26 posts tagged with "overview"

Hello!

This is Part 2 of a three-part series on the surprisingly hard problem of detecting changes in a web page's JavaScript and CSS resources, written while building the Resources Tracker (now Page tracker) feature in Secutils.dev.

In Part 1 we covered inline vs external resources, dynamically loaded resources, and how to keep storage costs low with hashing. Today we tackle two more challenges: resources that don't fit cleanly into "inline" or "external", and inline resources that change on every page load even though "nothing meaningful" changed.

Hello!

In a previous post, I explained the idea behind tracking the JavaScript and CSS resources loaded by a web page in Secutils.dev and who benefits from it. I had originally hoped to ship the feature as part of the "Q2 2023 - Apr-Jun" update, but it took noticeably longer than I thought. In this post (and the next two) I want to walk through why comparing JavaScript and CSS files between two snapshots of a web page is much harder than it looks, and what design choices made the feature work for Secutils.dev.

Hello!

As the end of "Q2 2023 - Apr-Jun" milestone (that's how I structure my roadmap) is quickly approaching, I wanted to give a quick update on the progress so far. One of the significant deliverables for this milestone is a functional web resources tracker utility. The utility should give developers the ability to track resources of any web page. You may be wondering why they would want to do that and how it relates to security. Let me explain using two personas: the developer and the security researcher.

Hello!

Today, I'd like to share my perspective on formal project management for small to medium-sized projects, using Secutils.dev as an example. When starting a new project, it's often driven by a spark of inspiration or a strong desire to solve a specific issue for yourself or a group of people. At this early stage, formality can be a distraction and drain motivation quickly. You have a clear vision of what needs to be done, and adding unnecessary formalities can hinder progress.

Initially, things may go smoothly without a formal project management process. You create functional prototypes, launch an MVP with a catchy domain name, and receive positive feedback from early users. However, over time, the excitement from these achievements can diminish, and internal motivation alone may not be enough to drive the project forward. This is a natural human tendency, and it's important to recognize it. If you're satisfied with your project in its current state, or if it was originally intended as a short-term fun project and you're ready to move on to something new, that's perfectly fine. You should absolutely embrace the joy of building and exploring new ideas.

However, if you want to advance a more complex project and still maintain sufficient motivation, I believe it's essential to adopt a different strategy. The strategy I'm going to discuss next involves incorporating a bit of formal project management to keep yourself on track, sustain progress, and avoid the disappointment of yet another unfinished project.

Hello!

In my previous posts I covered the technology stack, the deployment process, and the monitoring and analytics setup behind Secutils.dev. Today, let's talk about money: what it actually costs to run this SaaS in production. As developers, we know the value of being resourceful and frugal, especially when bootstrapping a side project. Here's how the bill stays close to zero for Secutils.dev.

Hello!

In my previous posts, I covered the technology stack behind Secutils.dev and how I deploy its components to a Kubernetes micro-cluster. Today, I want to walk through the tools I use to monitor that deployment and to collect privacy-friendly product analytics.