Todo/Continue

Features auto load balancing & auto scaling managed platform updates application health monitoring application versioning traffic splitting Compute Engine vs App Engine compute E = IAAS app E = Paas, serverless Environments standard - language specific sandbox v1 - java python php go (old versions) python & php -> restricted network access + restricted libs v2 - java, python, php, node, ruby, go (newer versions) flexible - docker containers uses compute engine VMs access to background processes attach local disks Component Hierarchy !...

Unit Testing for Typescript & NodeJs Developers with Jest https://www.udemy.com/course/unit-testing-typescript-nodejs Advanced Typescript programming with NodeJs and Webpack https://www.udemy.com/course/typescript-full-stack-programming Typescript with React classes - quick start - Jest testing https://www.udemy.com/course/typescript-with-react-jest-testing Mastering Visual Studio Code https://www.udemy.com/course/mastering-visual-studio-code Advanced Java programming with JavaFx: Write an email client https://www.udemy.com/course/advanced-programming-with-javafx-build-an-email-client Ubuntu Linux on VirtualBox quick setup https://www.udemy.com/course/ubuntu-linux-on-virtualbox-quick-setup Git with Visual Studio Code https://www.udemy.com/course/git-with-visual-studio-code

OWASP top 10 Open Web Application Security Project https://owasp.org/ OWASP top 10 - 2013 (Book_ release it!) Injection Broken Authentication and Session Management Cross Site Scripting (XSS) Broken Access Control Security Misconfiguration Sensitive Data Exposure Insufficient Attack Protection Cross-Site Request Forgery (CSRF) Using Components with Known Vulnerabilities Underprotected APIs (src: Book_ release it! - Michael Nygard) 2017 added (4) XML External Entities (XXE) covered in (2013.1) OWASP Injection by [[book-release-it-michael-nygard.md|Book_ release it!...

(AWS & Typescript Masterclass - CDK, Serverless, React) Section 1: Introduction Section 2: AWS CDK & CloudFormation CDK commands Backend Section 3: Serverless project with CDK and Typescript Section 4: Serverless: AWS Lambda - bundling, testing and debugging Section 5: Testing and debugging Lambdas cdk run local lambda with sam-cli Debug typescript file with breakpoints (credentials via 1password) Section 6: AWS DynamoDb with CDK and Lambda Type Guards Section 7: [[aws-typescript-masterclass-7....

What does a good scrum master do? Teams private assistent Schedule meetings Work at the team boundary Know the trust level and relationship with the infrastructure team Know the dependencies’ owners relationship level Know the users / depending teams relationship level Help solve conflicts between teams Work on team Build trust Facilitate meetings Alignment Help solve conflicts in the team Dev vs Scrum master Dev = focus, sprint goal Scrum master = improve teamwork

01 Get Unstuck 02 Master My Stories 1 03 Master My Stories 2 04 Start with Heart 05 State My Path 06 Make it Safe 07 Learn to Look 08 Seek Mutual Purpose 09 Explore Others’ Paths 10 Move to Action steps: use them in order tools: use when situation calls for it models Model: crucial conversation Model: fool’s choice Model_ CPR Model_ path to action Model: downward spiral Model: fact vs story Model: types of story [[model-clever-stories....

(Book_ Release It! - Michael Nygard) Part 1 - Create Stability Ch2 case study Ch3 Stabilize your system Ch04 Stability Anti-patterns Ch05 Stability Patterns Part 2 - Design for production Ch06 case study Ch07 Foundations Ch08 Processes on Machines Ch09 Interconnect Ch10 Control plane Ch11 Security Part 3 - Deliver your system Ch12 Ch13 Ch14 Part 4 - Solve Systemic Problems Ch15 Ch16 Ch17 Model: cap theorem Model_ OSI model...

Model_ resulting - decision quality vs decision outcome Learn what 20% or 30% chance of failure actually is like. Reminds me of investing advice from option traders: “whatever you do, make sure that you can still continue the next day” - Nassim Taleb’s books Model_ how beliefs are formed

https://udemy.com/course/oauth-2-simplified bad: implicit flow → everything passes through url bar (aka front channel) through ‘front channel’ aka address bar good: back channel (aka HTTPS between browser & server → AJAX js call) client id client secret (aka client password) flow app builds url to redirect user to the auth server scope redirect uri client id login & approve & redirect back authorization code one-time-use short expiration date only usable once app contacts auth server authorization code client secret alternative to “authorization code” flow (when no client secret - aka public client) PKCE - Proof Key Code Exchange...

I have found multiple ways of looking at this: behaviour vs methods behaviour vs state behaviour vs implementation (1) Unit-Test Behaviour, Not Methods focus on the features that the object under test should provide, We need to know how to use the class to achieve a goal, not how to exercise all the paths through its code. Describing Behavior, Not API Features We need to know how to use the class to achieve a goal, not how to exercise all the paths through its code....