Hello fellow developer, yes, yes, yes, Apple announced a ton of things last week, so much so that you can't escape the announcements, which is why we won't cover them here. Instead, here are some interesting security and performance news.
News and Articles
Cara is an app artists flocked to from Instagram as it promised more ownership and future "AI poisoning". Grand, but the sudden success resulted in a $96k Vercel bill for the maintainers they hadn't planned for. This begs the question if relying on Netlify, Vercel, Cloudflare, and so on, is really the best option. Sure, you can survive spikes of success, but can you afford it? Another company lost $10k because ChatGPT generated code hardwired an ID so that people couldn't pay any longer. You can also lose $40K in 2 minutes by posting a secret key on GitHub.
In other security news, New York Times source code leaks on 4chan, malicious VSCode extensions with millions of installs relied on similar naming, and a tool preventing AI art theft turned out to be malware.
Microsoft stepped on the brakes with their criticised Recall Windows feature and now make it opt-in. TotalRecall shows just how much information attackers could glean from the screenshots stored by the tool. Others see the idea as not bad and released Open Recall, an open source alternative,
Security company Snyk has a call for action to explore vulnerabilities in Github Actions and a primer on using AI without getting bad results
Google want to speed up the web with page prerendering and a Speculation Rules API and Stoyan Stevanov has some insights on that one. They also simplified customising performance workflows in DevTools and explained their plans for AI in software engineering. However, hosting Google fonts yourself boosts performance. Things I didn't know that Google does: optimise cargo ships and traffic lights.
Lastly, how deep is your DOM is a question to worry about and there is a new way to report web compatibility issues.
Code and Tools
Are you a fan of GraphQL? Matt Bessey cooled on it and favours an OpenAPI compliant JSON REST API. Also check out some great tutorials we found on 2D rigid body collisions, data fetching patterns in SPAs, and a 5m development speedrun on how to build a VS Code extension.
For the CSS fans, here is a range slider with motion, a problem solved using the cap unit and how to define perfect font fallbacks.
If Node code leaks memory, setTimeout could be to blame, and here's a roundup of CLI AWS commands. Last but not least, Sentry wrote how they removing ad trackers and cookies on their site and what the effect was. And they run an online workshop soon explaining how backend solutions can cause frontend issues,
Some tools for you:
- Email.ml - in case you need an email that expires in an hour.
- Knip finds unused files, dependencies and exports in JS/TS projects.
- Gitshare allows you to share private GitHub repositories.
- Generate CSS Animations from AI prompts.
- UIfaces - AI generated avatars for your creative projects.
- Entropy a CLI tool to scan codebases for high entropy lines (secrets).
Videos
Rethink Retail: Inside Austria's first REWE-Hackathon
Austria's first REWE Retail Hackathon 'Rethink Retail, put together in cooperation with WeAreDevelopers, took place on June 4-5. The coding challenge turned Vienna's The Social Hub into a melting pot for creative ideas, bringing together developers, tech fans, and retail pros. Over two days, 12 teams took on real business challenges, coming up with innovative retail solutions like using augmented reality in stores, in-store navigation, and smart product assistants. Don't miss the event video – it's awesome!
Other videos of note:
- Rainer Stropek - Leveraging Server-Sent Events (SSE)
- Clemens Helm - Snappy UI needs no Single-Page Application
- Robert Hoffmann & Christian Denich - Forget Developer Platforms, Think Developer Productivity!
Events
Call for moderators!
On the 17th to 19th of July we will run the WeAreDevelopers World Congress in Berlin and we are still looking for stage moderators to introduce speakers and run Q&A. Apply now!
Work and Jobs
A McKinsey survey shows that Gen AI generates value and not just hype. However, Stack Overflow says that it won't build your engineering team for you. Thea Flowers shares her opinions after a decade of professional software engineering. And a 1500 people bambooHR survey states 1/4 of bosses hoped RTO would make employees quit. Is your office a place you look forward to being in?
Procrastination Corner / Wonderful Weird Web
- Word Up game - use DevTools mobile emulation if it complains
- Roads of Ancient Rome in the Style of Modern Subway Maps
- Ada Lovelace’s Endnotes predicted in 1842 the future of computation
- Lord Kelvin built an analog computer in 1872.