[048.1] React Native MIT, JupyterLab Beta, Code Review Mistakes, NPM Issues, and Smart Contract Security

Subscribe now

React Native MIT, JupyterLab Beta, Code Review Mistakes, NPM Issues, and Smart Contract Security [02.23.2018]

News

alt text

JupyterLab announces a beta release of its web-based interface for Project Jupyter. This version of a Jupyter Notebook is to be used for OSS, and interactive and reproducible computing. Docs are up, so install the beta and try it out before the 1.0 release later this year. Jupyter notebooks are the premier way to share code, text, and data samples, and are in wide use in the scientific computing and machine learning communities.

alt text

Facebook relicensed React Native under the MIT License. There’s a great bit of discussion on the orange site about this change. A Facebook engineer points out that the explicit patent rights grant (with onerous conditions) is arguably better than the implicit patent rights grant present in the MIT-licensed software. The community in general had been requesting the license changes, and has responded favorably.

alt text

Curious about CSS variables? Checkout Scrimba’s 8-part course featured on freeCodeCamp’s medium publication. It includes 8 screencast that are interactive, and challenges. First, you’ll create a CSS variable, and then learn about theming, responsiveness and inheritance. Also, it’s free.

alt text

It’s time to secure your Linux web server with David Clinton. If you need help isolating processes with containers or scanning for dangerous User ID values, this is the place to start. This post is an excerpt from David’s book Linux in Action, which is going to be published later this year.

alt text

Take some time this week to go through Bradley Price’s in-depth guide on deploying Factory to AWS Fargate. In this guide, Price configures a task definition and sets up a Faktory service. Also, check out the previous post in the series, which is focused on configuring a load balancer.

Owen Jacobson has a couple reasons why he doesn’t like Go. Owen argues that Go is not friendly to developer ergonomics, and error handling in Go that performs long sequences of fallible operations expends a substantial amount of typing effort to write. Owen also argues that Go is a ‘political vehicle’, which divides developers into two categories, trustworthy and not.

After giving Elm a try, Alexander Campbell no longer feels like he has to stick with the most popular languages. Campbell ended up using Elm for work, and after a couple tries and a little bit of skepticism there was no turning back. Alexander argues the predictability of a functional language and ease of using the DOM makes Elm feel superior and more natural than JavaScript.

alt text

The release of npm 5.7.0 came with some unexpected and disastrous issues. Jared Tiala sounded the alarms by opening an issue a couple hours after he updated saying that the update has completely broken his file system permissions. One commenter on the the issue said This destroyed 3 production server after a single deploy! A fixed was released in the form on 5.7.1, but NPM has governance issues, and this is a great example of why it’s smart to avoid npm. Use Yarn instead.

Adam Kukołowicz identifies seven mistakes you may be making during code review. tl;dr lint and analyze your code, review the tests, prepare for demos, think about the architecture, split your work effectively. If you’re going to take the time to do code review, you might as well make it amazing. This is why my projects start out with extensive CI and CD setups, including linting and static analysis from day one. I think it makes the rest of this list easier.

Matt Burgess has suggested the word ‘just’ is the worst four-letter-word developers use. Take a look at this short fun read on how he came to this conclusion, and why ‘just’ is a malicious word. I would go beyond merely calling the use of just as malicious and instead suggest it’s passive aggressive. We also have suggestions on the worst four-letter-word, but opted to write them to /dev/null.

It’s time to move that old Py2 codebase to Py3. Luckily, Anders Hovmöller has already done it, and shared with us how to do it. From dependencies to tests, to a couple of surprises Anders ran into see what it takes to convert to Python 3.

Julia Evans has been working remotely 4+ years, so she has been through all the ups and downs of remote work. I’ve read a lot of remote reviews of 1 year in, so this feels like a seasoned remote veteran laying out the pros and cons. Evans highlights what is scary about working remote, what’s good, and remote communication. She argues that you don’t have to be an introvert to enjoy remote work, and that calendar management is important.

alt text

Marco Slot made quite the post about locking behavior in Postgres last week. This week, he has more advice including 7 tips for dealing with locks. Top tips include: 1. Never add a column with a default value, 2. Use lock timeouts instead of lock queues, and 3. Create indexes concurrently.

alt text

Everyone loves a good deep learning article about cat pictures, but is anyone go deeper with deep learning? Brendan Herger is using deep learning for good to detect toxic comments on Wikipedia. Take a look at how he did it, and the code.

Drew DeVault demonstrates the Hello, World of a Wayland Compositor in the first post in a series. Drew is no beginner feeling his way around though - he’s the author of sway, a popular wayland compositor that is meant to replace the i3 tiling window manager on X windows. The series is really an introduction to wlroots, a library for composing functionality to create a Wayland compositor.

Core contributor to Django, Jacob Kaplan-Moss, detailed his Python development environment for 2018. Jacob states that his environment is a bit more complex, but it is probably ideal for most users. His setup includes pyenv, pipsi and pipenv. Take a look at the full post to get your python env up and running.

Over at CSS Tricks, Chris Coyier covers the basics of Webfonts and fallbacks in CSS.

Chris’s post goes into why you should use fallback fonts, how you deal bugs around unstyled text flashes, and tools that can let you dial in your reading experience across multiple font styles. It’s a short read, that only takes a few of minutes to read and understand, while potentially saving you hours of bug hunting.

Ivica Nikolic ́ et al published Finding The Greedy, Prodigal, and Suicidal Contracts at Scale, a paper on finding vulnerable smart contracts on the Ethereum Network. They programmatically looked at 1 million contracts and showed that 3.4% of them have significant errors including indefinite locking of funds, leakage of funds to unintended users, or contracts that can be closed by anyone. They made a true positive rate of almost 90%, and their software ran in about 10 seconds per contract. If you are at all interested in the Ethereum or Smart contract space, this paper is not to be missed.

Are you a WFH coffee shop regular? Claire Lower has some great reasons to try working at bars instead of coffee shops. Claire argues that a bar snack is way better than an overpriced pastry, and if the point of getting out of the house is to have some human interaction a bartender will talk just enough. At DailyDrip we are an entirely remote company, and I’ve been working from bars for decades. If you are a regular, leave a good tip, and don’t take up seats when they are full then the bar staff will take great care of you. Most bars have coffee in back too, if you ask.

alt text https://twitter.com/kvlly/status/966135511713710080

Errata: Last week we mistakenly referred to Alexis King as ‘him’ instead of ‘her’. We have updated our website, and would like to thank the people that have reached out to help us identify and fix the mistake. Apologies Alexis!

This post was written by the DailyDrip team and syndicated via Inside.com's network of email newsletters.