A Cup Of Matcha 6

published on 2023-05-01

I almost forgot to post this today - it’s a Bank Holiday and I’ve spent the morning trying to spec a new bathroom.

Even in bathrooms technology moves on - are rimless toilets a good idea? Mirrors have Bluetooth now! I don’t know what I’m doing but hopefully the people I’m paying do.

BlueSky Social has been the big new thing this week. They appear to have provided The Big Benefit of Self Sovereign IDs without any of the blockchain garbage as a side-effect of making their new backend distributed and allowing users to seamlessly change home servers.

• First impressions of Bluesky’s AT Protocol Complicated but promising
• XRPC XRPC is possibly a new rival to GraphQL for simpler data structures?

Passkeys are still a hot topic

• Passwordless login with passkeys Google’s docs for their Passkeys implementation
• About the security of passkeys Reassurance from Apple, but also details on how their implementation differs significantly from others
• The War on Passwords Enters a Chaotic New Phase More diverse and inconsistent than “chaotic” I think

Shell scripting with BASH

• sh/shfmt Bash formatter
• ShellCheck Bash linter with a great name
• Pure-sh-bible A big cookbook of shell-only approaches to common problems

Identity management and authentication things

• Why outsource your auth system and how to sell the decision to your company I wish more people did…
• Kratos 0.13.0 Ory’s IdP gets a new release
• Biscuit 3.0 Biscuit is a very interesting, much richer alternative to JWTs
• The State of Dynamic Authorization I’m tempted to move into this field
• Entity authentication with a KEM Different authentication approach
• Cloud Scorecard Directory A nice directory of Internet2-rated services
• Why is OAuth still hard in 2023? A criticism of Oauth but also a plug for Nango, an Oauth-based data sync app. It looks useful.
• Nango Here’s the Nango open source app
• Boruta Docs Boruta has some great docs, I missed these last week.

TLS news

• crt.sh x509 certificate linting
• Acme subdomains Proposal to allow authentication of an entire subdomain with Let’s Encrypt and other ACME providers
• Running Rails Development with a Fake Domain and SSL I’ve done this (and even have special domains for it) but these docs are great

System administration

• Killport Efficiently kill whatever process is using a port - normally tricky to do on a Mac
• MRSK Evil Martians review MRSK
• Tabby Possibly a better terminal for Windows
• Runcvm Run special VMs in Docker alongside your containers
• Nine ways to shoot yourself in the foot with PostgreSQL There has to a PG link in here every week, it’s the law
• Cobra. Dev A Go CLI framework. Maybe I should move to writing CLI apps in GoLang?
• GitHub - oozcitak/xmlbuilder2: An XML builder for node.js But then, JS also has useful libraries…

Web development

• CSS Blend Modes I’m tempted to make my homepage retro-green using this.
• Wasp Yet another framework (for a framework) for Javascript. Easier, Rails-like React
• Pico.css A tiny CSS kit
• List.js Neat JS list display, sorting and filtering library
• ViewComponent Another component library for Rails
• Rails 7, Bootstrap CSS + JavaScript with ESBuild I can’t keep up

And finally…

• bark AI speech and sound synthesis. Genuinely useful
• How to increase your income as a consultant in 2023
• Ethical Sabotage
• Space Elevator A fun interactive infographic about the atmosphere

Tagged:

Pete Birkinshaw