👓 What I read in

Week 36, 2024

Week 35, 2024

Week 34, 2024

Ikea's Inventory Drones Expansion
Algorithms we develop software by
Bun は Node より速いのか？ Misskey で検証
croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is the only CLI file-transfer tool
Flaw has Microsoft Authenticator overwriting MFA accounts, locking users out

Week 33, 2024

Week 32, 2024

SVG Viewer is an online tool to view, edit and optimize SVGs.
Happy 33rd birthday the world's first website!
Cringey, But True: How Uber Tests Payments In Production
70% of new NPM packages in last 6 months were spam
How I Use "AI"
Organic Maps: Offline Hike, Bike, Trails and Navigation
Introducing GitHub Models: A new generation of AI engineers building on GitHub
How Google handles JavaScript throughout the indexing process
- CSR is possible but has poor support

Week 31, 2024

Don’t Let Your Domain Name Become a “Sitting Duck”
Creativity Fundamentally Comes From Memorization
GlazeWM is a tiling window manager for Windows inspired by i3 and Polybar.
Meta to pay Texas $1.4 billion for using facial recognition technology without users’ permission
Dear AI Companies, instead of scraping OpenStreetMap, how about a $10k donation?
Children should be allowed to get bored, expert says
Have It All: External, Styleable, & Scalable SVG
- SVG triangle of compromise
Europe Is in Danger of Regulating Its Tech Market Out of Existence
Get The Screen Width & Height Without JavaScript
Why "page.goto()" is slowing down your Playwright tests
You’ll Write Less Code With Svelte 5.0, Promises Rich Harris
Zstandard, or zstd as short version, is a fast lossless compression algorithm, targeting real-time compression scenarios at zlib-level and better compression ratios.
- https://x.com/adrianco/status/1560854827810361345
- https://www.uber.com/en-TW/blog/cost-efficiency-big-data/

Week 30, 2024

AI crawlers need to be more respectful
Generating sudokus for fun and no profit
Anchor Links and How to Make Them Awesome
CSS Grid Areas
Anyone can Access Deleted and Private Repository Data on GitHub
- don't use private forks. Copy the repository instead. #
- the only way to securely remediate a leaked key on a public GitHub repository is through key rotation.
Google Is the Only Search Engine That Works on Reddit Now Thanks to AI Deal
Switzerland now requires all government software to be open source
Intent to End OCSP Service
rrweb - record and replay the web
TablePlus - Database management made easy

Week 29, 2024

Week 28, 2024

Engineering Principles for Building Financial Systems
If AI chatbots are the future, I hate it
Second Factor SMS: Worse Than Its Reputation - Attackers can intercept SMS one-time passwords through techniques like SIM swapping or exploiting SS7 network vulnerabilities.
Spot the Drowning Child
SEQUOIA - Adapting to Endure
Google Chrome gives all .google.com sites full access to system / tab CPU usage, GPU usage, and memory usage. It also gives access to detailed processor information, and provides a logging backchannel. This API is not exposed to other sites - only to .google.com. — #
Rye is a comprehensive project and package management solution for Python.
Reverse engineering Ticketmaster's rotating barcodes
I'm Funding Ladybird Because I Can't Fund Firefox
How to think in writing: Part 1: The thought behind the thought

If your goal is to probe the validity of your thoughts, this is painfully inefficient. You'll get much further if you do one or two simple passes on your writing, and then pass what you've written around and ask for feedback. — BeetieB
Why privacy is important, and having "nothing to hide" is irrelevant
Identity Crisis: Sequence v. UUID as Primary Key
Radio Garden

Week 27, 2024

Cardiorespiratory fitness is a strong and consistent predictor of morbidity and mortality among adults: an overview of meta-analyses representing over 20.9 million observations from 199 unique cohort studies
Woodworking as an escape from the absurdity of software
HTMX does not play well with content security policy
Why Is Chile So Long?
gRPC: The Bad Parts
Edna is a scratchpad for developers. It's a large persistent text buffer where you can write down anything you like. Works great for that Slack message you don't want to accidentally send, a JSON response from an API you're working with, notes from a meeting, daily to-do list, etc.
KT 60만명 해킹의 심각성: 사상 최악의 사이버 범죄로부터 당신은 지금도 안전하지 않다
Building an AI-Native Company
Teo is schema-driven web server framework. The server side API is native to Rust, Node.js and Python.
마이리얼트립으로 살펴본 여행 산업에서의 SEO, 키워드 성과 분석 중요성
Microsoft’s AI boss thinks it’s perfectly okay to steal content if it’s on the open web

Week 26, 2024

Liquid Layers
Pop!_OS is an operating system for STEM and creative professionals who use their computer as a tool to discover and create. Unleash your potential on secure, reliable open source software.
A Three-Step Framework For Solving Problems 👌
What is Jobs to be Done (JTBD)?

Upgrade your user, not your product. Don’t build better cameras — build better photographers.
— Kathy Sierra
Reshot - Free Icons & Illustrations Design freely with instant downloads and commercial licenses.
1-click Exploit in South Korea's biggest mobile chat app
dotenvx - a better dotenv–from the creator of dotenv.
- run anywhere (cross-platform)
- multi-environment
- encrypted envs
Microsoft Account to local account conversion guide erased from official Windows 11 guide — instructions redacted earlier this week
Readme Driven Development
Windows 11 is now automatically enabling OneDrive folder backup without asking permission
Ruby: a great language for shell scripts!
llama.ttf is a font file which is also a large language model and an inference engine for that model.
함께해요 파이썬 생태계
EntityCode

Week 25, 2024

DB Browser for SQLite
Google Gemini tried to kill me
Cyber Scarecrow
Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
Mocking is an Anti-Pattern - Mocking is an anti-pattern. Mocking adds complexity, is hard to maintain, introduces its own bugs, doesn't test what should be tested and creates a false sense of security. Several things you can do instead:
- More unit testing
- Easier to Test IO
- Just do IO
- Separation of logic and services / IO
- E2E integration tests
좋은 에러 메시지를 만드는 6가지 원칙
Start Presentations on the Second Slide
Do not try to be the smartest in the room; try to be the kindest.
How Stripe’s document databases supported 99.999% uptime with zero-downtime data migrations

Week 24, 2024

CSS Length Units
Fine-tuning Text Inputs
Cap Unit
Group chats rule the world

— Salons and groups have always existed but why the recent shift to private discourse?
Because the public internet makes it too easy for people to sell you stuff, extract value from you, or harass you. Private chats are human-scale environments where understandable social norms---not commerce, algorithms, or formal rules---drive the interactions. It's an authentic experience. #
The Expanding Dark Forest and Generative AI

As AI takes over the public internet (the trees) the people will retreat to safe underground spaces where they know only authentic humans live. #
Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to
RunCat - The cat tells you the CPU usage of Mac by running speed.
Boop. - A scriptable scratchpad for developers.
AlDente - Charge Limiter🍝 - MacOS menu bar tool to limit maximum charging percentage
Study shows N95 masks near-perfect at blocking escape of airborne COVID-19
UUIDv7: The Time-Sortable Identifier for Modern Databases
SQLite As An Application File Format
AeroSpace is an i3-like tiling window manager for macOS
ANTI-CHEAT EXPERT: ALL YOUR PIXELS ARE BELONG TO US
"Web components" considered harmful

It's better to use the specific names (custom elements, shadow DOM, templates) instead of the umbrella term "web components" to avoid confusion and make these APIs more approachable.
"AI-powered" has become a red flag
Keylogger discovered in image generator extension
Microsoft Will Switch Off Recall by Default After Security Backlash

Satya Nadella told the entire Microsoft org that if anyone had to choose between features and security, to choose security. I'm hearing from Microsoft people that all product roadmaps are deferred for a few months while security features are addressed. Their whole corporate spiel is "Microsoft runs on trust" (see the famous standards of business training on youtube).

And then someone goes and invents Recall. This is not the work of a lone engineer and a principal PM fishing for Impact or whatever they call success at Microsoft. This had to have gone through multiple levels of review. Microsoft PMs, CVPs, their corpo legal people, marketing approval. And yet no one stopped to say, "wait, this could blow up in our faces"? — https://news.ycombinator.com/item?id=40615205
Cancel Adobe if you are a creative under NDA with your clients

Week 23, 2024

Should I Use JWTs For Authentication Tokens?

They are designed for large-scale environments like Google and Facebook, where the benefits of JWTs (not needing to query a user database for every request) outweigh the drawbacks. However, for most applications that process less than 10,000 requests per second, the complexity of JWTs is unnecessary. A simpler approach is to use a normal opaque session token stored in a database, which is the approach used by most web frameworks.
모두를 위한 디자인
LLMs Aren’t Just “Trained On the Internet” Anymore
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.

Week 22, 2024

Polyfill.io, 중국 CDN 기업에 인수된 후 보안 및 안정성 문제 발생
- polyfill.io now available on cdnjs: reduce your supply chain risk
Why, after 6 years, I’m over GraphQL
Three Laws of Software Complexity
1. A well-designed system will degrade into a badly designed system over time.
2. Complexity is a Moat (filled by Leaky Abstractions).
3. There is no fundamental upper limit on Software Complexity.
An Anonymous Source Shared Thousands of Leaked Google Search API Documents with Me; Everyone in SEO Should See Them
Your API Shouldn't Redirect HTTP to HTTPS
- Redirection can lead to sensitive data being transmitted in plaintext before the encrypted connection is established.
Terminal Text Effects
Doing is normally distributed, learning is log-normal
- Software estimation is challenging because it fails to recognize that learning is non-normally distributed.
Bubble.ai
Google scrambles to manually remove weird AI answers in search

Week 21, 2024

iTerm2 and AI hype overload

A terminal emulator is probably one of the most privileged programs. It deals with all the secrets in the world, and the threat that it could be used to upload them all to a third party is great enough that people are willing to switch away from it sight unseen.

not letting you use local models
Leaked OpenAI documents reveal aggressive tactics toward former employees
Improvements to the Speculation Rules API which allows websites to prefetch or prerender future navigations to improve performance.
QPick.app website for making random choices easy and fun!
- https://qpick.app/burger,pizza,chicken
Rethinking Text Resizing on Web
- Airbnb has made improving web accessibility a priority, focusing on the WCAG 1.4.4 Resize Text guideline. This guideline is important for users with low vision, as it requires web content to be maintained when text is scaled 200%.
New alternatives to innerHTML
- setHTML
- setHTMLUnsafe does not perform input sanitization. The setHTMLUnsafe method is particularly useful for working with declarative shadow DOM, where the contents of a <template> element with the shadowrootmode attribute need to be rendered as shadow DOM. The setHTML method would remove the template element entirely, whereas setHTMLUnsafe preserves it.
A Brief Note on Highlighted Text

If you plan to style text highlighted by the browser, you must give it sufficient contrast — 3:1 for the highlight block against its background and (probably) 4.5:1 for the text within that highlighted block against that background.
Target=_blank implies rel=noopener
Thinking out loud about 2nd-gen Email
Files - Building the best file manager for Windows

Week 20, 2024

A Front-End Engineer's Take on LLMs

the indeterminism and unreliable behavior of LLMs, which is unlike the deterministic nature of typical software development. The author thinks prompt engineering will go the way testing is going. - be a skill rather than a discipline
The Times You Need A Custom @property Instead Of A CSS Variable

CSS custom properties allow developers to specify the syntax, initial value, and inheritance behavior of CSS variables. This provides more control over how variables are used, enabling advanced animations that were previously only possible with JavaScript.
Edit PDFs for free with Firefox PDF Editor
URLhaus is a project from abuse.ch with the goal of sharing malicious URLs that are being used for malware distribution.
State of HTML 2023
Not an iPad Pro Review: Why iPadOS Still Doesn’t Get the Basics Right
100k Stars
PeaZip Free Archiver
Humanoid agent robot
Avoid blundering: 80% of a winning strategy
- https://news.ycombinator.com/item?id=39902854
- https://news.hada.io/topic?id=14789

Week 19, 2024

Latency numbers every frontend developer should know
It’s always TCP_NODELAY. Every damn time. argues that in modern distributed systems, Nagle's algorithm may no longer be necessary. The author recommends that for latency-sensitive distributed systems, TCP_NODELAY should be the default setting, as it provides better performance.
Deaf girl is cured in world first gene therapy trial
Homebrew vs. MacPorts, A Systems Software Engineer's Perspective

In practice, many engineers use both package managers to combine the strengths of each. For instance, use Homebrew for common software and MacPorts for specialized projects.
chezmoi - Manage your dotfiles across multiple diverse machines, securely.
Distribution is King - What video games can teach us about building billion-dollar companies
- https://news.hada.io/topic?id=14677
Your 14-Day Free Trial Ain't Gonna Cut It

For Keygen, p50 TTC(Time-to-Convert) is 41 days. My p90, 130 days; p95, 198; p99, 290.
JSONata JSON query and transformation language
‘I will never go back’: Ontario family doctor says new AI notetaking saved her job

Week 18, 2024

You receive a call on your phone. The caller says they're from your bank
I Reviewed 1,000s of GraphQL vs. REST perspectives
I Reviewed 1,000s of Opinions on HTMX
jsDelivr May outage postmortem
Locality of Behavior in React Components

Abstractions are not an enemy of locality. You don’t need to inline everything in a single file. In the context of a React component, the invocation of the function is more important than what it actually does.
Forms 101: More tags useful in forms - <fieldset>, <legend>
Form fields: File input fields
Form fields: Autocompleting form fields
Google Made Me Ruin A Perfectly Good Website: A Case Study On The AI-Generated Internet

Google's AdSense program rejected the site, claiming it lacked unique content. To get approved, the author resorted to generating low-quality, AI-written content like recipes, poems, and blog posts about their fictional obsession with congressional apportionment. After creating this deranged additional content, Google eventually approved the site for ads. The passage is a critique of how Google's policies are leading to the proliferation of low-quality, SEO-driven content on the internet.
SVG Viewer – View, edit, and optimize SVGs
What can LLMs never do?

inability to perform certain tasks that seem simple for humans, like playing Wordle or predicting the output of cellular automata.
World Wide Web (1991)
Leaving Rust gamedev after 3 years

Rust's strengths do not always align well with the needs of practical game development.
Passkeys: A Shattered Dream

The technology has become increasingly controlled by major tech companies like Google and Apple with problems about device compatibility, data loss, and vendor lock-in. Password managers may provide a better user experience for most consumers.

Week 17, 2024

CSS: Specificity
TDD's Missing Skill: Behavioral Composition
The Man Who Killed Google Search
Cognition Labs: "Today we're excited to introduce Devin, the first AI software engineer.
- They actually dont do ANYTHING themselfs - Analytics: Hotjar, Website: NextJS, Login: Clerk, Jobs: Ashby, Waitlist: Google docs (ROFL), Learn more about their funding: A link to twitter
Programming Is Mostly Thinking
Coroutines and effects

Week 16, 2024

Why you need a "WTF Notebook"
The invisible seafaring industry that keeps the internet afloat.
NEVER sacrifice your life for an artificial deadline.
- How to determine if something is an artificial deadline? Because if it were a real deadline with significance to the business, they'd pull more hands on deck, remove roadblocks relentlessly day after day, and even offer to take portions of your work on themselves so that the deadlines can be met.
HTMX Is So Cool I Rolled My Own!
The Wax and the Wane of the Web
My favourite animation trick: exponential smoothing avoids issues like jittering or overshooting that can occur with other methods.
DevTools Tips & Tricks
Gap is the new Margin

Margin breaks component encapsulation. A well-built component should not affect anything outside itself.
Prediction: margins in stylesheets will decline as gap in stylesheets climb
Hardest Problem in Computer Science: Centering Things

STOP. USING. FONTS. FOR. ICONS.
https://ios404.com/ - missing web features in iOS
Hono is a small, simple, and ultrafast web framework for the Edges. It works on any JavaScript runtime: Cloudflare Workers, Fastly Compute, Deno, Bun, Vercel, AWS Lambda, Lambda@Edge, and Node.js.
Old CSS, new CSS

<H1><FONT COLOR=red>...</FONT></H1> …every single goddamn time.

is in fashion again! Only now it’s called class="text-red-500" :o)

Week 15, 2024

QCon London: How Duolingo Sent 4 Million Push Notifications in 6 Seconds During the Super Bowl Break
QWANJI
The Power of :has() in CSS
```
h1:has(+ h2) {
  color: blue;
}
```
How to Kill the Cascade
In-app browsers are still a privacy, security, and choice problem

How to think about HTML responsive images

<picture>
  <source media="(prefers-color-scheme: dark)" srcset="macos-dark.png" />
  <source media="print" srcset="macos-contrast.png" />
  <img src="macos-light.png" alt="…" />
</picture>

The 37signals Guide to Internal Communication

Week 14, 2024

An Interactive Guide to CSS Container Queries

/* Try to add more items and see what happens. */
.timelineWrapper {
  container: timeline / inline-size;
  --force-vertical: false;

  &:has(.c-timeline__item:nth-last-child(n + 5)) {
    --force-vertical: true;
  }
}

@container timeline (inline-size > 430px) and style(--force-vertical: false) {
  /* Apply the full variation. */
}

Reddit Migrates Media Metadata from S3 and Other Systems into AWS Aurora Postgres
Chill Scroll Snapping: Article Headers
JavaScript Visualized: Promise Execution

Long story short, Promises are just objects with some additional functionality to change their internal state.

The cool thing about Promises is that this can trigger an asynchronous action if a handler is attached by either then or catch. Since the handlers are pushed to the Microtask Queue, you can handle the eventual result in a non-blocking way. This makes it easier to handle errors, chain multiple operations together, and keep your code more readable and maintainable!
Happy 404 Day. Whats your favorite 404 error page?
- Financial Times 404
Kobold Letters - Why HTML emails are a risk to your organization

Spicing up text with text-emphasis in CSS

.text-emphasis-dollar {
  text-emphasis: "$" lime;
  text-emphasis-position: under;
}

CSS scoping from What You Need to Know about Modern CSS (Spring 2024 Edition)
CSS Button Styles You Might Not Know
The manipulation value disables gestures like ‘double-tap to zoom’. Other gestures like ‘panning’ and ‘pinch to zoom’ are unaffected. An extra benefit is that the browser no longer needs to delay the click event waiting for a second tap.
```
.button,::file-selector-button {
  inline-size: fit-content;
  touch-action: manipulation;
  user-select: none;
}
*:focus-visible {
    outline: 2px solid magenta;
    outline-offset: 2px;
  }
}
```
BIG DATA IS DEAD

The author suggests that the real problem is often data hoarding rather than true "Big Data" challenges. Overall, the passage contends that the Big Data hype has passed and organizations should focus on using their data effectively rather than worrying about sheer data volume.
What’s the Difference Between OLAP and OLTP?
Postgres is eating the database world

PostgreSQL is emerging as a dominant database platform that is capable of handling a wide range of use cases, from OLTP to OLAP workloads. Its extensibility through a thriving ecosystem of add-ons and integrations allows it to compete with specialized databases across various domains like time-series, geospatial, and vector data. The rise of analytical extensions like ParadeDB and DuckDB have further bolstered PostgreSQL's capabilities, making it a viable alternative to dedicated data warehousing solutions. As hardware advancements have addressed performance and scalability concerns, the need for separate OLTP and OLAP systems is diminishing, leading to a convergence where PostgreSQL can serve as a unified, multi-model database. The author argues that the real competitive frontier now lies in leveraging PostgreSQL's extensibility through integrated distributions and services, rather than focusing on the core database kernel.

The power of CSS Variables 💪: A flexible solution for spacing utilities

<div style="--space-top: 30px; --space-bottom: 100px;"></div>

@media (min-width: 992px) {
  [style*="--space-bottom"] {
    margin-bottom: var(--space-bottom);
  }
  [style*="--space-top"] {
    margin-top: var(--space-top);
  }
}

What is safe alignment in CSS?

.flex {
  display: flex;
  align-items: safe center;
}

LiveView is best with Svelte

LiveView is a unique approach to building web applications that combines the benefits of server-rendered and client-side frameworks. While LiveView offers many advantages, the authors found some limitations around handling complex client-side interactions and the blurry line between client and server state. To address these challenges, the authors describe using LiveView together with the Svelte frontend framework, which they found to be a powerful and productive combination. The LiveView backend handles data fetching, validation, and state management, while the Svelte frontend focuses on rendering and simple event handling. This "LiveSvelte" approach eliminates the need for a separate frontend microservice and allows for a clean separation of concerns between the client and server.

One possible solution which I didn't investigate, but should work, is to write all game logic in gleam (https://gleam.run/). Gleam is compatible with Elixir, AND it also can compile to js, so you could in theory run the same code on the server and the client. — POiNTx
HTTP Speed - Deno, Bun, Node.js
Optimizing Javascript for fun and for profit
- Avoid different shapes
Runtime compatibility across JavaScript runtimes
- https://node.green/
Alpine Ajax - Comparisons between Alpine AJAX and other similar libraries
WebSockets vs Server-Sent-Events vs Long-Polling vs WebRTC vs WebTransport

Week 13, 2024

You Want border-color: transparent, Not border: none
- @media (forced-colors: active)
There is no EU cookie banner law
Why choose async/await over threads in Rust? explains how async/await allows for more composable and flexible concurrency compared to threads, which can be difficult to synchronize. The author argues that the benefits of async/await, such as its ability to easily add timeouts and other functionality, are not always well-communicated.
- Futex congestion collapse. Starvation of unfair mutexes.
Game of Life, simulating itself, infinitely zoomable
https://www.libhunt.com/css

Week 11, 2024

mise-en-place - dev tools, env vars, task runner
Flox is a virtual environment and package manager all in one.
You should separate your billing from entitlements
5 things I learned while developing a billing system
Devin: AI Software Engineer - comments
Designing better target sizes
Techniques to Break Words
- Probably don’t add  without guidance from a copywriter.
- Probably don’t add  to foreign words without a localization expert or at least a native speaker.
- Probably don’t add  to URLs, email addresses, code blocks, and so on.
- Probably restrict <wbr> to URLs, email addresses, code blocks, and similar words where technical accuracy is paramount.
- Probably restrict <wbr> to before periods and dashes and maybe slashes in URLs and emails so it doesn’t look like the sentence or address has ended.
Getting Started with Style Queries
- Can't you do it with attributes?
Bruno - Fast and Git-friendly open-source API client (Postman alternative)

Week 10, 2024

CSS :has() Interactive Guide
A practical guide to using shadow DOM
Aristotle — How to live a good life - Ralph Ammer

Happiness is not a feeling of pleasure. Happiness is the pursuit of excellence.
CSS for printing to paper

Week 09, 2024

Blur radius comparison

the three Sketch blur types, scaled to the equivelent CSS box-shadow value. They now all match!
WebPerf Snippets
So, what exactly did Apple break in the EU?

Youtube video embedding harm reduction

<iframe
  credentialless
  allowfullscreen
  referrerpolicy="no-referrer"
  sandbox="allow-scripts allow-same-origin"
  allow="accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; browsing-topics 'none'; camera 'none'; display-capture 'none'; domain-agent 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport ''; gamepad 'none'; geolocation 'none'; gyroscope 'none'; hid 'none'; identity-credentials-get 'none'; idle-detection 'none'; local-fonts 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; otp-credentials 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-create 'none'; publickey-credentials-get 'none'; screen-wake-lock 'none'; serial 'none'; speaker-selection 'none'; usb 'none'; window-management 'none'; xr-spatial-tracking 'none'"
  ,
  csp="sandbox allow-scripts allow-same-origin;"
  width="560"
  height="315"
  src="https://www.youtube-nocookie.com/embed/jfKfPfyJRdk"
  title="lofi hip hop radio 📚 - beats to relax/study to"
  frameborder="0"
  loading="lazy"
></iframe>

Netlify just sent me a $104K bill for a simple static site
Four Steps to Achieving Operational Flow and Improving Quality in Tech Teams
- Take on fewer things; focus on doing a complete job.
- Dependencies destroy flow. Break down and remove dependencies in order to improve your team(s)'s ability to get things done.
- Shift your focus toward keeping work moving and away from keeping people busy.
- Work creates ROI only when a customer can use it. That means that completing work is more important than being busy.
- It's more important for a team to be able to keep work moving than it is to keep the team small. Get work moving first, then think about how to reduce team size without compromising flow.
Dear Developer, the Web Isn’t About You
- The web was originally simple, robust and accessible to all due to technologies like HTML working together in a layered manner.
- Performance and accessibility are major issues for many users but not priorities for most developers.
- Simple, progressive techniques like serving HTML first make sites robust and usable for all.
- The goal is caring for all people who use the web, not prioritizing new technologies.
SaaS Payment vs. SaaS Billing - What Those Terms Mean and What the Differences Are
🦑 The 14 pains of building your own billing system
Decoding Apple's Ploy To Scuttle Progressive Web Apps
What is a non-capturing group in regular expressions?
console.delight
Quality is a hard sell in big tech

Week 08, 2024

JavaScript Bloat in 2024
Scroll-Driven Animations: You want overflow: clip, not overflow: hidden
Introducing SafeTest by Netflix: A Novel Approach to Front End Testing
🔒Securing Web: A Deep Dive into Content Security Policy (CSP)
Using localStorage in Modern Applications: A Comprehensive Guide
Using abbreviations for long CSS properties in VS Code
https://www.perfectmemory.ai/
- https://www.rewind.ai/
If Architects had to work like Programmers
Bloom Filters
- Bloom filters return true it doesn't mean "yes", it means "maybe", false-positive.
- If you're happy to accept being wrong 0.0001% of the time (1 in a million), you could use a bloom filter which can store the same data in 82% reduction in size.
In Defense of Simple Architectures
- Microservices aren't a performance strategy. They are a POTENTIAL cost saving strategy against performance. And an engineering coordination strategy.
- Towards Modern Development of Cloud Applications
The Case Against Caffeine
- But it gets worse, especially if you drink lots of caffeine throughout the day. In that case, you never give your body the chance to clear it out. So the base concentration in your blood slowly creeps up. - https://zantafakari.substack.com/i/141012714/the-science-of-sleep

htmz is a minimalist HTML microframework that gives you the power to create dynamic web user interfaces with the familiar simplicity of plain HTML.

<iframe
  hidden
  name="htmz"
  onload="setTimeout(()=>document.querySelector(this.contentWindow.location.hash||null)?.replaceWith(...this.contentDocument.body.childNodes))"
></iframe>

Week 07, 2024

LLRT (Low Latency Runtime) is a lightweight JavaScript runtime designed to address the growing demand for fast and efficient Serverless applications. LLRT offers up to over 10x faster startup and up to 2x overall lower cost compared to other JavaScript runtimes running on AWS Lambda
A Guide To Designing For Older Adults

Today, one billion people are 60 years or older. That’s 12% of the entire world population, and the age group is growing faster than any other group. Yet, online, the needs of older adults are often overlooked or omitted.
How to make external links accessible
- Why external links should open in the same tab
  - giving users the choice
- When external links should open in a new tab
  - Lose form progress
  - An alternative solution
  - Terminate login
  - User needs information on both pages
- Accessible design and code for external links opening in a new tab
  - give users a warning that it opens in a new tab.
:focus vs :focus-visible
The :focus-visible pseudo-class also matches the focused element, but only if the user needs to be informed where the focus currently is.
- https://daverupert.com/2024/01/focus-visible-love/
The psychology of site speed and human happiness
Apple has not fixed the macOS audio left/right balance bug for nearly 10 years
- https://news.ycombinator.com/item?id=39367460
I designed a cube that balances itself on a corner
How to Study
(Almost) Every infrastructure decision I endorse or regret after 4 years running infrastructure at a startup
Classless CSS
Drop-in switcher for previewing minimal CSS frameworks

Week 06, 2024

SQL for the Weary
Command Line Interface Guidelines
Simplify: move code into database functions
- Databases outlive the applications that access them.
- the database is actually quite smart.
- examples: constraints, triggers, functions, create JSON directly.
- If you like JavaScript, check out the promising plv8.
- branching? source code history(Migrations)?
  - How to work with stored procedures and not die trying?
  - You can use a DDL trigger to keep all revisions in a table in a separate database (and of course back up that database frequently). - SQL Server DDL Triggers to Track All Database Changes
It's Time To Get Over That Stored Procedure Aversion You Have
Postgresql is enough
- As an application grows in complexity, you start to realize why there's a stack, rather than just a single technology to rule them all. Trying to cram everything into Postgres (or lambdas, or S3, or firebase, or whatever other tech you're trying to consolidate on) starts to get really uncomfortable.
- ... both worked: the PG queue was never grown out of, and generally SQS was easy to work with & reliable. But what I've also seen is "Let's introduce bespoke tech that nobody on the team, including the person introducing it, has experience in, for a queue that isn't even the main focus of what we're building" — this I'm less fine with.
People will never be motivated to go the extra mile by a standardized, bureaucratized process.
- https://news.ycombinator.com/item?id=39272190
Companies embracing SMS for account logins should be blamed for SIM-swap attacks
Write code for the web
- Apple doesn’t care for me as a developer
- The best approach is to write code for the web, where no single company has control.
- https://news.ycombinator.com/item?id=39250406
tints.dev - Palette Generator + API for Tailwind CSS
The undercover generalist
- Needing to look like a specialist
- Telling people what they want to hear
Lazy Hydration and Server Components in Nuxt – Vue.js 3 Performance

Most of the components don’t need to be eagerly hydrated
How to align the text of the last paragraph line

text-align-last
Benchmarks of JavaScript Package Managers(daily updated)

Week 05, 2024

Week 04, 2024

A Single Small Map Is Enough For A Lifetime
iPhone Apps Secretly Harvest Data When They Send You Notifications, Researchers Find
npm malware (@npm_malware) on X
The problem with disabled buttons and what to do instead
When to use CSS text-wrap: balance; vs text-wrap: pretty;

Use text-wrap: balance; on headings and subheadings. And use text-wrap: pretty; on paragraphs of text to get rid of orphans on the last line. Despite the Chromium-only support, these would be a good candidate for progressive enhancement.
A Practical Introduction to Scroll-Driven Animations with CSS scroll() and view() - At the time of writing this, it is Chromium only.
12 Modern CSS One-Line Upgrades
- Stable Enhancements: accent-color, scroll-margin-top/bottom - [id]
- progressive enhancement: overscroll-behavior: contain, scrollbar-gutter
- https://news.ycombinator.com/item?id=39176717
Should I Open Source my Company?
What Is Nightshade? - An offensive tool for artists against AI art generators

Week 03, 2024

PIDs: Creating Stable Control in Games
U.S. Developers Can Now Offer Non-App Store Purchasing Option, But Apple Will Still Collect Commissions
Teach Yourself Programming in Ten Years - Why is everyone in such a rush?
Slashing Data Transfer Costs in AWS by 99%
AWS replicates S3 data between availability zones
- https://news.ycombinator.com/item?id=38999902 - https://news.ycombinator.com/item?id=38999947
Preventing HTTPS Downgrade Attacks
- configuring servers to redirect all HTTP traffic to HTTPS and setting the HTTP Content-Security-Policy and Strict-Transport-Security headers to enforce HTTPS-only browsing
- The HSTS preload directive further strengthens security by ensuring browsers always use HTTPS for a domain

Week 02, 2024

Use cases of soft delete
- You want to delete records, but also want to retain them for n number of days, just for a safer side against accidental deletion.
- You want to exclude some records (permanent retain) under explicit requirements, even if they match the criteria of an eligible record to be deleted.
- You don't want to delete the actual resource before returning the resource back. Basically, deletion before returning the value is not desired.
- You don't want to modify existing table schema(s) to accommodate soft delete key.
- You want the tables as loosely coupled as possible without having to worry about deletion logic.
All JavaScript and TypeScript Features of the last 3 years
Using the CSS contain property: A deep dive

to decrease the burden on browsers for layout calculations, paints, repaints, and reflows.
One YouTube Embed weighs almost 1.2 MB

https://github.com/paulirish/lite-youtube-embed
Correctly Configure (Pre) Connections
atuin - ✨ Magical shell history
Prevent unnecessary network requests with the HTTP Cache
Understanding SVG Paths
6 CSS snippets every front-end developer should know in 2023
Chrome enables desktop mode by default on premium tablets
Zendesk Moves from DynamoDB to MySQL and S3 to Save over 80% in Costs
Why LinkedIn chose gRPC+Protobuf over REST+JSON: Q&A with Karthik Ramgopal and Min Chen
CSS Scroll Snapping Aligned With Global Page Layout: A Full-Width Slider Case Study
What is Token-Based Authentication?

Week 01, 2024

LLMs and Programming in the first days of 2024

The author discusses their extensive use of large language models for programming tasks over the past year. They find LLMs most helpful for writing disposable code, learning new frameworks quickly, and accelerating documentation searches. While useful, LLMs still struggle with system programming problems requiring complex reasoning. The author believes LLMs have begun to show rudimentary reasoning abilities through their interpolation of concepts, but their capabilities are still limited. Overall, they argue LLMs are a valuable tool for programmers that can help focus time on more important problems and skills.
Why asking your customers what they want doesn't work

A fast food chain failed to increase milkshake sales despite adding requested elements, but succeeded by observing what "jobs" customers hired milkshakes for, such as a boring commute. Don‘t listen to your customer. Watch your customer.
Best-Practices for API Authorization
It's not microservice or monolith; it's cognitive load you need to understand first
Cold-blooded software
Heynote is a dedicated scratchpad for developers

2023

2022

Children

Backlinks

Luke