Great Tips, Mindsets and Practices for Coders
Empowering tips, mindsets and practices for happy coders about Training, Coding, Git, Unit tests, Agile, GNU/Linux installation, Markdown/Pandoc⊠Not the best ones because continuously evolving and any one can propose improvements. đ
Maintained with faireness in mind and shared in Public Domain.
Also available as a slide show (using Reveal.js).
- Installation tips
- Git
- Java/Groovy/Gradle/Ant
- C++
- CMake
- Empoworing team members
- Great Unit Tests
- Logging
- Diagrams within Markdown
See also
Design / CSS
- Ant Design https://pro.ant.design/
- Material Design https://material.io/
- Illustrations libres/gratuites https://dev.to/ahmed_sulaiman/13-places-to-find-beautiful-free-illustrations-580e
- 25 videos to learn CSS Grid https://cssgrid.io/
- Name all the colors in CC0 1.0 https://colornames.org/
- Simpsons https://pattle.github.io/simpsons-in-css/
- Font Awesome https://fontawesome.com/
- Material Design Icons https://materialdesignicons.com/
- Ionicons https://ionicons.com/
- CSS Theme Switcher by Reverse-Engineering https://www.youtube.com/watch?v=rXuHGLzSmSE
- Compress JPG with ImageMagick https://www.webnuz.com/article/2020-04-09/TIL%3A%20The%20Best%20Way%20to%20Compress%20JPG%20Files%20with%20ImageMagick
- HTML minimalist stylesheet https://github.com/andybrewer/mvp
- BEM Naming visual tool for CSS classes https://9elements.com/bem-cheat-sheet/
Web site architecture
- 12 SEO practices https://ahrefs.com/blog/seo-best-practices/
- Demystifying SSR, CSR, universal and static rendering with animations
https://dev.to/kefranabg/demystifying-ssr-csr-universal-and-static-rendering-with-animations-m7d
- SSR = Server Side Rendering (WordPress)
- CSR = Client Side Rendering CDN (Full JS: Vue, React, Angular)
- Universal Rendering (Svelte, Next.js, Nuxt.js, Angular Universal)
- Static Rendering = Markup (Hugo, Jekyll)
- JAMStack = JS+API+Markup (Svelte/Saper, Next.js, Gatsby, VuePress, Gridsome)
 | SSR | CSR | Universal | Static | JAMStack |
---|---|---|---|---|---|
Requires hosting | yes | no | yes | no | yes (API) |
CDN | đ | đ | đ | đ | đ |
SEO | đ | đ | đ | đ | depends on content from API |
Initial load | âĄïžâĄïž | âĄïž | âĄïžâĄïž | âĄïžâĄïžâĄïž | âĄïžâĄïž |
Reload | yes | no | no | no | depends on the tool |
Fluid UX | đ | đ | đ | đ | đ |
Frequent updates | đ | đ | đ | đ | đ/đ* |
*
To be frequently updated, JAMStack website can use APIs to retrieve content but looses SEO benefits. Approche can be hybrid: only very recent content is delivered by API, while static content is continuously re-built & delivered acroos CDN.
Security
- OWASP Cheat Sheet https://github.com/OWASP/CheatSheetSeries
- Tools, resources and references to practice ethical hacking
- The Hackerâs Choice (IT Security Research Group) Tips, Tricks & Hacks
- hackerEnv, automation tool that sweep IPs and scan ports, vulnerabilities and exploit them
- SpiderFoot as penetration test or to gather information about what your organisation might have exposed over the Internet https://github.com/smicallef/spiderfoot
- Spy GitHub users https://github.com/eth0izzle/shhgit
Programming
Features | Programming languages |
---|---|
Fast compilation | V, D, Go, Delphi |
Simplicity & maintainability | V, Go, Nim, Python, Julia, Jupyter, Elm, Kotlin, Dart, Elixir |
Great perf. and zero cost C interop | V, C, C++, D, Delphi, Erlang, Rust |
Safety (immutability, no null, option types, free from data races) | V, Rust |
Easy concurrency | V, Go |
Easy cross compilation | V, Go |
Compile time code generation | V, D |
Small compiler with no dependency | V |
No global state | V |
Hot code reloading | V |
- Nim for Python coders https://github.com/nim-lang/Nim/wiki/Nim-for-Python-Programmers
- Compare speed of Nim, Julia and C++ https://gist.github.com/sdwfrost/7c660322c6c33961297a826df4cbc30d
- Python Cheatsheet https://github.com/gto76/python-cheatsheet
- Python-based algorithms https://github.com/TheAlgorithms/Python
- Python debugger/profiler (program flow visualizations) useful for algo learning https://github.com/CCExtractor/vardbg (Y combinator)
- Python coloured output https://github.com/willmcgugan/rich
- Python weired behavior explained https://github.com/satwikkansal/wtfpython
- Rust intruduction (2020) https://www.softax.pl/blog/rust-lang-in-a-nutshell-1-introduction/ (Y combinator)
- Rust quick learning https://fasterthanli.me/blog/2020/a-half-hour-to-learn-rust/
- GoFiber = Go web framework easy to learn by Node-developsers https://github.com/gofiber/fiber
- GoFrame (not a good idea to be locked with some libraries if cannot use others) https://github.com/gogf/gf
- Go Material Design = https://github.com/fyne-io/fyne
- GetFlutter = 1000 open-source pre-build widgets library to develop both Flutter mobile app and web app https://github.com/ionicfirebaseapp/getflutter
- Playwright est une lib Node pour tester automatiquement lâUI sur diffĂ©rents navigateurs Chromium (dont MS-Edge), WebKit et Firefox en mode Headless (pas besoin dâun serveur graphique) sur Linux, macOS et Win https://github.com/microsoft/playwrigh
- JS Functional Programming => Learn Reactive Extensions (Rx) http://reactivex.io/learnrx/
- JS Algorithms and Data Structures https://github.com/trekhleb/javascript-algorithms
- Vue.js (30 minutes) https://www.youtube.com/watch?v=OrxmtDw4pVI
- Reproductible Builds https://reproducible-builds.org/
- Angular et Clean Architecture de Uncle Bob (Onion Architecture) https://github.com/im-a-giraffe/angular-clean-architecture
Les résultats du sondage JavaScript https://2019.stateofjs.com/overview/
- ReprĂ©sentation intĂ©ressante des technos sur les deux axes âconnaissanceâ et âopinion positive/nĂ©gativeâ
- TypeScript a le vent en poupe
- Angular est de moins en moins apprĂ©ciĂ© : Ă©normĂ©ment de rĂ©ponses Iâve USED it before, and would NOT use it again
- React (et Vue) sont de plus en plus utilisés
- Svelte arrive en force aux cÎtés de React et Vue
- GraphQL est de plus en plus utilisé et apprécié (notamment, avec Apollo comme client)
- Par contre, plus Redux est utilisé, moins il est apprécié
Training
- What I cannot create, I do not understand https://github.com/danistefanovic/build-your-own-x
- Application ideas to improve coding skills https://github.com/florinpop17/app-ideas
- Books updated from StackOverflow answers https://books.goalkicker.com/
- Freely available programming books https://github.com/EbookFoundation/free-programming-books
- Coding Interview University https://github.com/jwasham/coding-interview-university
- Learn large-scale systems design https://github.com/donnemartin/system-design-primer
- Learn and get certificats https://www.reddit.com/r/YouShouldKnow/comments/f4dtul/ysk_these_free_sites_to_educate_yourself_and_get/
- APIs for any project https://github.com/donnemartin/system-design-primer (business, anime, animals, news, finance, gamesâŠ)
- Different paths to take to become a front-end, back-end, or dev-ops engineer https://github.com/kamranahmedse/developer-roadmap
- How To Interview Engineers When Youâre Not Technical
- https://www.greghausheer.com/articles/how-to-interview-engineers-when-youre-not-technical
- https://www.greghausheer.com/articles/how-to-interview-engineers-when-youre-not-technical-part-ii
Artificial Intelligeance & Machine Learning
- Introduction to Deep Learning https://github.com/aamini/introtodeeplearning
- AutoML-Zero = mix de ML et algo génétiques https://arxiv.org/abs/2003.03384
- Twitter Newsfeed https://blog.twitter.com/engineering/en_us/topics/insights/2017/using-deep-learning-at-scale-in-twitters-timelines.html
- Twitter Ads https://blog.twitter.com/engineering/en_us/topics/insights/2019/improving-engagement-on-digital-ads-with-delayed-feedback.html
- Instagram Newsfeed https://instagram-engineering.com/lessons-learned-at-instagram-stories-and-feed-machine-learning-54f3aaa09e56
- Instagram Explore https://ai.facebook.com/blog/powered-by-ai-instagrams-explore-recommender-system/
- Facebook Deep Entity Classification https://engineering.fb.com/security/fighting-abuse-scale-2019/
- Uber Eats Recommendations
- https://eng.uber.com/uber-eats-query-understanding/
- https://eng.uber.com/uber-eats-recommending-marketplace/
- https://eng.uber.com/uber-eats-graph-learning/
- Uber Maps https://eng.uber.com/nlp-deep-learning-uber-maps/
- Airbnb
- https://medium.com/airbnb-engineering/using-machine-learning-to-predict-value-of-homes-on-airbnb-9272d3d4739d
- https://medium.com/airbnb-engineering/listing-embeddings-for-similar-listing-recommendations-and-real-time-personalization-in-search-601172f7603e
- https://medium.com/airbnb-engineering/learning-market-dynamics-for-optimal-pricing-97cffbcc53e3
- https://medium.com/airbnb-engineering/categorizing-listing-photos-at-airbnb-f9483f3ab7e3
- https://medium.com/airbnb-engineering/applying-deep-learning-to-airbnb-search-7ebd7230891f
- https://medium.com/airbnb-engineering/discovering-and-classifying-in-app-message-intent-at-airbnb-6a55f5400a0c
- Airbnb Experiences https://medium.com/airbnb-engineering/machine-learning-powered-search-ranking-of-airbnb-experiences-110b4b1a0789
- Google http://highscalability.com/blog/2016/3/16/jeff-dean-on-large-scale-deep-learning-at-google.html
- Linkedin https://engineering.linkedin.com/blog/topic/feed-personalization
- Netflix Recommendations https://youtu.be/kY-BCNHd_dM
- Spotify Recommendations https://medium.com/s/story/spotifys-discover-weekly-how-machine-learning-finds-your-new-music-19a41ab76efe
Dev tools
diffoscope
https://diffoscope.org/icdiff
https://www.jefftk.com/icdiff- DevTodo, command line TODO manager https://swapoff.org/devtodo.html
- Collection of .gitignore Templates https://github.com/github/gitignore
- Command line notes and tips https://github.com/jlevy/the-art-of-command-line
Dotfiles Managers
Backup your customized configuration files (~/.bashrc
, ~/.gitconfig
âŠ)
and share them across the computers you use (home, workâŠ).
yadm
- Easy too use
- https://yadm.io in Python
- YADM = Yet Another Dotfiles Manager
- Easy install/updgrade on Ubuntu/Debian
apt install yadm
and macOSbrew install yadm
- Add OpenSuse RPM repository for Fedora and other RPM-based distros: https://yadm.io/docs/install
- But missing installation with
pip install --user yadm
- Enter subshell for Git commands:
yadm enter
(exit
to return) - Support three template engines depending on file extension:
awk
,j2cli
andenvtpl
- Simple to use:
- Keep leading dot
.
(in filename) - What is changed in Git repo is applyied (even removal)
- Keep leading dot
chezmoi
- Filename prefixes as deployment operations
- https://chezmoi.io in Go
- Ubuntu/Debian/Fedora installations can rely on Snappy:
sudo dnf install snapd # provide "snap" command line sudo ln -s /var/lib/snapd/snap /snap # prevent error: classic confinement requires snaps under /snap sudo snap install chezmoi --classic # storage: 20 MB snap run chezmoi
- Enter subshell for Git commands:
chezmoi cd
(exit
to return) - Encode operations to apply during deployment as filename prefixes
- Replace leading dot
.
bydot_
- Require
-r
option to (recursively) add a configuration folder (silent failure even with-v
) https://github.com/twpayne/chezmoi/issues/668 - Support template based on Go
text/template
(append*.tmpl
)
dotdrop
- Easy to hack (manual Git management)
- https://deadc0de.re/dotdrop/ in Python
- Disclamer: I do not have installed Dotdrop in the recommanded way, I do not use
dotdrop.sh
because I do not want togit submodule
(I do not want to upgrade all installed software usinggit submodule update
individually, I prefer a script doingpip install --upgrade
for all installed user Python packages) - Easy install/upgrade anywhere with
python3 -m pip install --user --upgrade dotdrop
(I think I do not needdotdrop.sh
) - Use default Dotdrop
config.yaml
location or provide it in another way:( cd ~/dd; dotdrop import ~/.bashrc )
oralias dotdrop='dotdrop --cfg=~/dd/config.yaml
orexport DOTDROP_CONFIG=~/dd/config.yaml
- Simple tool = Do not handle Git commands (manual repo management)
- Dotdrop and Git use different command names: import/add, compare/diffâŠ
- Dotdrop drops dot: Archived filename without leading dot
.
ifkeepdot:false
(default) in~/.dd/config.yaml
- Do not recover simple
config.yaml
errors: missingprofiles:
or empty hostname profile https://github.com/deadc0de6/dotdrop/issues/221 - Easy to hack beacause Git is not managed by
dotdrop
and because all other operations are clearly described in theconfig.yaml
Installation of dotdrop
to be almost yadm
-compatible
YADM repo looking is often a convention: respect of original path/filenames.
Two almost yadm
-compatible installations are described here:
- Two Git repo (
dotdrop
repo +dotfiles
sub repo) - The
dotfiles
repo archives itself the~/.config/dotdrop/config.yaml
Use same filename as YADM setting keepdot:true
in ~/.config/dotdrop/config.yaml
:
config:
keepdot: true # same filename as YADM
dotpath: dotfiles # set your dotfiles repo path/name
backup: true
banner: false
create: true
link_dotfile_default: nolink
link_on_import: nolink
longkey: false
dotfiles:
[...]
In order to have a dotfiles repo without dotdrop
configuration and subfolder, use two repos:
- The
dotdrop
repo - The
dotfiles
repo
Use tree -a -I .git ~/.config/dotdrop/
to have a look on your dotfiles backup:
$ tree -a -I .git ~/.config/dotdrop/
~/.config/dotdrop/
âââ config.yaml # above configuration file
âââ .gitmodules # main repo: ~/.config/dotdrop/
âââ dotfiles # Git submodule similar to YADM repo
  âââ .gitconfig
  âââ .bashrc
  âââ .config
  â  âââ htop
  â  âââ htoprc
  âââ .ssh
  âââ config
In the second installation, no need of the main dotdrop
repo because the ~/.config/dotdrop/config.yaml
is archived within the dotfiles
repo. After each dotdrop import
, also perform:
dotdrop import ~/.config/dotdrop/config.yaml
cd ~/.config/dotdrop/dotfiles
git add .config/dotdrop/
git commit -m 'Update dotdrop config'
Encrypt sensitive data
Other dotfiles managers
- homeshick https://github.com/andsens/homeshick
- homesick https://github.com/technicalpickles/homesick
- rcm https://github.com/thoughtbot/rcm
- GNU Stow https://www.gnu.org/software/stow/
- bare git repo https://www.atlassian.com/git/tutorials/dotfiles
See also: https://dotfiles.github.io/utilities/
Dotfiles manager alternative
vcsh
Multiple Git repositories in $HOME https://github.com/RichiH/vcsh
Sandboxing
- EBox uses Zero Install (0install) to securely install software (from web sites) and runs them in a restricted environment.
Z shell - zsh
Most extra shell extensions are developed for zsh
, this is the reason why to use zsh
for you daily-used workstation. But, I do not recommend it for production servers where dash
(or bash
) seems to be more suitable.
To extend Zsh capabilities, you can use either use a zsh
plugin manager or manually maintains your plusgins directly within your ~/.zshrc
. The plugin manager will help keeping your Zsh plugins uptodate, but can slow down your Zsh startup time.
Plugin managers | Activity | Motivation |
---|---|---|
Oh-My-Zsh | Active (2009) | Historical community-driven project collecting & maintaining hundreds plusgins & thems within one big Git repo for simplicity and having eyes rewieving/checking malware in source code. |
Prezto | Active (2013) | Created in contrast to Oh-My-Zsh, to keep only the plugin manager source code within its Git repo. |
Antigen | Active (2013) | Written in Go to speed up the zsh stratup. |
zgen |
Inactive | Fast plugin manager inspired by Antigen (generates a static init script) but written in Zsh to avoid installing Go dependencies when updating the plugin manager. See Nukesorâs fork for most recent commits. |
zplug |
Active | Support all kind of plugin sources: Git repo, Oh-My-Zsh/Prezto plugins, binary artifacts⊠|
zinit |
Active | Inspired by Zplug (zinit was formely zplugin ) but written in C and compiling plugins to bytecode in background (Turbo mode) to be both rich-featured (like Zplug) and having a fast startup. |
Antibody | Active | Like Antigen (in Go), but aiming to be even faster: for example, Antibody loads earlier the zsh and does not require the apply statement. |
zr | Active | Simple plugin manager project written in Rust that generates static init script to speed up zsh startup. |
DevOps
- Pour progresser en DevOps (et pas seulement Ops) https://github.com/bregman-arie/devops-exercises
- Un outil trÚs complet (en Java) pour builder les images docker, config K8S, tracking des issues⊠https://github.com/theonedev/onedev
- Permission Manager is an easy RBAC management for Kubernetes (create users, assign namespaces/permissions, and distribute Kubeconfig YAML files) https://github.com/sighupio/permission-manager
- Configure Elastic cluster https://thoughts.t37.net/designing-the-perfect-elasticsearch-cluster-the-almost-definitive-guide-e614eabc1a87
Hardware
- eBook-like open hardware project https://github.com/joeycastillo/The-Open-Book
Health & Work efficiency
- Long cold shower https://news.ycombinator.com/item?id=22167687 (Netherlands study 2016)
Linux
- Linux screen sharing https://news.ycombinator.com/item?id=22178011
- Awesome Linux software https://github.com/luong-komorebi/Awesome-Linux-Software
- TL;DR Simplified and community-driven man pages https://github.com/tldr-pages/tldr
Privacy
- Do not track visitors/users => Drop all tracking, Disallow anyone to collect any data at all https://marmelab.com/blog/2020/01/28/about-privacy.html
Popular self-hostable tools to share passwords:
- https://en.wikipedia.org/wiki/List_of_password_managers
pass
https://www.passwordstore.org/ Pas de service commercial, adapté à la ligne de commande, par contre, pas possible de partager un mdp entre 2 personnes seulementgopass
https://www.gopass.pw/ Pas de service commercial, 100% compatible avec pass- KeePassXC https://keepassxc.org/ Fork communautaire de KeePassX, Pas de service commercial, Extension pour browser En 2018, la Surveillance Self-Defense cite KeePassXC dans son manuel https://ssd.eff.org/module/creating-strong-passwords (traduit en français: https://ssd.eff.org/fr/module/créer-des-mots-de-passe-robustes)
- Passbolt https://www.passbolt.com/ Commercial, Gratuit pour les projets communautaires, Facile à héberger, on peut changer une ligne en Go pour ne pas payer
- Bitwarden https://bitwarden.com/ Commercial, Lâexplication sur lâhĂ©bergement semble compliquĂ© (12 Ă©tapes)
Quikly converge to valuable API
- Design - RĂ©diger une documentation pĂ©dagogique (Markdown) Ă destination de lâutilisateur final, cela permet de se mettre dans la peau du client, dâitĂ©rer sur ce quâil lui ferait plaisir, de se baser dessus dans nos Ă©changes, et ainsi de suite jusquâĂ obtenir une documentation API mature Ă publier sur https://docs.example.com
- Code - Une fois, que nous sommes synchronisĂ©s et matures dans nos idĂ©es, on code avec des annotations afin de gĂ©nĂ©rer la documentation Ă partir du code source (OpenAPI, reDocâŠ). Coder câest rencontrer des problĂ©matiques techniques auxquelles nous nâavions pas pensĂ©es, et cela nous permet dâaccumuler du retour dâexpĂ©rience, de gagner encore plus en maturitĂ©, et on implĂ©mente une API diffĂ©rente. La gĂ©nĂ©ration de la documentation est mise Ă disposition sur https://openapi.exemple.com et https://redoc.exemple.com
- Test - On commence Ă avoir une premiĂšre Ă©bauche de lâAPI, on commence Ă mettre Ă jour la documentation pĂ©dagogique (Markdown), on commence Ă tester lâAPI, des premiers utilisateurs nous font des remarques⊠encore de nouvelles idĂ©es pour simplifier, pour clarifier⊠on re-code⊠on re-documente⊠on itĂšreâŠ
- Deliver - Au final, on en a marre de toujours tout chambouler, on finalise dans lâĂ©tat actuel, on stabilise, on livre ! On garde nos bonnes idĂ©es pour la version suivante :-D
JSON
One JSON per line
The âJSON Linesâ formats: https://jsonlines.org/on_the_web/
The mos popular is application/x-ndjson
http://ndjson.org/
JSON/JWT versus CBOR/CWT
Une alternative au JWT, est le CWT dont la RFC 8392 (may 2018) explique bien lâintĂ©rĂȘt.
Le CWT utilise CBOR Ă la place de JSON, CBOR Ă©tant une variante binaire du JSON.
Il existe une dizaine de formats binaires pour JSON (comme BSON, MessagePackâŠ), mais seul CBOR est traitĂ© dans les RFC, donc CBOR semble ĂȘtre mieux standardisĂ©.
See also: RFC 8747 (Proof-of-Possession Key Semantics for CBOR Web Tokens).
JSON dealing with float and 64-bit numbers
Une API qui gÚre des nombres 64 bits et des prix exprimés par des flottants double précision :
-
Pour le CSV, pas de problĂšme.
-
Mais pour le JSON qui va ĂȘtre manipulĂ© par du JavaScript, câest plus dĂ©licat, voir lâAppendice D de la RFC 8785
En attendant que tous les navigateurs web soient compatibles avec ECMAScript 2021 (BigInt
), lâAPI devrait prendre en charge le format I-JSON :
The API uses a JSON subset format called âInternet JSONâ (I-JSON) in order to guaranty a better interoperability with any client software:
- UTF-8
- non-duplicated JSON member names
- time and date as string in [ISO 8601][] format (except when expressed in nanoseconds since epoch)
- binary blobs in base64url (not to be confused with other base64 variants)
- double-precision float (IEEE 754 binary64)
However, the API uses the 64-bit signed integer type with the full range [-2â¶Âł, 2â¶Âł-1] because modern JavaScript (ECMAScript 2021) supports
BigInt
type and are no more limited to the [-2â”Âł+1, 2â”Âł-1] range. All other popular programming languages do not have this number range limitation. See also RFC 8785 Appendix D.
Other
- Database inside https://github.com/pingcap/awesome-database-learning
- I hate Regex https://github.com/geongeorge/i-hate-regex
- The Book of Secret Knowledge, various materials and tools, manuals, cheatsheets, blogs, hacks, one-liners, cli/web toolsâŠ
- Interactive kill https://github.com/sindresorhus/fkill-cli
- Coopérative http://www.coopaname.coop/article/coopaname-cest-politique
Public Domain Dedication
CC0 1.0 Universal
Creative Commons Zero â No Rights Reserved â Â
To the extent possible under law, olibre
has waived all copyright and related or neighboring rights to GreatPractices.
This work is published from France since 2015.
Refer to CC0 Legal Code or a copy in file COPYING
.