神刀安全网

FEX 技术周刊 – 2016/04/04

微信搜索『FEX』关注我们的公众号,及时获得最新资讯。

业界会议

Microsoft Build 2016

https://build.microsoft.com/

http://news.microsoft.com/build2016/

https://channel9.msdn.com/

虽然码农们常常黑微软,但不得不承认微软绝对是技术巨人。除了黑科技 HoloLens 外,这次大会还有这几个有趣的东东:

Xamarin now free in Visual Studio, and Xamarin SDK being open-sourced

bash coming to windows 码农福音呀,有希望可以愉快的在 windows 上玩命令行

Seeing Ai-让盲人“看见”世界的眼镜

深阅读

What if we had a great standard library in JavaScript?

https://medium.com/@thomasfuchs/what-if-we-had-a-great-standard-library-in-javascript-52692342ee3f

Micro.js 发起者对 JS 生态思考。A standard library would make it a lot easier to write JavaScript by eliminating the need to come up with similar or same solutions to small issues.

Babel 6 – useless by default – a lesson in how NOT to design software.

http://fourlightyears.blogspot.com/2016/03/babel-6-useless-by-default-lesson-in.html

Babel 6 采用了默认啥也不做,完全 通过配置的方式,这样可以做到非常灵活

展望2016,REACT.JS 最佳实践

http://insights.thoughtworkers.org/react-js-best-practices-for-2016/

之前发过原版,这是翻译版本

npm Package Hijacking: From the Hijackers Perspective

https://medium.freecodecamp.com/npm-package-hijacking-from-the-hijackers-perspective-af0c48ab9922#.5sdog7uv4

作者趁上周那个 unpublish 事件抢注了其中 238 个模块,npm 这种完全开放式的方式暴露出了许多问题,一有坏人就悲剧了

一个支付宝木马的分析溯源之旅

http://drops.wooyun.org/papers/14103

看看如何人肉搜索出想当黑客的高中小朋友

Dive into React Native performance

https://code.facebook.com/posts/895897210527114/dive-into-react-native-performance/

对 React Native 的性能分析及建议

当EventBus遇上RxJava

http://www.easydone.cn/2016/03/29/

接触过 EventBus 和 RxJava 的都知道,可以用 RxJava 来实现 EventBus,网上随便一搜,就可以拿得到代码。但是究竟为什么可以这么做?却没有类似的文章作进一步的深度解析。(本文假定读者都已经了解 EventBus 和 RxJava 是什么,可以做什么。)

重用的边界

http://www.jianshu.com/p/916222393523

复用什么、怎么复用是码农职业生涯始终要去思考的问题。

ES7 Decorator 与函数变换

http://blog.h5jun.com/post/decorator-functional.html

在ES7的众多新特性中,我个人最喜欢的特性除了广为人知的 async/await 外,就数Yehuda Katz提出的decorator。

decorator 是什么?decorator 的概念来源于 Python 的decorator,也类似于 Java 的 Annotation。它实际上是一个 wrapper ,作用于一个函数或者对象,对目标函数或对象进行一系列变换,然后返回一个新的函数或对象。另附月影大神的 从本质认识JavaScript的原型继承和类继承

background系列之你不知道的background-position

http://blog.doyoe.com/2016/03/28/css/background%E7%B3%BB%E5%88%97%E4%B9%8B%E4%BD%A0%E4%B8%8D%E7%9F%A5%E9%81%93%E7%9A%84background-position/

我今天要聊的 background-position 应该已经被大家玩得色彩斑斓了。尤其是 CSS Sprites 流行的这些年,background-position 基本上是被应用最多的属性之一。

Writing good code: how to reduce cognitive load

http://chrismm.com/blog/how-to-reduce-the-cognitive-load-of-your-code/

I believe it’s possible to construct a simple mental framework that can be used with any language or library and which will lead to good quality code by default. There are five main concepts I will talk about here. Keep them in mind and writing good code should be a breeze.

The Unbelievable History of the Express JavaScript Framework

http://thefullstack.xyz/history-express-javascript-framework/

If you’ve used NodeJS at any point during the last 5 years, you’ve most likely used Express as well. It’s the most starred NodeJS related package on GitHub, and averages over a million downloads every week. That’s why a recent shock-wave in the project’s progress caught me by surprise.

The Elevator Pitch for React

http://developer.telerik.com/featured/elevator-pitch-react/

Simply stated, the value of React rests upon the fact that it provides a simple and maintainable pattern for creating a tree of UI components. Imagine how simple programming a UI could be by defining the entire interface of your application using React components alone. 另附,来自简聊一位同学的 React 实践经验 React 的问题和我在试验的 Respo

京东-前端工程化在电商首页中的实践

http://mp.weixin.qq.com/s?__biz=MjM5MTA1MjAxMQ==&mid=402635309&idx=1&sn=813af82b996448a2d3821765281eb6ff

讲了京东前端工具、架构、性能优化等方面的实践。

面试感悟—-一名3年工作经验的程序员应该具备的技能

http://www.cnblogs.com/xrq730/p/5260294.html

挺实在的一篇总结文。

我是一个线程

http://mp.weixin.qq.com/s?__biz=MzAxOTc0NzExNg==&mid=416915373&idx=1&sn=f80a13b099237534a3ef777d511d831a

形象生动的科普文。

三种解密 HTTPS 流量的方法介绍

https://imququ.com/post/how-to-decrypt-https.html

Web 安全是一项系统工程,任何细微疏忽都可能导致整个安全壁垒土崩瓦解。拿 HTTPS 来说,它的「内容加密、数据完整性、身份认证」三大安全保证,也会受到非法根证书、服务端配置错误、SSL 库漏洞、私钥被盗等等风险的影响。很多同学认为只要访问的网站地址前有一把小绿锁就绝对安全,其实不然。本文通过介绍三种最常规的 HTTPS 流量解密方法及原理,浅谈一下 HTTPS 的安全风险。

React vs Angular2: The fight rages on

http://tech.evojam.com/2016/03/31/react-vs-angular2-the-fight-rages-on/

对比得挺仔细的

A Beginner’s Guide to npm — the Node Package Manager

http://www.sitepoint.com/beginners-guide-node-package-manager/

科普 npm

新鲜货

changes to npm’s unpublish policy

http://blog.npmjs.org/post/141905368000/changes-to-npms-unpublish-policy

we’ve seen a lot of discussion about why unpublish exists at all. Similar discussions happen within npm, Inc. There are important and legitmate reasons for the feature, so we have no intention of removing it, but now we’re significantly changing how unpublish behaves and the policies that surround it. These changes, which incorporate helpful feedback from a lot of community members, are intended to ensure that events like Tuesday’s don’t happen again.

Introducing Safari Technology Preview

https://webkit.org/blog/6017/introducing-safari-technology-preview/

ECMAScript 6; B3 JavaScript JIT compiler; Improved IndexedDB implementation; Shadow DOM;

A Super Tiny Compiler, Written in JS

https://github.com/thejameskyle/the-super-tiny-compiler

This is an ultra-simplified example of all the major pieces of a modern compiler written in easy to read JavaScript. Reading through the guided code will help you learn about how most compilers work from end to end.

WebStorm 2016.1 版本发布

http://www.jetbrains.com/webstorm/whatsnew/

http://weibo.com/ttarticle/p/show?id=2309403958429365475590

本次更新的亮点有:ECMAScript 6 和 TypeScript 支持上的改进;增强 Angular2 支持;支持调试异步客户端代码、ES6中的箭头函数(arrow function)、 Web Worker 以及 Service Worker;在 WebStorm 内直接连到 Vagrant box 或远程机上运行并调试 Node.js 应用程序。

GitLab Runner 1.1 with Autoscaling

https://about.gitlab.com/2016/03/29/gitlab-runner-1-1-released/

Over the last year, GitLab Runner has become a significant part of the GitLab family. We are happy to announce that GitLab Runner 1.1 is released today; a release that brings major improvements over its predecessor. There is one feature though that we are excited about and is the cornerstone of this release.

iOS资源大全中文版

https://github.com/Lafree317/iOS

基于 awesome-ios 整理的各种库

Build Web Application with Golang

https://astaxie.gitbooks.io/build-web-application-with-golang/content/en/index.html

Because I’m interested in web application development, I used my free time to write this book as an open source version. It doesn’t mean that I have a very good ability to build web applications; I would like to share what I’ve done with Go in building web applications.

Mozilza Sweet.js, the Macro System for JavaScript, Reaches 1.0

http://sweetjs.org/

https://medium.com/@disnet/announcing-sweet-js-1-0-e7f4f3e15594

Sweet brings the hygienic macros of languages like Scheme and Rust to JavaScript. Macros allow you to sweeten the syntax of JavaScript and craft the language you’ve always wanted. Macros allow you to build the language of your dreams. Sweeten JavaScript by defining new syntax for your code.

简聊开源版

https://github.com/jianliaoim/talk-os

前端是 React + Flux + CoffeeScript

Airbnb open-sources Caravel: data exploration and visualization platform

https://github.com/airbnb/caravel

Caravel is a data exploration platform designed to be visual, intuitive, and interactive. Caravel’s main goal is to make it easy to slice, dice and visualize data. It empowers users to perform analytics at the speed of thought.

Translater.JS

http://jslite.io/translater.js/

This is a use of HTML comments page translation solution. For a small amount of static pages, this solution is more simple. it has no dependents, Compression only (4KB)

public-apis – A collective list of public JSON APIs for use in web development.

https://github.com/toddmotto/public-apis

产品及其它

TOMsInsight – 数据生态链:魔鬼手中的双刃剑

http://mp.weixin.qq.com/s?__biz=MzA3NTcwOTIwNg==&mid=408359100&idx=1&sn=394541c4a5a41693d928b28270e3d37e

数据不是认知,数据更不是真相。在数据生态链中,每个环节都有着各种不公开,也不为人知的「内幕」。这些让「一切由数据说话」的铁律成为了笑话,也成为特有的「公司内部政治手段」、「门槛工具」以及「x因素」。中国互联网生态发展至今,数据已经远远不是真相,甚至是阻碍真相的干扰。大量低成本的作假,以及无数次反复掺水作假后的数据不断的流通着混合着,用来指引着我们的方向。

究竟什么是虚拟,什么是现实?谈沉浸式虚拟现实技术和应用

http://mp.weixin.qq.com/s?__biz=MzA3NTM4NDE2Mw==&mid=401861016&idx=1&sn=6d6c020a73845e5480e4b1d3adab87d7

VR 可能不仅仅只是下一个平台,因为它能创造出所有的人类体验,它可能就是人类的终点。当然,现在还有很多碎片没有拼合上:没人知道应该如何解决在虚拟现实中的移动问题,没人有完美的输入方案,更不要说 VR 电影、社交方式以及人们想在 VR 中玩的游戏了。

团队管理中的呆伯特法则

http://mp.weixin.qq.com/s?__biz=MzA5NDY0ODkxNA==&mid=402473027&idx=1&sn=0887668e2dba101d4a2c100f077b27c9

一个人在团队中很皮,但能力很突出,另一人很老实听话,但能力一般,受其他人喜欢,相处较舒服。你选谁作 Leader 人选?不要考虑什么维护场景,因为谁都不能预见未来业务。你选谁?

Etsy 研发体系构建

http://mp.weixin.qq.com/s?__biz=MzA4NTU2MTg3MQ==&mid=406972236&idx=1&sn=08f8b72269513b85ce05d88cd93cf195

Etsy是美国一个在线销售手工工艺品的网站,2005年上线,品类包括服饰、珠宝、玩具、摄影作品、家居用品等,核心卖点是原创和手工,更注重商品背后的故事。Etsy公司的四项关键性工程技术实践:代码审查、持续部署、架构审查以及无责任事后处理。工程技术原则性方针:放权与信任、集体责任、持续学习以及相互督促。

Google Earth 让我们看到了过去30年地球表面的变迁

https://earthengine.google.com/timelapse/

http://mp.weixin.qq.com/s?__biz=MjM5NjAwNzI0MA==&mid=404317504&idx=1&sn=8fff9428afb95987ab200d6f1a546158

每年一帧,地球在谷歌的眼皮底下给人类放着一部部动画。然而并不是所有人都看得见

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » FEX 技术周刊 – 2016/04/04

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
分享按钮