insane
blog
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
insane
-
Show HN: Markdown HN profiles at {user}.at.hn
Since marked doesn't do it for you, make sure you sanitize the user input (the text on the user profiles) before rendering it to visitors.
Some libraries for doing that with good defaults:
- https://github.com/cure53/DOMPurify
- https://github.com/apostrophecms/sanitize-html
- https://github.com/bevacqua/insane
(right now your site looks vulnerable to XSS)
-
How To Parse and Render Markdown In Vuejs
Vue does not have as much support for Vue as there is for React. Examples are markdown-it, Remark.js, marked.js. But hopefully in the future, there should be more support, and after much research, I picked marked.js because it has the most stars and has zero vulnerability. Marked does not sanitize (meaning it does not secure HTML documents from attacks like cross-site scripting (XSS) ) marked output HTML as that feature is deprecated and has vulnerability but however, it supports the use of other libraries to secure output HTML such as DOMPurify (recommended), sanitize-html or insane.
blog
-
If Not React, Then What?
i am skeptical. there is way more than nice looking code to make a framework popular. in my opinion if nice looking code were to matter then aurelia would be a lot more popular: https://github.com/stickfigure/blog/wiki/Opinionated-Compari...
-
Show HN: Markdown HN profiles at {user}.at.hn
Probably not very: https://github.com/stickfigure/blog/wiki/Beware-cutesy-two-l...
But probably sufficient for a project like this.
-
Shots: Create Mockups
Also - the organizations that run the DNS servers of little top level domains are not necessarily competent. Back when I had a company on the .st domain, we had an 8-hour outage when something in their infrastructure broke and everyone in their organization was asleep:
https://github.com/stickfigure/blog/wiki/Beware-cutesy-two-l...
- Java Logging on Google Cloud Platform
-
How to (and how not to) design REST APIs
he actually writes about that. I happen to like it too.
https://github.com/stickfigure/blog/wiki/GitHub%27s-wiki-mak...
- How to (and how not to) design REST APIs ยท stickfigure/blog Wiki
- Intercom is a terrible Mailchimp. So is Mailchimp
-
What We Learned from Our Five Failed YC Applications and One Successful One
I would avoid all of the two-letter domain names. I suffered 8 hours of excruciating downtime back in 2012 when the .st nic went down:
https://github.com/stickfigure/blog/wiki/Beware-cutesy-two-l...
I learned my lesson, I'll take the .com every time, even if I have to get creative with the name.
What are some alternatives?
sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
oxen-core - Oxen core repository, containing oxend and oxen cli wallets
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
solidity-underhanded-contest - Website for the Underhanded Solidity Contest
marked - A markdown parser and compiler. Built for speed.
json-api - A specification for building JSON APIs
remark - markdown processor powered by plugins part of the @unifiedjs collective
consensus-specs - Ethereum Proof-of-Stake Consensus Specifications
at.hn
structlog-gcp - Google Cloud Logging formatter for structlog
hncomments
react-scan - Scan for React performance issues and eliminate slow renders in your app