Automattic recently wrote an article and gave a speech publicly
disparaging WP Engine - WP Engine has responded with a public "cease
and desist".

Sign Up [1] |Advertise [2]|View Online [3]

TLDR

TOGETHER WITH [Stytch] [4]

TLDR WEB DEV 2024-09-24

THIS AUTH KILLS BOTS (SPONSOR) [4]

Build auth your future self will thank you for with Stytch [4]¨

* It's a developer-focused platform [5] with unparalleled
flexibility to handle any use case, at any scale. Supports
multi-tenant B2B apps, SSO, RBAC, SCIM, and a pre-built front-end UI.
* Built-in fraud prevention and device fingerprinting [6] tells you
if traffic is from a returning user, fraudster, or bot.
* Future proof, scalable infrastructure means you have secure guardrails for any spike in traffic [4]: 99.999%+ uptime SLA,
SMS/email provider failover, user + org data models, account
deduplication, and more.

¨ Trusted by Zapier, Replit, Clearbit, Cisco, Groq

Discover the joys of Stytch ¨ [4]

¨¨

ARTICLES & TUTORIALS

WHEN POSTGRES INDEXING WENT WRONG (7 MINUTE READ) [7]

When a concurrent Postgres index creation silently failed, the app
that used the database faced performance degradation, almost leading
to a production outage. This failure was exacerbated by the use of
partitioned tables, resulting in inconsistent index usage across
different partitions. To avoid such issues, monitor concurrent index
creation, validate indexes regularly, and create partition indexes consistently.

IMPLEMENTING FEATURE FLAGGING WITH THE NEXT.JS APP ROUTER (6 MINUTE
READ) [8]

Use environment variables to control feature visibility, validate
them, and then access them within server and client components using
custom functions and a feature provider. This blog post explains how
to implement basic feature flagging with the Next.js App Router. It demonstrates a practical application of feature flagging by
controlling the visibility of sidebar routes based on feature flags.

OPTIMIZING FOR HIGH LATENCY ENVIRONMENTS (22 MINUTE READ) [9]

Chrome's User Experience Report provides Round-Trip-Time (RTT) data,
which reveals the network conditions of users. Many users have slower
network connections, so web applications should be able to handle
high-latency environments well. Some strategies to handle these
include reducing transfer size, using a CDN, upgrading to HTTP/2 and
TLS 1.3, and adopting HTTP/3 (QUIC) if possible.

¨

OPINIONS & ADVICE

THE INTELLIGENCE AGE (6 MINUTE READ) [10]

Sam Altman describes a new "Intelligence Age" driven by new AI
advancements. This new era promises massive improvements in various
aspects of life, including healthcare, education, and even solving
global problems like climate change. While AI's potential for
prosperity is immense, there is still a need to navigate risks, like
those related to labor markets.

SERIOUSLY, STOP USING RSA (13 MINUTE READ) [11]

RSA is a widely used public-key cryptosystem which is arguably
fundamentally flawed and should be abandoned. Its security relies on
carefully chosen parameters, which developers often fail to select
properly, leading to vulnerabilities. These vulnerabilities stem from
subtle mathematical properties that average developers are unlikely to
grasp, making RSA inherently fragile and prone to attacks.

MY LEARNINGS FROM 7 FAILED TECH INTERVIEWS (8 MINUTE READ) [12]

Zach Wilson, an ex-Airbnb staff data engineer, goes through seven
tech interviews he failed over the last decade. He shares learnings
from his time. For example, job hopping early in your career is great
for growth, but not as great after you hit your mid-career.

¨

LAUNCHES & TOOLS

[FREE APPSEC LESSON] GET TO KNOW THE SECURE SUPPLY CHAIN CONSUMPTION
FRAMEWORK (SPONSOR) [13]

Learn how to securely ingest and manage open-source software into
your projects by leveraging the Secure Supply Chain Consumption
Framework (S2C2F). This framework is focused on governance, continuous improvement, and scalable practices to ensure the integrity and
security of your software supply chain. Claim your free video lesson
[13] or get a free taster on Youtube [14]

TS-BLANK-SPACE (WEBSITE) [15]

ts-blank-space is a TypeScript-to-JavaScript compiler that focuses on
speed by removing type annotations and replacing them with whitespace.
It utilizes the original TypeScript parser and is written in pure
TypeScript.

SIDEKICK (GITHUB REPO) [16]

Sidekick is a tool that simplifies the deployment applications on
VPS', making the process of hosting side projects faster and more
affordable by automating the setup and deployment process. It enables zero-downtime deployments and provides features like high
availability, load balancing, and automatic SSL certificates.

MICROJS (WEBSITE) [17]

A library of JavaScript packages with small footprints.

¨

MISCELLANEOUS

TUNE LLAMA3 405B ON AMD MI300X (10 MINUTE READ) [18]

Felafax successfully fine-tuned the LLaMA 3.1 405B model on 8 AMD
MI300x GPUs using JAX, Google's Python library for high-performance
numerical computing and machine learning. Its team used JAX for
efficient parameter sharding and a LoRA implementation, achieving
near-linear scaling and high memory efficiency.

NO DATA LASTS FOREVER (6 MINUTE READ) [19]

No data lasts forever. From ancient papyrus scrolls to modern hard
drives and flash memory, every method of data storage has limitations
and eventually fails. In modern times, the potential for data loss
comes from hardware failures, technological obsolescence, and
intentional or accidental deletion.

CLOUDFLARE'S NEW MARKETPLACE WILL LET WEBSITES CHARGE AI BOTS FOR
SCRAPING (4 MINUTE READ) [20]

Cloudflare is launching a marketplace where website owners can sell
access to their content to AI model providers. This marketplace will
allow websites to charge AI bots for scraping their content.
Cloudflare has also introduced AI Audit, a tool that allows website
owners to monitor and block AI bots.

¨

QUICK LINKS

WP ENGINE RESPONDS TO WORDPRESS (1 MINUTE READ) [21]

Automattic recently wrote an article and gave a speech publicly
disparaging WP Engine - WP Engine has responded with a public "cease
and desist".

FROM NODE.JS TO DENO: HOW IT ALL BEGAN (9 MINUTE VIDEO) [22]

This special feature explores Deno, a new JavaScript runtime created
by the minds behind Node.js, examining its origins, differences from
Node.js, and the lessons learned in its development.

USING TYPESCRIPT AND RAG TO ENHANCE USER QUERIES FROM A TEXT DATASET
(15 MINUTE READ) [23]

This article explains how to implement Retrieval Augmented Generation
(RAG) in TypeScript and React to create a chatbot that can answer
questions about content from a large text dataset by retrieving
relevant information from a vector database and providing it to an
LLM.

USING CALLBACKS TO ACHIEVE BETTER COMPONENT DECOUPLING IN REACT (3
MINUTE READ) [24]

Using callbacks in React to achieve better component decoupling
involves shifting control of state updates from child components to
parent components.

NEXT-SAAS-STRIPE-STARTER (GITHUB REPO) [25]

This is a full-featured, pre-configured starter project for building
SaaS applications using Next.js, Prisma, Neon, Auth.js, Resend, React
Email, Shadcn/ui, and Stripe.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!

https://refer.tldr.tech/363c65bf/3 [26]

Track your referrals here. [27]

Want to advertise in TLDR? ¨

If your company is interested in reaching an audience of web
developers and engineering decision makers, you may want to ADVERTISE
WITH US [28].

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Priyam Mohanty, Jenny Xu & Ceora Ford

If you don't want to receive future editions of TLDR Web Dev, please unsubscribe from TLDR Web Dev [29] or manage all of your TLDR
newsletter subscriptions [30].



Links:
------
[1] https://tldr.tech/webdev?utm_source=tldrwebdev
[2] https://advertise.tldr.tech/?utm_source=tldrwebdev&utm_medium=newsletter&utm_campaign=advertisetopnav
[3] https://a.tldrnewsletter.com/web-version?ep=1&lc=df5a9a84-734c-11ef-ae5c-1145880928d7&p=93028f14-7a51-11ef-bf6a-472931d905a6&pt=campaign&t=1727176570&s=c7f37314229c3bcc662679fe6dea13896fdaaddc7ba703e2725b422848da11ac
[4] https://stytch.com?utm_source=tldrwebdev&utm_medium=paid_sponsorship&utm_content=tldr-webdev-09-24-2024&utm_campaign=tldr-webdev-q3-2024
[5] https://stytch.com/docs?utm_source=tldrwebdev&utm_medium=paid_sponsorship&utm_content=tldr-webdev-09-24-2024&utm_campaign=tldr-webdev-q3-2024
[6] https://stytch.com/fraud?utm_source=tldrwebdev&utm_medium=paid_sponsorship&utm_content=tldr-webdev-09-24-2024&utm_campaign=tldr-webdev-q3-2024
[7] https://blog.bemi.io/indexing/?utm_source=tldrwebdev
[8] https://aurorascharff.no/posts/implementing-feature-flagging-with-nextjs-app-router?utm_source=tldrwebdev
[9] https://csswizardry.com/2024/09/optimising-for-high-latency-environments/?utm_source=tldrwebdev
[10] https://ia.samaltman.com/?utm_source=tldrwebdev
[11] https://blog.trailofbits.com/2019/07/08/fuck-rsa/?utm_source=tldrwebdev [12] https://blog.dataengineer.io/p/my-learnings-from-7-failed-tech-interviews?utm_source=tldrwebdev
[13] https://info.securityjourney.com/supply-chain-security-lesson?utm_campaign=Supply%20Chain%20Security%20Lesson&utm_source=TLDR&utm_medium=newsletter
[14] https://www.youtube.com/watch?v=11tfCFZNw5A&t=2s
[15] https://bloomberg.github.io/ts-blank-space/?utm_source=tldrwebdev
[16] https://github.com/MightyMoud/sidekick?utm_source=tldrwebdev
[17] http://microjs.com/?utm_source=tldrwebdev
[18] https://publish.obsidian.md/felafax/pages/Tune+Llama3+405B+on+AMD+MI300x+(our+journey)?utm_source=tldrwebdev
[19] https://lilysthings.org/blog/no-data-lasts-forever/?utm_source=tldrwebdev [20] https://techcrunch.com/2024/09/23/cloudflares-new-marketplace-will-let-websites-charge-ai-bots-for-scraping/?utm_source=tldrwebdev
[21] https://threadreaderapp.com/thread/1838350670564377051.html?utm_source=tldrwebdev
[22] https://m.youtube.com/watch?v=zxitJn9MwYs&utm_source=tldrwebdev
[23] https://edspencer.net/2024/9/2/easy-rag-for-typescript-and-react-apps?utm_source=tldrwebdev
[24] https://darios.blog/posts/using-callbacks-in-react?utm_source=tldrwebdev [25] https://github.com/mickasmt/next-saas-stripe-starter?utm_source=tldrwebdev [26] https://refer.tldr.tech/363c65bf/3
[27] https://hub.sparklp.co/sub_c9fe76197514/3
[28] https://advertise.tldr.tech/?utm_source=tldrwebdev&utm_medium=newsletter&utm_campaign=advertisecta
[29] https://a.tldrnewsletter.com/unsubscribe?ep=1&l=e8d201ca-3e93-11ed-9a32-0241b9615763&lc=df5a9a84-734c-11ef-ae5c-1145880928d7&p=93028f14-7a51-11ef-bf6a-472931d905a6&pt=campaign&pv=4&spa=1727175659&t=1727176570&s=112b1bf762f053242e3990c55ff7af61828bdaaeff9306a755998b5bc6d6a76e
[30] https://tldr.tech/webdev/manage?email=tldr%40synchro.net

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net