rss.png

How I failed to implement CSP

09 October 2018, Tamás Sallai
I keep hearing about CSP (Content Security Policy) and how great it is. It offers fine control over what is allowed on the site and what connections can be made by the users’ browsers. Its primary purpose is to give a tool to developers to prevent malicious scripts from doing any damage and to limit what trusted ones are allowed to do.
Read more

How to securely check your LastPass vault against the Pwned Passwords database

02 October 2018, Tamás Sallai
Ever since I saw that there is a database called Pwned Passwords in which everyone can check if a particular password is leaked, I wanted to know if any of mine is compromised. Unfortunately, while LastPass reports if I have accounts that are affected in a leak, it does not check the passwords themselves.
Read more

How to compare file revisions with fugitive.vim

25 September 2018, Dávid Csákvári
With git-log it’s easy to quickly skim history in the form of patches, but it’s a bit harder to have a quick look at different revisions of a file or to see the difference between two arbitrary versions. fugitive.vim provides tools to do just that.
Read more

Dive into Git history with fugitive.vim

11 September 2018, Dávid Csákvári
I prefer to use Git via its command line interface, but some tasks just feel too cumbersome to do solely with it. Lately, I needed to use git-blame a lot, but it’s not especially handy to use. Because I use Vim a lot, it made sense to look into the features of fugitive.vim and found Gblame that provides multiple ways to quickly find relevant bits of history.
Read more

Editors' Favourites
Best practices on how to work with collections in Javascript
Why some projects are clean, easy-to-read, and performant, while others a convoluted mess? Why, when making a modification, in some codebases everything falls into place immediately, while in others it’s more like walking on a minefield?
Why Webpack 2's Tree Shaking is not as effective as you think
As WebPack 2 barrels forward, Tree Shaking — or more technically, the removal of unused exports using static analysis — is finding its way to the mainstream. Developers are putting their hopes high, as it promises to solve the pressing problem of bloated packages. Usually, only a fraction of code is actually needed from each dependency but their entire codebase is bundled, increasing the size.
JVM JIT optimization techniques
There’s a lot of buzz about JVM optimizations and how it makes production code perform better thanks to the Just-In-Time (JIT) compilation and various optimization techniques. A lots of excellent research materials are available, but I wanted to see for myself how these apply in practice, so I decided to dig deeper and play around with some measurements.
More readable Javascript without variables
The single biggest obstacle of understanding a piece of code is a lot of variables. Variables introduce state, which in turn increase complexity exponentially. Every single bit of variable information makes reasoning and understanding the code harder.

Interesting article?

Get hand-crafted emails on new content!