Code reviews are essential for software development in teams. They’re useful to share domain knowledge and best practices within the team, ensure consistent code quality, and lower the number of defects in the software. Reviewing code is hard though.
How to get URLs valid inside and outside of a docker-compose network
When debugging (or during security audits) it may be handy to know which data exactly is encoded in a session cookie. This is especially important because authentication frameworks like guardian store authentication secrets in sessions and we need to know they are stored securely. For the Phoenix web framework session cookies are encoded in a special format. In this post we follow Phoenix’ cookie storage implementation to find out how sessions are encoded.
On 2019-08-02 we at bitcrowd discovered a security vulnerability in simple_form. simple_form is one of the go-to ways to easily handle HTML forms in Ruby on Rails. The security issue allows arbitrary code execution in the worst case, but at least has potential for data corruption or DOS attacks. This security issue was responsibly disclosed by bitcrowd. Find details about the timeline of the events and a more detailed description below.
If you’re really trying to squeeze out every last drop of “time-to-first render” performance, keep the script and other page resources below ~14KB so they can be sent within the first TCP roundtrip. 🤓
We sometimes have to create HTML emails and there’s usually some aspects of them behaving differently depending on the email client people use.
This project, inspired by “caniuse.com” might be useful: https://www.caniemail.com/
If you add a new file to your code which you want to add to git later, you can show that intent early with git add --intent-to-add. This is quite useful when want to add new files to the index (so you don’t forget about them later), but you’re still working on them and don’t want to add the content just yet 🥳