When I’m developing on a Spring Boot app, I want to see when a request comes in, how it was authenticated, and where it was handled. By default, log levels are set to INFO. Nothing prints per-request. I don’t know a good way to get the information I need, so I turn them way up: …
When explaining your favorite tool, ya wanna say “just install this!” “Simply change the configuration.” “Customizing it is easy.” Don’t! Steps that feel easy, simple, trivial to you are that way because of the experience you have in the tool. You understand how it works, you know what it’s like to install it, you understand …
In games from Animal Crossing to Path of Exile, play starts with world exploration. How does physics work here? What can I do? Software development is the same way. Here’s my video from GOTO Chicago 2020.
https://changelog.com/podcast/398 Looks like I talked about “Understanding software systems, transferring knowledge between devs, building relationships, using VS Code & Docker to code together, observability as a logical extension of TDD, and a whole lot more.”
^ that’s what I googled, so that’s the title of the blog post that solves it. When I added spring-boot-starter-security to my dependencies, I expected my whole app to suddenly be behind a login screen. But I expected it to work after logging in. Instead, it failed at the first form submission. And it failed …
Read moreI turned on Spring Security and my POSTs don’t work anymore
In Spring Boot example apps, H2 is the easiest database to get started with. Its data is in memory or in a local file. When the app is running in development mode, you can access the database at /h2-console. It gives you a lovely little SQL admin app. That is, after you turn it on …
As a programmer, especially a strong-typing functional programmer, I love abstraction. Defining what the program does and expressing that cleanly in code. The code should express little else. Now I’m studying secure code, and it is the opposite. It’s all about what can happen, not what should. So many nitty-gritty details of network protocols, memory …
Read moreWhat functional programming and secure code have in common
Useful terminology: my tools are either ready-to-hand, unready-to-hand, or present-at-hand. I can notice the switch and deal with it consciously.
In our Rails app, installing the Honeycomb beeline magically gave us traces of all HTTP requests, with dozens of useful fields like ‘request.path’ and ‘response.status_code’. I really wanted the request verb (GET or POST) and I couldn’t find that. (It’s there, in ‘request.method’, I missed it. But still, it’s useful to know how to a …
Read moreAdding custom fields to Honeycomb traces in Rails by writing a Rack middleware
so I can find them here later: Fast-forward merge Some people like to git pull, but I never do. That brings new stuff from origin and then merges. I always do these do steps separately: git fetch and then either merge or rebase. The easy case, when I don’t have any local-only commits, is to …