Adding Twitter card support to your web application is pretty straightforward. As I’m polishing my Tweet Scheduler blauspecht.io for the first beta test, I tried to find out how to get Twitter to show these nice summary cards whenever a tweet contains my URL.
The Summary Card with Large Image features a large, full-width prominent image alongside a tweet. It is designed to give the reader a rich photo experience, and clicking on the image brings the user to your website.
It turns out it won’t work out of the box because Twitter is looking for certain HTML Tags. But these tags are pretty easy to add. Here is an example of mine:
<meta name=”twitter:site” content=”@blauspecht_app”>
<meta name=”twitter:creator” content=”@stfsy”>
<meta name=”twitter:card” content=”summary_large_image”>
<meta name=”twitter:title” content=”Blauspecht Tweet Scheduler“><meta name=”twitter:description” content=”Create, edit, and queue tweet drafts and increase your reach with tweet scheduling”>
<meta name=”twitter:image” content=”https://www.blauspecht.io/images/social/twitter-card.png">
A few weeks ago, I found the following book on Amazon: Indistractable: How to Control Your Attention and Choose Your Life by Nir Eyal. As one would expect, it’s about distractions in our everyday life, including, but not limited to, emails, phone calls, and messaging apps. The book is about managing these distractions, preventing them from happening at all, or at least defining a time window in which they are allowed to occur.
You can’t call something a ‘distraction’ unless you know what it is distracting you from.
Eyal, Nir. Indistractable (p. 8). Bloomsbury Publishing. Kindle Edition.
Nir writes how he also was distracted by his phone in the past. He shares his experience with apps he used to regain control over his life. He recommends Forest. Forest, the app, enables the user to stay focused by essentially disabling the phone’s functionality. Without access to messengers and social media apps, the app’s goal is to prevent external distractions originating from the user’s phone. Users can define how long Forest should prevent access to the phone’s apps. To encourage users to do this as often as possible, Forest grows a virtual tree every time it is used as the gatekeeper. Users can assign tags to trees and, by doing so, grow not just one virtual tree but a forest. …
It’s been on our to-do list for quite a while. Since things tend to get a bit quieter after the holidays, my girlfriend and I finally decided to get started with machine learning.
Our backgrounds: We’re both software engineers. We started around six years ago at the same company, but we only met two years ago. I am currently working on my tweet scheduler blauspecht.io and I ultimately want to integrate machine learning functionality into it.
Our initial experience with TensorFlow was quite good. We managed to finish the first tutorial in a few hours and were quite satisfied with the results. But the initial setup of the environment took way longer than we expected. …
Questions are a fundamental tool to connect to people around us. We use them in various ways and with different goals in mind.
They can become mighty if we use them the right way. But what is the right way? How can you use questions to build relationships and strengthen existing bonds? …
As always, while it’s fun to set up a new project, and most technologies nowadays are easy to integrate. But once you start thinking about operation and data security, things tend to become trickier. MongoDB provides three encryption options, and two of them are only available with an enterprise license.
Only paying licensees are eligible for using automatic MongoDB encryption. Revenue-wise, that’s not a bad decision by Mongo and not a massive challenge for us as we can still use the explicit client-side field level encryption (CSFLE). We did some research and found some docs and some guides but not a sufficient explanation and solution. …
As developers, it’s not only our job to write code. We are responsible for delivering software that is tested, fully functional, and secure. All of these requirements are equally complex. But I feel these are not always treated equally.
Application security is not always a first-class citizen. But it should be. Customers give us their data and expect us to keep it in a safe place. By leaving them vulnerable to exploitation, we risk losing our customers’ trust and their business.
I write this story to help you improve your web app’s security. I will present mitigations that you can implement quickly in any web application. Therefore, I picked five of the ten most common security risks and added a dedicated chapter for Cross-Site-Request-Forgery. …
For many of our 11 million users, VS Code is their primary code editor [..]
It’s easy to see why VSCode’s popularity has grown in recent years. It is
OpenSource, has rich support for programming languages, extensions, and is actively developed by Microsoft.
Let’s set up a fresh installation of VSCode with all necessary extensions to build and run a Spring Boot application.
First, we need to install the Java development kit. We recommend installing a free version of Java, like AdoptOpenJDK.
After the installation process is finished, please verify that Java is set up correctly. To find out, whether the variable Java Home was set, execute the following command: echo JAVA_HOME. The result should be the installation folder of the Java runtime and development kit. The command java -version outputs, well, information about the currently installed Java version to the console. …
A few weeks ago, a team reported a problem. Their Zuul Proxy stopped forwarding request bodies to backend systems. On their Windows machines, the developer team could not reproduce the problem. Neither could we.
We verified that the frontend application was actually sending the payload. After being sure about that, we enabled wire logging in our proxy service. We found that the service in question received the payload, but did indeed not forward it to the downstream service.
Upstream and downstream describe the flow of a message: all
messages flow from upstream to downstream.
Why shouldn’t the proxy forward the request body out of a sudden? …
A few weeks ago, I noticed that most of my NodeJS packages had outdated dependencies. Although they don’t attract a lot of attention, I wanted them to be up to date again.
Most of my NodeJS modules already had good test coverage. I updated dependencies and released them with a bash script. But my BroccoliJS plugins were lacking tests. There were no tests that start a full build of the current project and verify that resources are built or served correctly.
We all know maintenance is probably the most expensive part of software development. Having a good set of unit and integration tests that can be executed automatically on continuous integration platforms reduces maintenance costs and regressions.
And although I’m sincere, I did not include unit tests in my BroccoliJS Plugins but tested them manually before publishing new releases. Not a big deal, since I didn’t have to release them very often and it’s just private time. We’ve all been there, I guess. Sometimes it feels like a burden to write tests. And sometimes you want to get things done.
A few weeks ago, while updating dependencies of my npm packages, I was not in the mood for manual tests. I thought it might be time to add some tests. …