MindByte Weekly Pulse: Weekly IT Insights: Quick GitHub, Azure, & .NET Updates
Posts
Building Async and Cloud Native organizations - Issue #20

Building Async and Cloud Native organizations - Issue #20

GitHub SBOM creation, Actions in VS Code and the like or dislike of Sprint Goals.

Michiel van Oudheusden
April 04, 2023

Welcome to my weekly newsletter! Every week, I bring you the latest news, updates, and resources from the world of coding and architecture. I'm so glad you've decided to join me, and I can't wait to share my insights and expertise with you.

I hope you'll find this newsletter to be a valuable resource, and I welcome your feedback and suggestions. If there's something you'd like to see more of, or if you have any questions or comments, please don't hesitate to contact me.

Thank you for joining me, and happy reading!

REST and APIs

Even if you have a nicely documented API, did you include all the possible responses you can give to those annoying exceptions? You do have to deal with those as well, so read this article on how to be more expressive:

Your API Has Problems. Deal With It.

Learn how RESTful APIs can respond to run-time problems

apidesignmatters.substack.com/p/your-api-has-problems-deal-with-it

Contract testing is a useful way to validate it the defined contracts between parties are still valid. Why and when you can use this type of testing is described in the Nordic API article below:

How to Perform Contract Testing on APIs and Microservices | Nordic APIs |

Learn the basics of contract testing and how it works, as well as its value and how to incorporate it into your workflows.

nordicapis.com/how-to-perform-contract-testing-on-apis-and-microservices

Coding technicalities

Confused about .NET Standard, how it relates to .NET 7? Then have a look at this excellent article by Andrew Lock.

Understanding the .NET ecosystem: The introduction of .NET Standard

In this article, previously part of my new book, we look at .NET Standard, look at why it was created, and discuss its future.

andrewlock.net/understanding-the-dotnet-ecosystem-the-introduction-of-dotnet-standard

Time Series databases are a special kind of storage as existing solutions might not be suitable.

What Are Time Series Databases, and Why Do You Need Them?

The flood of time stamped data demands specialized time series databases. Learn more about why legacy solutions aren't up to the task, and the features and benefits of modern TSDBs.

thenewstack.io/what-are-time-series-databases-and-why-do-you-need-them

Accepting user input in your application is a red light and must always be sanitized. So what if that is not working as intended and a clever person can reverse engineering into the application? An insightful story on how to hack this .NET API.

Hacking a .NET API in the real world - Dana Epp's Blog

Let me tell you a story about the time I hacked into a .NET API through a bit of luck and reverse engineering.

danaepp.com/hacking-a-net-api-in-the-real-world

GitHub related

Are you fighting with YAML in workflows, or want to troubleshoot why a build task failed? Then this new extension for VS Code can help you.

It was a community-driven extension before, which has now been adopted by GitHub. They added support for the official GH Actions schema, so you now have full intellisense in the IDE. Including syntax highlighting, code completion, as well as documentation.

You can also see all your workflows and dive right into the logs. Even triggering workflows to run is an option.

So if you have not tried it, read more on their blog, or download it from the marketplace.

Announcing the GitHub Actions extension for VS Code | The GitHub Blog

Today, we’re excited to announce the release of the public beta of the official GitHub Actions VS Code extension, which provides support for authoring and editing workflows and helps you manage workflow runs without leaving your IDE.

github.blog/2023-03-28-announcing-the-github-actions-extension-for-vs-code

Do you know that a large part of your application is not yours? You most likely consume a large number of components, like third party libraries, SDKs, and other frameworks.

It becomes more and more important to know what your application consist of as it allows you to assess the vulnerability and licenses of those components.

This is called a Software Bill of Materials (SBOM) and there are standards in the way you can model this information. By having this standard, you can either look at it yourself, share it easily or use tools to analyse.

As GitHub already knows about your dependencies, so there is now a button (under the Insights tab, Dependency graph option), to generate this export.

You also have the option to use the GH CLI or GitHub Actions to either generate or fill the SBOM yourself.

Another way to become more secure and compliant.

Introducing self-service SBOMs | The GitHub Blog

Developers and compliance teams get a new SBOM generation tool for cloud repositories.

github.blog/2023-03-28-introducing-self-service-sboms

Computing in general

While working with a team on their Agile processes, I tried to guide them on Sprint Goals; a way to focus on a valuable outcome of the sprint. Of course, there is always some other work as well, so not all tasks will lead to that single goal. But it can help make decisions and priorities.

I found two articles in my list that offer perspectives on why you do need them and why they might not be that needed:

Does Your Sprint Really Even Need a Sprint Goal?

A sprint goal could be a useful North Star or lip-service, depending on your work and the clarity of the backlog items. Learn why.

www.mountaingoatsoftware.com/blog/why-i-dont-emphasize-sprint-goals

What are sprint goals? Why you need them and how to write them - LogRocket Blog

Creating sprint goals helps developers on agile and scrum teams focus, self organize, and manage expectations.

blog.logrocket.com/product-management/sprint-goal-definition-purpose-how-to

While Twitter is fighting a case against GitHub to release the name of the person responsible for leaking the full source code of Twitter, they are at the same time releasing a piece of the code as open source.

It breaks down what the algorithm looks at when determining which tweets to feature in the For You timeline and how it ranks and filters them. So if you are interested in why you get certain tweets shown, then dive into the code:

Twitter takes its algorithm “open-source,” as Elon Musk promised

I’ve seen the code.

www.theverge.com/2023/3/31/23664849/twitter-releases-algorithm-musk-open-source

Do you want to get your error rate down? Then look at what Pulumi is doing and why it helped them reduce the on-call fatigue:

Read Every Single Error

How one process helped us decrease our error rate 17x in one year.

www.pulumi.com/blog/reducing-our-error-rate

How can you model an architecture in such a way that everybody still understands the meaning? Using the right concepts in language, is the first step:

Thinking in Patterns; The Importance of Language in Software Architecture

Language is the foundation upon which all communication is built. It's how we share our thoughts,...

dev.to/jeastham1993/thinking-in-patterns-the-importance-of-language-in-software-architecture-2jom

Helpers and utilities

A collection of absurd ideas for volume control. I hope they never got to be used for real.

Probably the best thing you'll see today.
In 2017, a group of developers hilariously competed for who could create worst volume control interface in the world.
The results 🧵
1/22
— 0xDesigner (@0xDesigner)
Apr 2, 2023

If you are already a command line wizard, then these might be known to you, but I learned a couple of new ones:

Useful CLI: 17 Commands You Should Know as a Developer

Useful CLI commands to help you get more done.

javascript.plainenglish.io/useful-cli-17-commands-you-should-know-as-a-developer-afeb0a916fea

Computer laws

Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it

Kernighan's Law

I hope you've enjoyed this week's issue of my newsletter. If you found it useful, I invite you to share it with your friends and colleagues. And if you're not already a subscriber, be sure to sign up to receive future issues.

Next week, I'll be back with more articles, tutorials, and resources to help you stay up-to-date on the latest developments in coding and architecture. In the meantime, keep learning and growing, and happy coding!

Best regards, Michiel

Join the conversation

or to participate.