Double Shot #2460

Oct 28, 2019

Rails 6.0 new framework defaults: what they do and how to safely uncomment them - A useful guide for the upgrade process.
Network Perspective - Paid analysis tool to discover collaboration patterns in large repos.
Ahh shhgit! - Mining git host APIs for accidental secret leakage.
ET (Don't) Phone Home - An attempt at standardized labeling for web-connected devices. I have my own standard: don't bring this crap into my house.
Weaponizing and Gamifying AI for WiFi Hacking: Presenting Pwnagotchi 1.0.0 - WiFi secrets capture with learning behavior in a cute portable package.
Lesser Known Coding Fonts - From the obscure to the commercial. Failing vision means I no longer spend time messing with this sort of thing, but I fondly remember endlessly tweaking editors.
Announcing TinaCMS - "We developers have hot-reloading, and Tina is the hot-reloading for content editors."
5G was a mistake - Well, yeah. But I'm a cynic sometimes too.
قلب - "قلب is a programming language exploring the role of human culture in coding. Code is written entirely in Arabic, highlighting cultural biases of computer science and challenging the assumptions we make about programming." And I will be sad but not surprised if the language name doesn't render properly on this page.
Getting Started with the PLONK Stack and Serverless 2.0 - Prometheus, linkerd, OpenFaaS, NATS, and Kubernetes.

Double Shot #2459

Oct 25, 2019

aquameta - "Web development platform built entirely in PostgreSQL." An interesting idea, though not a mainstream one.
Stupid Unix Tricks - Some of which actually look pretty darned useful.
Reducing the Impact of Unconcious Bias in Our Hiring Process - Some introspection from Thoughtbot.
Bazel Reaches 1.0 Milestone! - A major release for Google's open-source build system for large projects
Gridsome - "A Vue.js framework for Static Websites"
My Arsenal of AWS Security Tools - There are a whole lot of these.
Managing From Afar: How This Engineering Manager Tackles the Challenges of Remote Work - With an emphasis on inclusion issues.

Double Shot #2458

Oct 24, 2019

Firefox’s New WebSocket Inspector - Yet another new feature from the Firefox DevTools team.
New version of OnionShare makes it easy for anyone to publish anonymous, uncensorable websites - Tor network website hosting the easy way.
Yes, You Should Estimate Software Projects - Not everyone is on-board with #noestimates.
Pentesting Bible - "hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources."
ExcessFlow - Rate-limited for Ruby & Rails projects backed by a global Redis mutex.
Designing accessible color systems - Not easy, but it can be done. Guidance from Stripe's design team.
Announcing Distributed Application Runtime (Dapr), an open source project to make it easier for every developer to build microservice applications - A plumbing approach from Microsoft.
How to communicate your Microservices? - A summary look at various options including SOAP, REST, gRPC, and GraphQL.
Modulation - Explicit Dependency Management for Ruby - "Modulation provides an alternative way of organizing your Ruby code. Modulation lets you explicitly import and export declarations in order to better control dependencies in your codebase"

Double Shot #2457

Oct 23, 2019

Debugging hidden memory leaks in Ruby - Tools and techniques from Sam Saffron, who knows this stuff better than maybe anyone.
alt-tab-macos - Windows-style app switching on MacOS.
Digital dystopia: how algorithms punish the poor - If you're building this shit, just stop.
Vocabulary Building: Satisficing - An extremely useful concept that I'm surprised more developers don't know.
Firefox Privacy – The Complete How-To Guide - A thorough guide to customizing this aspect of my favorite browser.
Asynchronous Communication: The Real Reason Remote Workers Are More Productive - "Async isn’t just for remote teams"
DitaBase - "DitaBase is a network of customizable schemas, with validation and conversion scripts directly integrated." A data management tool aimed at developers.
How to be a better remote worker - Overcommunication is important, among other things.
Have We Reached Peak Agile? - We're certainly somewhere around peak BS in the agile space.

Double Shot #2456

Oct 22, 2019

How to fuck up software releases - "I am doomed to creatively outsmart my tools in releases."
Why You Shouldn't Use Facebook - Yeah, thumbs-up on this one.
Webwide - An "inclusive long-form discussion board community for web designers, developers and makers." Just in case you miss the good old days of online threaded discussions.
PostgreSQL 12: Foreign Keys and Partitioned Tables - It all just works now, which is nice.
Apple of 2019 is the Linux of 2000 - Rants are always fun.
Firefox macOS test build is far better for your battery life - "Nightly builds of the Mozilla-produced browser now requiring as little as a third of the power of the main public release to render web pages."
The Open Book Project - Ambitious project to build an open e-reader.
The Ruby Changes - Full & comprehensive changelogs for Ruby, with code examples.
How We Run Hack Week on a Remote Team - A nice guide from Buffer.

Double Shot #2455

Oct 21, 2019

The Early Discipline of Remote Startups - An argument that remote is good because it forces you to invest in things like values and communication early in the company's life. Well yeah, unless that prevents you from achieving success.
Git Remote S3 Helper - Use AWS S3 to share encrypted repos (as an alternative to setting up a full-blown server on the internet).
AWS Elasticsearch: a fundamentally-flawed offerin -Issues with the AWS fork, from someone who has experience with large Elasticsearch installations.
How to Write Fast Code in Ruby on Rails - Advice from Shopify.
cast.sh - "An instance of your terminal in your browser"
Bullshit.js - A "best-of-breed, mission-critical enterprise JavaScript bookmarklet that will empower you to evaluate the high impact of market-driven text on any Web resource, cultivating process-centric innovation and out-of-the-box thinking."
Monorepo or Multirepo? Role-Based Repositories - A spike of a tool designed to get the best of both worlds by presenting a monorepo as multiple components.
HOWTO make Linux run blazing fast (again) on Intel CPUs - Don't want the secure (but slower) fixes to recent gaping security holes? Turn them all off!
Thriving on the Technical Leadership Path - A look at the sort of strategic work that senior engineers can do without being in people management.

Double Shot #2454

Oct 18, 2019

How Bash completion works - Why yes, you can write your own completion functions.
Spree 4.0 for Rails 6 released - Major update to this long-time ecommerce framework.
The Miasma - Ruminating on the technology formerly known as the Internet (h/t Neal Stephenson).
Postgres Is Underrated—It Handles More than You Think - Maybe you don't need some fancy-pants cloud-scaleable datastore.
A Guide To New And Experimental CSS DevTools In Firefox - I'm way behind on this stuff. Fortunately my CSS design skills are way behind too.
Essential Meetings to Have With Your People as a Manager - An organized approach to planning some of the critical conversations.
JS illustrated: Promises - The pictures make my head hurt a bit less.
Why We Prefer Coding Challenges and How We Made Ours Better - Optimizing a common developer interviewing technique.
Microsoft open sources SandDance, a visual data exploration tool - A storytelling sort of visual library.

Double Shot #2453

Oct 17, 2019

Awesome macOS open source applications - A long list, with some gems I hadn't noticed before.
ActiveWorkflow - "ActiveWorkflow is an intelligent process automation platform that uses software agents; autonomous entities that act on schedule or react to external triggers." Open-source and deployable to Heroku.
OpenLibra - "OpenLibra is a technology platform and currency for financial inclusion. An alternative to Facebook's Libra, that places emphasis on open governance and economic decentralization."
Critical Security Issue identified in iTerm2 as part of Mozilla Open Source Audit - A new version is out and you should update.
Mentoring Developers: Best Practices From Uber - Interview With Gergely Orosz - Am I the only one who sees Uber as such a tarnished brand that I don't want to read things with their name in the headline? Regardless, there's some good basic advice here.
How GraphQL Saved My Project - A good experience after a bad time with REST.
A Scheduler for the Internet - Workflow orchestration in the cloud.
The 2019 Monktoberfest - If I wasn't on the wagon this conference would be at the top of my list.

Double Shot #2452

Oct 16, 2019

SRE as a Lifestyle Choice/a></strong> - An exercise in applying systems thinking to a hiring process.</li>
How Do Individual Contributors Get Stuck? A Primer - "Noticing how people get stuck is a super power, and one that many great tech leads (and yes, managers) rely on to get big things done."

macOS 10.15 Vista - Catalina is looking increasingly like a version to hold off on for a bit. I'm running it on a test box, but not in any hurry to update my main desktop.

Personal information and ads on Twitter - A more honest title to this support article would be "how we screwed up your privacy."

DevBlog - Another free blogging site spawned out of the backlash against changes at Medium.

In defense of «macOS 10.15 Vista» - With notes on disabling the security warnings.

The biggest lie tech people tell themselves — and the rest of us - "They see facial recognition, smart diapers, and surveillance devices as inevitable evolutions. They’re not."

Thunderbird, Enigmail and OpenPGP - Thunderbird is building in encryption and digital signatures. Good for them.
</ul>

Double Shot #2451

Oct 15, 2019

Serverless-Dev-Tools - Open-source console-based monitoring tool for AWS Lambda.
Don’t Look Into the Light - Big rewrite as a failure pattern for cloud software.
Privacy and the Fediverse (AKA Mastodon, Pleroma, and Friendicas) - Decentralization makes it pretty hard to know where your data is going.
The pointlessness of daily standups - Some people just don't see the point of agile practices. And if they're just cargo culted, I can see why.
Images done right: Web graphics, good to the last byte - This has gotten too complicated. Let's just all switch to Lynx.
A Multithreaded Fork of Redis That’s 5X Faster Than Redis - In case you think mainline redis is too conservative.
vsh - "vsh is an interactive HashiCorp Vault shell which treats vault secret paths like directories."
n8n - "Open Source Alternative for Zapier/tray.io." Looks like they plan to offer a hosted version to make money.

Double Shot #2450

Oct 14, 2019

Serverless AppSync Component - "The AppSync Serverless Component allows you to easily and quickly deploy GraphQL APIs on AWS, and integrate them with AWS Lambda, DynamoDB & others."
GitCF - Service to get shareable GitHub file URLs with proper MIME types, implemented on CloudFlare workers.
Break before make, abstractions, and sleazy ISPs - I'm more surprised when something on the Internet actually works, given all the silly failure modes. Here's one.
VPN⁰: A Privacy-Preserving Distributed Virtual Private Network - Research & design towards a more private net.
The Beginner’s Guide to Chart.js - Step-by-step to bars, pies, and lines.
Asocial? A Life Without Social Media - Yes, it can be done. I'm getting closer myself.
The New Able Editor - News from Able, "a place for people to read and write about software engineering" that plans to be less oppressive than some of the established blogging sites.

Double Shot #2449

Oct 11, 2019

New In PostgreSQL 12: Generated Columns - A nice addition in the new version. Lots of other goodies in the full release notes.
FaaS for the Rubyist - An introduction to OpenFAAS.
You Don't Know JS Yet (book series) - 2nd Edition - Deep knowledge in an open format.
How much faster is Redis at storing a blob of JSON compared to PostgreSQL? - 16x in this one case (which, like all performance comparisons, provokes arguments).
ReadMe - API documentation as a service.
GoodbyeDPI — Passive Deep Packet Inspection blocker and Active DPI circumvention utility - Tools to get around bad ISP behavior.
Next release 1.3.3: multiple selection, git clone and more - There are still alternative browsers. You just have to hunt for them.
Efficient GraphQL queries in Ruby on Rails & Postgres - Avoiding N+1 issues.
Tmux Tutorial - Basic concepts & commands.
DoHProxy.com - A demonstration of DNS-over-HTTPS, but more importantly, a tutorial on setting up your own proxy server.

Double Shot #2448

Oct 10, 2019

React Testing Library - "Simple and complete React DOM testing utilities that encourage good testing practices."
Rethinked guide to testing React & Redux applications - Some overall guidance born of experience.
How to Make Good Code Reviews Better - A selection of general guidance, recognizing that this is a social rather than a technical process.
Sid Sijbrandij: “People don’t want to commute; they just don’t want to miss out” - Remote work guidance from GitLab, which practices it.
Ruby 2.6.5 Released - Along with new versions of 2.4 and 2.5, all with security patches.
Psychometry: Science, pseudoscience and make-belief - An argument against trying to do team building with tools like MBTI, DISC, or color profiles.
Conventional Commits - "A specification for adding human and machine readable meaning to commit messages."
Observations on Observability - A high-level overview without reference to particular vendors or products.
Engineering Career Development at Etsy - Background behind Etsy's newly open-sourced career ladder.
Get unused routes of large Rails App - Automatically comparing your routes file to your controller actions.
Ruby 2.7 adds Enumerator::Lazy#eager - Things like this just confuse me.

Double Shot #2447

Oct 9, 2019

Mesh Spreadsheet - "A free, portable spreadsheet program" that runs in the browser.
Occams Record - "OccamsRecord is a high-efficiency, advanced query library for use alongside ActiveRecord."
Mount Rack Apps - Using the Ruby serverless framework Jets.
Serverless Mullet Architectures - Websockets in the front, Lambda in the back.
HEAD - "A free guide to HTML5 <head> elements" and the many, many things you can put inside of them.
My Time at Snap - Startup life tales are more fun to read than to live.
New Productivity - Color me skeptical - we have lots of new productivity applications. I'm not convinced we have lots of new productivity.
Identifying the dirt in our code - Rules of thumb for writing cleaner code.
Rosie Pattern Language - "Rosie is like regex, but better."
Evolving Regional Evacuation - A Netflix technique for high availability in the face of massive failures.
First Contributions - A tool to let new contributors practice open-source workflows.

Double Shot #2446

Oct 8, 2019

Ansible Crash Course - In 45 short videos.
Testing in Production: the hard parts - A deep dive into mitigating the potential blast radius of changes.
How to succeed as a poor programmer - Story of my life.
Startups: How to Use Amazon’s Narrative Process to Set Goals and Think Clearly - It surprises me that more software people don't use this technique.
Small world with high risks: a study of security threats in the npm ecosystem - I'm starting to seriously consider removing NPM dependencies from our products.
Tethered jailbreaks are back - Something to worry about if you're a journalist or activist with an iPhone.
Migrating From Cloudflare - How one Mastodon instance made the switch.
12 Signs You’re Working in a Feature Factory — 3 Years Later - Long-term learning from John Cutler.
in-toto - "A framework to secure the integrity of software supply chains."
SQL queries don't start with SELECT - Julia Evans explains the run order of standard SQL.
Why we decided to go for the Big Rewrite - A success story from Channable.

Double Shot #2445

Oct 7, 2019

I don’t like your web browser, so I programmed a new one. - There are alternatives if you try hard enough.
Analyzing DNS-over-HTTPS And DNS-over-TLS Privacy and Security Claims - An explainer that walks through the main issues.
A developer goes to a DevOps conference - Sort of an Alice in Wonderland experience.
Do we need to rethink what free software is? - Continuing the conversation about limiting who can use your software.
DevOps Topologies - Patterns and antipatterns of team collaboration.
Why Blameless Post-mortems? - Why it's useful to start with looking behind the person who pushed the button.
A year (+½) with Hanami in production: the Good, the Bad and some Recipes - Rails is not the only framework out there.
Event Modeling: What is it? - An introduction to designing ledger systems.
Sidekiq v6.0.1 Release Notes - With a 10-15% performance boost, among other things.
DeckDeckGo - "DeckDeckGo aims to be the open source web editor for presentations."
Update: Approaching IPv4 Run-out - RIPE expects to run out next month.

Double Shot #2444

Oct 4, 2019

What's new in Interactive Ruby Shell (IRB) with Ruby 2.7 - Syntax highlighting, multi-line editing, and more.
On Sharding - It's not always as simple as it seems.
Deep Learning with Electronic Health Record (EHR) Systems - A good introduction - but being in the healthcare software field, I would have liked to see the words "privacy", "safety," and "quality" somewhere in here. There's a qualitative difference between recognizing cat pictures and working with people's lives.
Developer Burnout: How Can a Manager Spot It and Stop It - An overview with thoughts from some working software managers.
Conveyor - "The first service to place task management on top of your local Git workflow, blending project management, code, and communication into one experience."
Beware the dark side of agile project management - There might be a truly agile enterprise with a PMO, but I haven't actually seen it.
ServerLog - " A simple, practical, and innovative Node.js log library that enables you to view logs in Chrome dev tools."
Modern Script Loading - This modern JS stuff ain't getting any easier.
API Security Checklist - "Checklist of the most important security countermeasures when designing, testing, and releasing your API."

Double Shot #2443

Oct 3, 2019

JMAP - The modern alternative to IMAP.
The Hippocratic License - A shot at an open source license that explicitly values human rights. Bad actors will likely ignore it, but I'm happy to see these discussions happening. Not surprisingly, the open-source establishment is pooh-poohing the whole idea.
What Happened To Cuil? The Thought-To-Be Google Killer - A bit of internet history you've probably forgotten.
HTTP Toolkit - Tools for inspecting and mocking HTTP responses with free & pro versions.
WARP is here (sorry it took so long) - Cloudflare's secure connection option for mobile devices.
Centralised DoH is bad for privacy, in 2019 and beyond and Firefox and DNS-over-HTTPS - Firefox defaulting to DNS over HTTP single-sourced to Cloudflare is proving to be a controversial decision.
Getting Started with the Sorbet Type Checker in Rails - This feels like the top of a slippery slope to Java-in-Ruby to me, but I'm sure it'll be good for some projects.
Building a Rails CI pipeline with GitHub Actions - It's either a nice bonus for your existing repo, or vendor lock-in, or embrace&extend, take your pick.
What do executives do, anyway? - Scaling to thousands of indirect reports.

Double Shot #2442

Oct 2, 2019

Cleaning up bad bots (and the climate) - Cloudflare is trying to make it more expensive to hit the sites it protects with malicious code.
Adblock Radio - "A library to block ads on live radio streams and podcasts. Machine learning meets Shazam." I'm surprised this didn't show up earlier.
Nine takeaways from the DevOps report - A good summary. I'm skeptical of some of the ways people use this report but thinking about these things is important.
Comparing Database Types: How Database Types Evolved to Meet Different Needs - From flat files to NewSQL.
Mastering Packs in Webpacker - And how to use them in a Rails 6 application.
Google Chrome Keystone is modifying /var symlink on non SIP Macs causing Boot Issues - I'm starting to class Chrome as malware.
Performance metrics for blazingly fast web apps - A deep dive into instrumenting JavaScript to track user experience.
ZeroTier 2.0 Status - A new version of this distributed private networking application is almost out.
What to ask during your interview - A starting point for reverse interviewing.

Double Shot #2441

Oct 1, 2019

15 Easy Questions for Easy Change Management - Explore the risks and rewards of big changes to your systems before making them.
circleci-cli - A command-line tool for keeping an eye on CircleCI builds.
Speeding up Bundler in dockerized environments - The basics of gem caching, which can indeed save a boatload of time.
RailsJwtAuth - JWT authentication solution for Rails API projects.
Software Security Field Guide for the Bewildered - A quick tour of basic concepts to make you able to at least converse with your local security specialists.
It's time programmers talked about ethics - Past time, really. There will, I think, always be developers willing to build whatever horrible system people can dream up -- but I don't need to be one of them. Neither do you.
Serverless: 15% slower and 8x more expensive - A story of getting into trouble by forging blindly ahead.
Bedrock – Rock-solid distributed data - A "simple, modular, WAN-replicated, Blockchain-based data foundation for global-scale applications" from Expensify.
One-on-ones are my most valuable meetings; here’s how I run them - As a manager, you should be doing serious prep for these meetings.