Increase code quality using static application security testing

To avoid creating vulnerabilities, development teams establish good practices (e.g., pair programming, code reviews, unit testing, etc.) to be followed by the developers while coding. But even with a set of good practices in place, it is possible that vulnerabilities are introduced into the codebase and are only detected when the code reaches a production environment and an end customer reports an error.

One approach that can help mitigate the appearance of new vulnerabilities is the usage of Static Application Security Testing (SAST). …


Fix vulnerable dependencies using an automation tool

Like nearly every programming language, Javascript is not without its vulnerable packages, which may get included in a development team’s project as dependencies using npm. The best defense against vulnerable dependencies in JavaScript is to keep track of them and implement proper controls to reduce exposure.

Every single team faces the challenge of keeping all their dependencies up to date and without vulnerabilities. As the number of dependencies in a single repository or the number of repositories grows, this challenge becomes bigger and harder to manage. …


Jest for the win when it comes to test automation

One very important part of software development is test automation since it creates an automatic process for one or multiple types of tests to run without the need for manual intervention.

One of my favorite tools for automating my tests when working on a JavaScript/TypeScript codebase is Jest, since it allows me to easily create tests and iterate over them while developing. Its simplicity makes it a very good tool to develop using TDD.

In this article, I’ll make a brief introduction to Jest, explain the main reasons that make Jest a great testing tool and go through some examples.


Animated vertical timeline built with GreenSock and React

In this article, we will build a React component for an animated vertical timeline. The idea is to create a vertical timeline that animates its items when the user scrolls up and down.

To bootstrap this idea we will use the tool create-react-app to create the React application and give us all the sweet functionality we need to prototype the timeline.

The animations are done using GreenSock (GSAP) and each item will have its own sub-elements animated.


A simple Terraform guide to run a Linux server inside AWS

This article came to my mind as I wanted to start using Terraform (from HashiCorp) as a tool to handle infrastructure as code, so I decided to write a simple start guide/tutorial for setting up a Terraform project using AWS (Amazon Web Services) as the cloud provider.

After the infrastructure is up and running, we will use Terraform with Graphviz to have a graphical visualization of the infrastructure.

Let’s start with a bit of context on Terraform.

The Basics About Terraform

Terraform is a tool that allows you to treat your infrastructure as code. This means you can create a set of definition files…


Acronyms are great but… please don’t overuse them.

I just have to put this one into words so it will be short and sweet… I hope.

I bet you were already in a meeting where slides were packed with acronyms, they were everywhere, in the text, in the diagrams, and every time somebody speaks… there you go, acronyms flying over from their speech. Acronyms everywhere!

I think it’s time to stop and give a bit of a tough about this because the problem isn’t in the acronyms, the problem is in the way we use them.

When we are writing a text, a good practice on how to…


Let’s build a single data graph that aggregates multiple services

In this article, we will use Apollo federation to build a single data graph across multiple services.

Each service will have a unique schema that relates to its own domain and there will be a gateway that will be responsible for composing the distinct schemas into a federated data graph and by executing the queries against the multiple services.


Let’s build a GraphQL ToDo list that notifies its users in real-time

In this article, we will use GraphQL subscriptions to create a ToDo list that notifies its users in real-time when something in the list changes.

We will use Apollo Server as the GraphQL server with TypeScript as the programming language, Node.js as runtime, and for the subscriptions, the built-in mechanism provided by the Apollo Server.

To start let’s have a look at the concept of subscription according to the Apollo Server documentation,

Subscriptions are GraphQL operations that watch events emitted from Apollo Server. The native Apollo Server supports GraphQL subscriptions without additional configuration. …


A simple GraphQL service example that implements a ToDo list

In this article, we will build a simple ToDo list using Apollo Server as the GraphQL server, TypeScript as the programming language, and Node.js as runtime. A simple example to show the potential of GraphQL.

For those who are not so familiar with GraphQL or are just giving their first steps into this technology, let’s understand what does it stand for.

GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly…


Writing comprehensive logging using text styling and emojis

In this article, we will create a simple and comprehensive way of logging our application behavior and data by using text styling and emojis in TypeScript and Node.js.

This article came from the need I had when building a script that would fetch the status of users from a database and create a simple report with the returned status in the console.

Software development is a way to build experiences for end-users and sometimes we as software engineers are our own end users. …

Nuno Brites

Software engineer driven by curiosity 🚀 writing about software development and tech ✏️

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store