Pinned
Cory House
42K posts
Cory House
@housecor
I help dev teams be insanely productive with AI.
Courses: pluralsight.com & dometrain.com
Consulting: reactjsconsulting.com ⚛️
- Hey developers, please stop disabling copy/paste in form fields! 🚨 It’s awful UX. It’s confusing. It doesn’t improve security. It breaks password managers. It risks typos on critical info. If asked to do so, push back. Please don’t break the web.
- Just reviewed a web page making 55 fetch calls totaling 570k of JSON. This one page is 1.6 MB. Why 55 calls? Because each database table is exposed as an endpoint. The UI joins all the JSON together via the provided foreign keys. To be clear: Don't do this.
- Woah. I just learned that HTML file inputs can access photos, videos, and audio captured directly by the device's camera and microphone like this:
- 2022 Frontend security in 1 tweet: 1. Use HTTPs 2. Server render 3. Store JWT/token in 'secure', 'samesite', 'httponly' cookie (prevent XSS). 4. Declare content security policy (prevent XSS) 5. Regen cookies when user auths (prevent session fixation) 6. Set short cookie lifetime
- Problem: You want to re-throw a JavaScript error to provide a friendlier error. But, you want to keep the original error details too. Solution: Include the original error via `cause`. More: developer.mozilla.org/en-US/docs/Web… #javascript
- As a consultant, I'm seeing an epidemic: Companies are wasting millions by giving developers slow laptops. Today I said "npm install x". My laptop: 10 seconds. 😀 Their laptop: 3+ minutes. 🤯🤦♂️ Why? Weak processors, little RAM, platter drives, and slow security scanners.
- Common software dev mistakes are at the extremes: 1. Under-engineering 2. Over-engineering Under-engineering: No CI No reviews Weak types Hard coding Tight coupling Manual deploys Frequent copy/paste Insufficient flexibility No automated checks No validation/error checks 1/2👇
- Problem: Your code base probably contains a lot of copy/pasted code, but it's hard to find. Solution: jscpd jscpd is a command line tool that finds copy/pasted code and reports specific duplicated lines. Works for over 150 languages. Example report:
- Software development estimates are frequently *way* off. Why? Because many aspects of software development are nearly impossible to estimate. Here are 9 reasons software development estimates fail: 👇
- I ❤️ Git. But honestly, it intimidated me for years. I thought I needed to understand all its powerful features to be productive. I found that's not the case. You can be quite productive in Git with around 6 commands: branch checkout add commit pull push
- After attending many conferences, I've realized: I don't attend to learn. I attend to learn what I need to learn.
