Tim Perry

Senior software engineer at resin.io.
Creator of Build Focus, keen open-source contributor, and maintainer of Loglevel, Git‑Confirm and Server Components.

Federate your content just one more step, all by yourself, and making jumping ship a little less scary.

Mastodon has been quietly building popularity for a good few months now, but over the past 48 hours it’s really burst to life, leaping from 25,000 to 40,000+ users in no time at all.

This is an exciting good thing: we’ve been in desperate need of less centralized and walled social networks for a good long time now.

Moving on from Twitter though isn’t easy, as many of us have been there many years...

Because sometimes you want to know if they actually work.

Bash scripts are unloved and underappreciated. Many of us developers spend a lot of time on the command line, and a good shell script is an incredibly powerful thing to drop into & extend your existing workflow.

Shell scripting isn’t easy though. Many of the tools and techniques you might be used to aren’t nearly as effective or well-used on the command line. Testing is a good example: in most languages, there’s a clearly agreed basic a...

Promises Are So Passé at Codemotion Milan

CSS-only tabs are a fun topic, and :target is a delightfully elegant declarative approach, except for the bit where it doesn’t work. The #hash links involved jump you around the page by default, and disabling that jumping breaks :target in your CSS, due to poorly defined behaviour in the spec, and corresponding bugs in every browser.

Or so we thought. Turns out there is a way to make this work almost perfectly, despite these bugs, and get perfect CSS-only accessible linkable history-tracking tabs ...

Opening Open Source with DevOps at DevDay
Promises Are So Passé at Frontend Conference

Building a Server-Rendered Map Component

Part 2: How to use client-side libraries like Leaflet, in Node.

As discussed in Part One: Why?, it’d be really useful to be able to take an interesting UI component like a map, and pre-render it on the server as a web component, using Server Components.

We don’t want to do the hard mapping ourselves though. Really, we’d like this to be just as easy as building a client-side UI component. We’d like to use a shiny mapping library, like Leaflet, to give us all ...

Get easy confidence on exactly what you’re committing.

Git Confirm is a git hook, which asks you to confirm when you commit a change that includes additions from a (configurable) list of risky matches. Think ‘TODO’, ‘FIXME’, ‘@Ignore’, ‘describe.skip/it.skip’ and ‘describe.only/it.only’. You can drop Git Confirm in, and effortlessly stop yourself ever committing anything like this by accident.

TODO is the easiest example. It’s really useful to sprinkle TODO comments in your code as you work, to ma...

Travis typo fix
New repo: pimterry/module-structure-graph
https://fiatjaf.alhur.es/module-linker/#/javascript - turn require(x) on Github into a link to the file/module, for JS/TS/Rust/Python/everythin… https://twitter.com/i/web/status/888359674701131776
Fantastic write up on the state of the cert industry, now that @letsencrypt has really taken off: https://www.troyhunt.com/on-the-perceived-value-ev-certs-cas-phishing-lets-encrypt/ (by @troyhunt)
Hide the intro quickstart message, for now (until it gets renovated)
Core logic for Avahi discovery
Use DBUS_SYSTEM_BUS_ADDRESS, if available
Some non-functional general tidy up
Add automated testing for OSX
Fun fact: there's a LAN service discovery w3c web spec - https://www.w3.org/TR/2014/WD-discovery-api-20140220/ Less fun: it died in January 😭 - https://dvcs.w3.org/hg/dap/raw-file/tip/discovery-api/Overview.html
Validate env var names
Make the changelog versionbot compliant
The results are in! After initial enthusiasm, the conclusion is no: don't hijack ctrl-f, even if it's broken. https://twitter.com/pimterry/status/880346687142756353
Upgrade resin-sync to fix node 8 bug
Fix "'cwd' must be a string" error in Node 8
If ctrl/cmd+f won't work in your webapp (e.g. lazily loaded/unloaded stream of items) in a context that people want to search, you should:
High-severity remote DoS vulnerability for @NodeJS 4.x-8.x incoming. Patch&details on the 11th of July: https://groups.google.com/forum/#!topic/nodejs-sec/FG8glRVxS7Q #js #node
So #TypeScript 2.4.1 quietly breaks integrated tools like ts-node (but there's a new fixed version out) and ts-loader (nope, just broken)
Wow, it's been a hardwaretacular day so far. Got myself a @NordicTweets 'Thingy'. Time to start playing with Blueto… https://twitter.com/i/web/status/879710144866779136
Fix issue where emulated builds broke Docker ARG commands
Ok, one more exciting new hardware technology: Thread. Mesh networking between low-powered local devices, with IPv6, for IoT.
Coolest tech I've heard of today: NFC wake-on-field. Power your device down to 100 nano-amps, power up properly only when NFC appears.
Latest fun/scary @resin_io project: launch & control a drone fleet with Resin, Alexa & Amazon IoT. https://resin.io/blog/manage-a-fleet-of-drones/ "Alexa, attack"
Include node version in sentry logs
Add a polyfill to fix local configure in older (<6) Node versions
You have a bash injection vulnerability in an interesting server, but you can't include any spaces. What're some interesting attacks?