This Week I Learned: 2023W08

Tue Feb 28 2023

HTML - Encryption

Staticrypt is a tool that allows you to encrypt HTML files using a password. You can protect some static content on a server like Github pages, Netlfiy or Vercel.

Postgres - Psql

Psql Tips is a website showing random tips for psql (the Postgres CLI).

PHP - Security Bug

This PHP bug is really surprising. It seems like for some hashes, if it is invalid, the password_verify function returns true. The conversation is quite surreal. Probably one of the most incredible “not a bug, it’s a feature” I’ve ever seen.

One could argue it’s not such a big deal, since if an attacker has access to the database, you have bigger issues. However, as someone noted on Hacker News, it’s not the most probable scenario. If a migration corrupts the database data and in particular some password hashes, it’s possible that some users can log in with any password. Aoutch.

VS Code - Code server

Code Server is a tool that allows to run VS Code is the browser, while it’s running on a remote server. It allows to compute everything in the cloud, which makes it possibly lighter for an old laptop.

Civet - Javascript - Typescript

Civet is a superset that compiles into Typescript or Javascript (Who’s gonna stop the progress?). It adds some syntactic sugar, mostly taken from Rust or Python.

I particularly like: pattern matching, everything is an expression, string dedent and more flexible spreading.