joepie91

A few notes on the "Gathering weak npm credentials" article

Yesterday, an article was released that describes how one person could obtain access to enough packages on npm to affect 52% of the package installations in the Node.js ecosystem. Unfortunately, this has brought about some comments from readers that completely miss the mark, and that draw away attention from the real issue behind all this.

To be very clear: This (security) issue was caused by 1) poor password management on the side of developers, 2) handing out unnecessary publish access to packages, and most of all 3) poor security on the side of the npm registry.

With that being said, let's address some of the common claims. This is going to be slightly ranty, because to be honest I'm rather disappointed that otherwise competent infosec people distract from the underlying causes like this. All that's going to do is prevent this from getting fixed in other l

jFransham

Achieving warp speed with Rust

Contents:

• Number one optimization tip: don't
• Never optimize blindly
• Don't bother optimizing one-time costs
• Improve your algorithms
• CPU architecture primer
• Keep as much as possible in cache
• Keep as much as possible in registers

jmhobbs

Makes little scrolly text jiffs in Flywheel colors.

Prerequisites

• imagemagick brew install imagemagick
• gifsicle brew install gifsicle
• Heartwell 1.2.otf font installed
• u r on a mac

Usage

KodrAus

Profiling performance

Using perf:

$ perf record -g binary
$ perf script | stackcollapse-perf.pl | rust-unmangle | flamegraph.pl > flame.svg

NOTE: See @GabrielMajeri's comments below about the -g option.

heppu

Create bootable USB

dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress oflag=sync

Boot from USB and set prepare system

loadkeys <your-keymap>

DavidWells

Aligning images

This is a guide for aligning images.

See the full Advanced Markdown doc for more tips and tricks

left alignment

gurre

uuidgen | tr "[:upper:]" "[:lower:]"

mjnaderi

Installing Arch Linux with Full Disk Encryption

If you're aiming for a seamless Arch Linux installation in UEFI mode, follow along as this guide will walk you through the process step by step. We'll be using LUKS (Linux Unified Key Setup) and LVM (Logical Volume Manager) partitions on LUKS to achieve full disk encryption.

Note: I have updated this doc for UEFI mode. For those with BIOS/MBR systems, you can refer to the previous version, but keep in mind that it might be outdated and no longer accurate.

If you're only interested in installing Linux and not setting up dual boot with Windows, feel free to skip the Windows-related sections.

Rich-Harris

Stuff I wish I'd known sooner about service workers

I recently had several days of extremely frustrating experiences with service workers. Here are a few things I've since learned which would have made my life much easier but which isn't particularly obvious from most of the blog posts and videos I've seen.

I'll add to this list over time – suggested additions welcome in the comments or via twitter.com/rich_harris.

Use Canary for development instead of Chrome stable

Chrome 51 has some pretty wild behaviour related to console.log in service workers. Canary doesn't, and it has a load of really good service worker related stuff in devtools.

davidderus

.git
.gitignore
/doc
.yardoc
coverage
jsdoc
/tmp
/log
Dockerfile
Dockerfile.prod