Would love to see what cool things you guys learned. These can be ideas, tips and tricks, or anything really.
I'll start:
At a conference this morning, A talk on security mentioned monitoring the package dependencies people were adding to your project.
It's a great habit that I'd never even considered. We tend to give packages that our projects depend on a pass on security.
Top comments (8)
I recently learned a lot about how opaque requests can affect the
navigator.storage
API in the browser, as described here: stackoverflow.com/questions/391097...Among the complications are that the browser can't read the contents of certain responses and automatically books way more storage than needed which can eat into your storage quotas.
I can't seem to find another really helpful Github issue, but I noticed it's always Jeff Posnick answering all of this and I was grateful to read through some of his answers as I sought to learn more about this issue.
I'll have time in the near future to close the loop on this whole issue and write about it more thoroughly.
I've been digging into monorepo management with Lerna.
Tripped up on some interop with F# last night.
stackoverflow.com/questions/489413...
I learned many things last week but the highlight was learning how to generate random IV to actually secure my cryptography operations. In 2013 Bitcoin theft occurred owing to generation of non-random IV’s. Reading up on many resources, I found out that there was a bug in generation of random numbers in JCA (Java cryptography architecture) until Android API version 4.1 which lead to bitcoins being stolen from android wallets. The bug has since been patched. Above API 21 SecureRandom is used to generate IV. It uses a NativePRNG technique with true random seed from /dev/random and uses /dev/urandom to generate cryptographically strong random number for IV.
Resources:
Shameless promotion:
For anyone interested, I wrote a weekly update encapsulating things I did last week. Check it out. Link
This week, I learned how GenStage work with Elixir/OTP. You can found a basic example here: elixirschool.com/en/lessons/advanc...
In our current project, we have an umbrella application containing an application which handles Providers and Consumers connected to a RabbitMQ. It provides a high-level API in order to send and receive messages (managing exchanges and queues) easily in all applications of the umbrella.
It's such a nice way to handle those problematics. I love it. (づ ̄ ³ ̄)づ
Ooohhhh I like this concept :D
This week I learned that the latest NPM screws Linux systems up LOL
On a more serious note, I learned about React's new Context API and tried it with react-broadcast@0.7.0-rc.4 and react-contextual.
Really enjoyed this podcast, hosted by Wes Bos and Scott Tolinski:
Syntax - Tasty Web Development Treats
They talk about CDNs, image + video and web development, and there was a lot of great information that was explained well. Most of the tech that we use at dev.to really flew over my head for a while, and while I still don't quite get it, this episode helped me see how CDNs worked.
That's really interesting- can you add a bit more information about what sort of security and tools?