Lerna Mono Repos with Internal Dependencies

Mono repos are very popular nowadays for bundling a collection of related JavaScript libraries in one single repository. Figuring out how to handle dependencies between multiple packages inside that repository was a little tricky for me. This is how I got it working.

Number Comparison Without Overflow

When dealing with numbers that come from untrusted sources, you should always expect that these numbers may not fit into the integer data type that you are using. Such number overflows may cause subtle bugs or security problems in your code.

The Gory Details of URL Validation

I currently work on a web application that allows users to supply a link to their homepage. Such links have to be validated client-side with JavaScript (actually Typescript/Angular) and with Perl on the server-side. But what should be accepted as a valid homepage link? And what is the right approach to analyze the provided URLs?

Angular - Bootstrap Modals With Ngrx Effects

While displaying a Bootstrap modal dialog in Angular is fairly simple, doing so inside an NgRx effect is a little tricker. This post walks you through all necessary step to get the job done inside a simple Angular counter application.

Postfix, Amavis, and ClamAV Extremely Slow

I was recently experiencing longer and longer delays for incoming mail delivered by Postfix to Dovecot. In the end, it turned out to be a simple permission problem: ClamAV was not able to read Amavis' files, and obviously waited for a timeout for every single mail.

Stolen key

How To Use Google Maps API Keys For Free

The use of a Google API Key can be restricted to a configurable set of host or domain names. But does this protect (ab)use of the key by others? Not really.

Passwords on post-it attached to monitor

How to Use Saved Passwords Everywhere

Some web sites and applications prevent users from using previously saved credentials. There a very few legitimate reasons to do so. In the vast majority of cases, such measures just patronize users, often those people that actually keep up the service with their financial support. But it is actually quite simple to bypass such paranoid settings.

Syslog-ng Unique Persist Names

I want mail logs in a separate log file /var/log/mail so that postfix and dovecot messages are not be buried in /var/log/message. While upgrading to syslog-ng to version 3.13.2 I suddenly ran into an error that prevented the daemon to start. The error message was:

Template Toolkit and Unicode

The mere mention of Unicode in the context of Template Toolkit causes great wailing and chattering of teeth with many a Perl hacker. You will encounter double encoded UTF-8 or arbitrarily thrown in question marks in a seemingly random fashion. How can this be avoided?