Hey,
We’re in a very diverse work environment: As web developers we have countless options to specialize in but it’s impossible to keep up with everything. This week I read an article where the author recognized that even though he has been building stuff for the web for over seven years, he’s not able to understand what he does, summarized in this sentence: “I’m slamming my keyboard in frustration as another mysterious error appears in my build script”. For the author, it’s no fun to write JavaScript anymore today as the tool chain got too complex, the workflows are built mainly for developer convenience and many things that exist in the languages itself are reinvented in external libraries.
Now when I look at what articles I have for you this week, this seems very understandable. Soon we cannot use .dev domains anymore, HTTPS CAA checks do not work with private network interfaces, and when I look at an admittedly great tutorial on how we can replace scroll events with IntersectionObserver, I see code that might have better performance but definitely is more complex than what we used to do with EventListener. Our incredibly fast-changing environment expands very fast and we need to acknowledge that we as individual persons can’t know and understand everything. And that’s fine. Choose what you want to do, be sure on priorities, and then hire someone else for the remaining priorities you can’t do on your own.
News
- Mattias Geniar reminds us that Chrome, according to this commit in Chromium, will very soon preload
.devdomains as HTTPS via preloaded HSTS. The domain name has been bought by Google and they now want it to be exclusively accessible only via HTTPS. So if you use a.devname in your projects—often on your local machine, registered manually via thehostsfile, you should switch to the reserved.testdomain name now or consider usinglocalhostinstead from now on. Once the patch lands in Chrome, you’ll not be able to access your projects anymore without a valid TLS certificate in place. - HTTP Immutable Responses are now an official Internet standard. And it’s available in most browsers already.
Generic
- The videos from the Material Conference 2017 are all available now and have some interesting talks in it.
Tooling
- Infusion is an inclusive, accessible documentation builder.
Security
- The University of Cambridge shares why they’re unintentionally not able to issue TLS certificates anymore for their internal network domain
private.cam.ac.ukdue to the now required CAA check. In short: As the hostname cannot be checked by the certificate authority, they decline to issue a certificate now. The drawback of the otherwise quite useful mandatory CAA checks.
JavaScript
- Eric Bidelman shares how we can use an
IntersectionObserverto control or react uponposition: stickychanges. This replaces the need forscrollevents, offering a much better performance.
CSS
- Lea Verou started a very useful discussion about specificity of the
:not()selector and why it would be useful to have a pseudo-class:matcheswhich doesn’t carry any specificity. - Manuel Matuzovic about how you should write CSS with accessibility in mind and which things to avoid.
Work & Life
- Ivan Mir shares how he optimized his productive hours over the past year and now seems to be pretty effective without working more hours per week.
Go beyond…
- Here are 10 hours of ambient arctic sounds will help you relax, meditate, or study.
- Julian Oliver shares how he used wind energy to mine cryptocurrency to fund climate research.
Anselm