Enabling basic HTTP authentication with nginx on a Laravel Forge provisioned server

| 1 min read

Today I set up a static documentation site (built with Hugo) for internal use. Since it contains sensitive information, I wanted to add some sort of password protection.

We don’t need any dynamic user management for this, so I decided to store an encrypted password on the server with htpasswd and enable basic authentication with nginx.

Here’s how I set up basic HTTP authentication on a Laravel Forge provisioned Ubuntu server.

Read more


Gary Bernhardt on tests and TypeScript

| on www.executeprogram.com

Confession: I don’t write a lot of tests for my frontend code. This isn’t something I talk about a lot because I’m scared of the pitchforks on the horizon.

I write React frontends with TypeScript. I don’t don’t write tests because I’m lazy, or because I don’t have time, I simply don’t see a lot of value in the amount of maintenance they require.

Gary Bernhardt wrote an article on how his apps are covered, and it hits the nail on the head.

We don’t want tests covering most of our React components, though. That wouldn’t help with the main difficulties in writing components:

  1. We might pass props around incorrectly. TypeScript already solves this problem for us almost completely.
  2. The components might use the API incorrectly. Again, we’ve solved this problem with TypeScript.
  3. The components might look wrong when rendered. Tests are very bad at this. We don’t want to go down the esoteric and labor-intensive path of automated image capture and image diffing.

One thing I do write tests for is complex code that isn’t coupled to components, like reducers. And the nail gets hit again:

Although we don’t test components directly, there are some other parts of the frontend code that are tested directly. For example, we have some high-value tests around some React reducers because they’re tricky and full of conditionals.

Read on Are Tests Necessary in TypeScript? executeprogram.com.


Webmentions on a static site with GitHub Actions

| 6 min read

Last year, I added webmentions to this blog. To recap, webmentions are a web standard to create a network of comments, likes, and reposts between ordinary sites. I set up a brid.gy account to poll Twitter for webmentions targetting my blog, and I caught them with webmention.io.

Webmentions were fetched with AJAX and rendered at the bottom of each page. There were two things I didn’t like about this approach:

  • I’d rather just have them prerendered by Hugo, my static site generator
  • Webmentions are stored on Webmention.io, but I’d rather have ownership over them

After some tinkering, I came up with an alternative: a cron-based GitHub Action that queries webmention.io for new webmentions. The Action then commits them to my site’s repository, so I can access the data with my static site generator, Hugo.

Read more


Listing directories

| 1 min read | Unix things I always forget 2/7

A listing of my favorite ls features.

Read more


Unix things I always forget

| 1 min read | Unix things I always forget 1/7

A short intro on my second series: Unix things I always forget!

An attempt to document the Unix commands I know and care about. Consider this series a living document that will grow organically; I won’t be updating or adding new posts on a set schedule.

Read more


Composer, semver, and underlying dependency changes

| 2 min read

Every now and then I need to bump a dependency in a package, or require a higher PHP version.

  {
      "name": "my/package",
      "require": {
-         "php": ">=7.2.0",
+         "php": ">=7.4.0",
-         "league/commonmark": "^0.19",
+         "league/commonmark": "^1.0",
      }
  }

When updating an underlying dependency, I don’t always tag a new major version. Some people consider this to be a breaking change, but it isn’t. Here’s how to deal with dependency and language updates from a package maintainer’s perspective.

Read more


Privacy and having nothing to hide

| on pjrvs.com

I’ve always had a hard time finding a proper response to the classic “privacy isn’t important because I have nothing to hide” argument.

Paul Jarvis, cofounder of the privacy-first analytics tool Fathom Analytics, makes some strong points in But I have nothing to hide.

Whether it’s on reality TV or even just social media, we act and speak differently because we know we are being watched. We lose our ability to be authentic or explore our own identity and views because we’re stuck trying to put forward our “best selves” and ensure everyone else that we’re here “for the right reasons”.

Read the full article on pjrvs.com.


Setting up a global .gitignore file

| 1 min read

Reviewing pull requests, I often see contributors sneakily adding editor configuration to the repository’s .gitignore file.

  composer.lock
  package.lock
+ .vscode

If everyone would commit their environment-specific .gitignore rules, we’d have a long list to maintain! My repository doesn’t care about your editor configuration.

There’s a better solution to this: a personal, global .gitignore file for all your repositories. Here’s how you can set one up.

Read more


Upgrading Node.js on a Laravel Forge Provisioned Server

| 1 min read

I just upgraded Node.js on a Laravel Forge provisioned Ubuntu server for the umptieth time. I can never remember how to upgrade to a higher major Node.js version, so I’m documenting the process for future me.

Read more


Dropdowns

| 3 min read | JavaScript Framework Diet 6/10

On to our first component: a dropdown list. I’m going to walk through the implementation I landed on in a recent project. There are many ways to build dropdowns, and you might want to shape the API your way, so use this post as a source of inspiration.

Read more