Development

I’ve been programing for over 20 years in varying professional roles at this point, and there are a few things I’ve learned along the way that helps me keep things straight, especially when working with other developers, or in code bases where I tend to come back after a while away to pick it back up again. I’m a firm believer that when you write code, you should make everything as obvious as possible. This means no magic global variables, clever tricks, or hidden dependencies. I also think that you should rely on the compiler rather than tests to verify as much as possible, so in a strictly typed language like GoLang you would not rely on passing dependencies through as non-typed to be cast to the correct type further down the callstack. It often leads to runtime errors, and can make testing a lot more difficult than you would like as you need to know all the hidden dependencies. ...

When writing web applications we often reach to ORMs to help us with the connection to the database layer. This is something that generally speed up the development of applications, but has a tradeoff in performance and complexity. I have worked in some very large code bases that took an expensive performance hit from the ORM. Some of the queries that were generated where interesting. Writing SQL directly is usually going to have better performance characteristics than auto-generating SQL queries based on a model. Especially as the complexity of the data grows. There are downsides with this, having to write loading and saving logic being a big time cost. It’s also important to write tests to ensure that there is no regression if there are changes in the data model. ...

As I’m building out my homelab I want to make sure everything is running securely with HTTPS and ssl everywhere. If I can run everything production like it will make it much easier to graduate any services to the public later much easier. Although I have no plans on making my PostgreSQL instance public, it will be running on my local network which has a lot of different devices. It seems prudent to ensure all connections to the PostgreSQL service is encrypted. ...

Cross-Origin Resource Sharing (CORS) is something I keep running headlong into and is always notoriously difficult to debug. So I decided to dig deep into CORS and get a better understanding of what it is, why it works the way it does, and how to best work with it. To understand CORS we first need to look at web browsers and how they communicate with web services. An HTTP request is sent either through a user interaction to the browser, or a script that runs on the page. When the request is made, the browser will check it’s local storage for any cookies and send those along with the request. ...