Hi everyone! 👋
Welcome to cron.weekly issue #136.
Quite a lot of interesting stories to share this week! Some deep-dives into SSL certificates, turmoil in Open-Source Windows land, performance benchmarks, security tips, …
Hope you enjoy it! ☕️
News & general 🗞
Just over 24 hours ago, a couple of root certificates used to sign SSL certificates have expired. This is pretty common, as certificates all have to expire at some point. But it’s a pretty rare occurrence.
If you’re noticing weird SSL errors since yesterday-ish, have a read - this post covers the problem, how to verify it and how you can resolve it.
The first commit to the SQLite project happened on May 29th, 2000. Crazy to see the history of this project!
Honestly, I ask myself that question all the time. 😅
While I’m a skeptic (I believe most people use Kubernetes in environments where it’s absolute overkill), it’s hard to ignore its rise in popularity. This post gives a good high-level overview and offers a series of arguments that might explain its popularity.
This caught my eye: in about a year, Google will take the “user experience” into account when ranking sites in its search results. That means sites with overlay/popups are punished, as well as slow sites, sites with bad user interactions/usability, …
If you ever needed arguments to convince your marketing team to take speed & privacy serious, this just might be it!
This is an Open-Source story from the Windows ecosystem, but I want to share it with all of you. The author of
AppGet, a popular package manager, is stepping down from the project as Microsoft released its own package manager:
Microsoft released WinGet (Not to be mistaken with AppGet) earlier this week as part of their Build 2020 announcements.
I have mixed feelings here, but it may ultimately be for the better of the Windows ecosystem to have the dominant package manager be controlled & managed by MS themselves.
Tools & Projects 🛠
db you can very easily save, restore, and archive snapshots of your database from the command line. Pretty useful in a development workflow.
Bridgecrew’s codified security platform helps developers find and fix cloud misconfigurations and policy violations in both run-time and build-time. Integrate Bridgecrew with your repos and CI/CD pipeline to prevent cloud security issues from ever being deployed. It’s free to get started. Sponsored
Micro is a modern and intuitive terminal-based text editor. It aims to be somewhat of a successor to the nano editor.
This CLI plugin pushes the README file from the current working directory to a container registry server where it appears as repo description in the web interface.
After 40+ beta versions & release candidates, Snowpack 2.0 is here. Snowpack is a build tool for modern web apps.
Cronitor is the utility-knife style monitoring tool we’ve always wanted. With multi-region uptime & response time verification, powerful test assertions on HTML & JSON responses, privacy checks for your S3 buckets, and instant alerts when things go wrong, Cronitor fills the gaps in monitoring modern web applications. Sponsored
This cool can turn any webpage, into a native desktop application that you can install & distribute. Pretty useful if, say, you wanted to make Carbon for your desktop.
Pest is a new, elegant, PHP Testing Framework with a focus on simplicity.
Guides & Tutorials 🎓
Static websites are still a hot topic. They are fast, and they’re incredibly secure because there isn’t a CMS to hack. Once you build a static website, however, the question becomes: Where do I host? This benchmark has some interesting observations: AWS CloudFront is fastest, but nearly all static hosting services have gotten slower since the last benchmark, 3 years ago!
A solid collection of todo’s on new systems, like hardening the disk layout, kernel options, managing the firewall, limiting sudo, …
Airflow is a platform created by the community to programmatically author, schedule, and monitor workflows. In this guide, an example of machine learning of Twitter posts is used to explain how Airflow operates.
I’ve recently been writing some more Python code and found this post be very valuable: over the years, the Python landscape has (slowly) transitioned from 2.x to 3.x, and with it - many things in the ecosystem changed. In this post, you’ll find a good overview on modern Python development.
This post does a deep-dive into two exciting new features of the Prometheus Node Exporter: TLS and HTTP Basic Authentication.
I knew about normal aliases (think
alias gd="git diff"), but this post also thought me about alias suffixes & global aliases, together with a couple of other neat tricks.
This is a pretty neat trick to let the master nginx process, which usually runs as root, run as a non-privileged user. The post contains all the systemd configs you need to make this happen.
I did some experimenting and playing around with certificate chains and learned you can stuff around 80 random certificates in your chain and things still continue to “just work” on the web.
This might break older devices that have a more basic understanding of certificate chains though.