DEV Community

Sam Ferree
Sam Ferree

Posted on • Updated on

This Week I Learned

Would love to see what cool things you guys learned. These can be ideas, tips and tricks, or anything really.

I'll start:

At a conference this morning, A talk on security mentioned monitoring the package dependencies people were adding to your project.

It's a great habit that I'd never even considered. We tend to give packages that our projects depend on a pass on security.

Top comments (8)

ben profile image
Ben Halpern

I recently learned a lot about how opaque requests can affect the API in the browser, as described here:

Among the complications are that the browser can't read the contents of certain responses and automatically books way more storage than needed which can eat into your storage quotas.

I can't seem to find another really helpful Github issue, but I noticed it's always Jeff Posnick answering all of this and I was grateful to read through some of his answers as I sought to learn more about this issue.

I'll have time in the near future to close the loop on this whole issue and write about it more thoroughly.

dmfay profile image
Dian Fay

I've been digging into monorepo management with Lerna.

kspeakman profile image
Kasey Speakman • Edited

Tripped up on some interop with F# last night.

gauravchaddha1996 profile image
Gaurav Chaddha • Edited

I learned many things last week but the highlight was learning how to generate random IV to actually secure my cryptography operations. In 2013 Bitcoin theft occurred owing to generation of non-random IV’s. Reading up on many resources, I found out that there was a bug in generation of random numbers in JCA (Java cryptography architecture) until Android API version 4.1 which lead to bitcoins being stolen from android wallets. The bug has since been patched. Above API 21 SecureRandom is used to generate IV. It uses a NativePRNG technique with true random seed from /dev/random and uses /dev/urandom to generate cryptographically strong random number for IV.

  1. Some securerandom thoughts
  2. Android secure random not even nonce
  3. Helpful stack overflow question
  4. Myths about urandom
  5. SecureRandom reference
  6. Right way to use secure random

Shameless promotion:
For anyone interested, I wrote a weekly update encapsulating things I did last week. Check it out. Link

arnaudmorisset profile image
Arnaud Morisset • Edited

This week, I learned how GenStage work with Elixir/OTP. You can found a basic example here:

In our current project, we have an umbrella application containing an application which handles Providers and Consumers connected to a RabbitMQ. It provides a high-level API in order to send and receive messages (managing exchanges and queues) easily in all applications of the umbrella.

It's such a nice way to handle those problematics. I love it. (づ ̄ ³ ̄)づ

johnpaulada profile image
John Paul Ada

Ooohhhh I like this concept :D

This week I learned that the latest NPM screws Linux systems up LOL

On a more serious note, I learned about React's new Context API and tried it with react-broadcast@0.7.0-rc.4 and react-contextual.

andy profile image
Andy Zhao (he/him)

Really enjoyed this podcast, hosted by Wes Bos and Scott Tolinski:

They talk about CDNs, image + video and web development, and there was a lot of great information that was explained well. Most of the tech that we use at really flew over my head for a while, and while I still don't quite get it, this episode helped me see how CDNs worked.

emma_c137 profile image

That's really interesting- can you add a bit more information about what sort of security and tools?