Dive into Git history with fugitive.vim

11 September 2018, Dávid Csákvári
I prefer to use Git via its command line interface, but some tasks just feel too cumbersome to do solely with it. Lately, I needed to use git-blame a lot, but it’s not especially handy to use. Because I use Vim a lot, it made sense to look into the features of fugitive.vim and found Gblame that provides multiple ways to quickly find relevant bits of history.

Why certificate pinning with HPKP is a bad idea

28 August 2018, Tamás Sallai
HPKP (HTTP Public Key Pinning) is an HTTP header that lets you pin an HTTPS certificate so that returning visitors only accept a chain that contains that. If an attacker gains control over a valid certificate, even if he manages to send that to your users, their browsers will refuse to load the content. It then can protect against rogue certs.

HTTPS security best practices

21 August 2018, Tamás Sallai
The single most important tip regarding HTTPS is to use it. It really should be a no-brainer, and as browsers (and search engines!) are moving to discriminate non-encrypted websites, the incentive is even bigger. If you don’t use HTTPS yet, look up Let’s Encrypt and start using it.

How to use Let's Encrypt with Node.js and Express

24 July 2018, Tamás Sallai
Unlike Apache and Nginx, Let’s Encrypt has no way of autoconfiguring your Node.js app, as it can work in arbitrary ways, while the former two usually follow a predefined (and machine readable) configuration.

Editors' Favourites

Why some projects are clean, easy-to-read, and performant, while others a convoluted mess? Why, when making a modification, in some codebases everything falls into place immediately, while in others it’s more like walking on a minefield?
As WebPack 2 barrels forward, Tree Shaking — or more technically, the removal of unused exports using static analysis — is finding its way to the mainstream. Developers are putting their hopes high, as it promises to solve the pressing problem of bloated packages. Usually, only a fraction of code is actually needed from each dependency but their entire codebase is bundled, increasing the size.
There’s a lot of buzz about JVM optimizations and how it makes production code perform better thanks to the Just-In-Time (JIT) compilation and various optimization techniques. A lots of excellent research materials are available, but I wanted to see for myself how these apply in practice, so I decided to dig deeper and play around with some measurements.
The single biggest obstacle of understanding a piece of code is a lot of variables. Variables introduce state, which in turn increase complexity exponentially. Every single bit of variable information makes reasoning and understanding the code harder.

Interesting article?

Get hand-crafted emails on new content!