Indexes are the essential part of most of the databases. These data structures are used to optimize the performance of database queries. But duplicate, redundant, and unused indexes can dramatically reduce performance.

In the article Duplicate, Redundant, and Invisible Indexes by Percona you’ll find small tips about finding such indexes in MySQL and I hope reduce the time of some queries.

For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#databases #mysql #indexes
It’s great to know what your technologies and tools can do. But sometimes it is even more important to know what they cannot.

For the last few weeks I worked a lot with the dates, frequency and cron jobs. If you have tasks in same area next article could be very useful:

What Cron Can't Do and How To Do It Anyway

In it you’ll find ways to solve intervals and specific dates (for example holidays).
I’ve solved such issues with additional variables - interval names (“day”, “week”, “month”) and values.

To know more - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#cron
In software development it is very important to keep the errors consistent.
You can check github repository that describes the way of handling Node.js apps errors:

Handle errors in a simple, stable, consistent way

For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#nodejs #errors
During application development you usually need to run some tasks at specific times or with some intervals. This means that sooner or later you’ll face the need to choose the scheduler.

Main criterias here are: Support for Persistence, Prevention of Duplicate Job Execution and Scaling.

In the blog post What is a Job Scheduler you’ll find the most common Node.js modules for this - Agenda, Bull, Bree, Node-Cron.

Among them I recommend Bull (anyway you probably use Redis in your app and don’t want to install additional db) or using separate (micro)service.

To get more interesting information - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#nodejs #scheduler
Videos and animations become a more and more important part of web development. So the skill of rendering and automatic generation of this kind of content is essential for Node.js developers.

Good tutorial to start with is Video Rendering with Node.js and FFmpeg.

For more articles and tutorials subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#nodejs #ffmpeg #video
The JavaScript Promise Integration (JSPI) - Google V8 API that bridges WebAssembly and asynchronous web. The WebAssembly JSPI API suspends a Wasm application when it issues a synchronous API call and resumes it when the asynchronous I/O operation is completed.

Some time ago I’ve written an article Node.js: In Go We Trust where described generation of WASM file built with Golang.

But nothing stays the same and in article
Introducing the WebAssembly JavaScript Promise Integration API you’ll find the description of the new API and examples with Emscripten and C/C++.

So follow me on Medium and subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#webassembly #wasm
Changes in 9th version of npm (released some time ago but anyway) you’ll be able to find in article Exploring New Features in npm 9.

As for me the most interesting is install-strategy - hoisted, nested and shallow.

For more info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#npm
Blue-green deployment is a release management technique that reduces risk and minimizes downtime. It uses two production environments, known as Blue and Green to provide reliable testing, continuous no-outage upgrades, and instant rollbacks.

If you for some reason don’t use Kubernetes you still are able to release this deployment strategy for the Node.js application with Nginx and pm2.

How? You’ll find instruction in article Blue Green Deployment for Node.js Without Kubernetes

And for more interesting articles - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#nodejs #nginx #pm2 #deployment
If you are a JavaScript developer - check your code again.
Are you sure that you handled all the “unhandled rejections”?

If not - check the post of Jake Archibald The gotcha of unhandled promise rejections

Spoiler: sometimes you need to write something like “preventUnhandledRejections” specifically if you use old versions of Node.js (please update) for example (<12.9.0).

Not to miss something useful - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#javascript #nodejs #promises
In article Middleware for web applications: it’s not just for enterprises you’ll find the reasons and ways to implement with middlewares such common functionalities as authentication/authorization (hope you know the difference) using 3 different languages - Golang, JavaScript and Python.

Additionally you’ll find a lot of useful links in the “Learn More” section.

Also a lot of useful links you can find in Tech Read channel so subscribe and enjoy.
Likes, shares and recommendations are welcome.

#middleware #javascript #golang #python
Let’s talk a little bit about Npm audit. It’s a great tool to protect you code in several ways:
- Generate and review security audit reports
- Verify the registry signatures of downloaded packages
- Checking and fixing of vulnerabilities

More - in NPM Audit: 5 Ways to Use it to Protect Your Code article and don’t forget to subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#npm
The Apache Kafka is a great instrument for event streaming used by thousands of big and small companies for complex architectures and simple applications. As for me it’s one of “need to know” tools in modern software engineering.

And it’s good to start learning about this technology with The Apache Kafka Handbook on FreeCodeCamp.

Also subscribe to Tech Read channel. In regular posts you’ll find a lot of info about other tools, technologies, languages etc.
As usual, shares and recommendations are welcome.

#kafka
Just a List of Enterprise Integration Patterns with small description, schema and details.

Will be useful and interesting for architects and engineers.

Hope as useful and interesting a Tech Read channel.
Likes, shares and recommendations are welcome.

#patterns
This post is the selection of useful npm modules:

1. OTPAuth - One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.

HOTP (HMAC-based One-Time Password) and TOTP (Time-based One-Time Password) are two commonly used algorithms for generating one-time passwords (OTP) in two-factor authentication systems.
HOTP generates OTPs based on a counter value and a secret key using a hash-based message authentication code (HMAC) algorithm. Each time a new OTP is generated, the counter value is incremented.
TOTP, on the other hand, generates OTPs based on a combination of a secret key and the current time. A timestamp is used as the counter value, and the OTP changes every 30 seconds (default value).

2. Concurrent.js - Non-blocking Computation for JavaScript RTEs (Web Browsers, Node.js & Deno).

Non-blocking computation is a technique used to allow JavaScript runtime environments (RTEs) to perform computationally intensive tasks without blocking the main thread of execution. This is achieved by executing these tasks asynchronously, using features such as web workers or worker threads.
In JavaScript, blocking the main thread can lead to performance issues and a poor user experience, as the user interface may become unresponsive while the script is running. Non-blocking computation helps to mitigate this issue by allowing these tasks to be performed in the background, without affecting the responsiveness of the user interface.

3. Malibu - Framework-agnostic CSRF middleware for modern Node.js

CSRF (Cross-Site Request Forgery) is a type of web attack where an attacker tricks a user into performing an unintended action on a web application. The attack typically involves the attacker crafting a request to the application, and then tricking the user into submitting that request through some form of social engineering, such as by clicking on a malicious link or visiting a page with a hidden form.
One common example of a CSRF attack is when an attacker creates a malicious form on a website, which is designed to submit a request to a different website that the user is already logged in to. If the user is tricked into submitting the form, the attacker can execute a malicious action on the targeted website on behalf of the user.
To prevent CSRF attacks, developers can implement security measures such as using anti-CSRF tokens or implementing same-site cookies. These measures can help to ensure that a request is only processed if it originates from an authorized source, and can help to prevent unauthorized actions on the targeted website.

For more useful info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#nodejs #deno #bun #npm #csrf
This post is the selection of short YouTube tech videos:

1. 8 Key Data Structures That Power Modern Databases

Data structures are an essential part of software engineering, providing a means of organizing and manipulating data in memory. They are used to store and manage data in an efficient and organized manner, enabling efficient access, insertion, deletion, and search operations. Choosing the appropriate data structure for a given task is an important decision for a software engineer, as it can have a significant impact on the performance and memory usage of the application. For example, a hash table may be a good choice for fast lookup operations, while a linked list may be more suitable for frequent insertions and deletions.
Understanding data structures and their properties is an important skill for software engineers, as it can help them design and implement efficient and scalable applications.

2. CAP Theorem Simplified

CAP theorem is a fundamental concept in distributed systems that states that it is impossible for a distributed system to simultaneously provide all three of the following guarantees: consistency, availability, and partition tolerance.
Consistency refers to the requirement that all nodes in a distributed system see the same data at the same time. Availability refers to the requirement that a request made to the system must receive a response, regardless of the state of the system. Partition tolerance refers to the ability of the system to continue operating in the presence of network failures or partitioning.
Understanding CAP theorem is important for software engineers designing and implementing distributed systems, as it can help them make informed trade-offs between consistency, availability, and partition tolerance based on the specific needs of their application.

3. What is OSI Model

The OSI (Open Systems Interconnection) model is a conceptual framework that describes how communication protocols interact in a networked system. It is divided into seven layers, each representing a different aspect of network communication.
The OSI model serves as a conceptual framework for understanding network communication, allowing engineers to design and implement communication protocols that are interoperable across different systems. It is a useful tool for troubleshooting network issues and understanding how different protocols work together to provide end-to-end communication.

To know more - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#datastructures #cap #osi
“QUIC protocol: performance features”

In this article I want to describe main features of HTTP/3 and particularly QUIC protocol:
1. Connection Migration
2. 0-RTT Connection Set-Up
3. UDP And TLS Performance
4. Head-Of-Line Blocking Removal
5. Congestion Control

Medium link

If you liked the article and want to support the author:
Clap and follow me on Medium
Follow me on Linkedin
Subscribe to Tech Read channel

#http3 #quic #network #performance
Why does the search for the shortest route on the map take so fast?

One of the “secrets” is the A* algorithm is a pathfinding algorithm used to find the shortest path between two points on a graph or map. It uses a heuristic approach that estimates the distance between a given point and the destination to guide the search for the shortest path. The algorithm is widely used in video games and robotics for navigation. To use the A* algorithm on a map, we first represent the map as a graph, divide it into nodes, and create edges between them. Then, we assign a heuristic value to each node, estimating the distance between that node and the destination. The algorithm starts at the starting point, evaluates neighboring nodes, adds them to an open list, selects the node with the lowest cost, and explores its neighboring nodes. This process continues until the algorithm reaches the destination node.

More about this algorithm in YouTube video - The hidden beauty of the A* algorithm

For more info - subscribe to Tech Read channel.
Likes, shares and recommendations are welcome.

#algorithms
NPM Security best practices from OWASP Cheat Sheet Series

Short list:
1) Avoid publishing secrets to the npm registry
2) Enforce the lockfile
3) Minimize attack surfaces by ignoring run-scripts
4) Assess npm project health
5) Audit for vulnerabilities in open source dependencies
6) Use a local npm proxy
7) Responsibly disclose security vulnerabilities
8) Enable 2FA
9) Use npm author tokens
10) Understand module naming conventions and typosquatting attacks

Also a lot of useful links you can find in Tech Read channel so subscribe and enjoy.
Likes, shares and recommendations are welcome.

#npm #security #owasp
“JS (Browser + Node.js): Broadcast Channel API - How to Reduce Server Load”

In this article I described the use case of combining Broadcast Channel API and Shared Workers (or Worker Threads in Node.js) for reducing the number of server connections.

Broadcast Channel API is a JavaScript interface that allows communication between different browsing contexts, such as tabs or frames (or between Node.js Worker Threads, but about this at the end of the article), that share the same origin. It provides a simple publish-subscribe model for sending and receiving messages between these contexts.

Shared Worker - a special type of web worker that can be accessed by multiple instances of an application. Shared workers have a single thread of execution and a shared scope between all clients, allowing for efficient communication and synchronization between tabs.

To know how to combine them - check the article.

Medium link

If you liked the article and want to support the author:
Clap and follow me on Medium
Follow me on Linkedin
Subscribe to Tech Read channel

#javascript #nodejs #broadcastchannelapi #webapi #sharedworker
When Node.js is not enough

As a developer you should understand the importance of choosing the right programming language for a particular task. Node.js is a popular platform for building server-side applications using JavaScript, but sometimes we need to use other languages to take advantage of their unique features and capabilities.

Thankfully, Node.js provides several ways to integrate other programming languages into our applications. One popular approach is to use the Child Process module to spawn a child process and communicate with it through standard input/output streams. This allows us to execute external commands written in other languages and receive their output back in our Node.js application.

Another option is to use a native Node.js add-on written in another language, such as C++ or Rust, to access low-level system resources or improve performance-critical parts of our code. Node.js provides a well-documented API for building native add-ons, and there are also several community-driven tools like neon and node-ffi that simplify the process of writing and using native add-ons.

Lastly, we can also use WebAssembly, a low-level binary format designed to run in web browsers, to execute code written in other languages like C, Rust, or Go. Node.js supports WebAssembly, which allows us to load and execute WebAssembly modules directly in our Node.js applications.

Using other programming languages in Node.js can open up new possibilities and help us build more robust, performant, and scalable applications. However, it's important to choose the right approach based on our specific needs and requirements, and to carefully consider the trade-offs involved in integrating different programming languages.

To know more - subscribe to the Tech Read channel.
Also I’ll add a few links with articles about using Rust, Python and C languages with Node.js.
Likes, shares and recommendations are welcome.

#nodejs #webassembly

Links:
https://johns.codes/blog/exposing-a-rust-library-to-node-with-napirs
https://www.alxolr.com/articles/how-to-process-a-csv-file-five-times-faster-in-node-js-with-rust-and-napi-rs
https://github.com/bitair-org/linker.js