Insights on MacBook Pro M1 Max, Hiring Software Engineers, Npm Security, and Dependency Injection in JavaScript

Summary of my bookmarked links from Nov 24th, 2021


  • MacBook Pro M1 Max Review: Developer Perspective

    The author provides a review of the MacBook Pro 16" with Apple Silicon, highlighting its positive aspects. The build quality is praised for its rigid and powerful feel, while the ports, including the return of the MagSafe connector, are welcomed. The battery life is commendable, and the charging experience with the 140W brick is noted. The keyboard, trackpad, speakers, and display are all lauded for their quality. The performance of the M1 Max chip with 10 CPU cores, 32 GPU cores, and 64 GB of RAM is described as impressive, with no lags or fan noise during multitasking. The author also mentions software compatibility and concludes by recommending the MacBook Pro 16" as a powerhouse laptop.

  • What I Look For When I Hire Software Engineers

    "It Isn't All About Code" is an insightful article that sheds light on what employers look for in job candidates during the hiring process. The author emphasizes the importance of making a strong first impression and getting noticed by going the extra mile, whether through applications, networking, or engaging with the company's online presence. The article highlights the significance of qualifications but also acknowledges the value of persistence and showcasing past work through a well-curated GitHub account. It discusses different stages of the interview process, including phone interviews and code challenges, and emphasizes the significance of communication skills, attitude, and the ability to handle feedback. The author concludes by encouraging candidates to follow up after interviews, regardless of the outcome, as a way to leave a positive lasting impression.

  • Another Npm Package Is Highjacked and It’s Your Fault That This Happened

    The article discusses a recent attack on the UA-Parser.js package hosted on NPM, highlighting the issue of security vulnerabilities in third-party libraries. The author argues that developers' reliance on these libraries, combined with poor dependency management, creates an ideal environment for hackers. While the solution is not to stop using third-party libraries entirely, the author emphasizes the importance of properly vetting them and locking production builds to specific versions. This approach mitigates security risks and prevents potential attacks from compromising projects and servers.

  • Dependency Injection in JavaScript — the Best Tool You’re Not Using for your Tests

    This article emphasizes the importance of dependency injection in unit testing and provides insights into how to implement it in JavaScript. It highlights that relying on external services in unit tests decreases stability and adds uncertainty to test results. The author suggests using dependency injection to overwrite dependencies and control the behavior of tests. The article offers two scenarios for implementing dependency injection: building and testing code simultaneously or testing pre-existing code. It also mentions some JavaScript libraries for dependency injection and encourages developers to explore this powerful tool for writing extensible and reliable code.