How Discord Reduced Websocket Traffic by 40% (17 minute read)
Discord reduced its websocket traffic by 40% through two key optimizations. Firstly, it replaced its existing compression algorithm, zlib, with zstandard, achieving higher compression ratios and shorter compression times. It further improved performance by implementing streaming compression for zstandard, allowing it to utilize historical data for better compression of small payloads. Secondly, it introduced Passive Sessions v2, which only sends updates about changes in server information instead of sending complete snapshots.
|
One year of Rust in production (10 minute read)
This developer found that Rust's type-safety and compile-time checks led to a smooth transition to production without major issues. After a year, they reflect back on how it's going. They find that Rust's long compile times, particularly with macro-heavy libraries, necessitate a different development workflow. At the same time, Rust is still satisfying to use and will continue to be used in production.
|
Gaining access to anyone's browser without them even visiting a website (7 minute read)
A vulnerability in Arc Browser's use of Firebase allowed unauthorized access to any user's browser without them visiting a website. This was possible because Arc's cloud features, like Boosts, stored data in Firestore with insecure security rules. An attacker could exploit this by obtaining a user's ID, creating a malicious Boost, and changing the Boost's creator ID to the victim's. This has since been addressed by Arc, who patched the vulnerability, added a feature to disable Boosts, and started a bug bounty program.
|
|
No One Builds in Public (5 minute read)
The "build in public" trend within the indie hacker community has an over-reliance on sharing revenue figures. While initially attention-grabbing, the constant stream of success stories may be losing its impact and overshadowing the discussion of actual product development. Also, the "build in public" approach may not be necessary for success, as some prominent indie hackers have achieved great results without actively sharing their progress publicly.
|
A New Era of Writing Code (5 minute read)
LLMs can significantly speed up development by taking care of repetitive tasks, but they still have limitations, especially when dealing with complex or open-ended features. While LLMs can't replace engineers entirely, they can help them to focus on higher-level tasks.
|
|
Kamal Proxy (GitHub Repo)
Kamal Proxy is an HTTP proxy that makes it easy to coordinate zero-downtime deployments. It can deploy changes to web applications without interrupting any of the traffic in progress.
|
Scalar (GitHub Repo)
Scalar is an offline-first API client and interactive reference generator. It uses OpenAPI/Swagger documents to create user-friendly documentation and API clients for various languages and frameworks.
|
CSS Peeper (Chrome Extension)
CSS Peeper is a Chrome extension that allows designers to easily view and inspect CSS styles on any website. It allows for browsing components and colors in a visual way.
|
|
The sorry state of Java deserialization (12 minute read)
Java deserialization is surprisingly slow. This developer benchmarks various techniques for reading 1 billion rows of data from disk, including using `DataInputStream`, JDBC, Protobuf, Parquet, and custom solutions. The results show that even with optimized custom implementations, Java's performance lags significantly behind the theoretical maximum for disk I/O.
|
Analyzing the OpenAPI Tooling Ecosystem (14 minute read)
This is an exploration of the OpenAPI Specification (OAS) tooling ecosystem that visually diagrams the various tasks tools perform and how they relate to each other. The tools are separated into three areas: Parsing libraries, OAD tools, and API tools.
|
|
Sanding UI (4 minute read)
“Sanding UI” involves repeatedly clicking and interacting with a user interface to identify and fix subtle usability issues.
|
How I Hire Programmers (6 minute read)
A better programmer hiring process focuses on evaluating candidates' past work, conversational intelligence, and compatibility with the team rather than traditional interviews like Leetcode questions.
|
I Like Makefiles (5 minute read)
This developer prefers using Makefiles for project automation due to their simplicity, consistency across projects, and compatibility with various build tools.
|
|
Love TLDR? Tell your friends and get rewards!
|
Share your referral link below with friends to get free TLDR swag!
|
|
Track your referrals here.
|
Want to advertise in TLDR? 📰
|
If your company is interested in reaching an audience of web developers and engineering decision makers, you may want to advertise with us.
If you have any comments or feedback, just respond to this email!
Thanks for reading,
Priyam Mohanty, Jenny Xu & Ceora Ford
|
|
|
|