122: Securing Elixir and Teaching the Team
Thinking Elixir Podcast - A podcast by ThinkingElixir.com - Martedì
Categorie:
It’s important to learn safe coding practices. As developers, we want people to love our products and happily pay to use them. We also want to protect our services and users from hackers and information leaks. However, sometimes we unknowingly create vulnerabilities in our systems. One of the best ways to prevent problems is to train the team working on the project. To help do this, Holden Oullette started an OpenSource project called Elixir Secure Coding Training for teams. Livebook based, the lessons can be forked and customized for what’s relevant to our projects. Check out what's already available! There’s more work and lessons to create. People are invited to jump in and help out. The goal is to create an education and training resource for the Elixir community! Show Notes online - http://podcast.thinkingelixir.com/122 Elixir Community News https://twitter.com/AshFramework/status/1582062954891350016 – Ash Framework 2.0 released https://github.com/ash-project/ash/blob/2.0/CHANGELOG.md – Ash Framework changelog https://www.ash-hq.org/ https://elixirforum.com/t/ex-cldr-common-locale-data-repository-cldr-functions-for-elixir/17350/92 – Ex_cldr and Kip Cole's development plans https://podcast.thinkingelixir.com/120 – Interview with Kip Cole https://hexdocs.pm/ex_cldr_routes – New CLDR library to help localize Phoenix routes https://hexdocs.pm/phoenix_localized_routes – There are other route localizing options as well https://twitter.com/lukaszsamson/status/1578521810554916864 – Elixir-LS fixed 4 year old bug with help from reporter! https://github.com/elixir-lsp/elixir-ls/issues/120 – Elixir-LS history and details on the fix https://twitter.com/fhunleth/status/1580524909939556353 – Nerves on Apple silicon improvements in upcoming release https://spawnfest.org/ – Spawnfest competition closed. People sharing their creations. https://twitter.com/spawnfest/status/1581347422671806464 – List of Spawnfest judges https://twitter.com/michalmuskala/status/1581743531764617217 – JSON Native project shared https://github.com/spawnfest/json_native https://twitter.com/livebookdev/status/1581995785637756928 – Livebook Ecto extension called Lively supports Entity Relationship Diagrams and more. https://github.com/orgs/spawnfest/repositories?q=2022+in%3Atopics – See all the submissions with this non-obvious GitHub search https://www.elixirconf.eu/ – ElixirConf EU 2023 in in Lisbon Portugal - Hybrid conference 20-21 April 2023 - In person and virtual Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at [email protected] Discussion Resources https://github.com/Podium/elixir-secure-coding https://www.podium.com/ https://jupyter.org/ https://twitter.com/holdenoullette/status/1565486046237921280 https://2022.elixirconf.com/speakers/holden-oullette https://owasp.org/Top10/ https://en.wikipedia.org/wiki/Capture_the_flag_(cybersecurity) https://github.com/podium/elixir-secure-coding/blob/main/modules/4-graphql.livemd – Incomplete GraphQL module https://hex.pm/packages/sobelow https://semgrep.dev/ https://www.theregister.com/2016/03/23/npm_left_pad_chaos/ – Background on "left pad" https://github.com/podium/vigil Guest Information https://twitter.com/holdenoullette – on Twitter https://github.com/houllette/ – on Github https://oullette.xyz – Blog Find us online Message the show - @ThinkingElixir Email the show - [email protected] Mark Ericksen - @brainlid David Bernheisel - @bernheisel Cade Ward - @cadebward Sponsored By:Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!