Hapi 17 was recently released, and brings an exciting change — in an effort to drive adoption of async/await, the entire codebase replaced callbacks with the newer language feature.

This makes for some changes to how you configure your application. …


We like to shorten long words. It saves us a little time talking, or a little time typing, and in meetings we can sound like we’re a real big shot because we use the shortened form.

However, there are times when this predilection for brevity can harm us and the…


Dependency management is a thankless task, and one that can easily get out of control in a modern JavaScript project. …


Firstly, this was a tricky one to title. To clear up any confusion, and perhaps save you some time, this is not about helping engineers understand User Experience (UX).

This piece is about spending a little time on your developer-facing software to make it friendly to the end-user: the engineer.


I recently contributed to a repository that had a well established CHANGELOG, Migration Guide and README.

The circumstances of the contribution arose from an urgent need for a fix that was impacting multiple consumers, so I was in a rush and had a tight deadline, but I took the extra few moments to update all three documents because they existed and were so well maintained, I wasn’t going to be the one who cut corners and ruined it.

Broken Window Theory in play here, of sorts — if you maintain good, precise documentation, contributors to your repository are more likely to contribute to that documentation too.

A great experience, and one I hope repository maintainers will make the norm.


So far we’ve tackled Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF),SQL Injection (SQLi) and Spammers.

If you missed any, start with the introduction to get caught up. Lastly, we’ll look at an operational issue, Denial of Service (DoS), a variant of which is Distributed Denial of Service (DDos).

What?

An attempt…


So far we’ve tackled Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) and SQL Injection (SQLi). If you missed any, start with the introduction to get caught up. Next, we’ll look at the threat of unsolicited mail.

What?

Those nasty people that send you emails suggesting you need online dating sites, prescription…


I made a request on Twitter earlier today, offering to answer questions from new or junior engineers coming in to the industry. My reasoning was that over the years I’ve had the good fortune to have had many great engineers and managers to learn from, and I want to be…


I made a request on Twitter earlier today, offering to answer questions from new or junior engineers coming in to the industry. My reasoning was that over the years I’ve had the good fortune to have had many great engineers and managers to learn from, and I want to be…


We’re roughly halfway through this series on basic security steps for Startups to take. After introducing the series, we covered Cross Site Scripting (XSS) and then Cross Site Request Forgery (CSRF).

SQLi — SQL Injection

What?

SQL injection vulnerabilities allow an attacker to modify a SQL query in your app to perform an unintended and…

Dave Stevens

Software Engineer @WalmartLabs / javascript / node.js / react.js / hapi.js http://dstevens.io

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store