

He goes on to lay out how it works, why it’s broken, and what changes he’s hoping to see.

Music tenacityaudio.org

Tenacity – a FLOSS fork of Audacity

Tenacity is an easy-to-use, cross-platform multi-track audio editor/recorder for Windows, MacOS, GNU/Linux and other operating systems and is developed by a group of volunteers as open source software.

Sound familiar? Maybe because it’s a fork of the historically awesome Audacity project that promises:

no telemetry, crash reports and other shenanigans like that!

Not ringing any bells? Check out Audacity’s privacy policy changes, new CLA, and data collection attempts.

Practices programmingisterrible.com

Write code that is easy to delete, not easy to extend

Every line of code written comes at a price: maintenance. To avoid paying for a lot of code, we build reusable software. The problem with code re-use is that it gets in the way of changing your mind later on.

Deleting code is fun! Let’s all write code that’s easy to delete. But how?

To write code that’s easy to delete: repeat yourself to avoid creating dependencies, but don’t repeat yourself to manage them. Layer your code too: build simple-to-use APIs out of simpler-to-implement but clumsy-to-use parts. Split your code: isolate the hard-to-write and the likely-to-change parts from the rest of the code, and each other. Don’t hard code every choice, and maybe allow changing a few at runtime. Don’t try to do all of these things at the same time, and maybe don’t write so much code in the first place.

There’s a lot to think about in that paragraph right there. Thankfully, the author of this piece continues from there, giving specific advice along the way. A must-read, even if you aren’t onboard for all of it.

Ellen Spertus stackoverflow.blog

Best practices for writing code comments

Ellen Spertus on Stack Overflow’s blog:

While there are many resources to help programmers write better code—such as books and static analyzers—there are few for writing better comments. While it’s easy to measure the quantity of comments in a program, it’s hard to measure the quality, and the two are not necessarily correlated. A bad comment is worse than no comment at all. Here are some rules to help you achieve a happy medium.

I like rule #6 (provide links to the original source of copied code) and rule #9 (use comments to mark incomplete implementations) in particular.

0:00 / 0:00