/Best Practice

Consider Disabling Browser Push Notifications On Family And Friends Devices

- Lloyd Atkinson tl;dr: "A vector for phishing attacks and malware. Your non-technical family members and friends will likely fall for these at some point. For their sake, disable them. If you’re the go-to technology person in your family and friend group, this is a reminder to do this over the festive season."

featured in #372

YAGNI Exceptions

- Luke Plant tl;dr: "I'm essentially a believer in You Aren't Gonna Need It — the principle that you should add features to your software — including generality and abstraction — when it becomes clear that you need them, and not before." Luke points to exceptions to the rule, discussing: (1) Applications of zero one many, (2) Versioning, (3) Logging. And more.

featured in #360

RecSysOps: Best Practices for Operating a Large-Scale Recommender System

- Ehsan Saberian Justin Basilico tl;dr: "In this blog post, we introduce RecSysOps a set of best practices and lessons that we learned while operating large-scale recommendation systems at Netflix. These practices helped us to keep our system healthy while: (1) reducing our firefighting time, (2) focusing on innovations and (3) building trust with our stakeholders."

featured in #360

Lessons Learned from Algorithmic Impact Assessments in Practice

tl;dr: "Understanding algorithmic impact is critical to building a platform that serves hundreds of millions of listeners and creators every day. Our approach includes a combination of centralized and distributed efforts, which drives adoption of best practices across the entire organization — from researchers and data scientists to the engineer pushing the code."

featured in #358

6 Best Practices To Manage Pull Request Creation And Feedback

- Jenna Kiyasu tl;dr: From the engineering team at DoorDash: (1) Write descriptive and consistent names. (2) Create a clear PR title and description. (3) Keep PRs short. (4) Manage PR disagreements through direct communication. (5) Avoid rewrites by getting feedback early. (6) Request additional reviewers to create dialogue. 

featured in #356

9 Enablement Practices To Achieve DevOps At Enterprise Scale

tl;dr: Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how to adopt a well-planned metrics-driven strategy that yields better quality code and lowers support costs.

featured in #353

Compliance Simplified: Demystifying Risk Assessment

tl;dr: An information security ("InfoSec") risk assessment is not only a security best practice but also necessary to meet the requirements of the ISO 27001, SOC 2, PCI DSS, and HIPAA compliance standards. Learn more from cybersecurity and data privacy expert Matt Cooper in this short video!

featured in #352

How To Deal With Money In Software

- Sydney Kerckhove tl;dr: "Dealing with money in software is difficult and dangerous. This post contains an overview of the problems you will run into eventually when writing software that deals with money. It describes potential representations, relevant trade-offs, and recommends ways of correctly implementing common operations. The post is prescriptive, so that you can use it to write your own library for dealing with amounts of money."

featured in #346

My Notes On GitLab Postgres Schema Design

- Shekhar Gulati tl;dr: "My motivation to understand the schema of a big project like Gitlab was to compare it against schemas I am designing and learn some best practices from their schema definition. I can surely say I learnt a lot."

featured in #338

Best Practices For Making API Calls At Scale

- David Donnelly tl;dr: 3’s a crowd and 429’s a rate limit exceeded error. We explore best practices for making API calls at scale, the 4 most common ways rate limits are implemented, and a methodology for avoiding rate limits dynamically.

featured in #331