Test Failures Should Be Actionable
- Titus Winters tl;dr: “When a test fails, you should be able to begin investigation with nothing more than the test’s name and its failure messages — no need to add more information and rerun the test.” Titus shares examples.featured in #513
How To Document Design System Components
- Paul Scanlon tl;dr: A look at how the most popular component libraries and design systems build and maintain their docs.featured in #513
JWTs vs. Sessions: Which Is Right For You?
- Lydia Gorham tl;dr: Both JWTs and session cookies are viable approaches to solving the issue of persisting authentication and authorization context in a stateless HTTP world, but they take fairly different approaches that have their own pros and cons.” Lydia breaks down the trade-offs and explains how you can use JWTs and sessions together to achieve a best of both worlds.featured in #512
Managing Authorization Data In Microservices
- Graham Neray tl;dr: Authorization in a microservices environment becomes more complex. You need to think about: (1) Storing the data—should your authorization data live with application data, or in a separate service? (2) Accessing the data—if the data is separated, how do you bring it together to make the authorization decision? (3) Modeling the data—if authorization data and application data can be the same, how do you find the right format (i.e., data model) that fits all use-cases? Read on to learn more.featured in #500
Designing APIs For Humans: Error Messages
- Paul Asjes tl;dr: A valuable error message should: (1) Use the correct HTTP status code. (2) Wrap the error in an “error” object. (3) Be helpful by providing the error code. (4) The error type. (5) A link to the relevant docs. (6) The API version used in this request. (7) A suggestion on how to fix the issue. Paul shares an example by Stripe.featured in #499
featured in #495
featured in #490
featured in #486
How To Successfully Adopt A Developer Tool
- Lou Bichard tl;dr: Adopting developer tools is not the same as successfully adopting developers tools. It’s a socio-technical challenge involving strategy, timing and people that can be broken down into three steps: champions, use cases, scale. Avoid the premature ‘all-hands’ demo and embrace the power of building a champion.featured in #480
Deliver Software Security, Reliability, And Maintainability Through Clean Code Practices
- Gabriel Vivas tl;dr: Every company is a software company, and improving the quality, reliability, and security of your code matters. Sonar has spent the last 15 years building tools like SonarQube and SonarLint to help improve developer velocity, reduce code- level technical debt, and put security in the hands of developers. In this article, we detail how companies can make Clean Code a priority.featured in #474