JavaScript Prototype Pollution
Prototype pollution seems to come up quite a lot when tells me to upgrade packages. It's a vulnerability that has to do with the way…
A place to share what I've been learning and making.
Prototype pollution seems to come up quite a lot when tells me to upgrade packages. It's a vulnerability that has to do with the way…
I've been learning more and more about web security recently and today I came across the concept of a web shell.I was going through a course…
Clickjacking means that a user's click is highjacked for a different purpose. The user thinks they’re clicking on one thing, but in reality…
Today I learnt that both of those function could potentially make your code vulnerable to remote code execution! I only knew that the and…
Who would have thought that I'd learn a new German word at a conference in Australia - from Martin Fowler! My first language is German. I…
Adding salt to a password before hashing it makes it more secure. Recently I learnt exactly why that is.When you save a password in your…
I hadn't written for the Tes blog for a while, so I thought I'd write a little article about functional programming concept that we…
We're migrating our old Hugo blog at work to use Gatsby. Mostly the markdown pages can stay the same - except the frontmatter sections at…
Smoke tests are tests that are run to ensure that the most basic functionality of a program works. So not testing all the edge cases but…
This is an awesome one. Let me explain.Today our whole team at work is spending a day of paying off technical debt. Ok, that’s not the…
The first thing I learnt today was about CSS custom properties, also called CSS variables. I might be a bit late to the game here but today…
Today I had an error because I was trying to set some data on a nested object in MongoDB, except that the parent key was null in one case…
We had a little bit of an issue in live today, resulting from a large refactoring that was done this week. We had to urgently fix this issue…
At work we have a pre-push hook on our repos that doesn’t allow us to push if we have npm vulnerabilities. That’s great for security, of…
I was listening to the Shoptalk Show podcast episode about how to make money with your content on the web. And there’s a new way of doing…
I've recently done a lot of pair programming remotely and tried a few different tools. I thought it would be interesting to share my…
I'm reading The Pragmatic Programmer at the moment and they explain what orthogonal systems are. I feel like I had heard about it before but…
Every time I cook rice, I ask myself this question. Today I looked it up.I figured that it would have some sort of sensor to measure the…
I came across this philosophy in the new edition of the Pragmatic Programmer book. (I guess the original version talks about it too but I…
We’re using expect.js at work for our test assertions. And today I learnt that you can have an assertion on whether an object has a key or…
This is probably more a note for myself rather than anything else… but why not make it public? Maybe someone else is looking for just that…
I’ve recently done a lot with dates and times. And I found it really fiddly. Comparing dates, comparing times of days… and I learnt a few…
Recently, while I was pairing with Federico, he wrote some code like this:And my reaction was: "You have a rogue comma there!" But no… he…
I did another one today to easier debugging in JavaScript.When your cursor is on a word in normal mode, you can type and it will insert a…
The amount of times that I've finished writing the expectation of a test, then navigated up to the description of the test (usually using…
I feel like every time I look at caniuse.com to see what the browser support is for certain CSS or JS features, there’s usually a mix of…
I’m really not keeping up with the latest web development trends… Today was the first time that I heard about WebP. It’s an image format…
One of the many wondrous things you can inspect in the Chrome developer console are the cache-control settings.The first value it specifies…
What Express is trying to tell you is that your route is calling a controller function that doesn’t exist… Because you renamed it in the…
I think threads on Slack are great - they keep the channel a lot tidier. It just always annoyed me that I couldn’t figure out which shortcut…
I’m working on a small side project in Elixir and last time I worked on it, I got stuck because I got this error.I had just written a…
Wow, maybe this should have been obvious but I didn’t realise that until now. That’s so cool!I’m working on a slack bot and need to parse…
Sounds pretty wild and like something you probably don’t want to touch with a bargepole! Au contraire. I’ve seen it all over our Tes…
I’ve been doing the MongoDB for JavaScript developers course by MongoDB University. Today I learnt about write concerns.Let’s say we are…
In Elixir you sometimes need an anonymous function instead of a named function. The difference is that an anonymous function has access to…
As part of the MongoDB University course that I’m doing, I had to write an aggregation with a $lookup 😱And I learnt that lookups are…
At work we’re aiming to build a new system in the most Lean way possible. Which basically means that we’re trying to get it up and running…
I’ve worked with JavaScript for a while now but somehow I had never come across the function to display dates in the front end. The…
Today I used React Hooks for the first time in a production project. Boom! Modern JavaScript. I used the state hook which replaces and…
As a modern woman, I’d been thinking about upgrading to Neovim for a while. (OK, you might argue, that as a modern woman I should have…
It’s as easy as this. In your code, use . And when you run your script with set the environment variables first. So it’ll be something…
I’m working on a story to take some data from one database, transform it and then save it in another database. So I need to write a script…
I wanted to have a shortcut to find and replace words in the whole project. There’s this command that I googled and thought it was a bit…
An index on a specific fields means that when we do a query using that field, it will be more performant. But what happens when not all…
Today my colleague Federico introduced me to the functional programming library of lodash. We were using . Here’s how we used it: We had a…
Every time I have to do a MongoDB query I feel a bit uneasy… I know how to make some basic queries but the rest I always have to google. So…
Most of us at work seem to be using Studio 3T to access our data in MongoDB. Here are a few things that I've learnt that help me use it…
I wrote some user stories for a new feature today. I tried to break them down into sensible chunks, as you do. Each story should bring value…
I picked up a story at work today which is related to indexes in MongoDB. Basically, one of my colleagues had run a query to evaluate the…
We’re using Joi validation to ensure that we’re saving the data of the correct types and with the correct fields into our database.I had…
Refactoring usually means that you’re changing existing code without changing its behaviour - with the intention to make it better. One of…
I was on holiday in Thailand this weekend. Yeah, digital nomad life is tough 🙂 But I still learnt something. My partner and I went on a…
I read this interesting article this morning in bed (great excuse to stay in bed longer). It's about how someone refactored their frontend…
I had this code for adding a proposed candidate to our store of supply requests. And I needed to add a new key to the second argument - but…
We have a generous benefit at work which is that we get to enjoy two hack days per month. The term “hack days” is slightly confusing… It…
I have to say that I am surprised just how possible it is to make personal connections while working remotely. There are people who I've…
The other day I decided to finally use CSS Grid in one of my personal projects. There's so much hype about it - at least in my social media…
I gave a talk last night at the Extreme Programming London meetup (XProLo). The talk was about why everyone should start blogging. Or…
I’m part of the organiser team of the Ladies of Code meet up, a monthly tech meetup for people who identify as women or non-binary gender…
There are a lot of things I want to get better at. One of those things is writing. Oh, wait... I'll try again:There are a lot of skills I…