Efficient Pull Request Alternatives and Secure Frontend Authorization Methods


Summary of my bookmarked links from Aug 31st, 2022

Links

  • Pull Requests Are Slowing You Down

    Pull requests can impede continuous delivery in software development, leading to delays and slow feedback. The author suggests two alternatives to mitigate this issue. The first option is pair programming, where developers collaborate in real-time, ensuring minimal downtime between opening and approving a pull request. The second option is conducting code reviews after deployment and testing but before release, eliminating the need for pull requests. By implementing these approaches, teams can enhance their software development process and achieve faster feedback and delivery.

  • Secure Frontend Authorization

    This article presents a modern approach to building secure authentication processes for Single-Page Applications (SPAs). It emphasizes the importance of not storing tokens in the browser due to Cross-Site Scripting (XSS) vulnerabilities. Instead, the suggested method involves combining cookies and JWT tokens for enhanced security. The article discusses the basics of OAuth 2.0 and introduces the concept of HTTP-only cookies, which are not accessible by JavaScript. It also explores the use of serverless computing, specifically Azure Functions, for handling tokens. The author acknowledges that no solution is perfect but encourages software engineers to choose the right approach for their business case.