DEV Community: Wendy Tabitha

Oops, Wrong Git Author — Here’s How I Fixed It

Wendy Tabitha — Wed, 02 Jul 2025 13:25:22 +0000

Correcting Git Commit Author Information: A Beginner's Guide

In the world of software development, it's not uncommon for developers to push commits with the wrong Git user identity. This can happen due to a variety of reasons, such as working on a shared machine, using multiple accounts, or forgetting to set the correct username and email before committing changes. While this might seem minor, it can lead to confusion in project history and affect collaboration with others.

Before diving into how to delete or correct those errant commits, it's critical to understand the implications of rewriting Git history. When commits are deleted or altered in a shared repository, it can disrupt other team members who may have based their work on those commits. Therefore, managing Git history should be approached with caution.

The Risks of Rewriting History

Rewriting Git history can be risky, especially when it involves shared branches. If others have pulled the commits you're about to delete or alter, they will encounter issues when trying to push their changes. This is why it’s essential to either work on solo branches or coordinate with your team before making any drastic changes to shared branches.

That said, here are some practical methods to delete or amend commits that were pushed with the wrong credentials:

Option 1: Deleting the Last Few Commits with `git reset`

If you realize that you've pushed a couple of commits with the wrong credentials and they are the most recent ones, you can use the git reset command.

git reset --hard HEAD~N
git push --force

In this command, replace N with the number of commits you want to remove. The git reset --hard command will reset your branch to the state it was in N commits ago, discarding all changes made in those commits. The --force option is necessary to overwrite the remote branch with your local state.

When is it safe to use?

It’s generally safe to use this method on branches that you’re working on alone. If you’re collaborating, make sure to communicate with your team beforehand.

Option 2: Interactively Rebasing with `git rebase -i`

Another powerful way to amend commits is by using the interactive rebase feature of Git. With this method, you can selectively edit or drop commits.

git rebase -i HEAD~N

This command opens an editor where you can see the last N commits. You can change "pick" to "edit" on the specific commit you want to amend. Save and exit the editor.

If you've chosen a commit to edit, Git will pause the rebase process. Now, you can amend the author details with:

git commit --amend --author="New Name <new.email@example.com>"

After making your changes, continue the rebase with:

git rebase --continue

Best Practices to Consider

Work on Solo Branches: The safest approach is to make these changes on branches that only you are using.
Communication is Key: If you need to rewrite history on a shared branch, make sure to let your team know so they can prepare for potential issues.
Use Cleanup Tools: For comprehensive cleanup, especially on platforms like GitHub, consider using tools like BFG Repo-Cleaner, which can help remove sensitive data or incorrect credentials from your commit history.

A Friendly Reminder

Version control is a powerful tool that allows developers to maintain a history of changes and collaborate more effectively. However, with that power comes responsibility. Always be aware of the implications when altering Git history and approach such actions with caution. The next time you push a commit, just double-check that your credentials are correct—your future self will thank you!

Why You Should Use Poetry for Your Next Python Project

Wendy Tabitha — Mon, 02 Jun 2025 07:29:35 +0000

Managing Python Projects with Poetry: A Beginner's Guide

In the world of Python development, managing dependencies and project configurations can quickly become cumbersome. This is where Poetry comes in. Poetry is a dependency management tool that simplifies the process of managing Python projects. It not only handles package dependencies but also creates virtual environments automatically and streamlines project packaging for distribution. In this article, we’ll explore how to install Poetry, create a project, manage dependencies, and even publish your package to PyPI.

What is Poetry and Why Use It?

Poetry is a tool that helps you declare, manage, and install dependencies for your Python projects, while also providing a simple and intuitive way to manage your project's metadata. It is useful for developers because it simplifies the process of managing libraries and environments, allows for easy version control, and ultimately enhances productivity.

Installing Poetry

Windows

Open PowerShell or Command Prompt.
Run the following command:

   (Invoke-WebRequest -Uri https://install.python-poetry.org -UseBasicP | python -)

macOS

Open your terminal.
Use the following command:

   curl -sSL https://install.python-poetry.org | python3 -

Linux

Open your terminal.
Execute the command:

   curl -sSL https://install.python-poetry.org | python3 -

Creating a New Python Project

To create a new Python project using Poetry, navigate to your desired directory in the terminal, then run:

poetry new my_project

This generates a new directory called my_project with a basic structure, including pyproject.toml.

Installing Python Dependencies

To install dependencies listed in pyproject.toml, run:

cd my_project
poetry install

This command also creates a virtual environment in which your dependencies will be installed.

Adding, Updating, and Removing Dependencies

You can easily manage dependencies with the following commands:

Add a dependency:
```
poetry add requests
```
Update a dependency:
```
poetry update requests
```
Remove a dependency:
```
poetry remove requests
```

Automatic Virtual Environment Management

One of the standout features of Poetry is its ability to manage virtual environments automatically. When you run any Poetry command, it checks if a virtual environment exists for the project. If not, it creates one, isolating your package and dependencies.

Using Poetry in Team Projects

In team projects, it's crucial to keep track of dependencies across different development environments. Make sure to:

Use version control (like Git) to track changes in your pyproject.toml and poetry.lock files.
Run poetry install after cloning the repository to install dependencies specified.

Common Mistakes to Avoid

Forgetting to activate the virtual environment: Always ensure that you’re in the virtual environment when running your code.
Not committing your poetry.lock file: This can lead to discrepancies in dependencies across different environments.
Misconfiguring pyproject.toml: Ensure that you properly list all required metadata and dependencies to avoid issues.

Conclusion

Poetry is an excellent tool for managing Python projects that significantly reduces complexity related to package management and environment setup. Whether you're a solo developer or part of a team, its features simplify the process of project initialization, dependency management, and package distribution. If you're looking for a way to streamline your Python project development, give Poetry a try!

Understanding JWTs: Secure Your APIs Like a Pro

Wendy Tabitha — Tue, 20 May 2025 14:29:12 +0000

Understanding JSON Web Tokens (JWTs) for Web Developers

In the world of web development, security and efficient data exchange are two paramount concerns. One technology that has gained immense popularity for addressing these challenges is JSON Web Tokens (JWTs). This article aims to introduce you to JWTs, how they work, their common use cases, and provide practical code examples in Golang to help you integrate JWTs into your projects.

What are JSON Web Tokens?

JSON Web Tokens, or JWTs, are an open standard (RFC 7519) for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

A JWT is composed of three parts:

Header: Contains metadata about the token, typically the type of token (JWT) and the signing algorithm.
Payload: Contains the claims or the data being transmitted. This can include user information and other relevant data.
Signature: Created by combining the header and payload, signing it using the chosen algorithm and a secret key.

This structure not only ensures data integrity but also facilitates the transmission of claims between parties.

How JWTs Work

When a user logs in to a web application, the server generates a JWT that encodes the user's information and permissions. This token is then sent to the client, which stores it (usually in local storage). For every subsequent request, the client includes the JWT in the Authorization header. The server then verifies the token. If valid, the user is granted access to protected resources.

Here's a simple illustration:

[Client] -- Log In --> [Server]
[Server] -- Sends JWT --> [Client]
[Client] -- Requests Protected Resource with JWT --> [Server]

Common Use Cases

JWTs are particularly useful in situations such as:

Authentication: After successful logins, JWTs allow users to access their session securely without repeatedly sending credentials.
Session Management: JWTs can store session-related information to keep track of user state.
Single Sign-On (SSO): JWTs can enable seamless authentication across multiple applications.

Code Examples: Generating, Signing, and Verifying JWTs in Golang

To work with JWTs in Golang, we can use the github.com/dgrijalva/jwt-go library. Here’s a step-by-step guide on generating and verifying JWTs.

1. Generating a JWT

package main

import (
    "fmt"
    "github.com/dgrijalva/jwt-go"
    "time"
)

func GenerateJWT(secretKey []byte, userID string) (string, error) {
    claims := jwt.MapClaims{
        "user_id": userID,
        "exp":     time.Now().Add(time.Hour * 72).Unix(),
    }

    token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
    return token.SignedString(secretKey)
}

func main() {
    secretKey := []byte("your_secret_key")
    token, err := GenerateJWT(secretKey, "12345")
    if err != nil {
        fmt.Println("Error while generating JWT:", err)
        return
    }
    fmt.Println("Generated JWT:", token)
}

2. Verifying a JWT

func VerifyJWT(tokenString string, secretKey []byte) (*jwt.Token, error) {
    return jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
        if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
            return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
        }
        return secretKey, nil
    })
}

Best Practices and Security Concerns

When using JWTs, it’s essential to consider the following best practices:

Use HTTPS: Always transmit JWTs over secure connections to prevent interception.
Expiration Time: Set appropriate expiration times for tokens to mitigate risks from stolen tokens.
Revocation Strategies: Have a plan for revoking tokens if a user's access should be terminated.
Avoid Sensitive Data: Never store sensitive information in the payload, as anyone with access to the token can read it.

Conclusion

JSON Web Tokens are a powerful tool for managing authentication and session management in web applications. By understanding their structure, functionality, and implementation techniques in Golang, you’ll be well-equipped to incorporate JWTs into your projects while adhering to best security practices. As you gain experience, you’ll find JWTs to be invaluable in delivering secure, scalable, and efficient web applications.

The JavaScript Event Loop

Wendy Tabitha — Thu, 13 Feb 2025 13:03:28 +0000

Have you ever wondered how JavaScript handles multiple tasks at once, even though it’s single-threaded? The secret lies in the event loop, one of the most fundamental yet misunderstood concepts in JavaScript. For many developers, especially those new to asynchronous programming, understanding the event loop can feel like unraveling a mystery.

In this article, we’ll demystify the event loop by exploring its components, how it works behind the scenes, and why it’s crucial for writing efficient, responsive code. Whether you’re debugging asynchronous functions, working with promises, or simply trying to understand how JavaScript manages tasks, this guide will equip you with the knowledge you need to navigate the event loop like a pro.

Understanding the Event Loop in JavaScript

JavaScript is a powerful and widely-used programming language, particularly in web development. However, for many budding developers, the intricacies of asynchronous programming can be baffling. One of the core concepts in JavaScript that helps manage asynchronous operations is the event loop. Let’s unpack what it is, how it works, and why it’s essential for software developers.

What is the Event Loop?

At its core, the event loop is a mechanism that allows JavaScript to perform non-blocking operations, even though it’s single-threaded. This means that while one operation is running, JavaScript can still handle other tasks. It achieves this through a combination of the call stack, the Web APIs (or other environments), and the event queue.

The Call Stack

Whenever you call a function in JavaScript, it gets pushed onto the call stack. When the function completes, it is popped off. If a function calls another function, the latter gets added to the stack, leading to a last-in-first-out scenario. Here’s a simple example:

function first() {
    console.log("First");
}

function second() {
    console.log("Second");
    first();
}

second();

In this example, calling second() adds it to the stack. After logging "Second", it calls first(), which is also pushed onto the stack until it completes, resulting in:

Second
First

Web APIs and the Event Queue

JavaScript engines interact with the browser's Web APIs to manage asynchronous tasks like timers, network requests, or DOM events. When an asynchronous task completes, it doesn’t get executed immediately. Instead, a callback function is put in the event queue, waiting for the call stack to be empty before it can be executed.

Let’s illustrate with a timer example:

console.log("Start");

setTimeout(() => {
    console.log("Timeout");
}, 1000);

console.log("End");

Here’s what happens step-by-step:

"Start" is logged immediately.
The setTimeout function schedules the callback to execute after 1 second, and the timer starts.
"End" is logged immediately after.
After the timer completes, the callback is added to the event queue.
Once the call stack is clear, or in this case, after the "End" log, "Timeout" is printed.

Why is the Event Loop Important?

Understanding the event loop is essential for software developers, especially when dealing with asynchronous functions, promises, or APIs. It ensures that applications remain responsive while waiting for multiple operations to complete.

For example, when making an API request, the UI doesn’t freeze while waiting for the server to respond — JavaScript handles it in the background. Here’s a quick snippet using Fetch:

console.log("Fetching data...");

fetch("https://jsonplaceholder.typicode.com/posts")
    .then(response => response.json())
    .then(data => console.log(data))
    .catch(error => console.error("Error:", error));

console.log("Fetch initiated");

In this code, the fetch operation runs asynchronously. Even as the fetch request is being processed, "Fetch initiated" will be logged immediately, demonstrating the power of the event loop.

Conclusion

The event loop is a fundamental concept in JavaScript that enables asynchronous programming. By allowing JavaScript to perform multiple tasks simultaneously despite being single-threaded, it plays a critical role in maintaining a responsive user experience. Understanding it will enhance your skills as a developer and empower you to write more efficient, effective code. Now go ahead and embrace the event loop!

DEV Community: Wendy Tabitha

Oops, Wrong Git Author — Here’s How I Fixed It

Correcting Git Commit Author Information: A Beginner's Guide

The Risks of Rewriting History

Option 1: Deleting the Last Few Commits with git reset

When is it safe to use?

Option 2: Interactively Rebasing with git rebase -i

Best Practices to Consider

A Friendly Reminder

Why You Should Use Poetry for Your Next Python Project

Managing Python Projects with Poetry: A Beginner's Guide

What is Poetry and Why Use It?

Installing Poetry

Windows

macOS

Linux

Creating a New Python Project

Installing Python Dependencies

Adding, Updating, and Removing Dependencies

Automatic Virtual Environment Management

Using Poetry in Team Projects

Common Mistakes to Avoid

Conclusion

Understanding JWTs: Secure Your APIs Like a Pro

What are JSON Web Tokens?

How JWTs Work

Common Use Cases

Code Examples: Generating, Signing, and Verifying JWTs in Golang

1. Generating a JWT

2. Verifying a JWT

Best Practices and Security Concerns

Conclusion

The JavaScript Event Loop

Understanding the Event Loop in JavaScript

What is the Event Loop?

The Call Stack

Web APIs and the Event Queue

Why is the Event Loop Important?

Conclusion

Option 1: Deleting the Last Few Commits with `git reset`

Option 2: Interactively Rebasing with `git rebase -i`