Use Open Source. Stay Secure.
A developer-first solution that automates finding & fixing vulnerabilities in your dependencies
Reading List - by Mathias Verraes
Code Reviews and Blame Culture
A common belief is that gated reviews lead to blaming individuals. The opposite can be true.
How to Write a Git Commit Message
Why good commit messages matter
Better Commits with Static Review
Good Engineering Practices while Working Solo
How Much maintenance_work_mem Do I Need?
While I generally like PostgreSQL's documentation quite a bit, there are some areas where it is not nearly specific enough for users to understand what they need to do. The documentation for maintenance_work_mem is one of those places. It says, and I quote, "Larger settings might improve performance for vacuuming and for restoring database dumps," but that isn't really very much help, because if it might improve performance, it also might not improve performance, and you might like to know which is the case before deciding to raise the value, so that you don't waste memory. TL;DR: Try maintenance_work_mem = 1GB. Read on for more specific advice.
Fake Online REST API for Testing and Prototyping
A Beginner’s Guide to the True Order of SQL Operations
The SQL language is very intuitive. Until it isn’t. A guide to understanding the order of a SELECT operation.
The state of open source security - 2019
Snyk is an incredible tool for package security. And they released a state of open source security, talking about open source adoption and package, images and code vulnerabilites. We are talking about maven, npm, pypi, docker, etc.
Cloud Computing without Containers
Cloudflare has a cloud computing platform called Workers. Unlike essentially every other cloud computing platform I know of, it doesn’t use containers or virtual machines. We believe that is the future of Serverless and cloud computing in general, and I’ll try to convince you why.
HTTP-over-QUIC will officially become HTTP/3
The protocol that's been called HTTP-over-QUIC for quite some time has now changed name and will officially become HTTP/3. This was triggered by this original suggestion by Mark Nottingham.
The QUIC Working Group in the IETF works on creating the QUIC transport protocol. QUIC is a TCP replacement done over UDP. Originally, QUIC was started as an effort by Google and then more of a "HTTP/2-encrypted-over-UDP" protocol.
Announcing SSH Access through Cloudflare
A way to replace the old (clunky) VPN by SSH access. Leverage access without losing security.
The Memory Resource Triad
Some more information about the three resources that affect query performance: cpu, memory, and storage.
psql: A New Edit
Have you ever found yourself in the middle of a long statement in psql and wanted to pull up your favorite editor? Now, you can, using the same shortcut of control-x control-e that you would in bash!
The Web Application Security Consortium / The Web Security Glossary
The Web Security Glossary is an alphabetical index of terms and terminology relating to web application security. The purpose of the Glossary is to clarify the language used within the community.
Texas Stadium Fail « FAIL Blog: Pictures and Videos of Owned, Pwnd and Fail Moments
E o windows...
The Novel 100: The 100 Greatest Novels of All Time
Os 100 livros que moldaram a história mundial
Playing For Change | Peace Through Music
Paz através da música. "Taí uma iniciativa não-racial com muitos negros".
Blog do Márcio d’Ávila » Portal da Vivo comprometido prolifera fraude
Ontem, foi descoberto um incidente de segurança que comprometeu o portal da operadora de telefonia Vivo e pode ter afetado milhares de usuários.