There are 3 major points to consider when optimizing a Docker file:

  • Build context size
  • Cached layers
  • Final image size

Build context size

The build context is the entirety of the disk contents for the folder containing your Dockerfile, except parts ignored by . This can be massive - on a Javascript application, this means copying over , which would be installed as part of the build anyway!

On a real world example, failing to add to my file yields:

That context transfers at about 30–50MB/s. A significant wait!


Content security policies are a great way to lock down your website, and it can be relatively painless to get some benefit.

(Photo by Piotr Hamryszczak)

Recently I shipped a large project using some of the hot new tools in the React community—Gatsby and MDX—serving a global audience with about 160 different pages (blog posts, landing pages, and indexes). Because I work in the cryptocurrency space, which has a relatively large population of suspicious actors, I wanted to do everything I could for security. …


Photo by Melany Rochester on Unsplash (Not from the Wayfair walkout)

At 1:30pm on Wednesday, June 26th, hundreds of Wayfair employees walked out of the office after failing to reach an agreement with Wayfair’s executives about furnishing an ICE detention center.

What I wanted to know is, how does a walkout happen? What is the sequence events that begins with somebody sharing an opinion and ends with hundreds of people risking their livelihood?

Largely pieced together from an interview done with Vice, I’ve put together a rough timeline. …


The world has gushed over Bitcoin and Ethereum, but the future doesn’t look so rosy.

Photo by Nicolas Tissot on Unsplash

I’ve loosely followed cryptocurrency for almost a decade. In 2011, I briefly mined Bitcoin (and Litecoin, when it became clear that GPU mining BTC was unlikely to net me much of a reward) from my college dorm room. Bitcoin’s proof-of-work algorithm to create a trustless ledger was a true innovation in decentralized systems, and Ethereum’s expansion of it into a general compute platform was another giant leap. But looking at the state of the world right now, neither seems poised for the level of success that is evangelized.

I am bullish on cryptocurrency in general. Our existing monetary system already…


Photo by rawpixel on Unsplash

I’ve had a lot of jobs (8 since 2012), which means I’ve worked with a lot of teams. One of the main reasons I changed jobs so frequently for a couple years is that many of the teams I joined felt very dysfunctional — it was difficult to get work done and there wasn’t a clear sense of purpose.

Hopefully, my cheat sheet of questions for your interviewer will help you identify dysfunctional environments during the interview process, but when you’re early in your career it’s hard to tell whether your team is functioning as it should. …


Image from rawpixel on Unsplash

(Also published on my personal blog)

React just announced a new feature: Hooks. It’s a brand new set of APIs that enables powerful new ways to share stateful logic between components, optimize performance without significant rewrites, get some of the benefits of Redux-style separation of concerns, and more. They also deliver on a promise that the React team made years ago — stateful function components. Using state from function components came up as a possibility in Dan Abramov’s Q&A on Reactiflux all the way back in April 2016.


Person atop a large rock labeled “JS” (Photo by Andrew Charney)

With modern JS tooling, we have an opportunity to use Javascript features before they are implemented in browsers or node. However, not all features are equal. Some are more likely than others to be integrated into the language. Some will undergo significant changes before being added, and some will be dropped altogether. If you’re using that feature in your app, either of those can introduce big refactors. But how can you tell whether a feature is something you should use?

New features are introduced by TC39, a committee responsible for maintaining the specification underlying Javascript. There is a complete list…


Photo by Tobias A. Müller on Unsplash

(Cover photo by Tobias A. Müller)

There are a ton of “best practices” preached when talking about authoring software. Ways to improve performance, readability, maintainability, flexibility. Much of the advice is more dogmatic than pragmatic, though. When you’re actually shipping features, what you really need is code that isn’t a mass of spaghetti and performs well enough to be useful. Adhering to all the best practices won’t always improve the quality of the end product.

So how can we balance best practices and shipping code? …


(Photo by Hunter Newton on Unsplash)

I love promises. They’re a fantastic model for asynchronous behavior, and makes it very easy to avoid callback hell (though I'd argue promises do a great job of that on their own). Once you can build a mental model for how promises work, you can build some very complex asynchronous flows in a handful of lines of code.

As much as I love having async/await in my toolbox, there are several quirks to handling errors when using it. …


Photo by Ben Hershey on Unsplash

When developing an npm package, you have to confirm that it can actually be used. It’s great if tests pass, examples build, and demos run, but it’s broken if consumers can’t install it. npm provides a tool to help test packages before publishing, . The docs explain it very well, but a small example is below. You run it once in your package directory, and again in your app directory.

~/workspace/package-name $ npm link
~/workspace/some-application $ npm link package-name

This is an excellent option—when it works. has been around all the way back to npm@1.0, long before…

Carl Vitullo

Just some guy. On Twitter https://twitter.com/cvitullo Also the internet https://blog.vcarl.com/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store