week 46, 2019

In Defense of Utility-First CSS

“Favor composition over inheritance”. This piece of wisdom from Design Patterns, one of the most influential software engineering books, is the foundation of utility-first CSS. It also shares many principles with functional programming: immutability, composability, predictability, and avoidance of side-effects. The goal behind all those fancy terms is to write code that’s easier to maintain and to scale.

Source: In Defense of Utility-First CSS, an article by Sarah Dayan.

CSS Utility Classes and "Separation of Concerns"

Over the last several years, the way I write CSS has transitioned from a very "semantic" approach to something much more like what is often called "functional CSS."

Writing CSS this way can evoke a pretty visceral reaction from a lot of developers, so I'd like to explain how I got to this point and share some of the lessons and insights I've picked up along the way.

Source: CSS Utility Classes and "Separation of Concerns", an article by Adam Wathan.

The perils of functional CSS

Functional CSS is a contentious topic, and one that regularly generates heated comment thread debate. In such situations, it can be tricky to tease out the hyperbole from the measured opinion.

Here’s my view on the subject, based on my recent experimentations with the approach during a project to build a web application.

Source: The perils of functional CSS , an article by Jay Freestone.

How To Set Up Nginx with HTTP/2 Support

HTTP/2 is a new version of the Hypertext Transport Protocol, which is used on the Web to deliver pages from server to browser.

Source: How To Set Up Nginx with HTTP/2 Support on Ubuntu 18.04, an article by Brian Hogan.

In the evening I modified the NGINX configuration for Plurrrr to support HTTP/2 using the above article. This resulted in a Lighthouse mobile audit Performance score of 100 and a Best Practices score of 100.

Lighthouse mobile audit score for Plurrrr
Lighthouse mobile audit score for Plurrrr.

The low SEO score is in part caused by Plurrrr having an empty robots.txt file. According to Lighthouse:

robots.txt is not valid Lighthouse was unable to download a robots.txt file

An empty robots.txt is not valid
An empty robots.txt is not valid.

However, Google's Robots.txt Testing Tool reports 0 errors and 0 warnings. I reported what I consider a bug as Empty robots.txt is reported as not valid to the Google Chrome Lighthouse project.

We reduced our Docker images by 60% with –no-install-recommends

Here at Canonical, we use Dockerfiles on a daily basis for all our web projects. Something that caught our attention recently was the amount of space that we were using for each Docker image, and we realized that we were installing more dependencies than we needed.

In this article, I’ll explain how we improved our image build time and reduced the image size by using the flag --no-install-recommends in our Dockerfiles.

Source: We reduced our Docker images by 60% with –no-install-recommends, an article by Francisco Jiménez Cabrera.

Raku Guide

This document is intended to give you a quick overview of the Raku programming language. For those new to Raku, it should get you up and running.

Source: Raku Guide, an article by Naoum Hankache.

Object Oriented Programming in Python 3

Python provides very clean object oriented design syntax. With the help of certain keywords, we can program the code by visualizing it as real world object. This chapter will not cover all object oriented programming concepts. However, it will teach you how to design an object oriented program in Python.

Source: Object Oriented Programming - Part I, part of a Python 3 Tutorial by Satya Jugran.

Why You Shouldn’t be Using BCrypt and Scrypt

I start by saying that this is certainly an opinion piece. However it’s not just pure opinion. My opinion on this subject is backed by a mathematical analysis of hashing algorithms. There are certainly some complicating factors that may be argued to influence the described scenario in all reality. However, given that I believe the core logic holds, a strong argument may be made against the use of B/S-crypt.

Source: Why You Shouldn’t be Using BCrypt and Scrypt, an article by Ben Prime.

Strange but True: Cats Cannot Taste Sweets

Sugar and spice and everything nice hold no interest for a cat. Our feline friends are only interested in one thing: meat (except for saving up the energy to catch it by napping, or a round of restorative petting) This is not just because inside every domestic tabby lurks a killer just waiting to catch a bird or torture a mouse, it is also because cats lack the ability to taste sweetness, unlike every other mammal examined to date.

Source: Strange but True: Cats Cannot Taste Sweets, an article by David Biello.

Why Some People Get Sick From the Flu Shot

It seems that there are two main thinking camps when it comes to the flu shot.

  1. Either you believe that the flu shot absolutely causes the flu and you should never take it, or…
  2. You believe it’s actually impossible to get the flu from the flu shot, and that anyone who disagrees probably also thinks the flat earth climate changed on 9/11.

As it turns out, the truth is more nuanced but still very simple.

Source: Why Some People Get Sick From the Flu Shot, an article by Daniel Miessler.

Debugging Software Deployments with strace

Most of my paid work involves deploying software systems, which means I spend a lot of time trying to answer the following questions:

  • This software works on the original developer’s machine, so why doesn’t it work on mine?
  • This software worked on my machine yesterday, so why doesn’t it work today?

That’s a kind of debugging, but it’s a different kind of debugging from normal software debugging. Normal debugging is usually about the logic of the code, but deployment debugging is usually about the interaction between the code and its environment. Even when the root cause is a logic bug, the fact that the software apparently worked on another machine means that the environment is usually involved somehow.

So, instead of using normal debugging tools like gdb, I have another toolset for debugging deployments. My favourite tool for “Why isn’t this software working on this machine?” is strace.

Source: Debugging Software Deployments with strace, an article by Simon Arneaud.

A Black Cat on the Bridge Railing

In the afternoon, when taking some fresh air, I spotted a black cat resting on the railing of a bridge. When I petted it, it started to move around on top of the railing. I took a photo when it was standing still for a short moment.

a black cat standing on the railing of a bridge
A black cat standing on the railing of a bridge.

Remote Working: The Ultimate Guide

There is no single formula for how to become an efficient remote worker. Everyone will work at different times and have different tips on how to make the most of their time. Indeed, one of the major benefits of remote work is the flexibility it affords. That said, there are a few common practices you can expect to use as a remote worker.

Source: Remote Working: The Ultimate Guide, a guide by James Gallagher.

Caching Tutorial for Web Authors and Webmasters

This is an informational document. Although technical in nature, it attempts to make the concepts involved understandable and applicable in real-world situations. Because of this, some aspects of the material are simplified or omitted, for the sake of clarity. If you are interested in the minutia of the subject, please explore the References and Further Information at the end.

Source: Caching Tutorial for Web Authors and Webmasters, an article by Mark Nottingham.

Avoid OR for better PostgreSQL query performance

PostgreSQL query tuning is our daily bread at Cybertec, and once you have done some of that, you’ll start bristling whenever you see an OR in a query, because they are usually the cause for bad query performance.

Of course there is a reason why there is an OR in SQL, and if you cannot avoid it, you have to use it. But you should be aware of the performance implications.

In this article I’ll explore “good” and “bad” ORs and what you can do to avoid the latter.

Source: avoid OR for better PostgreSQL query performance, an article by Laurenz Albe.

When to Use a List Comprehension in Python

Python is famous for allowing you to write code that’s elegant, easy to write, and almost as easy to read as plain English. One of the language’s most distinctive features is the list comprehension, which you can use to create powerful functionality within a single line of code. However, many developers struggle to fully leverage the more advanced features of a list comprehension in Python. Some programmers even use them too much, which can lead to code that’s less efficient and harder to read.

Source: When to Use a List Comprehension in Python, a tutorial by James Timmins.

Staticcheck in Action

Staticcheck is a static analysis tool for Go code. It has various checks, such as a check for unused variables, a check for deferring the Lock method on a mutex right after locking (the user probably meant to defer Unlock instead), a check for unreachable code, and more.

In this post we'll show sample code for which staticcheck returns errors, and how to fix the affected code.

Source: Staticcheck in Action, an article by Shawn Smith.

The problems with piping curl to a shell are system management ones

I was recently reading Martin Tournoij's Curl to shell isn't so bad (via), which argues that the commonly suggested approach of using 'curl | sh' is not the security hazard that it's often made out to be. Although it may surprise people to hear this, I actually agree with the article's core argument. If you're going to download and use source code (with its autoconfigure script and 'make install' and so on) or even pre-build binaries, you're already extending quite a lot of trust to the software's authors. However, I still don't think you should install things with curl to shell. There are two reasons not to, one a general system management one and one a pragmatic one about what people do in these scripts.

Source: The problems with piping curl to a shell are system management ones, an article by Chris Siebenmann.