Guards - simple restriction checking

  • 1 min read

Guards are a great way to check data limits. They are safe and can make the everyday work with the project more pleasant and, at the same time, limit the duplicated code. And it’s all in pattern matching!

Find leaked credentials with TruffleHog

  • 1 min read

One of the possible vectors of an attack on the system is the disclosure of the used keys, certificates, or other access data. I found TruffleHog as a tool to verify your project. The tool can scan projects on GitHub or GitLab, including entire organizations! You can attach them to your CI/CD pipeline to verify that no confidential information has been published.

Using JSON Web Tokens and their security

  • 3 min read

JSON Web Tokens known as JWT, are a great way to ensure security in communication between system parts. Remember not to trust the user and verify the data before use. JWT contains a lot of information about the user and his permissions. It is also a well-thought-out structure. It indicates in an accessible way for whom and by whom the token was prepared. Also, check out the topic of key rotation and its benefits.

Delegate tasks, and don’t be afraid to say no!

  • 2 min read

Feeling overwhelmed by work is quite a common feeling. Especially if we work on the project for a long time. Good planning can make your work more pleasant and simplified. You don’t have to complete all tasks (alone). Some tasks can even be removed. With the Eisenhower matrix you can manage your priorities.

Good error message

  • 3 min read

Error handling is an integral part of any project. However, only a few can do it well. What makes an error message good? Take care of the language of the message, its length and indicate how to mitigate errors. Have automatic bug reporting tools to quickly respond to system problems.