CodeIsGo.com

When building a web application with React, one of the challenges apart from implementing the main logic of the application is styling and choosing the appropriate styling solutions for your application. By Osah Peter.

CSS-in-JS solutions leverage javascript in styling applications. This has benefits as it improves maintainability, brings in modularity in styling, and introduces “Dynamic styling” to applications. There are various CSS-in-JS solutions. However, we will take a look at the two most popularly used solutions, which are Linaria and Styled-components. We will take a look at their features as well as make comparisons between them based on features, performance, and ecosystem.

Linaria is one of the most popular CSS-in-JS solutions. It has over 7.1K GitHub stars and 260 GitHub forks. Linaria is a Zero-Runtime CSS in JS which means that it converts the CSS-in-JS codes into a separate .css file while creating the build for production. This is similar to how most CSS preprocessors, like SASS and LESS, operate.

Styled-Components is one of the most popular CSS-in-JS solutions. It has over 37.2K GitHub stars and 2.3K GitHub forks. Styled-components enables you to write actual CSS code to style your components. It also creates a layer of abstraction between components and styles, thereby eliminating the direct mapping between them. Good read!

Natural Language Understanding (NLU) is a subtopic of Natural Language Processing. It focuses on “comprehension”. NLU deals with users’ intents and what they mean instead of what they say. Thus, some people refer to it as Intent Detection or Intent Detector. By picovoice.ai.

The main points in the article:

• How does NLU work?
• Five most commonly used NLU terms
  • Conversational AI
  • Corpus
  • Utterance
  • Intent
  • Entities

Understanding Intents is just one part of the problem. Extracting details and understanding choices are as vital as understanding intents. Entities are also known as Slots or Intent Details. Despite the same intent, the utterances “show me sneakers” and “I want to see running shoes” have different Entities: “sneakers” and “running shoes.” Nice intro to NLU!

Google Firestore is a document-oriented database that has some neat features for building modern apps as part of the Firebase offering. In most respects, I find it is conceptually similar to AWS Amplify on the surface. Having now worked with both, they feel very different in practice. By Charles Chen.

If you haven’t worked with Google Firebase before, it’s a suite of PaaS tools glued together under one branding and includes:

• An identity management service similar to AWS Cognito or Azure AD B2C
• A document database similar to AWS DocumentDB or Azure CosmosDB
• A real-time sync to the database similar to what’s possible with AWS AppSync and DynamoDB (except without the GraphQL)
• Integration with the Google Cloud Functions runtime
• Integration with Google Cloud Storage

The article then guides you through:

• Workspace setup
• Backend API in C#
• Front-end in Vue + TypeScript
• Adding authentication
• Back-end validation
• Real-time subscriptions

There’s a ton of old documentation and examples on the web with very few real examples of working with the emulator from end-to-end with a front-end and back-end API. This article provides you missing bits, it is well explained with all code provided, contains links to other resources and compares competitor resources to Firebase. Very exciting!

How a maverick genius at IBM helped to change the course of computing forever. The RISC idea has now been around for around fifty years and it’s been the subject of debate and a degree of controversy for much of that period. By Babbage.

But some of IBM’s engineers were convinced of the benefits of a simple yet powerful computer. So members of the project returned to IBM Research and started work to turn the ideas into a general-purpose computer.

The main sections in the article:

• Origins
• Enter Ericsson
• Work starts on the 801
• Instruction traces
• Building the RISC philosophy
• The 801 architecture
• The revised 801
• The 801 delivers

The term RISC came to be used first in the RISC-1 project led by David Patterson at U.C. Berkeley. Along with John Hennessy at Stanford University, Patterson and his students would pick up the RISC concept and build the first microprocessors using RISC principles. And that’s where our series goes next. Nice one!

Whether prices are up or down, for many investors in cryptocurrency, the real appeal is that there’s nobody in charge. But a new report finds that the decentralized system might not be working as well as many crypto enthusiasts assume.or a one-time activity like creating a cluster, but not for continuous tasks like app delivery and configuration management.

The report was commissioned by the Defense Advanced Research Projects Agency, or DARPA, and the work was done by the software security research company Trail of Bits.

“It’s been taken for granted that the blockchain is immutable and decentralized, because the community says so,” says Trail of Bits CEO Dan Guido.

But in practice, he says, these networks have evolved in ways that concentrate power in the hands of certain people or companies, including the large pools of “miners” whose computers earn virtual currency by maintaining the blockchains. Guido’s team calls these potential situations “unintended centralities” — situations in which someone gains leverage over the decentralized system, creating opportunities for tampering with the record of who owns what.

Another example in the report of this kind of concentration is the fact that 60% of Bitcoin traffic is handled by just three internet service providers.

“Let’s say somebody with great top-down control of the internet in their country starts to interfere with that network,” Guido says. By slowing down or stopping legitimate blockchain traffic, an attacker could become the “majority” voice in the consensus of what’s written to a blockchain at that moment. “They can rewrite history. They can censor transactions. They can make it so that you can’t spend your Bitcoin,” says Guido. “It’s definitely something people would want to do if they want to ‘grief’ the network.” To learn more follow the link to original article. Excellent read!

In this article, you will learn how to create a Kubernetes cluster with Terraform and then manage it with Argo CD. Terraform is very useful for automating infrastructure. On the other hand, Argo CD helps us implement GitOps and continuous delivery for our applications. It seems that we can successfully combine both these tools. Let’s consider how they can help us to work with Kubernetes in the GitOps style.

Here’s the list of things you are going to do in this tutorial:

• In the first step, we will create a local Kubernetes cluster using Terraform
• Then we will install OLM (Operator Lifecycle Manager) on the cluster. We need it to install Kafka with Strimzi (Step 5)
• We will use Terraform to install Argo CD from the Helm chart and create a single Argo CD Application responsible for the whole cluster configuration based on Git
• After that, Argo CD Application installs Strimzi Operator, creates Argo CD Project dedicated to Kafka installation and Argo CD Application that runs Kafka on Kubernetes
• Finally, the Argo CD Application automatically creates all the CRD objects required for running Kafka

Author wanted to define the whole cluster and store its configuration in Git. It was not possible to use only Argo CD to achieve it, because Argo CD must run on the existing Kubernetes cluster. That’s why a tool that is able to create a cluster and then install Argo CD there seems to be Terraform. It is perfect for a one-time activity like creating a cluster, but not for continuous tasks like app delivery and configuration management. Good read!

In this article, we introduce Kueue, an open source job queueing controller designed to manage batch jobs as a single unit. Kueue leaves pod-level orchestration to existing stable components of Kubernetes.

In the article you will find:

• Why Kueue?
• How Kueue works
• Resource model
• Example use case

With Kueue we decided to take a different approach to job queueing on Kubernetes that is anchored around the following aspects:

• Not duplicating existing functionalities already offered by established Kubernetes components for pod scheduling, autoscaling and job lifecycle management
• Adding key features that are missing to existing components

Job queueing is a key feature to run batch workloads at scale in both on-premises and cloud environments. The main goal of job queueing is to manage access to a limited pool of resources shared by multiple tenants. Job queueing decides which jobs should wait, which can start immediately, and what resources they can use. Good read!

Before understanding DevSecOps, let’s understand what is DevOps. DevOps is the combination of cultural philosophies, practices, and tools that increase an organization’s ability to deliver applications and services at high velocity. In fast-moving projects, security often lags behind and given low priority which may lead to buggy code and hacks. Let’s see how we can reduce the risk of attack by integrating security in our DevOps pipeline. By Alok Maurya.

The article then reads about:

• What is to DevSecOps (DevOps + Security)
• What are the benefits of using DevSecOps?
• How to make security culture your default state?
• Plan/Design
• Develop
• Build and code analysis
• Test
• Deploy
• Monitoring and Alerting
• Best practices to secure your infrastructure for DevSecOps CI/CD

… and more. Each section above is full fo details, with code and config examples. Implementing DevSecOps best practices reduces the risk of vulnerabilities and hacking. Scanning all parts of your infrastructure and application gives full visibility of potential threats and possible ways to remediate them. “The only way to do security right is to have multiple layers of security” hence we talked about multiple methods and tools that can be used for finding vulnerabilities. Exciting read!

Updates introducing a breaking change are unwelcome, especially when this happens without warning. Semantic versioning is one of the most popular solutions for this. By Tomas Fernandez.

One of the drawbacks with all of these versioning approaches is that they don’t tell us anything about compatibility between releases. The way to find out is to dig through changelogs.

In the article:

• What is semantic versioning?
• Automating versions with semantic-release
• How to get started with semantic-release
• Semantic versioning with CI/CD
• Disable tags on Semaphore
• Continuous delivery pipeline with semantic versioning
• Extending the delivery pipeline

Semantic versioning is a versioning scheme that aims to communicate the level of compatibility between releases at a glance. It uses a three-part numbering system: major.minor.patch (e.g. 1.2.3) which may or may not be suffixed with special identifiers such as -alpha or -rc1. Maintaining consistent version numbers will help you gain the trust of users and other developers. Good read!

When building security solutions using OAuth and OpenID Connect (OIDC), we frequently discuss tokens. Sometimes these systems are even referred to as token-based architectures. By Jonas Iggbom.

The article dives into:

• Types of tokens
  • Access tokens
  • Bearer tokens
  • Sender constrained tokens
  • Refresh tokens
  • ID tokens
• Token formats
  • Opaque tokens
  • JSON Web Tokens (JWT)
• The best of both worlds
  • Phantom tokens
  • Split tokens
  • Token handler

Tokens play a core role in authorizing access to applications, services and APIs. They also enable secure, flexible and scalable access management. Using tokens means applications don’t have to maintain a static API key or, even worse, hold a username and password. Nice one!