newsletter January 28, 2022

The Overflow #110: The Log4j vulnerability by the numbers

Welcome to ISSUE #110 of The Overflow! This newsletter is by developers, for developers, written and curated by the Stack Overflow team and Cassidy Williams. This week: making hard decisions about optimizing software quality attributes, exploring whether running a random search 60 times is as good as a fancy algorithm, and the wrong way to learn…

Welcome to ISSUE #110 of The Overflow! This newsletter is by developers, for developers, written and curated by the Stack Overflow team and Cassidy Williams. This week: making hard decisions about optimizing software quality attributes, exploring whether running a random search 60 times is as good as a fancy algorithm, and the wrong way to learn TypeScript.

From the blog

Plan for tradeoffs: You can’t optimize all software quality attributes stackoverflow.blog
When designing software, you can’t always get what you want. But if you plan sometime, you just might find you get what you need. 

Here’s how Stack Overflow users responded to Log4Shell, the Log4j vulnerability affecting almost everyone stackoverflow.blog
When the Log4j vulnerability was announced, related questions saw an 1,1122% increase in traffic. Knowledge reuse in action! Read more insights on the recent massive security vulnerability in our our data deep dive.

Who’s going to pay to fix open source security? stackoverflow.blog
What happens when massive amounts of people rely on databases maintained by only a few unpaid volunteers?

MongoDB Architecture Guide promotion
Learn the foundational concepts of MongoDB’s application data platform and how it can help developers innovate faster when building a wide range of apps.

Interesting questions

How can a Scrum daily not be a status pull? pm.stackexchange.com
If you’re still relying on “the three questions” in your dailies, you might be missing the collaboration part.

What is the idea behind “p or not p” being a tautology? philosophy.stackexchange.com
The first rule of tautology club is the first rule of tautology club.

The “amazing hidden power” of random search? stats.stackexchange.com
If you ever wanted your stats explanations illustrated with Simpsons quotes, you’re in luck.

In ML, why do notebooks only select the best variables?  datascience.stackexchange.com
Beware the curse of dimensionality!

Eleventy v1.0.0, the stable release www.11ty.dev
The static site framework Eleventy, which has gained love and praise throughout the dev community, just released v1.0!

Announcing Parcel CSS: A new CSS parser, compiler, and minifier written in Rust! parceljs.org
Rust AND CSS? Together? Now this you might just have to see.

CSS Cascade Layers: An overview of the new @layer and layer() CSS primitives www.youtube.com
Speaking of CSS, it’s got new layers, and they’re particularly cool for anyone who misses the ol’ days of converting PSD files into websites. Just kidding, they’re cooler than that, we promise.

How not to learn TypeScript fettblog.eu
A lot of devs who are used to being flexible with their type systems *cough* JavaScript *cough* and Python *cough* drag their feet when it comes to TypeScript. Here’s some useful tips for when you inevitably have to learn it.

Onboard, organize, and bring your team up to speed in a jiffy. Try Stack Overflow for Teams.

Tags: ,
Podcast logo The Stack Overflow Podcast is a weekly conversation about working in software development, learning to code, and the art and culture of computer programming.

Related

The Overflow Newsletter Banner
newsletter March 4, 2022

The Overflow #115: What engineering managers give up, an AI bot that can ace technical interviews, and a one-stop monorepo resource  

Welcome to ISSUE #115 of The Overflow! This newsletter is by developers, for developers, written and curated by the Stack Overflow team and Cassidy Williams. This week: what you give up when you move into management, an AI bot that’s better than you at answering technical interview questions, and resources to help with monorepos and functional programming.