Double Shot #2480

Merging Multiple SimpleCov Coverage Results - A code snippet to handle this common use case with parallelized testing.
The Configuration Complexity Curse - A look at CUE as a potential way to tame the increasing thicket of tool-specific declarative configuration files.
The Service Mesh: What Every Software Engineer Needs to Know about the World's Most Over-Hyped Technology - From William Morgan, who as one of the authors of Linkerd ought to know.
Passwords Are a Design Problem - And not one with an easy solution, either.
In Defense of Utility-First CSS - Lots of people don't like the proliferation of small CSS classes, but I'm inclined in this direction myself.
Bloomberg Beta reading List - A piece of the manual for an early-stage VC firm.
Hacking JSON Web Tokens (JWTs) - JWTs can be secure (I think). But there are a mighty lot of ways to screw up their implementation.
Designing durable serverless apps with DLQs for Amazon SNS, Amazon SQS, AWS Lambda - Useful techniques to know if you're all-in on AWS serverless computing.
4 lesser-known attack types - Security is hard and it keeps getting harder.
What makes a programming exercise good? - Thinking about teaching on the internet.
Zero trust architecture design principles - From the UK's National Cyber Security Centre. The details are in a GitHub repository.
Scaling Culture: Retain Your Developer Team’s Soul During Fast Growth - A tough task to be sure.
KnockKnock - I've linked to this MacOS malware scanner before, but it keeps improving & I wouldn't be without it.
Free Online Tools for Looking up Potentially Malicious Websites - Caveat user, but as far as I can tell this is a safe list.
Rails 6 adds each_value method to ActionController::Parameters - Another tiny improvement.