JavaScript engine execute two kinds of tasks in the event loop: macrotask and microtask.

One example of macrotask is event listener callback.

One example of microtask is the then in a promises.

Js engine event loop has two queues: one queue for the macrotask, another queue for the microtask.

It will execute one things from the macrotask queue, then execute everything on the microtask queue, then perform rerender.

Reference: https://javascript.info/event-loop

OWASP Top 10 list is created by a group of top security exports globally.

External Data threats

Means user input. Solution is to validate input and sanitize input.

Injection flaws. Passing user input data to an interpret without validating it. Scanners can be used to locate such flaws. Impact would be to expose…

Compute. Include both server and serverless.

EC2: Elastic Compute Cloud. Provide virtual servers in the cloud. Some are for memory intensive work, some are for IO intensive, some are for machine learning (accelerated computing) intensive etc.

EC2 Auto scaling. Automatically spin more server or remove server based on policies you set.

Lambda. serverless. Can run in…

If an app is in PCI scope, it needs to draw a diagram for audit. An app is in PCI scope when it processes or transfer payment data. An example would be a textfield for getting credit card numbers. An app with such textfield is in PCI scope.

Putting UI in PCI scope will create a lot of more work, so one solution is to use a an iframe from the backend (which is already in PCI scope) to process payment information.

Gain insight into errors and user behavior with Datadog and Sentry.

Gain insight into errors. You can log errors so you know what errors occurred on the production site. In one of my apps, I log errors that made to the Error Boundary to Sentry.

Gain insight into user behavior. Both Datadog and Sentry provide automatically performance tracking. They can track what path the user has visited so you can get an idea what is most often visited pages are.

For smaller apps, it is probably a good idea to start with Sentry because it is free to use to start with.

What I learned from AWS Certified Solutions Architect Associate All-in-One Exam Guide, Second Edition (Exam SAA-C02), 2nd Edition

(Images from this article are from this book. Please let me know if I had infringed on the copyright.)

cloud computing types

On demand — just like you can switch on a light on demand to use the electricity, you can provision resources on demand

accessible from the internet — you can provision…

Different methods is suitable for different situations. I do code review in 3 ways: write a comment on the PR, send a directly slack message, and pull down the branch to refactor and go over it with the reviewee.

Write a comment on the PR. This method is suitable for…

从吴军学到的知识

面对困难,知道量力而行。我们赞赏一些人面对困难还是勇往直前并取得成功的人,但是有时候这些人是侥幸。有人用同样的行为,但是却失败了。面对困难,可以放弃,以后再尝试。有人在权衡之后,知道危险太大,放弃了登顶,保了命。

一个小失误,可以造成一连串的可怕后果。2008年,在登乔戈里峰,11人成功上山,但是7人在下山的途中丧命了。因为他们出发太晚,而出发太晚是因为更早的时候绳索不够。

我的体会是,如果工作中遇到太大困难,觉得做不了,可以先放弃,让别人先做,然后再学习相关知识,以后再尝试。恋爱也是,目前觉得恋爱不了,就先放弃,以后等时机合适,再尝试。

以上是得到app《硅谷来信3》228封信的心得。

Steve Mu

Software Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store