A Byte of Coding Issue 380

Hey-yo,

Last issue before the weekend, have a good one!

Made possible through generous sponsorship by:

The Blessing of the Strings

Published: 3 April 2024

Tags: web, security

Brian Kardell dives into the trusted types proposal, which would ride “atop Content Security Policy (CSP) and allows website maintainers to say ‘require trusted-types’“.

Some highlights:

• would make web apis that require a string safer, since they would now require a sanitized string type

• built-in sanitization of html

• challenges in getting it rolled out with good defaults, since many of the affected apis are currently in use

Chasing resets

Published: 1 April 2024

Tags: asic, hardware, philosophy

Dan Gisselquist goes in-depth on adding features to an asic design that he initially estimated would take 80 hours, but ended up taking 270+ hours.

Some highlights:

• magic numbers suck

• long list of best practices when designing software for asics

• technical debt should always be addressed for anything that you’re not scrapping

The Developer’s Guide to SSO

Published: 27 October 2023

Tags: sponsored, auth, web

WorkOS has published a guide on how to best integrate single sign-on (SSO) in your app.

Some highlights:

• common requirement for enterprise customers

• ​describes the general request flow for a user logging in with SSO

• summarizes how to build SSO from scratch and how to use existing providers

Basic Things

Published: 22 March 2024

Tags: philosophy, projects

Alex Kladov shares insights on a list of things that are relevant to every software project.

Some highlights:

• “they are irrelevant while the project is small, they are a productivity multiplier when the project is large, they are much harder to introduce down the line. “

• covers readmes, developer docs, users’ website, internal website, process docs, style, git, automated checks, build & ci, testing, benchmarking, and releases

• has a bullet point summary at the end