Welcome to the new week.

Ukraine is still under brutal Russian invasion. A lot of Ukrainian people are hurt, without shelter and need help. You can help in various ways, for instance, directly helping refugees, spreading awareness, putting pressure on your local government or companies. You can also support Ukraine by donating e.g. to Red Cross, Ukraine humanitarian organisation. You may also consider joining Tech for Ukraine initiative.

On Saturday I released the new Event Sourcing samples. They’re showing how to do classical flow using Java, Spring Boot and EventStoreDB. It’s a small but complete application, check more in my GitHub repo.

Infuriated a bit by the obscurity-by-design I see throughout many products, APIs and codebases I wrote a small rant about the design process. I explain why it’s so important to put accessibility as the first principle. Check more on my blog.

The main topic this week was breaches made by the Lapsus$ hacker group. They managed to breach Okta, Microsoft and a few others. I really dislike the Okta statement, it’s not looking professionally to downplay such a threat, especially if your business is security. Breaches may happen everywhere, but seeing the limited control over the security in the outsourced support is not looking great and giving much trust. Also, 2.5% of clients are not “only” but a lot. Btw. it appears that the group is led by a 16-year-old UK citizen. Check more links on that topic below.

Speaking about failures, CBInsights gathered 397 Startup Failure Post-Mortems. It’s an intriguing read, especially if you’re building a product and want to learn from others’ mistakes.

Mathias Verraes got back to his Event Sourcing pattern series, check it here. The whole series is pure gold, that I wish had been written before I made my mistakes.

When I started, I was annoyed by older colleagues, saying that “You have to know HTTP statuses and headers by heart”. That was to me like a dad’s music. Yet, now I’m also a dad, and I see how much basics are important. Read great MDN doc on how HTTP conditional requests can help in caching, optimistic concurrency and eventual consistency.

Check also other links!

Stay safe and healthy.
Oskar

Architecture

• MDN - HTTP conditional requests

• Mathias Verraes - Eventsourcing Patterns: Multi-temporal Events

• Kevin Swiber - What is API Observability?

• Andrew Harmel-Law - Scaling the Practice of Architecture, Conversationally

• Hugo Rocha - Solving Concurrency in Event-Driven Microservices

• CNCF - The maintainer’s toolkit: Must-know resources for CNCF projects

DevOps

• Chris Spitzenberger - Terraform vs. AWS CloudFormation: Key Differences

• GitHub Blog - An update on recent service disruptions

Frontend

• Antonio Lagrotteria - Lerna & Module Federation for AWS micro-frontends

• CSS-Tricks - CSS-Tricks is joining DigitalOcean!

Java

• Bartłomiej Słota - Managing Business Processes in Microservice Architecture with Spring Ecosystem

• Unit test your Java architecture

• Spring Boot - Retry

• Tom Gregory - How to build Gradle projects with GitHub Actions

.NET

• Andrew Lock - Cancelling await calls in .NET 6 with Task.WaitAsync()

• Vladimir Gaevoy - .NET type for personally identifiable information (PII)

• Antoine Aubry - YamlDotNet - A .NET library for YAML

• Philipp Munin - Event debouncer helps to prevent calling the same event handler too often

NodeJS

• NodeJS - Stream Finished, handling closed or ended NodeJS stream

Python

• Piotr Podgórski - Event sourcing with Python

Tools

• Marp - Markdown Presentation Ecosystem

• Thunder Client - A lightweight Rest API Client Extension for Visual Studio Code

Coding Life

• programming is terrible - How I write software

• Coda Hale - Work Is Work

Product Design

• CBInsights - 397 Startup Failure Post-Mortems

Security

• BleepingComputer - Lapsus$ hackers leak 37GB of Microsoft's alleged source code

• Okta - Updated Okta Statement on LAPSUS$

• Cloudflare - Cloudflare’s investigation of the January 2022 Okta compromise

• BBC - Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

Industry

• Tessa Kriesel - Gender discrimination at fintech startup, Fast

• The Verge - Stephen Wilhite, creator of the GIF, has died