JavaScript engine execute two kinds of tasks in the event loop: macrotask and microtask.

One example of macrotask is event listener callback.

One example of microtask is the then in a promises.

Js engine event loop has two queues: one queue for the macrotask, another queue for the microtask.

It will execute one things from the macrotask queue, then execute everything on the microtask queue, then perform rerender.


OWASP Top 10 list is created by a group of top security exports globally.

External Data threats

Means user input. Solution is to validate input and sanitize input.

Injection flaws. Passing user input data to an interpret without validating it. Scanners can be used to locate such flaws. Impact would be to expose…

Compute. Include both server and serverless.

EC2: Elastic Compute Cloud. Provide virtual servers in the cloud. Some are for memory intensive work, some are for IO intensive, some are for machine learning (accelerated computing) intensive etc.

EC2 Auto scaling. Automatically spin more server or remove server based on policies you set.

Lambda. serverless. Can run in…

If an app is in PCI scope, it needs to draw a diagram for audit. An app is in PCI scope when it processes or transfer payment data. An example would be a textfield for getting credit card numbers. An app with such textfield is in PCI scope.

Putting UI in PCI scope will create a lot of more work, so one solution is to use a an iframe from the backend (which is already in PCI scope) to process payment information.

Gain insight into errors and user behavior with Datadog and Sentry.

Gain insight into errors. You can log errors so you know what errors occurred on the production site. In one of my apps, I log errors that made to the Error Boundary to Sentry.

Gain insight into user behavior. Both Datadog and Sentry provide automatically performance tracking. They can track what path the user has visited so you can get an idea what is most often visited pages are.

For smaller apps, it is probably a good idea to start with Sentry because it is free to use to start with.

What I learned from AWS Certified Solutions Architect Associate All-in-One Exam Guide, Second Edition (Exam SAA-C02), 2nd Edition

(Images from this article are from this book. Please let me know if I had infringed on the copyright.)

cloud computing types

On demand — just like you can switch on a light on demand to use the electricity, you can provision resources on demand

accessible from the internet — you can provision…

Different methods is suitable for different situations. I do code review in 3 ways: write a comment on the PR, send a directly slack message, and pull down the branch to refactor and go over it with the reviewee.

Write a comment on the PR. This method is suitable for…






Steve Mu

Software Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store