Content security policies are a great way to lock down your website, and it can be relatively painless to get some benefit.

(Photo by Piotr Hamryszczak)

Recently I shipped a large project using some of the hot new tools in the React community—Gatsby and MDX—serving a global audience with about 160 different pages (blog posts, landing pages, and indexes). Because I work in the cryptocurrency space, which has a relatively large population of suspicious actors, I wanted to do everything I could for security. …

At 1:30pm on Wednesday, June 26th, hundreds of Wayfair employees walked out of the office after failing to reach an agreement with Wayfair’s executives about furnishing an ICE detention center.

What I wanted to know is, how does a walkout happen? What is the sequence events that begins with somebody sharing an opinion and ends with hundreds of people risking their livelihood?

Largely pieced together from an interview done with Vice, I’ve put together a rough timeline. …

I’ve loosely followed cryptocurrency for almost a decade. In 2011, I briefly mined Bitcoin (and Litecoin, when it became clear that GPU mining BTC was unlikely to net me much of a reward) from my college dorm room. Bitcoin’s proof-of-work algorithm to create a trustless ledger was a true innovation in decentralized systems, and Ethereum’s expansion of it into a general compute platform was another giant leap. But looking at the state of the world right now, neither seems poised for the level of success that is evangelized.

I am bullish on cryptocurrency in general. Our existing monetary system already…

I’ve had a lot of jobs (8 since 2012), which means I’ve worked with a lot of teams. One of the main reasons I changed jobs so frequently for a couple years is that many of the teams I joined felt very dysfunctional — it was difficult to get work done and there wasn’t a clear sense of purpose.

Hopefully, my cheat sheet of questions for your interviewer will help you identify dysfunctional environments during the interview process, but when you’re early in your career it’s hard to tell whether your team is functioning as it should. …

(Also published on my personal blog)

React just announced a new feature: Hooks. It’s a brand new set of APIs that enables powerful new ways to share stateful logic between components, optimize performance without significant rewrites, get some of the benefits of Redux-style separation of concerns, and more. They also deliver on a promise that the React team made years ago — stateful function components. Using state from function components came up as a possibility in Dan Abramov’s Q&A on Reactiflux all the way back in April 2016.

With modern JS tooling, we have an opportunity to use Javascript features before they are implemented in browsers or node. However, not all features are equal. Some are more likely than others to be integrated into the language. Some will undergo significant changes before being added, and some will be dropped altogether. If you’re using that feature in your app, either of those can introduce big refactors. But how can you tell whether a feature is something you should use?

New features are introduced by TC39, a committee responsible for maintaining the specification underlying Javascript. There is a complete list…

(Cover photo by Tobias A. Müller)

There are a ton of “best practices” preached when talking about authoring software. Ways to improve performance, readability, maintainability, flexibility. Much of the advice is more dogmatic than pragmatic, though. When you’re actually shipping features, what you really need is code that isn’t a mass of spaghetti and performs well enough to be useful. Adhering to all the best practices won’t always improve the quality of the end product.

So how can we balance best practices and shipping code? …

I love promises. They’re a fantastic model for asynchronous behavior, and await makes it very easy to avoid callback hell (though I'd argue promises do a great job of that on their own). Once you can build a mental model for how promises work, you can build some very complex asynchronous flows in a handful of lines of code.

As much as I love having async/await in my toolbox, there are several quirks to handling errors when using it. …