|
Welcome to Snyk’s State of JavaScript frameworks security report 2019.In this report, we investigate the state of security for both the Angular and React ecosystems, looking at best practices, secure coding, and security vulnerabilities in React, Angular, and other frontend projects such as Bootstrap, Vue.js, and jQuery.Inside you will find the report in it’s digital format as a PDF to download and review offline.
|
|
I'm in the process of wrapping up a team offsite even though I was ostensibly the lead technologist present, I was not actually prepared in terms of bringing the right technology with me to facilitate the team's needs. The single worst omission was the lack of an HDMI cable without which, I saw three tech folk (me, other engineer #1, team coordinator) fail to be able to connect a Mac, an iPad and a Windows box to a Chrome Cast equipped TV.....
|
|
I’ve been to a lot of conferences over the years. PgConf EU , PostgresOpen , too many pgDays to count, and even more none Postgres conferences (OSCON, Strangeloop, Railsconf, PyCon, LessConf, and many more). I’ve always found Postgres conferences one of the best places to get training and learn about what’s new with Postgres (in addition to Dimitri’s recent book, more on that below). They’re my regular stop to catch up on all the new feat....
|
|
I’ve been to a lot of conferences over the years. PgConf EU , PostgresOpen , too many pgDays to count, and even more none Postgres conferences (OSCON, Strangeloop, Railsconf, PyCon, LessConf, and many more). I’ve always found Postgres conferences one of the best places to get training and learn about what’s new with Postgres (in addition to Dimitri’s recent book, more on that below). They’re my regular stop to catch up on all the new feat....
|
|
When it comes to security, the movement toward DevOps is really just beginning. If we want security to make this move effectively, we need to carefully select tools and deliberately build culture.
|
|
You would think by now that I'd be wise enough to capture the speaker as well as the slide when I take a photo; alas not; sigh . Last week I saw Daniel Wilson speak over at Butler University. Daniel is the author of Robopocalypse , Robogenesis, How to Survive a Robot Uprising , Where's My Jetpack and many other good bits of science fiction. There were two surprising things in his presentation: He was funny. As someone who has ....
|
|
Photo courtesy of my boss and friend, Dave Sifry who is in London right now attending MozFest; lucky guy! In the continuing saga of "Once upon a time I did ruby exclusively, now I do python and ruby side by side and I keep being stupid", I have discovered something subtle and interesting about how python works internally. Let's start with a function definition in python: expert_name = "Anti Semitic Speech Expert" expert_versio....
|
|
Photo courtesy of my boss and friend, Dave Sifry who is in London right now attending MozFest; lucky guy! I have a lot of computer skills. I can program in multiple languages, I can remember how to use Norton Utilities for DOS, I can remember how to use Sun OS, I can tell you about not HTML, not XML, not SGML but GML (which begat SGML which in turn begat HTML which in turn begat XML), etc. One of those computer skills that I don't have ....
|
|
Nextcloud and others recently reported on CVE-2019-11043 which looks like a particularly nasty RCE affecting only nginx+php-fpm with certain configurations. Unfortunately, the configuration the Nextcloud documentation recommended was one of those vulnerable configurations.
|
|
While cleaning up some tech debt, a curious issue cropped up. Nginx was running in an alpine container as a front end load balancer. It had a dynamic config that got periodically updated by a sidecar, and had filebeat shipping logs out to a central collector but otherwise was just a very simple Nginx config. Every now and then the container would crash, it would automatically recover fast enough no alarms were lost and the clients would j....
|
|
Flask is a simple Python framework for creating web applications. It can be used to create API servers in a microservices architecture. When doing so, it is helpful to provide API documentation that ships with your service. This post outlines a technique for shipping OpenAPI v3 documentation from your service while co-locating the documentation with the API implementation. Keeping the documentation with the route definition ensures that it ..
|
|
Back in 2013, like most other companies, Cerner was heavily invested in building user interfaces with Twitter Bootstrap. Around that time, Dave Rupert wrote about the concept of Responsive Deliverables and touched on a key concept, creating “Tiny Bootstraps, for Every Client”. Along with this, Brad Frost had started promoting the idea of Atomic Design. We saw a lot of value in these ideas and saw that we needed to evolve how we were develop..
|
|
Heroku Is Amazing or Fixing INSERT command denied to user (MySQL)
-
fuzzyblog.io
-
6 years ago
-
eng
Photo courtesy of my boss and friend, Dave Sifry who is in London right now attending MozFest; lucky guy! Part 1: Heroku Rocks I've been using Heroku quite a lot recently: It is currently running my side project I built a trial project purely to confirm that I knew how to deploy onto Heroku and then deployed it in just an hour or two I deployed a proof of concept app for my day gig onto it that's pretty substantial Overall I've never ....
|
|
Michigan-based electric truck startup Bollinger Motors has finally announced the price of its rugged electric trucks, the Jeep-like B1 and the B2 pickup. Both vehicles will start at an eye-popping $125,000 ...” Well, nevermind . Permalink.
|
|
I’ve put together (what I hope is) a handy guide to the November 2019 ballot for Huber Heights, Ohio. The purpose of this guide isn’t to tell people who or what they should vote for, but rather only to let people know who or what is on the ballot.
|
|
Ben Thompson, likening Facebook to the printing press: â... the printing press effectively overthrew the First Estate, leading to the establishment of nation-states and the creation and empowerment of a new nobility[, the Second Estate]. The implication of overthrowing the Second Estate, via the empowerment of commoners[, the Third Estate], is almost too radical to imagine.â A fascinating perspective . The First Estate did not ..
|
|
We got an interesting question from a customer today, and I think the answer might be helpful to a wider audience. Python 2 will reach end of life in two months. This shouldn’t be news to anyone who hasn’t been living under a rock, and plans are in place to use Python 3 in Noetic (whereas ROS 2 has always used Python 3). However, the question from our customer was this: What does that mean for existing ROS 1 distributions (Kinetic and Melod..
|
|
Repository: @knadh/otpgateway GitHub release page: v2.4.0 Changelog e2641ae Add max_attempts, ttl in params
|
|
One Dimensional Heat Equation via SUNDIALS and Haskell
-
idontgetoutmuch.wordpress.com
-
6 years ago
-
eng
This is a short example of how to use SUNDIALS to solve a simple partial differential equation in Haskell via the hmatrix-sundials library. The example is taken from the C examples that come with the SUNDIALS source. Here’s the full blog. I’ll give a better URL soonish.
|
|
Repository: @knadh/otpgateway GitHub release page: v2.3.0 Changelog 9bac24b Merge branch ‘master’ of github.com:knadh/otpgateway ebefc48 Merge pull request #10 from joeirimpan/master 2bd4a83 feat: Ensure provider interface is satified across providers b7497ad fix(smtp): Satisfy provider interface
|
|
Robinhood doesn’t have fractional dividends or automatic dividend reinvestments, so I have to figure out what I want to do with those pennies I’ve been earning as dividends.
|
|
I've long been an advocate of Continuous Deployment, but it's always felt somewhat out of reach. I've come close with projects that have had…
|
|
Jude Robinson over at Coderwall posted quick fixes for two long-time annoyances with bash, one for tab completion — case insensitivity and having to double-tap the Tab key to view partial matches — along with what I will call contextual command history: the ability to type cd and then use the arrow keys to work through all previous entries that started with cd. Finally. Permalink.
|
|
Fitbit has discontinued their Fitbit One step trackers, which seems like a good opportunity to step back and reflect on wearing one for the last decade or so. I’ve enjoyed using Fitbit trackers, but the One devices seemed like they broke down too often. I’m pretty proud that I ended up earning all the activity-related […]
|
|
How two board games shape the concept of conflict in the western world and China. Let’s start with two photos: Who won? Try and guess who won in the two games. In the first picture, even if you don’t understand the game you can guess who won. You can tell that the white is smashing the black into a corner. And has more pieces in play. Chess is a game based on domination.
|
|
Sun Moon Lake Tea: Why is it so good? (Spiritual Travels) . Taipei, 2019 . Why You Should Remote Work in Taiwan .
|
The people of the Seventh Mountain worship the “new gods”. They have a religion that is based on ‘The Book of Hanai Suyuu Nozuma ‘ and promises a fairer game. At first we concluded that there were some issues with the Grand Eliyahu (a deity) which outweigh his inhabitants dumb. Their assistance has been huge. […]
|
|
I love Go for many reasons, but this part is still itching me: I postulate that this Go idiom is a burden on our mental capacity: if err != nil { return nil } Error handling is at a tension between two different developer needs. On the one hand, error handling is very annoying and distracting when working on a constructively formulated use case. On the other hand, not dealing with it correctly means that the program blows up i....
|