|
Tuesday 19th March’s issue is presented by Sonar |
 |
Secure Every Line Of Code With Sonar
Sonar is redefining software development security through its innovative tools: SonarQube, SonarCloud, and SonarLint.
Plus, Sonar’s Clean as You Code methodology integrates security practices directly into the development process.
By addressing security concerns in the earliest development stages, Sonar saves time and resources, reducing the need for costly post-deployment fixes. |
|
|
Leadership Requires Taking Some Risk — Will Larson
tl;dr: Will discusses the scenarios when taking risks make the most sense as a leader. “Taking direct, personal risk is a prerequisite to taking ownership of interesting problems that matter to your company. A risk-free existence isn’t a leadership role, regardless of whatever your title might be. Indeed, an uncomfortable belief of mine is that leadership is predicated on risk. The upside is that almost all meaningful personal and career growth is hidden behind the risk-taking door. There’s a lot of interesting lessons to learn out there, and while you can learn a lot from others, some of them you have to learn yourself.”
Leadership Management |
|
The Builder’s Guide To Better Mousetraps — Marc Brooker
tl;dr: “I tend to be biased towards innovation. Towards building. I think most advice for technical leaders over-emphasizes the short-term risks of innovating too much, and under-emphasizes the long-term risks of innovating too little. However, both sides have good points, and we owe it to ourselves and our businesses to think carefully about the decision. Because of my bias, I force myself to deeply question my motivations when making decisions like this,” such as (1) What could I be doing instead? (2) Do I want to own this? (3) Am I solving a simpler problem?
CareerAdvice |
|
Are You Ready For PCI DSS 4.0? — Robert Curlee
tl;dr: If your organization handles or processes card payment data, an important milestone is upon you with the coming retirement of PCI DSS 3.2.1 and the following adoption of the new PCI DSS 4.0 standard. SonarQube can help you prepare for the new PCI DSS 4.0 requirements by identifying vulnerabilities, automating standards enforcement, conducting regular code reviews, and training developers on secure coding practices.
Promoted by Sonar Security Management |
|
Patterns Of Legacy Displacement — Ian Cartwright, James Lewis, Rob Horn
tl;dr: “We have spent most of the last couple of decades helping large organizations overhaul their legacy systems. In doing this we've learned a great deal about what works and seen many paths that lead to failure. We've decided to set aside some time to writing down what we've learned in the form of various patterns that we've seen used.” The authors believe the following four activities should be done in sequence: (1) Understand the outcomes you want to achieve. (2) Decide how to break the problem up into smaller parts. (3) Successfully deliver the parts. (4) Change the organization to allow this to happen on an ongoing basis.
Leadership Management |
|
|
“The chief enemy of creativity is good sense.”
— Pablo Picasso
|
|
|
How Figma’s Databases Team Lived To Tell The Scale — Sammy Steele
tl;dr: “The data revealed that some of our tables, containing several terabytes and billions of rows, were becoming too large for a single database. At this size, we began to see reliability impact during Postgres vacuums, which are essential background operations that keep Postgres from running out of transaction IDs and breaking down. Our highest write tables were growing so quickly that we would soon exceed the maximum IO operations per second supported by Amazon’s Relational Database Service. Vertical partitioning couldn’t save us here because the smallest unit of partitioning is a single table. To keep our databases from toppling, we needed a bigger lever.”
Architecture Database |
|
Building A React Login Page Template — Kumar Harsh
tl;dr: This tutorial guides you through building a React login page template, highlighting the process of manually creating, styling, and validating a login form, and integrating it with an Express-based auth server using JWT tokens. We demonstrate how Clerk acts as a streamlined alternative for setting up authentication, reducing the manual coding effort by providing ready-made UI components and services.
Promoted by Clerk ReactJS Guide |
|
A Few Words On Testing — Thorsten Ball
tl;dr: “Too many flaky tests. Too much time spent getting the tests to pass after making a tiny change that I knew was correct but the tests didn’t. Too many integration tests that made people wait 20, 30, 40 minutes until they could merge their change, only to reveal — months later — that they never tested anything. Too many times have I fixed a bug and knew it was fixed because I tested it manually, thoroughly, and was 100% sure that I know how the code works and that this can’t happen again, but then spent hours — 10 times longer than it took me to fix the bug — to write a test only to prove what I knew all along, that the bug is fixed.”
Testing |
|
The Demise Of Coding Is Greatly Exaggerated — Murat Demirbas
tl;dr: “Natural language is ambiguous and not suitable for programming. LLMs still need to generate code to get things done. If not inspected carefully, this incurs tech debt at monumental speed of the computers. The natural language prompts are not repeatable/deterministic, they are subject to breaking any time. This makes "natural language programming" unsuitable for even small sized projects, let alone medium to large projects.” Murat also believes that certain tasks require too much expertise to be completed by an LLMs as they stand.
ThoughtPiece Trends |
|
Postgres Is Eating The Database World — Ruohang Feng
tl;dr: “PostgreSQL isn’t just a simple relational database; it’s a data management framework with the potential to engulf the entire database realm. The trend of “Using Postgres for Everything” is no longer limited to a few elite teams but is becoming a mainstream best practice.”
Postgres Database |
|
|
Quastor is a free newsletter for engineering leaders that sends deep dives on how big tech companies scale. Learn about the strategies and technologies companies use to scale up to serve billions of users.
Past articles include How WhatsApp scaled to 1 billion users with only 50 engineers and How DoorDash builds reliable Microservices.
Join 50,000 developers who read Quaestor. It's Free!
|
Most Popular From Last Issue |
|
|
Daytona: OS dev environment manager.
GoogleTest: Google testing and mocking framework.
PrivateGPT: Interact with your documents using GPT.
Skyvern: Automate browser-based workflows with LLMs and CV.
Web-Check: All-in-one OSINT tool for analysing any website.
|
|
Click the below and shoot me an email!
1 = Didn't enjoy it all // 5 = Really enjoyed it
1 … 2 … 3 … 4 … 5 |
|
|
|