Group items tagged

This article is a basic list of best practices that our Grails projects follow, gathered from mailing lists, Stack Overflow, blogs, podcasts and internal discussions at IntelliGrape.

"Best Practice Recommendations for Angular App Structure"

"RESTful API Modeling Language (RAML) is a simple and succinct way of describing practically-RESTful APIs. It encourages reuse, enables discovery and pattern-sharing, and aims for merit-based emergence of best practices. The goal is to help our current API ecosystem by solving immediate problems and then encourage ever-better API patterns. RAML is built on broadly-used standards such as YAML and JSON and is a non-proprietary, vendor-neutral open spec."

Muy buen artículo sobre todo si se lee desde punto de vista mas general que junit+java. Me gustó particularmente la cita: "It's overwhelmingly easy to write bad unit tests that add very little value to a project while inflating the cost of code changes astronomically."

"At the end of the series, you will understand not only the best practices of web development in Go but you will also know about different solutions for each problem a framework solves and be able to apply the right solution for each project."

"Flynn is two things: A "distribution" of components that out-of-the-box gives companies a reasonable starting point for an internal "platform" for running their applications and services. The banner for a collection of independent projects that together make up a toolkit or loose framework for building distributed systems. Flynn is both a whole and many parts, depending on what is most useful for you. The common goal is to democratize years of experience and best practices in building distributed systems. It is the software layer between operators and developers that makes both their lives easier. Unlike most PaaS's, Flynn can run stateful services as well as 12 factor apps. This includes built-in database appliances (just Postgres to start). Flynn is modular so users can easily modify, upgrade, and replace components. "

"Let's Encrypt is a free, automated, and open certificate authority (CA), run for the public's benefit. Let's Encrypt is a service provided by the Internet Security Research Group (ISRG). The key principles behind Let's Encrypt are: Free: Anyone who owns a domain name can use Let's Encrypt to obtain a trusted certificate at zero cost. Automatic: Software running on a web server can interact with Let's Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal. Secure: Let's Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers. Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect. Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt. Cooperative: Much like the underlying Internet protocols themselves, Let's Encrypt is a joint effort to benefit the community, beyond the control of any one organization."

"Knative provides a set of middleware components that are essential to build modern, source-centric, and container-based applications that can run anywhere: on premises, in the cloud, or even in a third-party data center. Knative components are built on Kubernetes and codify the best practices shared by successful real-world Kubernetes-based frameworks. It enables developers to focus just on writing interesting code, without worrying about the "boring but difficult" parts of building, deploying, and managing an application."

"At SoundCloud, we structure our product as an API with many clients. That is, our main website, mobile client, and mobile apps are all first-order clients of a single main API. Behind that API is a universe of services: SoundCloud operates basically as a Service-Oriented-Architecture. We're also a polyglot organization, which means we use lots of languages."

Documentación de la API REST de foursquare. Ejemplar.

Documentación de la API REST de Neo4J. Ejemplar.

Realmente es muy educativo ver como está diseñada esta API, tiene las restricciones del estilo ReST muy bien aplicadas.

"NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases. Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise. Let people use password managers. This is how we deal with all the passwords we need."