Dev Digest 122 – Cracks in the polyfill
Tuesday, July 2nd, 2024 at 6:25 amHello and join me to learn about removing malicious code, what the web is up to and why there are some cool new careers in AI.
News and articles
First things first: if you use Polyfill.io delete it immediately from your server! The – by now pretty unnecessary library – has been acquired and is used in a supply chain attack that affected 100K+ sites injecting malware. This has been warned about some time ago by the original creator, but now it hit the fan.
In a related discussion, Tim Perry deemed public CDNs as “useless and dangerous” and Sung Kim thinks programmers should not trust anyone including themselves. The question really is about longevity. How long is the great helper tool that promises you to use tomorrow’s features today safe or sensible to use? And – does it matter how big and important the tool is at the time? As an example, Google just put Material Web Components in maintenance and I remember those being “safe to use for now and later to build great apps” when they came out.
Talking about the web, the state of JS results are out and Patrick Brosset did a deep-dive analysing the State of HTML 2023 results.
The AI scraper discussion is also far from over as AI companies bypass web standard to scrape publisher sites as reported by Reddit and verified by other sources. It is tricky as you want to support search bots but not scrapers…
The Internet Archive was forced to remove 500k books, which is understandable, but there is a big group of people who can only read them there as other book display sites are inaccessible. Google has an interesting take as they donated $5 million to create inclusive tools and educational programmes. So, if you want to do some good and get
some money, why not fix those ePUB/PDF displayers?
Code and Toolsarticles
Today I got two CODE100 challenges for you – solving one gets you A VIP ticket to our World Congress and the other is a test for people to become challengers in the final of CODE100 at the same event. So, on your keyboards, get, set, go!
VIPs wanted – solve the Twilio CODE100 challenge!
My company partnered with Twilio to give you a new CODE100 puzzle to solve. Check the
README and submit your solution for your chance to win your WeAreDevelopers World Congress VIP ticket worth > 1000 Euro!
Join the other finalists in the CODE100 live event in Berlin<
Check out the 100 hits challenge to show us that you got what it takes to compete alongside the winners of CODE100 Zagreb, Amsterdam and Manchester. Apply now!
Other code news: GitHub Copilot in the CLI is now generally available! I’ve been using the preview for quite some time and it is amazing. Ask for a shell script, see it and run it immediately. Together with thef*ck, it is command line magic.
Leah Verou has naughty hacks to fake inline conditionals in CSS, there’s a gallery of CSS Toggles but Adrian Roselli warns about under-engineered toggles.
In bonkers code news, you can use AI to drop hats on people and llama.ttf is a font file which is also a LLM and an inference engine for that model
(what?).
Some tools for you:
- CSS Anchor Tool is a visual tool to get started with anchor positioning
- Font Interceptor downloads all fonts in use on a target website
- Flowtest is am AI agent For QA testing
- API fiddle allows you to test APIs
Videos
We sat down with Francesco Ciulla ahead of his appearance at the World Congress in Berlin later
this month. We talked about public speaking, why he’s gone all in on Rust, and what we can expect from his
session. See his answers…
Other videos of note:
- Dmitry Mayorov – The Next Big Thing in CSS: margin-trim! (4m)
- Olivier Larose – My Top 5 Techniques for Web Animation (10m)
- Josh Clark – Sentient Design: AI and the Next Chapter of UX (1h10m)
- Anna Fritsch-Weninger – AI’s Impact on Developer Roles (1h)
- Simon Copsey – Technology is Necessary, But Not Sufficient (38m)
- Austin Gil – Full Spectrum File Uploads (36m)
Work and Jobsarticles
A lot has happened in the job world, the OpenAI CTO says AI kills unnecessary creative jobs but this hits freelancers hard. The CEO of Anthropic questions universal basic income as a fix for job losses and half of Dell workers chose to work remote, even though it means no
promotions. Shawn “swyx” Wang sees new use cases and careers in AI, Stack Overflow explains that real 10x developers makes their whole team better and there is a spicy take on tech hiring.
Procrastination Corner / Wonderful Weird Web
- Tetris messages as falling Tetronimos (yes, that is what they are called)
- Nintendo lied about the age of Tetris, it is not 40 yet!
- Moodist – create ambient sounds for focus and calm
- Sans Bullshit Sans is a font to automatically censor marketing speak
- Check out some adorable food