Last week I asked for some comments on how web development got more complex in my opinion and I got great feedback1. It’s great to see a good discussion as the outcome, and I say “thank you” for all your support – whether financially or some kind words you sent me via email. Have a great weekend y’all!
- Here’s bad news. Again, a very bad Flash security vulnerability has been found2, and there’s no fix on the way yet — apart from uninstalling Flash. If you can’t do that, please use click-to-play and be very careful. You might also want to tell your friends about this problem. Let’s hope Adobe will supply a fix soon.
- Cody Lindley’s massive efforts resulted in a great resource for folks who are new to our industry: The Front-end Handbook3 is an open and free book about how to get started in the web industry. It not only shares the basic technological aspects but also business and social advice.
Concepts & Design Link
- The founders of Teehan+Lax, now at Facebook, shared a massive set of iOS9 GUI templates4 which you can use for free with Photoshop or Sketch (only for mock-ups though, according to the license).
- Jack Franklin started reflecting on the state of front-end tooling after a conference attendee asked him why he uses all those tools in his stack. Interesting thoughts with some very good advice on using what we feel comfortable with.
- I often stumble across browser extensions that are very cool. However, a lot of them are Chrome-only, so as a Firefox user I often get neglected. Luckily, Firefox changed its extension ecosystem to use WebExtensions, which makes it super easy to convert a Chrome to a Firefox extension.
- If you’re building an application with node.js you may want to read the node.js security checklist6 that helps you circumvent lot of security pitfalls.
- A recent report explains how the NSA breaks our crypto7. It even seems that they break Diffie-Hellman primes, meaning that HTTPS/VPN wouldn’t be secure anymore.
Web Performance Link
- Jeremy Keith is always good for a well-thought-out article on ideas that spread on the internet. This time, he criticizes Google’s new AMP project8 that, for a lot of people9, leads to more questions10 than it answers11.
- How to enable HTTP/2 in Apache? With Apache httpd 2.4.17, HTTP/2 is finally supported and here we have a guide on how to set it up and configure it12 for usage on your server. Let’s hope this version will get deployed on servers worldwide as soon as possible.
- imgix, a well-known real-time image processing service, implemented client hints now and explains how they did so in a short, informative article. Although only Chrome currently supports this, it will be a technique you should keep in mind for big performance improvements.
HTML / SVG Link
- Bram Stein started writing a series of articles, the so-called Web Font Anti-Patterns13. Starting with overusing web fonts14, inlining fonts15, and using too aggressive subsettings16, he will continue the series with even more useful information on web fonts.
CSS / Sass Link
- Making so-called “diamond grids” was always a big effort. But using Sass to calculate it, makes things a lot easier. Chen Hui Jing explains in her blog post how you can create a diamond grid with SCSS17.
Work & Life Link
- The worst situation as a developer is when you’re constantly interrupted during your work18. It massively affects productivity and code quality and should be avoided by company managers at all cost.
- Companies often struggle with the communication with their employees. To avoid conflicts, Zach Holman shares a way to let people in the company opt-in to business details19. An idea to put an end to the “why do we have to build this crap?” question.
- While the article “The Elephant in the Room” is a bit biased, it shows how difficult it is to make money with apps. It takes the example of Marco Arment’s most recent move to offer his podcast app on a donation-basis and compares it to developers who need to make a living from apps and struggle to charge for updates.
Go beyond… Link
- We can’t look into someone else’s mind. And sometimes this bothers us. We struggle with ourselves, thinking of impostor syndrome and comparing ourselves to the cool people on social media. However, these people are often not that different from us. Nobody Knows What The Hell They Are Doing20 reveals that we’re all in the same boat.
- This week, Tesla pushed a new software update to its cars, enabling them to drive on autopilot. This is the first car in public that can do this21 and it seems to work great. I’m curious how it will work out for them and moreover what the impact on the industry will be.
And with that I’ll close for this week. If you like what I write each week, please support me with a donation22 or share this resource with other people. You can learn more about the costs of the project here23. It’s available via E-Mail, RSS and online.
Thanks and all the best,
- 1 https://www.smashingmagazine.com/2015/10/web-development-reading-list-107/#comments
- 2 https://bgr.com/2015/10/15/adobe-flash-player-security-vulnerability-warning/
- 3 https://frontendmasters.gitbooks.io/front-end-handbook/content/index.html
- 4 https://facebook.github.io/design/ios9.html
- 5 https://facebook.github.io/design/ios9.html
- 6 https://blog.risingstack.com/node-js-security-checklist/
- 7 https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breaking-so-much-crypto/
- 8 https://adactio.com/journal/9646
- 9 https://groups.google.com/forum/#!msg/amphtml-discuss/TxoKtSXK148/xNoagN6DAgAJ
- 10 http://andydavies.me/blog/2015/10/13/accelerated-mobile-pages-ive-more-questions-than-answers/
- 11 http://www.niemanlab.org/2015/10/get-ampd-heres-what-publishers-need-to-know-about-googles-new-plan-to-speed-up-your-website/
- 12 https://icing.github.io/mod_h2/howto.html
- 13 http://bramstein.com/writing/web-font-anti-patterns.html
- 14 http://bramstein.com/writing/web-font-anti-patterns-overusing.html
- 15 http://bramstein.com/writing/web-font-anti-patterns-inlining.html
- 16 http://bramstein.com/writing/web-font-anti-patterns-subsetting.html
- 17 http://www.chenhuijing.com/blog/diamond-grid-using-sass/
- 18 http://thetomorrowlab.com/2015/01/why-developers-hate-being-interrupted/
- 19 http://zachholman.com/posts/opt-in-transparency/
- 20 http://99u.stfi.re/articles/32985/nobody-knows-what-the-hell-they-are-doing
- 21 http://www.wired.com/2015/10/tesla-self-driving-over-air-update-live/?mbid=social_twitter
- 22 https://wdrl.info/donate
- 23 https://wdrl.info/costs/