Architecture Weekly #68 - 28th March 2022
Welcome to the new week.
Ukraine is still under brutal Russian invasion. A lot of Ukrainian people are hurt, without shelter and need help. You can help in various ways, for instance, directly helping refugees, spreading awareness, putting pressure on your local government or companies. You can also support Ukraine by donating e.g. to Red Cross, Ukraine humanitarian organisation. You may also consider joining Tech for Ukraine initiative.
On Saturday I released the new Event Sourcing samples. They’re showing how to do classical flow using Java, Spring Boot and EventStoreDB. It’s a small but complete application, check more in my GitHub repo.
Infuriated a bit by the obscurity-by-design I see throughout many products, APIs and codebases I wrote a small rant about the design process. I explain why it’s so important to put accessibility as the first principle. Check more on my blog.
The main topic this week was breaches made by the Lapsus$ hacker group. They managed to breach Okta, Microsoft and a few others. I really dislike the Okta statement, it’s not looking professionally to downplay such a threat, especially if your business is security. Breaches may happen everywhere, but seeing the limited control over the security in the outsourced support is not looking great and giving much trust. Also, 2.5% of clients are not “only” but a lot. Btw. it appears that the group is led by a 16-year-old UK citizen. Check more links on that topic below.
Speaking about failures, CBInsights gathered 397 Startup Failure Post-Mortems. It’s an intriguing read, especially if you’re building a product and want to learn from others’ mistakes.
Mathias Verraes got back to his Event Sourcing pattern series, check it here. The whole series is pure gold, that I wish had been written before I made my mistakes.
When I started, I was annoyed by older colleagues, saying that “You have to know HTTP statuses and headers by heart”. That was to me like a dad’s music. Yet, now I’m also a dad, and I see how much basics are important. Read great MDN doc on how HTTP conditional requests can help in caching, optimistic concurrency and eventual consistency.
Check also other links!
Stay safe and healthy.
Oskar
Architecture
Mathias Verraes - Eventsourcing Patterns: Multi-temporal Events
Andrew Harmel-Law - Scaling the Practice of Architecture, Conversationally
Hugo Rocha - Solving Concurrency in Event-Driven Microservices
CNCF - The maintainer’s toolkit: Must-know resources for CNCF projects
DevOps
Frontend
Java
Bartłomiej Słota - Managing Business Processes in Microservice Architecture with Spring Ecosystem
Tom Gregory - How to build Gradle projects with GitHub Actions
.NET
Andrew Lock - Cancelling await calls in .NET 6 with Task.WaitAsync()
Vladimir Gaevoy - .NET type for personally identifiable information (PII)
Philipp Munin - Event debouncer helps to prevent calling the same event handler too often
NodeJS
Python
Tools
Coding Life
Product Design
Security
BleepingComputer - Lapsus$ hackers leak 37GB of Microsoft's alleged source code
Cloudflare - Cloudflare’s investigation of the January 2022 Okta compromise
BBC - Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal