Earlier this year I gave a talk at Code BEAM STO about a proposed solution to the ever more real risk of hidden malicious code in our library dependencies. You can watch the whole thing here:
UPDATE: I have since dropped active development of the Hoplon project, but I hope something like it will become reality when the tech community is ready for it :)
Earlier this year I presented my latest project - Hoplon - at the London Elixir meetup. I’m thinking of putting some more work into it over Christmas, so I figured I might gather the materials about it in one place:
Hoplon is an Elixir developer tool that helps you validate your dependencies contain no hidden malicious code. Motivated by horror stories from the JavaScript community such as this hypothetical one and this very real one.
Towards the end of November I gave a flash talk at the London Elixir Meetup. This time I was talking about the journey from println debugging to proper tracing and bringing Erlang tools to Elixir programmers.
You can watch the talk here:
…and here are the slides:
The resulting Rexbug project is ready to be used but there’s still some issues I could use some help on - some should even be suitable for Elixir beginners.
Last year, I saw José Valim give his keynote at the ElixirLive conference in Warsaw, where he talked about the motivation for his new Elixir libraries: GenStage and Flow. Even though I heard about those before, it was the keynote when I “got” what the libraries were good for and why they were neat - and I decided to play around with them.
For my classes I recorded screencasts about TDD, and, because lately I’m focused mostly on c++, I decided to dive into google test instead of the regular jMock and Mockito. Initially I wanted to make it a tutorial showcasing all the tools within the library, but it ended up being a TDD Kata solving example with a short introduction about how to set up the development environment.
