[072.1] Dart 2: The Dartening, Pwning Homebrew, Prod Minimalism, Unethical Development

Dart 2 launches, Homebrew forgets to secure Jenkins, Deploy less to do more, Automated employee firing with Bash.

Subscribe now

Dart 2: The Dartening, Pwning Homebrew, Prod Minimalism, Unethical Development [08.10.2018]

Heya! The team at SmoothTerminal (formerly DailyDrip) wants to keep the lights on, and these awesome emails coming at you. We are finishing up a couple big projects now, and on the hunt for more. Hit Reply if you’ve got a particularly interesting project you need help with, and let’s talk.

Enter to win a ticket to The Big Elixir conference in New Orleans, November 8-9.

This week we’re giving away two tickets to The Big Elixir conference, AN AMAZING $320 VALUE ZOMG.


image alt text

Google announced the stable release of Dart 2. Dart 2 features a sound type system, flexible tooling, a web framework, and an updated inference type system that minimizes boilerplate. The Dart team touts its compile size and use for building consistent UXs, and includes over prebuilt UX components for use. Dart is aiming to be a real competitor in the web and mobile app building space (via Flutter), and this is an update worth looking into.

image alt text

If you like OCaml and JavaScript you will probably love ReasonML. Alex Allen started a multi-part series for getting started with ReasonML. In the first piece you can see a breakdown of what ReasonML is, and shows how to get set up with it. Then, in the second piece of the series Alex covered the core fundamentals of ReasonML, including let, type, string, char, and more.

image alt text

Eric Homes was able to gain commit access to Homebrew in 30 minutes. He details the process he went through for the exploit, now that it’s been mitigated. tl;dr - Homebrew intentionally exposes their Jenkins publicly, and Jenkins contained a GitHub API token that had commit privileges to a few homebrew repositories. We published a story recently on keeping your secrets hidden that covers (almost) this exact issue.

In Pursuit of Production Minimalism by Brandur Leach is an ode to intentionally reducing complexity of production apps through consolidation and by end-**of-life’ing red**undant products. It’s an exposition of how Heroku pursued increasing productive output by continually improving the efficiency of a system even while keeping input the same.

You might be familiar with TDD or DDD, but have you heard of SDD? Well, this one doesn’t have as many pros as it does cons. Sales-Driven Development is described by Marcus Blankenship as a trap. Marcus has some tips on how to avoid SDD, and how to get back on the right track.

Yiming Chen details how to do outside-in TDD with Phoenix. Even if you aren’t a Phoenix developer, it’s a fantastic detailed walkthrough of the process of test-driving an app by writing feature tests first, then driving down into unit tests from there. The TDD strategy is: feature test; unit test controller action; unit test context functions; unit test view; a routing rule to pass the feature test.

image alt text

As of August 8th, the codebase for dev.to is open source. Read the full announcement for details - it’s a Rails app with a Preact frontend, and the code is pretty clean with plenty of specs. Look at the code or contribute.

image alt text

We all know it’s impossible to exit Vim, but where did Vim come from? Sinclair Target discusses Vim’s roots, and how Vim came to be in his piece ‘Where Vim Came From’. If you’re not familiar with Vim’s history, this will make for a fun read.

image alt text

Tired of typing in those long git commands? Try lazygit, doesn’t git much simpler than this.

image alt text

Megzari Raphael provides step-by-step instructions on Instrumenting Phoenix apps with Prometheus. The article provides instructions on integrating prometheus dependencies in the Elixir application and some sample dashboards.

image alt text

So now you have monitoring on your servers? I’m sad to tell you that at scale that’s not enough. In **You can’t debug systems with dashboards**, Charity Majors goes in-depth into how they increased observability at Parse through dynamic sampling.

There’s a fantastic thread on The Orange Site answering the question **What is the most unethical thing you've done as a programmer?** From building draconian employee-automation tools for call-centers to intentionally leaving bugs in to help QA meet their quotas, the whole thread is a fascinating read.

image alt text


Check the whole thread, find your favorite language, cry a little.