We're sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm.
Posts Tagged with 'development'
There are lots of “very correct” ways to make your server “very secure.” Most of them rely on paid services, complicated agent-manager topologies, and cool buzzwords like “zero trust”. However, as they say, perfection is the enemy of progress. Many are discouraged by this absolutist approach to server safety, and forget the very basics. Obviously, the expensive and complex solutions exist for a reason, but at the same time a little goes a long way.
Once upon a time, I said outloud “If I ever get a tattoo it will say «The Docs Lie».” This was a response to a colleague asking that we collecively should write more documentation.Two years later I wrote Code is a Conversation. At the time, we were working in a highly volatile code-base. I found it draining to even think about taking time to write documentation. Writing documentation, like writing tests, means considering what is the context of what you’re writing.
I often make use of Slack's
Of recent indexing failures, 62% are sites going offline, 19% are sites where robots.txt blocks indexing, and 5.5% are where Cloudflare blocks indexing.
Originally, React mainly used class components, which can be strenuous at times as you always had to switch between classes, higher-order components, and render props. With React hooks, you can now do all these without switching, using functional components.
ElixirFocus provides educational content for Elixir developers looking to evolve their coding skills.
When I first started implementing my Micropub endpoint, the tool I use to post content such as likes and bookmarks on my website, I decided that I would show a brief message stating how I had reacted a post. The format for these posts was
About two weeks ago, I started thinking about IndieAuth. I have implemented a few IndieWeb specifications in the past but IndieAuth was one that I had put to the back of my mind until recently. I was not confident in implementing an authentication endpoint so I decided to move on to other projects. I just came back to the spec and, with some encouragement from the people in the IndieWeb chat, realised that there was no reason why I should not try and build an IndieAuth endpoint. So I did. Now I have an IndieAuth endpoint that I can use to authenticate to any service that uses IndieAuth for authentication.