Programmer Weekly (Issue 127 October 20 2022)

Programmer Weekly - Issue 127

October 20, 2022

Programmer Weekly

Welcome to issue 127 of Programmer Weekly. Let's get straight to the links this week.

Quote of the Week

 

"Good programming is 99% sweat and 1% coffee." - Anonymous

News

KataOS is implemented almost entirely in Rust, which provides a strong starting point for software security, since it eliminates entire classes of bugs, such as off-by-one errors and buffer overflows.

PostgreSQL 15 builds on the performance improvements of recent releases with noticeable gains for managing workloads in both local and distributed deployments, including improved sorting. This release improves the developer experience with the addition of the popular MERGE command, and adds more capabilities for observing the state of the database.

Reading List

SQL’s Common Table Expressions (CTEs), also known as "WITH statements", are query-scoped temporary result sets. Here's why and how to use them as abstractions for complex business logic.

How de-duplicated, incremental file transfer works.

Web is made up of technologies that got started over 25 years ago. Now, we are transitioning to a new and improved architecture for building web applications.

In this post, we introduce RecSysOps a set of best practices and lessons that we learned while operating large-scale recommendation systems at Netflix. These practices helped us to keep our system healthy while 1) reducing our firefighting time, 2) focusing on innovations and 3) building trust with our stakeholders.

The author synthesizes major learnings about how to build platforms into five lessons.

Platform engineering works cross-functionally with other SWE teams, optimizing their time to value and helping them own their code in prod.

How do we ensure atomicity across multiple machines? This is a classic computer science problem called Atomic Commitment. The classic solution to this classic problem is Two-phase commit, maybe the most famous of all distributed protocols. There's a lot we could say about atomic commitment, or even just about two-phase commit. This post focuses on just one aspect: atomic commitment has weird scaling behavior.

How the NYT Identity team tried out the Analytic Hierarchy Process to select a user ID format.

One of the many pitfalls of friction between engineering and business is the lack of fundamental measurements on the health of engineering. But how does business measure engineering efficacy, and how does engineering posit its standing to business?

Reliability precepts and tradeoffs learned the hard way.

How we built our first iteration of content matching at Canva.

Safe Mode has allowed us to identify client-side incidents more quickly, resolve them faster, avoid hotfixes, and enable users to continue using our apps while we debug issues behind-the-scenes. Additionally, engineers are able to ship features with a little less worry and release managers know that there is something in place to help mitigate incidents.

Watch and Listen

Ever wondered why browsers look like they do? Why we use port 80, or why it’s  img src=…  and not  image source=… ? How did JS and CSS take over, and what could there have been instead? Who invented modern web dev tooling, and how have your favourite server and client frameworks been battling it out? Where are the latest wave of metaframeworks trying to take us next? Let’s explore it though demos!

Kirsten Westeinde is a technology enthusiast and a lifelong learner. She is a development manager at Shopify, where she solves challenging web development problems every day. She talks with Scott about her career at Shopify moving from Software Developer to Senior Software Development Manager. They also chat about the Shopify's Journey from Monolith...to something different!

This talk guides you through various security risk of Kubernetes, focusing on OWASP Kubernetes Top 10 list. In live demos, you’ll find out how to exploit a range of past and present CVEs or misconfigurations in your k8s clusters, attacking containers, pods, supply chain, network, or storage. You’ll learn about common mistakes and vulnerabilities along with the best practices for hardening your Kubernetes systems.

Interesting Projects, Tools and Libraries

roadmap.sh is a community effort to create roadmaps, guides and other educational content to help guide the developers in picking up the path and guide their learnings.

This is a card game for teaching kids how to combine unix commands through pipes.

RedEye is a visual analytic tool supporting Red & Blue Team operations.

Steampipe is the universal interface to APIs. Use SQL to query cloud infrastructure, SaaS, code, logs, and more.

Metlo is an open-source API security platform.

A web scraping and browser automation library.

API Testing and Monitoring made simple.

Lightweight and minimalistic open-source Servers and HTTP monitor.

Privado is an open-source static code analysis tool to discover data flows in the code. It detects Personally Identifiable Information (PII) being processed and further maps the data flow from the point of collection to "sinks" such as external third parties, databases, logs, and internal APIs.

Our Other Newsletters

- A free weekly newsletter featuring the best hand curated news, articles, tools and libraries, new releases, jobs etc related to Python.

- A free weekly newsletter for entrepreneurs featuring best curated content, must read articles, how to guides, tips and tricks, resources, events and more.