samsch

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

• The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions

HappyCodingRobot

# see also: /lib/udev/hwdb.d/60-keyboard.hwdb
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*EliteBook*:pvr*
 KEYBOARD_KEY_81=f20                          # Fn+F8 on Elitebook, map to F20
# KEYBOARD_KEY_81=fn_esc                      # org entry

shprink

@function mat-color($palette-primary, $hue: default, $opacity: null) {
  @if type-of($hue) == number and $hue >= 0 and $hue <= 1 {
    @return mat-color($palette-primary, default, $hue);
  }

  $color: map-get($palette-primary, $hue);  
  $opacity: if($opacity == null, opacity($color), $opacity);

  @if type-of($opacity) == string  {
    $new-string: str-replace($color, ')', '-alpha, 1)');

ebidel

Moved to https://github.com/ebidel/puppeteer-examples

shafik

What is the Strict Aliasing Rule and Why do we care?

(OR Type Punning, Undefined Behavior and Alignment, Oh My!)

What is strict aliasing? First we will describe what is aliasing and then we can learn what being strict about it means.

In C and C++ aliasing has to do with what expression types we are allowed to access stored values through. In both C and C++ the standard specifies which expression types are allowed to alias which types. The compiler and optimizer are allowed to assume we follow the aliasing rules strictly, hence the term strict aliasing rule. If we attempt to access a value using a type not allowed it is classified as undefined behavior(UB). Once we have undefined behavior all bets are off, the results of our program are no longer reliable.

Unfortunately with strict aliasing violations, we will often obtain the results we expect, leaving the possibility the a future version of a compiler with a new optimization will break code we th

Quramy

Performance of unit testing Angular app

I'm loving Angular, but running unit tests on Karma gets my nerves. It's too slow for me.

In this post, I explain mechanics under Angular's testing module and how to improve the performance.

What makes my tests slow?

To evaluate Angular unit testing performance I captured the CPU profiling with running Karma.

wojteklu

Code is clean if it can be understood easily – by everyone on the team. Clean code can be read and enhanced by a developer other than its original author. With understandability comes readability, changeability, extensibility and maintainability.

---

General rules

1. Follow standard conventions.
2. Keep it simple stupid. Simpler is always better. Reduce complexity as much as possible.
3. Boy scout rule. Leave the campground cleaner than you found it.
4. Always find root cause. Always look for the root cause of a problem.

Design rules

acamino

Shortcut — Action

• CTRL + A — Move to the beginning of the line
• CTRL + E — Move to the end of the line
• CTRL + [left arrow] — Move one word backward (on some systems this is ALT + B)
• CTRL + [right arrow] — Move one word forward (on some systems this is ALT + F)
• CTRL + U — (bash) Clear the characters on the line before the current cursor position
• CTRL + U —(zsh) If you're using the zsh, this will clear the entire line
• CTRL + K — Clear the characters on the line after the current cursor position
• ESC + [backspace] — Delete the word in front of the cursor

Rich-Harris

Stuff I wish I'd known sooner about service workers

I recently had several days of extremely frustrating experiences with service workers. Here are a few things I've since learned which would have made my life much easier but which isn't particularly obvious from most of the blog posts and videos I've seen.

I'll add to this list over time – suggested additions welcome in the comments or via twitter.com/rich_harris.

Use Canary for development instead of Chrome stable

Chrome 51 has some pretty wild behaviour related to console.log in service workers. Canary doesn't, and it has a load of really good service worker related stuff in devtools.

btroncone

RxJS 5 Operators By Example

⚠️ UPDATE: I have moved the contents of this gist plus more to http://www.learnrxjs.io and https://github.com/btroncone/learn-rxjs. For expanded examples, explanations, and resources, please check out this new location!

A complete list of RxJS 5 operators with easy to understand explanations and runnable examples.

Table of Contents

• buffer
• bufferCount
• bufferTime