=F0=9F=
=A7=91=E2=80=8D=F0=9F=92=BB
|
How Discord Reduced Websock=
et Traffic by 40% (17 minute read)
Discord reduced its websocket traffic b=
y 40% through two key optimizations. Firstly, it replaced its existing comp=
ression algorithm, zlib, with zstandard, achieving higher compression ratio=
s and shorter compression times. It further improved performance by impleme=
nting streaming compression for zstandard, allowing it to utilize historica=
l data for better compression of small payloads. Secondly, it introduced Pa=
ssive Sessions v2, which only sends updates about changes in server informa=
tion instead of sending complete snapshots.
|
One year of Rust in product=
ion (10 minute read)
This developer found that Rust's type-s=
afety and compile-time checks led to a smooth transition to production with=
out major issues. After a year, they reflect back on how it's going. They f=
ind that Rust's long compile times, particularly with macro-heavy libraries=
, necessitate a different development workflow. At the same time, Rust is s=
till satisfying to use and will continue to be used in production.
|
Gaining access to anyone's =
browser without them even visiting a website (7 minute read)
A vulnerability in Arc Browser's use of=
Firebase allowed unauthorized access to any user's browser without them vi=
siting a website. This was possible because Arc's cloud features, like Boos=
ts, stored data in Firestore with insecure security rules. An attacker coul=
d exploit this by obtaining a user's ID, creating a malicious Boost, and ch=
anging the Boost's creator ID to the victim's. This has since been addresse=
d by Arc, who patched the vulnerability, added a feature to disable Boosts,=
and started a bug bounty program.
|
|
No One Builds in Public (5 =
minute read)
The "build in public" trend within the =
indie hacker community has an over-reliance on sharing revenue figures. Whi=
le initially attention-grabbing, the constant stream of success stories may=
be losing its impact and overshadowing the discussion of actual product de=
velopment. Also, the "build in public" approach may not be necessary for su=
ccess, as some prominent indie hackers have achieved great results without =
actively sharing their progress publicly.
|
A New Era of Writing Code (=
5 minute read)
LLMs can significantly speed up develop=
ment by taking care of repetitive tasks, but they still have limitations, e=
specially when dealing with complex or open-ended features. While LLMs can'=
t replace engineers entirely, they can help them to focus on higher-level t=
asks.
|
|
Kamal Proxy (GitHub Repo)
Kamal Proxy is an HTTP proxy that makes=
it easy to coordinate zero-downtime deployments. It can deploy changes to =
web applications without interrupting any of the traffic in progress.
|
Scalar (GitHub Repo)
Scalar is an offline-first API client a=
nd interactive reference generator. It uses OpenAPI/Swagger documents to cr=
eate user-friendly documentation and API clients for various languages and =
frameworks.
|
CSS Peeper (Chrome Extensio=
n)
CSS Peeper is a Chrome extension that a=
llows designers to easily view and inspect CSS styles on any website. It al=
lows for browsing components and colors in a visual way.
|
|
The sorry state of Java des=
erialization (12 minute read)
Java deserialization is surprisingly sl=
ow. This developer benchmarks various techniques for reading 1 billion rows=
of data from disk, including using `DataInputStream`, JDBC, Protobuf, Parq=
uet, and custom solutions. The results show that even with optimized custom=
implementations, Java's performance lags significantly behind the theoreti=
cal maximum for disk I/O.
|
Analyzing the OpenAPI Tooli=
ng Ecosystem (14 minute read)
This is an exploration of the OpenAPI S=
pecification (OAS) tooling ecosystem that visually diagrams the various tas=
ks tools perform and how they relate to each other. The tools are separated=
into three areas: Parsing libraries, OAD tools, and API tools.
|
|
How I Hire Programmers (6 m=
inute read)
A better programmer hiring process focu=
ses on evaluating candidates' past work, conversational intelligence, and c=
ompatibility with the team rather than traditional interviews like Leetcode=
questions.
|
I Like Makefiles (5 minute =
read)
This developer prefers using Makefiles =
for project automation due to their simplicity, consistency across projects=
, and compatibility with various build tools.
|
|
|
Love TLDR? Tell your friends and get rewards!
|
|
Share your referral link below with friends to get free TLDR swag!
|
|
|
|
|
Track your referrals here.
|
|
Want to advertise in TLDR? =F0=9F=93=B0
|
If your company is interested in reaching an audience of web developers and=
engineering decision makers, you may want to advertise with us=
.
If you have any comments or feedback, just respond to this email!
Thanks for reading,
Priyam Mohanty, Jenny Xu & Ceora Ford
|
|
|
|