Creating SBOMs with the Snyk CLI

The Snyk CLI is a great tool used to scan a project and report vulnerabilities discovered in it. The Snyk CLI supports a wide variety of languages and build systems, making it ideal as a generic, go-to solution for vulnerability reporting. However, it only outputs vulnerabilities discovered – it does not generate an SBOM, which … Continue reading Creating SBOMs with the Snyk CLI

Cypress Testing Integrated with Gradle and Spring Boot

Cypress is a great testing framework for “anything that runs in a browser” allowing for clean, maintainable end to end tests. However, these tests can difficult and annoying to for developers to run, especially those who aren’t front end specialists. The following covers getting existing Cypress tests integrated and easily running within the Gradle-based build … Continue reading Cypress Testing Integrated with Gradle and Spring Boot

Contributing to GitLab and Lighthouse CI

While running Lighthouse CI on GitLab CI, I came across a problem: Lighthouse CI wants information about the current git commit, but it couldn’t get all of that information. In that case, Lighthouse CI falls back to running the git command; however, in my docker images, I don’t have git installed nor did I want to do so. So, I set out to fix this shortcoming in both Lighthouse and GitLab by adding the necessary environment variable to GitLab CI and having Lighthouse use it. The result is that I submitted a PR to Lighthouse that was merged and included in Lighthouse CI 0.7.1 and an MR to GitLab that was merged and included in GitLab 13.11. Now users (including my future self) will have a smooth, Just Works™ experience with these two tools.

Lighthouse Performance Testing

Lighthouse is a great way to establish a build-measure-learn feedback loop resulting in continuous value creation by testing ideas in the areas of SEO, performance, accessibility, and more. In this article, I’ll cover what Lighthouse is and how to add it a project with examples covering pure Javascript (node) projects and Gradle projects (with any … Continue reading Lighthouse Performance Testing

The How and Why Automating Dependency Updates

Organizations already automate running builds, executing tests, and performing deployments to free developers from tedium and improve reliability. The next step is to use automation to improve projects. Tools (bots) can submit pull requests that fix typos, optimize images, and more. I’ve had a great positive experience using a bot to perform the tedious task … Continue reading The How and Why Automating Dependency Updates

Linters: Keys To Secure, Maintainable, Quality DevSecOps

Linters are static analysis tools that analyze source code and report problems. The term goes all the way back to Bell Labs in 1978 but the concept is still very important today. In my opinion, linters are a key ingredient of a successful DevSecOps implementation, and yet not enough people are aware of linters, how … Continue reading Linters: Keys To Secure, Maintainable, Quality DevSecOps

Compression (deflate) and HTML, CSS, JS Minification in ASP.NET

As I’ve already demonstrated, I like performance. So I cache and compress a lot. When I was put onto an ASP.NET project at work, I obviously wanted to optimize the site, so here’s what I did. Taking some hints from Y! Slow, I decided I wanted to: Get rid of all the MS AJAX/toolkit javascript, … Continue reading Compression (deflate) and HTML, CSS, JS Minification in ASP.NET

Resig’s Processing.js

John Resig (of jQuery fame) released processing.js on Thursday. If you haven’t checked it out, you should! It is really impressive. On the newest versions of some browsers, and on the next version of others, it’s possible to pretty much duplicate the capabilities of Flash, but entirely using markup and Javascript. The real excitement comes … Continue reading Resig’s Processing.js

Firefox 3 – making the web a little better

I’ve been using Firefox 3 betas for a few months now, through the really rough times when bookmarking was totally broken, up until the present day (Firefox 3.0b4 – click for a short review). It’s really been an impressive transformation, and I think that it will mark a very nice evolution in the web. It’s … Continue reading Firefox 3 – making the web a little better