├── 10x.md ├── Certificates.md ├── Easiness.md ├── JavaScript_Made_Simple.md ├── JavaScript_Timers.md ├── LICENSE ├── Leadership_In_Software.md ├── Object_Oriented_Programming.md ├── Performance.md ├── Web_Accessibility.md ├── Web_Education.md ├── Web_Productivity.md ├── Web_Training.md ├── Writing_Parsers.md ├── controversial_opinions.md ├── fragility.md ├── images ├── performance_frontend1.png ├── performance_frontend2.png ├── performance_frontend3.png └── performance_frontend4.png ├── javascripting.md ├── military.md ├── performance_frontend.md ├── readme.md ├── state_management.md └── websocket_server.md /10x.md: -------------------------------------------------------------------------------- 1 | # 10x Developer 2 | There is a something whispered in programming called the *10x developer*. That guy that out performs their peers by an order of magnitude. This document is a manual to become that developer and achieve greater output. 3 | 4 | ## Productivity 5 | Productivity is accomplishing a given task in shorter time, which then allows for improved *[efficiency](https://en.wikipedia.org/wiki/Efficiency)* which means greater quantity of task completion comparable to equivalent time from another developer. This document is more about efficiency than productivity, but improvements to efficiency can only be attained by either task elimination and/or increases to productivity. 6 | 7 | Efficiency is an economic term that can be applied to any task or action. This means the solution to increased efficiency is more about thinking in terms of economic gains than technology preferences. As such, for any given decision, do not think in terms of what action takes less time to accomplish now, but instead what takes less total time knowing such decisions will be revisited many times. 8 | 9 | ## Virtues 10 | The spiritual path of increased efficiency is a matter of deliberate effort. 11 | 12 | ### Be Simple 13 | Simplicity means *fewer*. Don't over think that. It doesn't mean easy. Conversely, simple often takes increased effort which makes it noticeably less easy. For example it takes less effort, and time, to write a unique solution for a variety of similar problems. With a bit of extra time and effort a single solution to those related problems will likely result in less maintenance and low a lower cost to scale a given solution. For a deeper dive into simplicity see [elegance](https://en.wikipedia.org/wiki/Elegance), and [ontology](https://en.wikipedia.org/wiki/Ontology), and [Occam's razor](https://en.wikipedia.org/wiki/Occam%27s_razor). 14 | 15 | With simplicity there are fewer options to choose from, which results in a clearer path forward. That lowers cognitive fatigue and allows for rapid planning. It also means there is less to break, less to fix, and less to test. 16 | 17 | Avoid *[polyinstantiation](https://en.wikipedia.org/wiki/Polyinstantiation)*. When there is a single instance of a given piece of logic there is a single thing to troubleshoot. Polyinstantiation allows many instances of a thing, which is the opposite of simple. To make many is to *[complicate](https://en.wikipedia.org/wiki/Complexity)*. 18 | 19 | ### Be Wrong 20 | An incorrect decision at present is more valuable than a future correct decision due to lost time. That doesn't mean to make decisions blindly without forethought or planning. Instead, form a hasty incomplete assessment of the problem and begin taking action early. While taking initial action be planning the end state and challenging the early hasty approach. 21 | 22 | This path is important for one key reason: *[learning](https://en.wikipedia.org/wiki/Learning)*. A problem appears one way from the outside, but through deeper diving and peeling back layers the problem at hand may be something utterly different and/or may present second order consequences otherwise unknown. Time spent learning through an initial hasty attempted solution frequently allows discovery of simplicity opportunities. 23 | 24 | A simplicity opportunity is a discovery where a complexity of requirements can be solved with a single solution. The action to change existing code to apply simplicity is called *refactoring*. Routinely avoiding simplicity opportunities increases complexity by addition of new code, which is a forced [dichotomy](https://en.wikipedia.org/wiki/Dichotomy). 25 | 26 | ### Be Iterative 27 | When a developer iterates ten times faster they may fail nine times more often without consequence or loss of efficiency, which means nine times greater learning of a given problem before a lose of efficiency. Time of iteration means the delay it takes to make a code change, build/compile/execute that code, test the change, and evaluate the result. 28 | 29 | ### Be Clear 30 | Programming is writing. Segment logic into related areas of logical separation. People have to read and reason about programming as a written artifact. 31 | 32 | Programming is not a novel. Do not leave a reader hanging in suspense. Writing is a tool before it has any value in entertainment. Likewise, programming is a written tool. 33 | 34 | The most important quality of literacy in programming is [control flow](https://en.wikipedia.org/wiki/Control_flow), which is the logical progression and order of instructions through the execution of an application. Be clear and purposeful in writing code that articulates the control flow. Do not hope that syntax or clever conventions will somehow solve for this or provide enhanced clarity. Remember that efficiency is an economics term and in economics there is *[no free lunch](https://en.wikipedia.org/wiki/There_ain%27t_no_such_thing_as_a_free_lunch)*. For example many developers find asynchronous control flow challenging to reason about and callbacks distressing to read. A convenient short hand alternative to callbacks are asynchronous functions and the *await* keyword. The async/await approach requires syntax callbacks do not and requires fewer characters to write, but they solve for the same problem. A serious disadvantage to that more convenient approach is that the solution is separated from its problem in the code which complicates the reading and following of control flow logic through the course of the application. 35 | 36 | Upon discovery of barriers and limitations annotate such roadblocks in writing. Keep moving forward elsewhere as a roadblock is not an excuse to stop working. Be thinking about that roadblock while doing other work and perhaps a creative circumvention will come to mind. 37 | 38 | ### Be Independent 39 | Know the problem at hand. If the problem isn't clearly understood a given solution isn't limited to what it appears to be. Many developers believe a given tool or framework is necessary to do their jobs for them, which makes those developers fully obsolete as the given tool becomes unnecessary or unwanted. Additional layers of software create complexity, also known as the [law of leaky abstractions](https://en.wikipedia.org/wiki/Leaky_abstraction). That additional complexity touches all aspects of iteration. 40 | 41 | Think of independence as portability. If a bunch of tools, a high speed internet connection, a large build task, a bunch of libraries, and a bunch of processes are required to program anything efficiency is hopeless dependent upon the speed and availability of each of those things. If instead writing an application, at least getting it started, by simply opening a web browser and typing into the developer tools console there are far fewer limitations. In this case nothing is in the way preventing productivity. 42 | 43 | I can remember a decade ago when a software library called jQuery was all the rage. Developers claimed to be so much more efficient thanks to jQuery, however if that library was missing or unavailable many of those developers couldn't write code at all. That is not efficient. Worse is that many of those developers could not debug the code they wrote with that library. 44 | 45 | ### Be Direct 46 | Do not spend time on pleasantries or decoration. Know the path forward and achieve the solution without distraction. In practice this mostly means avoiding unnecessary bullshit. If there is a common standard to solve for a given problem then code directly to that standard. Many developers intentionally ignore standards they perceive as low level out of concern for vanity or insecurity. 47 | 48 | ### Be Honest 49 | Do that which serves efficiency most well. According to [Nichomachean Ethics](https://en.wikipedia.org/wiki/Nicomachean_Ethics) that which exists for its own sake is of higher virtue than that which exists for the sake of another. First, be direct and honest of your own goals and intentions. Do not attempt to accomplish one thing hoping it will provide something else. If you cannot be honest to yourself you cannot hope to be honest to others. 50 | 51 | ### Be Specific 52 | Do not save keystrokes on implied or assumed logic. Specificity requires focus and discipline as the opposite of specificity is laziness or [avolition](https://en.wikipedia.org/wiki/Avolition). 53 | 54 | ### Be Helpful 55 | Provide documentation. Automate that documentation as much as possible to avoid incorrect or out of date artifacts. A written guide is helpful to yourself as well as others. 56 | 57 | ### Be Transparent 58 | Openly admit where your code fails. Accept blame openly. Solve for failures quickly. Do not waste peoples' time with excuses and posturing. Do not waste time avoiding writing code in vane hope somebody will write your solution for you or that some tool exists to do your job. Nobody feels sorry for you, but everyone genuinely respects integrity. 59 | 60 | Do not accept blame or failure for a system outside your ownership and contribution. If there is a failure be clear about the nature of the failure and seek resolution without regard for blame. 61 | -------------------------------------------------------------------------------- /Certificates.md: -------------------------------------------------------------------------------- 1 | # Certificates 2 | Certificates are generally used to indicate some kind of trust mechanism using a combination of cryptographic techniques. 3 | Speaking in the context of web services any mention of certificates refers to certificates and/or a certificate chain required by a TLS service 99% of the time. 4 | Other uses of certificates in web applications may refer to digitally signed documents or part of a key exchange required for messaging, such as key sharing for encrypted email. 5 | This document will only cover certificates required for a TLS server, such as HTTPS. 6 | 7 | ## Trust 8 | Before talking about anything technical let's start at the highest level. 9 | Certificates solve a security problem not a technology problem. 10 | Certificates are only required because secure web servers require them, but otherwise are completely unnecessary for encryption or service operation. 11 | For example attempting to access a secure website with an invalid or missing certificate causes a web browser, or other application, to display a warning page, however the webserver will continue to function all the same. 12 | 13 | In the common web scenario an anonymous user connects to a server with HTTP. 14 | HTTP 1.1 is completely session-less, see my abridged description of [web transmission schemes](./Performance.md#http_1.1) for more information. 15 | This means the server has absolutely no idea who the anonymous client is and the client only guesses at the server identity because of its domain name. 16 | DNS spoofing allows attackers to violate domain names as forms of identity verification with very little effort. 17 | We require more to ensure the server is exactly who they claim to be before we sacrifice all our financial and privacy details to a stranger. 18 | Certificates provide the trust that other technologies are incapable of providing. 19 | 20 | ### Certificate Chain 21 | Certificates use a process to ensure identity and manage risk, a process called a certificate chain. 22 | All certificates must be signed by an issuing certificate. 23 | Certificate chains start with a self-signed root certificate, because they are at the start of the chain there is nobody higher to sign them, so they sign themselves. 24 | To ensure the integrity of the chain root certificates remain hidden from all public access and are only accessed by the intermediate certificates they signed. 25 | Root certificates will sign intermediate certificates that then sign other intermediate certificates and/or server certificates. 26 | Server certificates sit at the bottom of the chain. 27 | 28 | ``` 29 | self-signed root -> intermediate -> optional more intermediates -> server certificate 30 | ``` 31 | 32 | When a web browser accesses a secure website they will read the certificate associated with the web server. 33 | The certificate will indicate who signed it and the web browser will then access the signing certificate. 34 | The web browser will continue to climb that certificate chain until it finds a certificate it knows. 35 | Known certificates exist as a part of an operating system certificate store, a browser certificate store, or certificates installed by an administrator/user. 36 | 37 | ### Certificate Revocation List 38 | Certificate chains exist as a form of trusted authority, but also serve a management function. 39 | It is rare, but occasionally somebody will compromise the encryption techniques that comprise a certificate which can allow an attacker to duplicate a certificate with their own data. 40 | This is called certificate spoofing or SSL spoofing. 41 | Certificate spoofing allows a browser to trust a fraudulent web site as though it were the intended website, which then allows attackers the ability to steal all sensitive data supplied by end users. 42 | 43 | The two controls for certificate spoofing are expiration dates and certificate revocation lists. 44 | A certificate is issue for a limited amount of time, typically 2 years. 45 | The limited time span serves to invalidate a certificate before the expected time it takes an attacker to brute-force the cryptographic techniques comprising that certificate. 46 | Let's Encrypt limits the time span of their certificates to only 3 months as a means to further mitigate risks because they issue so many certificates. 47 | 48 | In the cases where an attacker does reverse engineer a certificate before the expiry data there must exist a mechanism to invalidate the certificate immediately and ensure everyone is informed. 49 | That mechanism is a [certificate revocation list](https://en.wikipedia.org/wiki/Certificate_revocation_list). 50 | An issuing authority will maintain a list of certificates signed through its chain that are revoked before their expiry date. 51 | When a browser, or other application, attempts to resolve a certificate through the chain revoked certificates are known though the authority's revocation list, which will alert the accessing application the web site must not be trusted. 52 | 53 | ## Certificates for localhost 54 | I will discuss how to create certificates with [OpenSSL](https://www.openssl.org/) and how to install them in your operating systems and/or browsers. 55 | OpenSSL ships with a variety of other applications such as Node.js and Git Bash and ships natively with many Linux distributions, so it might already be installed on your computer. 56 | Open a terminal and attempt to execute `openssl` to verify if its already installed. 57 | 58 | ### Creating certificates with OpenSSL 59 | There are numerous ways to do this, so the following steps are the steps that worked for me. 60 | 61 | #### Generate the key for a root certificate 62 | `openssl genpkey -algorithm RSA -out ca.key` 63 | 64 | This instruction executes the genpkey command which is a generic command for generating keys. 65 | In this case the algorithm is RSA and the key is written to file named `ca.key`. 66 | 67 | #### Generate a self-signed root certificate 68 | `openssl req -x509 -key ca.key -days 16384 -out ca.crt -subj "/CN=Your Common Name/O=Your Organization Name"` 69 | 70 | The req command generates our self-signed root certificate using the key created in the prior step and the x509 option. 71 | The days option sets the expiry as number of days from now, which in this example is more than 44 years. 72 | The certificate will be written to file named `ca.crt`. 73 | The subject supplies meta data describing the certificate inline without an additional step or an external file. 74 | 75 | #### Generate a server key 76 | `openssl genpkey -algorithm RSA -out server.key` 77 | 78 | Generates another key file exactly like our first step, but to a file named `server.key`. 79 | 80 | #### Generate a signing request 81 | `openssl req -new -key server.key -out server.csr -subj "/CN=Your Common Name/O=Your Organization Name"` 82 | 83 | A signing request is a file with the instructions required to sign a certificate using an existing certificate/key combination. 84 | The CSR uses the server key recently created, which will be needed to decode the server certificate created in the next step. 85 | 86 | #### Generate and sign the server certificate 87 | `openssl x509 -req -in server.csr -days 16384 -out server.crt -CA ca.crt -CAkey ca.key -CAcreateserial -extfile details.cnf` 88 | 89 | This step reads in the signing request, root certificate, root certificate key, and writes a server certificate signed by the root certificate to file named `server.crt`. 90 | Just like the root certificate this one sets an expiry more than 44 years out. 91 | This step makes use of an additional configuration file `details.cnf`. 92 | I found and configured this file about a year and a half ago and have no idea what it means, but this step will not work without it. 93 | I am writing the config file here: 94 | 95 | ``` 96 | # 97 | # OpenSSL example configuration file. 98 | # This is mostly being used for generation of certificate requests. 99 | # 100 | 101 | # This definition stops the following lines choking if HOME isn't 102 | # defined. 103 | HOME = . 104 | RANDFILE = $ENV::HOME/.rnd 105 | 106 | # Extra OBJECT IDENTIFIER info: 107 | #oid_file = $ENV::HOME/.oid 108 | oid_section = new_oids 109 | 110 | # To use this configuration file with the "-extfile" option of the 111 | # "openssl x509" utility, name here the section containing the 112 | # X.509v3 extensions to use: 113 | # extensions = 114 | # (Alternatively, use a configuration file that has only 115 | # X.509v3 extensions in its main [= default] section.) 116 | 117 | [ new_oids ] 118 | 119 | # We can add new OIDs in here for use by 'ca', 'req' and 'ts'. 120 | # Add a simple OID like this: 121 | # testoid1=1.2.3.4 122 | # Or use config file substitution like this: 123 | # testoid2=${testoid1}.5.6 124 | 125 | # Policies used by the TSA examples. 126 | tsa_policy1 = 1.2.3.4.1 127 | tsa_policy2 = 1.2.3.4.5.6 128 | tsa_policy3 = 1.2.3.4.5.7 129 | 130 | #################################################################### 131 | [ ca ] 132 | default_ca = CA_default # The default ca section 133 | 134 | #################################################################### 135 | [ CA_default ] 136 | 137 | dir = ./demoCA # Where everything is kept 138 | certs = $dir/certs # Where the issued certs are kept 139 | crl_dir = $dir/crl # Where the issued crl are kept 140 | database = $dir/index.txt # database index file. 141 | #unique_subject = no # Set to 'no' to allow creation of 142 | # several certs with same subject. 143 | new_certs_dir = $dir/newcerts # default place for new certs. 144 | 145 | certificate = $dir/cacert.pem # The CA certificate 146 | serial = $dir/serial # The current serial number 147 | crlnumber = $dir/crlnumber # the current crl number 148 | # must be commented out to leave a V1 CRL 149 | crl = $dir/crl.pem # The current CRL 150 | private_key = $dir/private/cakey.pem# The private key 151 | RANDFILE = $dir/private/.rand # private random number file 152 | 153 | x509_extensions = usr_cert # The extensions to add to the cert 154 | 155 | # Comment out the following two lines for the "traditional" 156 | # (and highly broken) format. 157 | name_opt = ca_default # Subject Name options 158 | cert_opt = ca_default # Certificate field options 159 | 160 | # Extension copying option: use with caution. 161 | # copy_extensions = copy 162 | 163 | # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs 164 | # so this is commented out by default to leave a V1 CRL. 165 | # crlnumber must also be commented out to leave a V1 CRL. 166 | # crl_extensions = crl_ext 167 | 168 | default_days = 365 # how long to certify for 169 | default_crl_days= 30 # how long before next CRL 170 | default_md = default # use public key default MD 171 | preserve = no # keep passed DN ordering 172 | 173 | # A few difference way of specifying how similar the request should look 174 | # For type CA, the listed attributes must be the same, and the optional 175 | # and supplied fields are just that :-) 176 | policy = policy_match 177 | 178 | # For the CA policy 179 | [ policy_match ] 180 | countryName = match 181 | stateOrProvinceName = match 182 | organizationName = match 183 | organizationalUnitName = optional 184 | commonName = supplied 185 | emailAddress = optional 186 | 187 | # For the 'anything' policy 188 | # At this point in time, you must list all acceptable 'object' 189 | # types. 190 | [ policy_anything ] 191 | countryName = optional 192 | stateOrProvinceName = optional 193 | localityName = optional 194 | organizationName = optional 195 | organizationalUnitName = optional 196 | commonName = supplied 197 | emailAddress = optional 198 | 199 | #################################################################### 200 | [ req ] 201 | default_bits = 2048 202 | default_keyfile = privkey.pem 203 | distinguished_name = req_distinguished_name 204 | attributes = req_attributes 205 | x509_extensions = v3_ca # The extensions to add to the self signed cert 206 | 207 | # Passwords for private keys if not present they will be prompted for 208 | # input_password = secret 209 | # output_password = secret 210 | 211 | # This sets a mask for permitted string types. There are several options. 212 | # default: PrintableString, T61String, BMPString. 213 | # pkix : PrintableString, BMPString (PKIX recommendation before 2004) 214 | # utf8only: only UTF8Strings (PKIX recommendation after 2004). 215 | # nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). 216 | # MASK:XXXX a literal mask value. 217 | # WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. 218 | string_mask = utf8only 219 | 220 | # req_extensions = v3_req # The extensions to add to a certificate request 221 | 222 | [ req_distinguished_name ] 223 | countryName = Country Name (2 letter code) 224 | countryName_default = AU 225 | countryName_min = 2 226 | countryName_max = 2 227 | 228 | stateOrProvinceName = State or Province Name (full name) 229 | stateOrProvinceName_default = Some-State 230 | 231 | localityName = Locality Name (eg, city) 232 | 233 | 0.organizationName = Organization Name (eg, company) 234 | 0.organizationName_default = Internet Widgits Pty Ltd 235 | 236 | # we can do this but it is not needed normally :-) 237 | #1.organizationName = Second Organization Name (eg, company) 238 | #1.organizationName_default = World Wide Web Pty Ltd 239 | 240 | organizationalUnitName = Organizational Unit Name (eg, section) 241 | #organizationalUnitName_default = 242 | 243 | commonName = Common Name (e.g. server FQDN or YOUR name) 244 | commonName_max = 64 245 | 246 | emailAddress = Email Address 247 | emailAddress_max = 64 248 | 249 | # SET-ex3 = SET extension number 3 250 | 251 | [ req_attributes ] 252 | challengePassword = A challenge password 253 | challengePassword_min = 4 254 | challengePassword_max = 20 255 | 256 | unstructuredName = An optional company name 257 | 258 | [ usr_cert ] 259 | 260 | # These extensions are added when 'ca' signs a request. 261 | 262 | # This goes against PKIX guidelines but some CAs do it and some software 263 | # requires this to avoid interpreting an end user certificate as a CA. 264 | 265 | basicConstraints=CA:FALSE 266 | 267 | # Here are some examples of the usage of nsCertType. If it is omitted 268 | # the certificate can be used for anything *except* object signing. 269 | 270 | # This is OK for an SSL server. 271 | # nsCertType = server 272 | 273 | # For an object signing certificate this would be used. 274 | # nsCertType = objsign 275 | 276 | # For normal client use this is typical 277 | # nsCertType = client, email 278 | 279 | # and for everything including object signing: 280 | # nsCertType = client, email, objsign 281 | 282 | # This is typical in keyUsage for a client certificate. 283 | # keyUsage = nonRepudiation, digitalSignature, keyEncipherment 284 | 285 | # This will be displayed in Netscape's comment listbox. 286 | nsComment = "OpenSSL Generated Certificate" 287 | 288 | # PKIX recommendations harmless if included in all certificates. 289 | subjectKeyIdentifier=hash 290 | authorityKeyIdentifier=keyid,issuer 291 | 292 | # This stuff is for subjectAltName and issuerAltname. 293 | # Import the email address. 294 | # subjectAltName=email:copy 295 | # An alternative to produce certificates that aren't 296 | # deprecated according to PKIX. 297 | # subjectAltName=email:move 298 | 299 | # Copy subject details 300 | # issuerAltName=issuer:copy 301 | 302 | #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem 303 | #nsBaseUrl 304 | #nsRevocationUrl 305 | #nsRenewalUrl 306 | #nsCaPolicyUrl 307 | #nsSslServerName 308 | 309 | # This is required for TSA certificates. 310 | # extendedKeyUsage = critical,timeStamping 311 | 312 | [ v3_req ] 313 | 314 | # Extensions to add to a certificate request 315 | 316 | basicConstraints = CA:FALSE 317 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 318 | 319 | [ v3_ca ] 320 | 321 | 322 | # Extensions for a typical CA 323 | 324 | 325 | # PKIX recommendation. 326 | 327 | subjectKeyIdentifier=hash 328 | 329 | authorityKeyIdentifier=keyid:always,issuer 330 | 331 | basicConstraints = critical,CA:true 332 | 333 | # Key usage: this is typical for a CA certificate. However since it will 334 | # prevent it being used as an test self-signed certificate it is best 335 | # left out by default. 336 | # keyUsage = cRLSign, keyCertSign 337 | 338 | # Some might want this also 339 | # nsCertType = sslCA, emailCA 340 | 341 | # Include email address in subject alt name: another PKIX recommendation 342 | # subjectAltName=email:copy 343 | # Copy issuer details 344 | # issuerAltName=issuer:copy 345 | 346 | # DER hex encoding of an extension: beware experts only! 347 | # obj=DER:02:03 348 | # Where 'obj' is a standard or added object 349 | # You can even override a supported extension: 350 | # basicConstraints= critical, DER:30:03:01:01:FF 351 | 352 | [ crl_ext ] 353 | 354 | # CRL extensions. 355 | # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. 356 | 357 | # issuerAltName=issuer:copy 358 | authorityKeyIdentifier=keyid:always 359 | 360 | [ proxy_cert_ext ] 361 | # These extensions should be added when creating a proxy certificate 362 | 363 | # This goes against PKIX guidelines but some CAs do it and some software 364 | # requires this to avoid interpreting an end user certificate as a CA. 365 | 366 | basicConstraints=CA:FALSE 367 | 368 | # Here are some examples of the usage of nsCertType. If it is omitted 369 | # the certificate can be used for anything *except* object signing. 370 | 371 | # This is OK for an SSL server. 372 | # nsCertType = server 373 | 374 | # For an object signing certificate this would be used. 375 | # nsCertType = objsign 376 | 377 | # For normal client use this is typical 378 | # nsCertType = client, email 379 | 380 | # and for everything including object signing: 381 | # nsCertType = client, email, objsign 382 | 383 | # This is typical in keyUsage for a client certificate. 384 | # keyUsage = nonRepudiation, digitalSignature, keyEncipherment 385 | 386 | # This will be displayed in Netscape's comment listbox. 387 | nsComment = "OpenSSL Generated Certificate" 388 | 389 | # PKIX recommendations harmless if included in all certificates. 390 | subjectKeyIdentifier=hash 391 | authorityKeyIdentifier=keyid,issuer 392 | 393 | # This stuff is for subjectAltName and issuerAltname. 394 | # Import the email address. 395 | # subjectAltName=email:copy 396 | # An alternative to produce certificates that aren't 397 | # deprecated according to PKIX. 398 | # subjectAltName=email:move 399 | 400 | # Copy subject details 401 | # issuerAltName=issuer:copy 402 | 403 | #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem 404 | #nsBaseUrl 405 | #nsRevocationUrl 406 | #nsRenewalUrl 407 | #nsCaPolicyUrl 408 | #nsSslServerName 409 | 410 | # This really needs to be in place for it to be a proxy certificate. 411 | proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo 412 | 413 | #################################################################### 414 | [ tsa ] 415 | 416 | default_tsa = tsa_config1 # the default TSA section 417 | 418 | [ tsa_config1 ] 419 | 420 | # These are used by the TSA reply generation only. 421 | dir = ./demoCA # TSA root directory 422 | serial = $dir/tsaserial # The current serial number (mandatory) 423 | crypto_device = builtin # OpenSSL engine to use for signing 424 | signer_cert = $dir/tsacert.pem # The TSA signing certificate 425 | # (optional) 426 | certs = $dir/cacert.pem # Certificate chain to include in reply 427 | # (optional) 428 | signer_key = $dir/private/tsakey.pem # The TSA private key (optional) 429 | signer_digest = sha256 # Signing digest to use. (Optional) 430 | default_policy = tsa_policy1 # Policy if request did not specify it 431 | # (optional) 432 | other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) 433 | digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory) 434 | accuracy = secs:1, millisecs:500, microsecs:100 # (optional) 435 | clock_precision_digits = 0 # number of digits after dot. (optional) 436 | ordering = yes # Is ordering defined for timestamps? 437 | # (optional, default: no) 438 | tsa_name = yes # Must the TSA name be included in the reply? 439 | # (optional, default: no) 440 | ess_cert_id_chain = no # Must the ESS cert id chain be included? 441 | # (optional, default: no) 442 | 443 | [ x509_ext ] 444 | basicConstraints = CA:FALSE 445 | subjectKeyIdentifier = hash 446 | authorityKeyIdentifier = keyid,issuer 447 | subjectAltName = DNS:localhost 448 | ``` 449 | 450 | ### Installing the Certificate to Windows 10 using PowerShell 451 | 452 | #### Current User Trust Store 453 | Windows will require an administrator terminal to add certificates to any of the machine trust stores, however a certificate may be added to the current user store without administrative access. 454 | The result is the same, so I always just add certificates to the current user store. 455 | The address to the current user trust store is `Cert:\CurrentUser\Root`. 456 | 457 | #### Remove Old Certificates 458 | Before adding certificates deleting existing certificates containing the same meta-data, because new certificates will no overwrite existing certificates of the same name. 459 | 460 | `get-childItem Cert:\CurrentUser\Root -DnsName *your-certificate-organization-name* | Remove-Item -Force` 461 | 462 | I have found that when executing that command directly from the terminal it will delete all certificates matching the supplied criteria. 463 | I have also found that when executing that command as a child process in Node.js it will only remove the first certificate in the returned list. 464 | In Node I then check for matching certificates every time I delete a certificate using this command: `get-childItem Cert:\CurrentUser\Root -DnsName *your-certificate-organization-name*` 465 | Using a recursive loop I continue deleting certificates and checking for matching certificates until no more matching certificates are returned. 466 | 467 | #### Installing the Certificates 468 | I install both the server certificate and the root certificate into the trust store. 469 | This way both certificates are trusted and the certificate chain is easily resolved. 470 | 471 | `Import-Certificate -FilePath ca.crt -CertStoreLocation 'Cert:\CurrentUser\Root'` 472 | `Import-Certificate -FilePath server.crt -CertStoreLocation 'Cert:\CurrentUser\Root'` 473 | 474 | #### Firefox 475 | At this point you have a custom created certificate chain that is trusted for the current user across Windows 10 and all installed web browsers, except Firefox. 476 | Firefox has its own internal certificate trust store. 477 | There are steps to access and modify the Firefox certificate store just like accessing the Windows trust stores, but I find it more convenient to tell Firefox to use the Windows trust stores. 478 | 479 | 1. Open Firefox and in the address bar go to `about:config`. 480 | 1. At the warning screen accept the risk and continue. 481 | 1. Search for `security.enterprise_roots.enabled` and double-click it to set the value to true. 482 | 1. Close out all instances of Firefox. 483 | 484 | ### Installing the Certificate to Debian and Ubuntu Linux Distributions 485 | All steps in Linux require use of `sudo`. 486 | 487 | Ubuntu/Debian use a staging location for certificates at `/usr/local/share/ca-certificates`. 488 | For ease of management I recommend creating a directory there: 489 | `sudo mkdir /usr/local/share/ca-certificates/extra` 490 | 491 | Once the directory is created copy the two certificate files there: 492 | `sudo cp ca.crt /usr/local/share/ca-certificates/extra` 493 | `sudo cp server.crt /usr/local/share/ca-certificates/extra` 494 | 495 | To install the certificates execute the command: 496 | `sudo update-ca-certificates --fresh` 497 | 498 | This command migrates certificates from the staging area to `/etc/ssl/certs/` and updates the manifest at `/etc/ssl/certs/ca-certificates.crt`. 499 | The fresh option performs an audit such that custom certificates no longer present in the staging area are deleted and any new certificates at the staging area installed. 500 | 501 | At this point the certificates are fully installed in Ubuntu/Debian, but the browsers will not trust them. 502 | In Linux all browsers contain their own internal certificate store, just as Windows Firefox. 503 | We can fix this with a script. 504 | Save the following to a file named `linux.sh`: 505 | 506 | ``` 507 | #!/bin/bash 508 | 509 | ### Script installs root.cert.pem to certificate trust store of applications using NSS 510 | ### (e.g. Firefox, Thunderbird, Chromium) 511 | ### Mozilla uses cert8, Chromium and Chrome use cert9 512 | 513 | ### 514 | ### Requirement: apt install libnss3-tools 515 | ### 516 | 517 | 518 | ### 519 | ### CA file to install (CUSTOMIZE!) 520 | ### 521 | 522 | certfile="./share-file-ca.crt" 523 | certname="share-file-ca" 524 | 525 | 526 | ### 527 | ### For cert8 (legacy - DBM) 528 | ### 529 | 530 | for certDB in $(find ~/ -name "cert8.db") 531 | do 532 | certdir=$(dirname ${certDB}); 533 | certutil -A -n "${certname}" -t "TCu,Cu,Tu" -i ${certfile} -d dbm:${certdir} 534 | done 535 | 536 | 537 | ### 538 | ### For cert9 (SQL) 539 | ### 540 | 541 | for certDB in $(find ~/ -name "cert9.db") 542 | do 543 | certdir=$(dirname ${certDB}); 544 | certutil -A -n "${certname}" -t "TCu,Cu,Tu" -i ${certfile} -d sql:${certdir} 545 | done 546 | ``` 547 | 548 | The `certutil` command in those instructions comes from a package named libnss3-tools, so run these two commands to execute this script: 549 | 550 | ``` 551 | sudo apt install libnss3-tools 552 | sudo chmod +x ./linux.sh 553 | sudo ./linux.sh 554 | ``` 555 | 556 | #### All Ubuntu/Debian commands 557 | ``` 558 | sudo mkdir /usr/local/share/ca-certificates/extra 559 | sudo cp ca.crt /usr/local/share/ca-certificates/extra 560 | sudo cp server.crt /usr/local/share/ca-certificates/extra 561 | sudo update-ca-certificates --fresh 562 | sudo apt install libnss3-tools 563 | sudo chmod +x ./linux.sh 564 | sudo ./linux.sh 565 | ``` 566 | 567 | The browsers will continue to not trust the new certificates until they are fully closed out and reopened. 568 | The result is exactly like Windows, a custom created certificate chain trusted in the browser. 569 | 570 | ### Installing the Certificate to Fedora Linux Distributions 571 | I know the steps above for Ubuntu/Debian work because I have tested the steps myself. 572 | I have not tested these steps for Fedora and so they may not work. 573 | 574 | The steps for Fedora exactly mirror those for Ubuntu/Debian with differences to locations, trust command, and nss3 package name. 575 | 576 | * Fedora certificate staging area - `/etc/pki/ca-trust/source/anchors` 577 | * Fedora certificate installation command - `update-ca-trust` 578 | * Fedora package installation of nss3 - `sudo yum install nss-tools` 579 | 580 | ### Installing the Certificate to OSX 581 | Likewise, I have not tested this on OSX yet and so this step may not work. 582 | 583 | `sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "ca.crt"` -------------------------------------------------------------------------------- /Easiness.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Easiness 4 | In programming, as in life, the goal for many is the seeking of easiness. 5 | This document describes why that goal almost universally ends in failure and an alternate methodology to achieve superior quality output with far less effort. 6 | 7 | Easiness describes the quality of [easy](https://www.dictionary.com/browse/easy), which relates to avoidance of discomfort and/or perceived increased effort of a thing or action. 8 | The state of easy is challenging to describe and measure because it is both transitive and subjective. 9 | That means a person may experience easiness of a thing in one circumstance and not in another as circumstances change. 10 | Furthermore, that state of easiness is defined by the combination of perspectives, prior knowledge, and familiarity of a specific person and so wildly differs from person to person. 11 | 12 | ## Causes 13 | Perhaps programmers most typically express easiness in programming through use of memorized patterns. 14 | Memorized patterns allow convenient solutions for both business processes and application code under the perception of minimized risk. 15 | Counter-intuitively that almost certainly increases risk as easiness is almost impossible to objectify and therefore challenging to remediate as abstractly as necessary to solve for things in states of change or inconsideration for a plurality of variables. 16 | 17 | ### Avoidance 18 | While many people clearly and actively seek easiness as a self-stated goal or primary criteria of admitted decisions it is less clear why this behavior occurs. 19 | The behavior occurs not for attainment of comfort, safety, or effort reduction as those reasons suggest deliberate reasoning or planning. 20 | The attainment of easiness occurs most frequently in a non-deliberate manner and frequently non-cognitively, therefore suggesting avoidance of negative emotion as opposed to deliberately seeking the converse. 21 | 22 | #### Individuals 23 | Psychology describes the presence of negative emotion as [neuroticism](https://en.wikipedia.org/wiki/Neuroticism), which is one of the [Big 5](https://en.wikipedia.org/wiki/Big_Five_personality_traits) personality index. 24 | High measures of neuroticism directly correlate with a variety of mental health disorders, including [anxiety](https://en.wikipedia.org/wiki/Anxiety_disorder). 25 | Exceptionally low measures of neuroticism directly correlate with both risk seeking behavior and more fluid risk analysis. 26 | 27 | Levels of neuroticism are shaped by environmental, genetic, and physiological factors. 28 | A person that injures easily will exercise greater restraint to avoid injury. 29 | Likewise, a person seemingly incapable of breaking bones and healing at exceptional speeds has greater liberty to determine risk acceptance. 30 | A person that grows up in an environment with horses and livestock is less inclined to fear large animals. 31 | 32 | People with exceptionally low neuroticism exhibit acute differences in brain chemistry regarding a healthy dopamine cycle and adrenaline. 33 | These people are able to deliberately accept high risk scenarios without the minor physiological stimulation most people experience. 34 | That natural physiological stimulation is the minor non-cognitive fear response that increases mental focus and elevates pulse. 35 | For example search for talks and videos by [Brad "Ice Man" Colbert](https://en.wikipedia.org/wiki/Brad_Colbert) who is a person with neuroticism low enough to alter their behavior and fear response both in moments of danger and at rest. 36 | 37 | As a person, myself, with exceptionally low neuroticism here are examples of behaviors other people might find abnormal: 38 | 39 | * I joined the military at the youngest age allowed by my nation and deployed to foreign nations 5 times, including almost 2 years of time in Afghanistan during a war. 40 | * As a soldier in Afghanistan a rocket landed in my housing neighborhood, *Dragon*, of Bagram Air Base within extremely close proximity to my housing. 41 | No one in my house, which they called B-huts, was injured so I went back to sleep because it was cold outside. 42 | * As a teenager I was detained by police for driving 135mph in a 45mph speed zone, State Highway 114 in Southlake TX before it became a freeway, with my younger brother as a passenger. 43 | My brother was admittedly nervous about my forth-coming arrest, but I remained calm and displayed my military ID like nothing happened. 44 | I was released at the scene. 45 | * As a teenager I, and some friends, broke into an abandoned grain silo in my hometown to repel using ropes and climbing equipment. 46 | I rigged my climbing harness incorrectly and fell more than 50 feet onto concrete where I suffered minor first degree burns on my hands through leather gloves grabbing a nylon rope. 47 | I was rather excited and actually thought about doing that again before being whisked away by my co-offenders. 48 | * Early in my Army Reserve career my unit received a two week annual training in the south German town of Kaiserslautern. 49 | A dance club, Riverside, opened just months before our arrival. 50 | On the night immediately preceding our departure back to the US I chose to continue consuming alcohol and remain at the dance club until their closing time of 0400 knowing I had an early morning show time at 0600 for movement ot the airport. 51 | Upon leaving the club on foot I became disoriented and knowing that I was running out of time I chose to abandon the roadway as it felt unfamiliar. 52 | Instead I chose to turn in the direction of a 300m heavily forested hill that I believed was the linear direction to the military compound. 53 | After a light job through forest and climbing 3 layers of barded wire fence I returned to the military compound just minutes before 0600. 54 | 55 | Many people might find these behaviors challenging to understand. 56 | For people with exceptionally low neuroticism fear and emotional discomfort are processed differently resulting in these people not fearing things that would likely invoke extreme panic in others. 57 | It is challenging to say exactly why unusual behavior occurs. 58 | One answer points to impaired processing of the [Amygdala](https://www.ncbi.nlm.nih.gov/pmc/articles/PMC2882379/), which is one of the oldest structures common to most animal brains. 59 | A person with impaired fear response will likely also demonstrate impaired processing of other reflexive emotional responses as well. 60 | This does not mean these people lack emotion, but only that these people are slower to display emotion in the specific context of immediate stimulus reflex. 61 | 62 | It also does not mean these people are without avoidance behaviors, but that their avoid behaviors are triggered by different things many other people would likely not bother avoiding. 63 | For people with typical reflexive fear responses they may avoid things or situations known to trigger an unpleasant response, even without direct realization of such avoidance. 64 | Consider the list of behaviors mentioned above. 65 | For persons with a normal fear response those behaviors might look like thrill seeking behaviors, or activities of a high risk nature taken to provoke a fear or adventurous condition. 66 | For persons with without a normal fear response those behaviors are actually just learning activities, such as learning to drive or taking a test in school. 67 | I had to remind people many times that I was an order of magnitude more likely to die driving to work in safe conditions within the speed limit on the freeway in the US than in a military combat zone like Afghanistan. 68 | When you look at the seemingly crazy behaviors of a low neurotic person in context of measures compared to everyday behaviors of the population at large they suddenly become boring and pedestrian. 69 | 70 | #### Cultures 71 | Avoidance also occurs as a cultural phenomenon measured as [uncertainty avoidance](https://en.wikipedia.org/wiki/Uncertainty_avoidance), which is one of the [Geert Hofstede cross-cultural indexes](https://en.wikipedia.org/wiki/Hofstede%27s_cultural_dimensions_theory). 72 | Cultures with high measures of avoidance are more inclined to set rigid rules to enforce behaviors and minimize disruptions to planned outcomes. 73 | They may even set rules they do not use. 74 | High avoidance cultures demonstrate higher levels of anxiety and higher resistance to change. 75 | Cultures with low measures of avoidance tend to exercise informality and [openness](https://en.wikipedia.org/wiki/Openness_to_experience), which is the Big 5 index most directly correlated with high intelligence. 76 | These low uncertainty avoidance cultures also show less influence from rules imposed upon them. 77 | 78 | It should be noted that uncertainty avoidance is not at all correlated with risk avoidance. 79 | Risk avoidance deals only with deliberate planning while uncertainty avoidance only deals with practiced rituals and norms of a culture and the resulting behaviors and emotions of such. 80 | For example the US military is a culture of both exceptionally low risk avoidance and extremely high uncertainty avoidance. 81 | 82 | ### Unearned Merit 83 | Another primary cause for seeking easiness rests in conquests of merit not earned. 84 | This typically means demonstrations of expertise without the qualifying education or experience. 85 | There are two unrelated behaviors that produce this desire: 86 | 87 | * [self-affirmation](https://en.wikipedia.org/wiki/Self-affirmation) 88 | * [poorly framed reciprocity](https://en.wikipedia.org/wiki/Reciprocity_(social_psychology)) 89 | 90 | Self-affirmation is the process of increasing a person's own confidence through beliefs and activities. 91 | Under normal conditions a person will naturally increase their own confidence through continued practice when precise details of success and failure crystalize in their mind. 92 | Under irregular conditions a person will intentionally seek to reaffirm a personal belief solely for emotional gratification and that which challenges strongly fortified belief systems introduces discomfort. 93 | 94 | Reciprocity is the process of emotional gratification achieved through social acts that immediately benefit other people. 95 | For example helping up a fallen or injured person makes many people feel positive emotions to know they assisted and comforted someone else in their time of need. 96 | 97 | Poorly framed reciprocity occurs when a person seeks sympathy or praise without a qualifying context. 98 | One example occurs when a person interjects into a conversation with their personal achievement or expert opinion where that interjection is either unwanted, unfounded, or not qualified by the conversed subject. 99 | The goal in that case is to earn intellectual praise but typically results in failure due to poor social awareness. 100 | The same scenario may occur when the goal is sympathy instead of intellectual praise because both seek self-affirmation and positive emotional reciprocity. 101 | 102 | ### Defensiveness 103 | According to John Gottman's work on marriage relationships [defensiveness](https://www.gottman.com/blog/the-four-horsemen-defensiveness/) forms one of the four horsemen of toxic communication. 104 | Defensiveness comprises any behaviors and communications with a goal of retaining either assets or reputation in order to deflect feelings of discomfort, which is a more precise way of describing the perception of easiness. 105 | In short: retain something and deflect from that retaining behavior. 106 | 107 | Most often defensiveness occurs as a result of bias more than anything intentional or nefarious. 108 | For example [anchoring bias](https://en.wikipedia.org/wiki/Anchoring_(cognitive_bias)) is the preference for a first learning over subsequent learnings irrespective of evidence in the later or invalidation of the former. 109 | Anchoring bias applies to both learned information and processes. 110 | In regards to programming if a person is first taught to program using object-oriented paradigms in the flavor of C++ they will likely continue to preference that approach even in areas where it requires far greater effort or does not apply. 111 | Persons anchored to a preferred programming style will generally prefer to perform extra effort to continuing practicing in that style even at great risk of delay and failure. 112 | When an outside observer sees that behavior they may ask the programmer about it and if the programmer's response is any form of qualifier not formed from ethical compliance, prior practice, or measures the programmer might be practicing a form of deflection and that deflection is the behavior of defensiveness. 113 | 114 | The problem with defensiveness is that it is self-oriented as opposed to product-oriented or goal-oriented. 115 | Self-oriented means to prioritize the concerns of the decision maker over those of the work on which their decision concerns. 116 | Goal-oriented means to prioritize product goals from either compliance or measures over goals vested in people performing the work. 117 | 118 | Often expressed interchangeably with the term [stonewalling](https://en.wikipedia.org/wiki/Stonewalling) Gottman defines these as separate and unrelated behaviors. 119 | Stonewalling is the behavior of shutting down and not responding whether for cognitive reasons or merely to prevent the display of an emotional response. 120 | Defensiveness is a deflection based behavior, which requires providing a response. 121 | 122 | ### Links to Autism 123 | It should be noted that avoidance, defensiveness, and unearned merit are both primary behaviors associated with autism. 124 | [Autism Spectrum Disorder](https://en.wikipedia.org/wiki/Autism_spectrum), or ASD, is a broad spectrum neurological disorder impacting social conditioning, decision making capacity, and self-identity. 125 | Like [conscientiousness](https://en.wikipedia.org/wiki/Conscientiousness) autism is poorly correlated with intelligence, which means both autism and high conscientiousness may occur in both highly intelligent and low intelligent people. 126 | Unlike conscientiousness autism inversely impacts degree of [critical reasoning](https://en.wikipedia.org/wiki/Critical_thinking) necessary to qualify decisions formed from complex criteria. 127 | Some examples of decisions formed from complex criteria benefitted by higher conscientiousness and lower autism include empathy, listening, contingency planning, task prioritization, and so forth. 128 | 129 | ### Programming and Easiness 130 | Since easiness comes from the perspective of a person in a given moment measuring easiness objectively produces several challenges. 131 | The greatest and most well known of these challenges is the difference in authoring time and cumulative maintenance time for a given work product. 132 | For example code easily written at first because it comes from a memorized pattern or repetitious use of a tool accounts for effort and familiarity in that authoring moment but cannot account for second and third order consequences of other intersecting concerns without additional effort. 133 | Additional effort introduces discomfort. 134 | A common result of easily authored software without consideration for the necessary additional planning effort then is increased [complexity](https://en.wikipedia.org/wiki/Complexity). 135 | Complexity is a fancy word that means *many*. 136 | Many pieces interacting in many different ways of which many such interactions may be unexpected, unplanned, or unrealized defeats the goals of easiness. 137 | 138 | ## Solutions 139 | The solution for easiness is a clear purpose and durability. 140 | When practice upon a work fixates around those two qualities a state of comfort is achieved without risk of immediate defeat from discomfort. 141 | More importantly is that output achieves a superior quality with a lower effort. 142 | 143 | ### Purpose - Eudaimonia 144 | The ethical goal when performing any work is to achieve the most superior result with the least effort and maximum learning. 145 | The ancient Greeks referred to this ethic as [Eudaimonia](https://en.wikipedia.org/wiki/Eudaimonia), the highest virtue, as opposed to [euphoria](https://en.wikipedia.org/wiki/Euphoria) or [hedonia](https://en.wikipedia.org/wiki/Hedonism#Ancient_Greek_philosophy). 146 | 147 | Euphoria describes a sensation of pleasure, whether physical or emotional, often as an unintended result. 148 | Experiences of euphoria are frequently linked to the natural instances of overwhelming exchange of hormones or neurotransmitters in the brain, most commonly: [dopamine](https://www.psychologytoday.com/us/blog/brain-wise/201802/the-dopamine-seeking-reward-loop), [oxytocin](https://en.wikipedia.org/wiki/Oxytocin), [adrenaline](https://en.wikipedia.org/wiki/Adrenaline), and [endorphins](https://en.wikipedia.org/wiki/Endorphins). 149 | 150 | Hedonism describes the behavior of seeking instant pleasure or instant gratification. 151 | Hedonism is frequently associated with [selfishness](https://en.wikipedia.org/wiki/Selfishness), and possibly [narcissism](https://en.wikipedia.org/wiki/Narcissism), where pleasure seeking behaviors often seek immediacy at expense to more careful considerations of cost/benefit analysis. 152 | As a result hedonism is commonly viewed as short-sighted, harmful, and toxic to other people. 153 | 154 | Constantly striving for the highest quality of output alters the perceptions, details, and definitions of that output. 155 | For example people may choose to abandon maximal quality in the delivery of a given product because the perception of production or delivery costs as present exceed those of lower quality products. 156 | This is a form of [selection bias](https://en.wikipedia.org/wiki/Selection_bias). 157 | 158 | First of all this perception of greatly increased production cost might be valid, but that validation cannot be known without comparing measures of both variations under otherwise equivalent conditions. 159 | In most cases superior quality output incurs little or no additional cost so long as differences of physical materials are absent. 160 | This indicates increased cost perceptions are, at least, greatly inflated due to biases and defensiveness. 161 | 162 | Secondly, [production](https://en.wikipedia.org/wiki/Production_(economics)) costs tend to decrease significantly over time as a result of process consolidation and precision refinement. 163 | So even if superior quality products cost more to produce at a given moment that cost difference will approach parity into the future. 164 | Reduction of costs towards parity is provable by comparing differences of measures at different points in time. 165 | 166 | Finally, and most importantly, striving for maximal quality output presents a learning opportunity, and thus a competitive advantage in the marketplace otherwise sacrificed. 167 | Such learning presents two opportunities: awareness of new capabilities and process improvements, both of which are forms of compounding interests. 168 | Awareness of new capabilities unlocks means of production and quality control that did not exist prior and both reduce operating costs at present and allow awareness of still new capabilities from future efforts. 169 | Process improvements occur as a result of practice upon current processes and from consolidation of disparate labors into single lines of effort. 170 | Process improvements improve production speed which further fuels discovery of new capabilities and other process consolidation. 171 | 172 | ### Durability 173 | Durability is satisfied by three conditions: 174 | 175 | * [evidence](https://en.wikipedia.org/wiki/Evidence) - comprised by factual findings or credible citations 176 | * [transparency](https://en.wikipedia.org/wiki/Transparency_(behavior))/[reproducibility](https://en.wikipedia.org/wiki/Reproducibility) - the publication of approach and the immediacy for others to practice such approach 177 | * [goal-orientation](https://en.wikipedia.org/wiki/Goal_orientation) - Goal orientation is the behavior of transparently stating a purpose and the directness with which that purpose is sought. 178 | 179 | The goal of durability is to reduce risk of failure whether that failure occurs from an effort at present, is the result of a regression from future efforts, or is the result of a collision of competing factors. 180 | More durable output allows more time for future development and less time spent repairing defects at potential harm to reputation. 181 | 182 | ### Evidence 183 | Evidence is necessary to objectively qualify a decision, which eliminates bias from practice and ensures accuracy of learning. 184 | Evidence generally comes in two flavors: measurements and prior research. 185 | 186 | ### Transparency/Reproducibility 187 | Transparency solves two problems. 188 | First, it eliminates secrecy which unintentionally exists to hide failure from embarrassment. 189 | Secondly, it forces honesty of work product which expands reputation by demonstrating integrity. 190 | Reproducibility validates proof of learning, and possibly product superiority, by allowing others to independently qualify and validate your advances. 191 | 192 | ### Goal-Orientation 193 | Goal-orientation sets direction and motivation by defining a positional target whether terminal or intermediary. 194 | Stephen Covey's book [7 Habits of Highly Effective People](https://en.wikipedia.org/wiki/The_7_Habits_of_Highly_Effective_People) states as the second habit to begin with the end in mind. 195 | Formulation of a plan starting from the end point to the starting point allows for a clear path to accomplish any given work effort. -------------------------------------------------------------------------------- /JavaScript_Made_Simple.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # JavaScript Made Simple 4 | Anything that can be written in JavaScript can be written with only 4 ingredients: data structures, primitives, functions, and APIs. 5 | The problem with writing code then is not the language or an instance of code so much as the assumptions a developer places upon that code. 6 | 7 | ## Unnecessary Complexity 8 | Many developers, often due to poor education and insufficient experience, attempt to inject conventions and syntax into their code they don't need. 9 | For example developers coming from a Java or C++ background and without formal training in JavaScript will attempt to write Java or C++ conventions into JavaScript, because they lack the necessary guidance to know otherwise. 10 | This results in dramatically increased code size, increased tech debt, poorer performance, and greater reliance upon external layers of abstraction that limit freedom of expression. 11 | 12 | There are two key actions that eliminates more than 90% of unnecessary complexity in JavaScript: 13 | 14 | 1) Eliminate use of keyword `this` and all conventions that either make use of it or are reliant upon it. 15 | 2) Practice systems of organization. 16 | 17 | ### this 18 | The keyword `this` introduces tremendous complexity and often does not do what most developers believe it actually does. 19 | The only scope mechanism in JavaScript is lexical scope. 20 | In the case of arrow functions `this` is lexically scoped, which means it always resolves to the containing function. 21 | In all other cases `this` refers to the prior step in the call stack, which for methods is the object on which the method function is attached, or in the case of other functions refers to that which called the function. 22 | 23 | A great many exceptionally poor decisions in the design of applications results directly from confusion reasoning about the conventions in place. 24 | There exists only confusion when attempting to determine the value of `this`, because in any instance of code the value of `this` is never explicit. 25 | It will always require research or guessing. 26 | 27 | So, don't use `this`. 28 | The language does not force that convention upon you, so do not voluntarily punish yourself with it. 29 | Never is there a good reason to do so. 30 | Despite all evidence and logic many developers will continue to reinforce poor practices due to the behaviors of [conservatism](https://en.wikipedia.org/wiki/Conservatism_(belief_revision)) and [anchoring bias](https://en.wikipedia.org/wiki/Anchoring_(cognitive_bias)). 31 | If you suffer from conservatism or anchoring bias please read this [explanation of OOP](./Object_Oriented_Programming.md). 32 | 33 | ### Organization 34 | I have been writing JavaScript full time for more than 15 years as I write this. 35 | During that time I have found many developers apply systems of organization in even the most simple and immediate instances. 36 | That inability results in reliance upon external things to provide that organization on their behalf. 37 | These external things then become a crutch and that crutch becomes the limits of their capabilities, which means when a problem occurs that cannot be solved by the crutch the problem will remain unsolved. 38 | If that problem contributes to tech debt it will become more expensive over time, which should be expected because in business terms application code is always a cost center. 39 | 40 | I use the following scenario to describe this to non-developers: 41 | 42 | > Imagine parenting a child around 7 to 9 years old. 43 | > That child possesses the maturity to form complex thoughts and reason through various challenges, but lacks the maturity to plan and apply critical decisions even in the absence of any risk. 44 | > You ask that child to clean their room and the child panics because a colossal mess stands before them and they don't know where to start or how to proceed. 45 | > You remind the child they already know what to do: put dirty clothes in the hamper, pick up trash, make their bed, pick up toys, and finally sweep the floor. 46 | > The child knows of those steps in isolation and has completed them several times in the past, but cannot put them together in a meaningful way. 47 | 48 | The behavior in that scenario applies equally to many adults. 49 | Cognitive planning and forming systems of organization comes more gracefully to some people than others. 50 | Psychology explains this behavior of as a form of conscientiousness. 51 | In layman terms the common anecdote describing the behavior goes something like: *cannot see the forest for the trees*. 52 | 53 | Strangely, of the big 5 personality index conscientiousness is the least correlated with intelligence by a ratio of as much as -0.27. 54 | That means intelligence alone remains largely unreliable to solve for better organizational capacity and without sufficient practice many highly intelligent people will never perform well at this. 55 | Anybody can build better organizational capacity but doing so requires practice, repetition, and experimentation no differently than improving any other cognitive skill. 56 | 57 | ## Knowing Your Environment 58 | After mitigating away unnecessary complexity the next step on the journey to simple JavaScript requires an understanding of the environment you are writing for. 59 | The compile target of the web browser is the DOM, and for Node.js it is Node's standard API. 60 | Those inescapable facts will alter how a developer perceives the code they write once those facts become accepted by the developer on an emotional level. 61 | Emotional connections to the work form the key to attaining [automaticity](https://en.wikipedia.org/wiki/Automaticity), which describes how the brain learns to complete large series of low level tasks without cognitive effort. 62 | Muscle memory demonstrates one example of automaticity. 63 | Achieving the apex of skill mastery, [unconscious competence](https://en.wikipedia.org/wiki/Four_stages_of_competence), only occurs through automaticity. 64 | 65 | ### Negativity 66 | Since many developers get lost in the insanity of unnecessary complexity they become utterly incapable of accepting the nature of their environment. 67 | Developers demonstrate the result of that lost acceptance through various forms of emotional trauma such as insecurity, apprehension, blame/diversion, contempt, stonewalling, and so forth. 68 | People frequently use the term *toxic* to describe such negativity because it harms everything like a cancer slowly creeping across the body. 69 | Psychologist [John Gottman](https://www.gottman.com/blog/the-four-horsemen-recognizing-criticism-contempt-defensiveness-and-stonewalling/) describes that emotional negativity as the ultimate predictor of failure in human relationships, but such failure applies with equivalence to all things. 70 | 71 | ### Positivity 72 | Together honesty and intimacy comprise positivity, the opposite of negativity. 73 | Honesty describes the capacity for truth, which is yet another cognitive skill that requires continual deliberate practice to improve. 74 | Demonstrations of superior honesty result in advanced moral character that builds trust and inspires confidence, which form the [emotional bedrock of leadership](https://armypubs.army.mil/epubs/DR_pubs/DR_a/ARN20039-ADP_6-22-001-WEB-5.pdf) according to the US Army. 75 | When a person advances their understanding of honesty sufficiently they will alter how they perceive themselves, the world outside themselves, and how those qualities interact. 76 | With respect to authoring code, or any other activity, advanced honesty results in greater abilities to question prior conceived notions, which then allows consideration of possibilities not open to consideration before. 77 | 78 | Intimacy is the connection, or link, between points that comprise a relationship such that the primary focus of the link is to maximize positive outcome and mitigate away negativity. 79 | The word intimacy most frequently describes social relationships and even then frequently describes relationships between adults that yields consensual sex, but the word can equally apply to any data points that form a positivity focused connection. 80 | In a purely biological sense the common use of *intimacy* makes sense because pair bonding exists for security and reproduction. 81 | In regards to any activity, such as code authorship, greater intimacy allows for considerations of shorter paths between problems and solutions while simultaneously building greater interests in finding and reinforcing improved directness. 82 | 83 | I was recently watching a video about a [divorce attorney](https://www.youtube.com/watch?v=o5z8-9Op2nM&t=1322s) and how he perceived marriage failure after speaking about it with numerous clients. 84 | All, I mean every single one, of the behaviors he describes about marriage failure equally apply to how people perceive any activity where they invest sufficient time to form some kind of emotional connection. 85 | Becoming good at programming requires an absurd amount of time. 86 | The frustrations always came down to lost intimacy that over time eventually resulted in broken relationships on an emotional level well before the legal contract of marriage came into dispute. 87 | 88 | ### Contagiousness 89 | Both positive and negative emotions deeply effect quality of output upon a thing, whether that thing is a physical product for sale or a pair bonded human relationship. 90 | Since all humans express both positive and negative emotions and since both positive and negative emotions directly effect the quality of relationships between humans those emotions spread like a raging virus between people. 91 | That explains why a deliberate understanding of applied positivity forms the emotional bedrock of leadership, because it allows the person forming that positivity to deliberately influence people around them. 92 | 93 | ## Measurements 94 | Once knowledge of the environment becomes familiar enough to build an emotional bond a new cognitive enemy takes stage: [bias](https://en.wikipedia.org/wiki/Bias). 95 | Bias exists to reinforce deeply held assertions as necessary to free us from the emotional pain associated with the loss of emotional investment qualifying those assertions. 96 | Such assertions may include [saving face](https://en.wikipedia.org/wiki/Face_(sociological_concept)) or [loss aversion](https://en.wikipedia.org/wiki/Loss_aversion). 97 | The underlying behaviors triggering bias are almost always non-cognitive emotional responses to a stress condition and are frequently associated with social conditioning. 98 | All humans demonstrate bias in various levels and forms. 99 | 100 | ### An Example of Bias and JavaScript 101 | To observe bias in other people watch their repetition of decisions looking primarily for motivation and evidence. 102 | For example I once had a supervisor attempt to convince me that JavaScript executes slowly and that slowness occurs because JavaScript is a single-threaded language. 103 | 104 | First, statements such as *slow* suggest a comparison where one thing is less fast than something else where that something else may not be stated. 105 | In this case the something else was logic executing in a SQL database application, but was in fact not stated. 106 | 107 | Secondly, in order for one thing to execute less fast than something else there must be measures of both things executing in similar conditions responding to similar inputs and generating similar outputs. 108 | In this case no such measures existed. 109 | 110 | Finally, the statement that JavaScript is single threaded is true, but its incomplete and that incompleteness suggests outcomes that do not exist. 111 | An offered incomplete qualifier demonstrates one or more [logical fallacies](https://en.wikipedia.org/wiki/List_of_fallacies#Formal_fallacies) depending upon motive and deliberation. 112 | The more complete technical answer is that JavaScript is single threaded and multi-call stack where one CPU thread sufficiently executes multiple tasks in sequence without halting with each task occupying memory in isolation. 113 | This multi-call stack nature allows the CPU thread to continue executing a task until it must wait on any external input/output at which point it moves to the next call stack and executes that task until either completion or a wait scenario is encountered there. 114 | This rotation between call stacks is the [event loop](https://en.wikipedia.org/wiki/Event_loop). 115 | I explained this to the supervisor who claimed to have heard of the subject but they did not seem to understand it and thus refused to revise their beliefs accordingly. 116 | 117 | In summary JavaScript may or may not be slow, but such statements demand comparative measures as qualifiers. 118 | The absence of evidence resulted in the total reliance upon a [prejudiced](https://en.wikipedia.org/wiki/Prejudice) belief system, which in this case was never qualified and later proved both insignificant and invalid. 119 | 120 | ### Bias Mitigation 121 | Conduct measures with a goal to challenge deeply held opinions. 122 | The exercise of measuring results in more durable decisions less prone to failure and more open to pivots as new evidence and conditions arise. 123 | 124 | ## Closing 125 | In order to write clean JavaScript you must simply follow these few steps: 126 | 127 | 1) Avoid unnecessary conventions sufficiently such that the goal becomes more important than the contributing actions. 128 | 2) Know your environment well enough to build an emotional connection. 129 | 3) Conduct measurements to identify bias. 130 | 131 | Rarely, as in almost never, do I see developers attain mastery of this language, but there are developers that do. 132 | Mastery occurs not necessarily because of talent, but primarily because of refinement. 133 | I also hope these steps may serve more broadly than writing JavaScript or even just programming, because the behaviors and results remain the same irrespective of the task at hand. -------------------------------------------------------------------------------- /JavaScript_Timers.md: -------------------------------------------------------------------------------- 1 | # JavaScript Timers 2 | JavaScript provides two standard timers that are available in all browsers and Node.js in identical fashion. These were once defacto standards that were universally adopted despite not having a formal document approved by a standards body organization and achieved the status of a formal standard with HTML5. 3 | 4 | ## Timers 5 | * [setTimeout](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/setTimeout) - Sets a one time millisecond delay. 6 | * [setInterval](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/setInterval) - An infinite loop of delays. 7 | 8 | ## Cancellation 9 | * [clearTimeout](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/clearTimeout) - Cancels a *setTimeout* operation. 10 | * [clearInterval](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/clearInterval) - Breaks a *setInterval* loop. 11 | 12 | ## Some Quick Points 13 | * **All timers execute asynchronously.** They execute as a polling subprocess under the primary process executing the JavaScript interpreter. This is fancy talk for saying timers always execute precisely to their specified delay regardless of what is occurring in the code. 14 | * **The delay is always specified as miliseconds.** If you wish to delay an operation by 3 seconds its delay will be specified as *3000*, which is 3 thousand milliseconds. 15 | 16 | ## Understanding the Timers 17 | Since the delays are always asynchronous the pros and cons of each delay type are not immediately clear. This section attempts to explore this in further detail. 18 | 19 | ### setTimeout 20 | This is perhaps the easiest delay to understand. This function requires two arguments: a function and a delay. Example: `setTimeout(myFunction, 1000)`. 21 | 22 | The primary limitation to setTimeout is that its function runs only once and its delay isn't flexible. This means if you are waiting for part of a web page to load you must specify a far longer than needed delay because in some cases that part of the web page can load quickly while in other cases it can load slowly and you certainly don't want your code to execute too early which could cause an error. 23 | 24 | ### setInterval 25 | Just like the setTimeout function this takes the exact same two arguments: `setInterval(myFunction, 1000)`. The *setInterval* is more flexible than the *setTimeout* because because it creates a loop, which means its function will execute many times. 26 | 27 | Before moving forward it is important to remember that the timers are **always asynchronous**. In this case if the provided function is a long executing function and the specified interval is very short it is probable that the specified function will execute in the given interval before this function finished executing in the previous interval, which will introduce unexpected results. Terms to describe this condition are *fallover* or *collision*. 28 | 29 | One way of thinking about this is a cookie factory that drops dough onto a conveyer belt. The dough drops onto the conveyer belt at a regular interval. The rate at which the dough drops onto the conveyer belt is not associated with the speed of the conveyer belt. Since these operations are separately managed they are asynchronous. The conveyer belt could slow down, but this would have no impact on how fast or regularly the dough drops onto the conveyer belt. If the conveyer belt moves too slowly or the dough drops too quickly one instance of cookie dough will collide with the next instance of cookie dough. 30 | 31 | The challenge with using setInterval on the web is that each interval instance is asynchronous to the JavaScript code executing around it. Additionally, the DOM, which is the interface between the JavaScript and the web page is also asynchronous to both the JavaScript and the timers. When describing setTimeout long delays were mentioned for safety when working with web pages, which becomes more true for each interval in the setInterval. 32 | 33 | ## Creating an asynchronous Loop - Recursive setTimeout 34 | When working with various asynchronous factors it is generally preferable to create a loop of delays that is synchronous between each interval so as to prevent collisions or fallover. To solve for this scenario my recommendation is a recursive setTimeout. 35 | 36 | A recursive setTimeout is a function that contains a condition that if true calls this function to execute again in a setTimeout delay. The benefit to a recursive setTimeout function is that it loops synchronously and this loop automatically terminates once it is no longer needed against an asynchronous test. This means each loop iteration is synchronous compared to the previous or next interaction, but the test fired in the current iteration is asynchronous compared to other JavaScript code aside from this loop. This delivers the best ratio of speed to safety. 37 | 38 | Here is a brief example: 39 | 40 | ```javascript 41 | function parent() { 42 | if (document.getElementById("something") !== null) { 43 | return setTimeout(parent, 100); 44 | } 45 | // other code follows 46 | } 47 | ``` 48 | 49 | This concept can be reduced to an abstraction for easy use in multiple locations: 50 | 51 | ```javascript 52 | // abstraction 53 | function syncDelay(params) { 54 | if (params.test() === false) { 55 | return setTimeout(function syncDelay_recurse() { 56 | syncDelay(params); 57 | }, params.delay); 58 | } 59 | params.func(); 60 | } 61 | 62 | // use case 63 | syncDelay({ 64 | test : function () { 65 | return document.getElementById("something") !== null; 66 | }, 67 | func : function () {}, 68 | delay: 50 69 | }); 70 | ``` 71 | 72 | ## A Note on Speed 73 | The standards that define these timers indicate the smallest allowed delay is 4ms, so if you specify any smaller number, such as 0, it will be executed with a delay of 4ms. On top of that there is some minimal overhead from instantiating a timer, due to it leaving the current thread of execution for the rest of the JavaScript code to create a separate execution thread. 74 | 75 | It isn't desirable to run timers with the minimal delay as this interferes with the speed of JavaScript performance elsewhere in the page. In my experience a delay of 250ms is too fast to allow for human interaction, but is slow enough that a user looking at the impacted area of the page may notice a visible change, provided the timer's function visibly changes that area of the page. 250ms is slow enough that there will be no degraded performance in any other executing code, but the visual blink introduced from this speed could have consequences for things like A/B tests. 76 | 77 | 100ms is generally fast enough that humans cannot visually detect changes even if staring directly at the impacted area of the page and the timer's function dramatically changes that area of the page. This delay is slow enough that in nearly all cases introduces no impact to performance of other executing code. When I use timers to modify a visible page 100ms is my default delay. 78 | 79 | There are some rare cases where it is necessary to iterate much faster than 100ms. One such case is modifying the result of a user interaction from a third party tool. Since our code comes from a third party tool we have no idea if the page is ready or the concerned code is there to modify, so instead we have to wrap our manipulative code in something like a recursive setTimeout and wait for the necessary pieces to be in place but before changes from the user's interaction can be detected. In edge cases like these I have found a delay of 40ms or 50ms to be fast enough. In complex scenarios like this the precision of the delay is becomes a competing concern to over various technical factors resulting from the manipulations to the page you don't control. -------------------------------------------------------------------------------- /Leadership_In_Software.md: -------------------------------------------------------------------------------- 1 | # Leadership In Software 2 | As a US Army Warrant Officer with 24 years of military service, including more than 48 months of overseas deployment time, and simultaneously a software developer with 24 years of experience writing software I am employed by two diametrically opposed cultures. 3 | These conflicting cultures bless me with perspectives many people cannot imagine or hope to understand. 4 | This document is an attempt to expose such conflict in writing. 5 | 6 | ## Leadership 7 | > Leadership is the activity of influencing people by providing purpose, direction, and motivation to accomplish the mission and improve the organization. 8 | > **Leaders inspire people to become energized and motivated to achieve desired outcomes.** 9 | > An Army leader is anyone who by virtue of assumed role or assigned responsibility inspires and influences people by providing purpose, direction, and motivation to accomplish the mission and improve the organization. ADP 6-22, 1-74. 10 | 11 | The US Army defines leadership in two broadly reinforcing doctrines: 12 | * [ADP 6-22](https://armypubs.army.mil/epubs/DR_pubs/DR_a/ARN20039-ADP_6-22-001-WEB-0.pdf) 13 | * [FM 6-22](https://armypubs.army.mil/epubs/DR_pubs/DR_a/pdf/web/fm6_22.pdf) 14 | 15 | ### Confidence 16 | > A feeling or belief that you, or someone else, can do something well or succeed at something. 17 | > [Merriam Webster, confidence](https://www.merriam-webster.com/dictionary/confidence) 18 | 19 | The keys to true leadership are the soft skills that inspire people to be more for the welfare of the organization. 20 | In software many people in positions of responsibility abandon inspiration through the hope to offload leadership onto external technical products such as frameworks, tools, and dependencies. 21 | Technology is not a substitution for the human element and leadership cannot be exchanged for it. ADP 6-22, 1-92 explains why this occurs: 22 | 23 | > Everyone has an identity or a way they see themselves. 24 | > Leaders internalize the roles, responsibilities, and actions that they understand of a leader to be, know, and do. 25 | > Leaders who are unsure of themselves filling the role of a leader will be limited until they have confidence. 26 | 27 | The two ingredients that most commonly explains poor leadership are insufficiently developed **confidence** and/or prevailing self-interest. 28 | Confidence requires repeated practice overcoming and dominating both failures and emerging challenges. 29 | Confidence also requires reinforcement from external validation such as objective measures and social validation, also known as [culture](https://www.merriam-webster.com/dictionary/culture). 30 | When confidence is low and social validations are absent a new leader will naturally attempt to mitigate risk by limiting their field of responsibility as narrowly as an organization will allow thereby neglecting things perceived lower value or lower visibility. 31 | 32 | ### Influencing 33 | > Influencing is persuading people do what is necessary. 34 | > Influencing entails more than simply passing along orders. 35 | > Through words and personal example, leaders inspire purpose, provide direction, and when required motivation. 36 | > ADP 6-22, 1-75 37 | 38 | > The power to change or affect someone or something 39 | > The power to cause changes without directly forcing them to happen. [Merriam Webster, influence](https://www.merriam-webster.com/dictionary/influence) 40 | 41 | Influence is the single most important factor of leadership and the factor that most explains why technical controls are not sufficient substitutes. 42 | The Merriam-Webster dictionary defines influence as a power, **a means to cause change without force**. 43 | 44 | Influence is directly accomplished through the definition of goals, the means to accomplish those goals, providing necessary motivation, and rewarding successful resolution. 45 | Influence is a skill that must be practiced and is not a commodity for trade or an external asset to freely consume. 46 | Those whom to merely consume external influence are followers, not leaders. 47 | A [follower](https://www.merriam-webster.com/dictionary/follower) is one in the service of another. 48 | A leader provides service to those whom they are responsible but are not in service of them. 49 | 50 | ### Trust 51 | > A belief that someone or something is reliable, good, honest, effective, etc. 52 | > [Merriam Webster, trust](https://www.merriam-webster.com/dictionary/trust) 53 | 54 | Trust is the most visible condition of leadership. 55 | Those of us experienced in leadership can identify an organization's level of trust within minutes of watching conversations and other social dynamics of any organization. 56 | 57 | When a leader trusts their subordinates they will delegate to them as must responsibility as they are allowed. 58 | This frees the leader necessary availability to plan for the future, meet with external partners, and guide/observe their subordinate leaders more objectively. 59 | Leaders must inspire and earn the trust of subordinates through establishment of security, setting the example, timely information, and selfless service. 60 | 61 | When a subordinate trusts their leader they will engage their work with increased motivation, precision, and initiative. 62 | A subordinate in a high trust relationship will disclose more details to their leader and demonstrate a willingness to assume greater risks in product development. 63 | Subordinates earn the trust of their leaders through accomplishment, accountability, continuous refinement, and delivery of precision. 64 | 65 | In software trust is as frequently absent as much as the leadership it represents. 66 | Employees commonly switch employers every few years. 67 | Frequently moving between employers increases compensation for individual contributors much faster than remaining at a single employer. 68 | This means many employees are not around long enough to establish any form of trust relationship and the cultural norms of the industry reinforce less trust with limited leadership. 69 | 70 | The loss of trust as a cultural norm is problematic in that it becomes a self-fulfilling prophecy. 71 | Not trusting or developing software developers as an expectation results in employees less motivated and less worthy of development. 72 | In practice that means developers must be protected and isolated from any form of formal learning or development to both shield the organization from risk and simultaneously reduce the expense of funded employee improvement. 73 | 74 | ### Training 75 | Leaders are developed, not born. 76 | Training, especially leadership training, is most entirely absent in software. 77 | This is completely understandable when trust is virtually nonexistent and leadership is a some vague mystery. 78 | 79 | > Development depends on having clear purpose for what, when and how to develop. 80 | > Good leader development is purposeful and goal-oriented. 81 | > A clearly established purpose enables leaders to guide, assess, and accomplish development. 82 | > The principles of leader development describe goals for what leaders need to be developed to do: leading by example, developing subordinates, creating a positive environment for learning, exercising the art and science of mission command, adaptive performance, critical and creative thinking, and knowing subordinates and their families. 83 | > FM 6-22, 1-5 84 | 85 | It takes an intentional and asserted cultural effort to appropriately define and establish pillars of leadership as an institutional quality. 86 | In short, training leaders requires a culture of leadership that is both intentional and purposeful. 87 | Leadership training does not exist by accident. 88 | 89 | > Developing leaders involves a holistic, comprehensive, and purposeful group of activities. 90 | > More than any set of activities, success stems from a culture where leaders with a mindset and passion for developing others use daily opportunities to learn and teach. 91 | > FM 6-22, 1-10 92 | 93 | #### Historic Example: A Culture of Training 94 | As a historical example [English King Henry V](https://en.wikipedia.org/wiki/Henry_V_of_England) conquered France. 95 | This was made possible by the accidental victory at the [Battle of Agincourt](https://en.wikipedia.org/wiki/Battle_of_Agincourt) in 1415 where an exhausted and poorly equipped English army retreating back to England encountered a superior French force. 96 | The English force comprised about 1,500 knights and 7,000 archers. 97 | The French force comprised about 10,000 knights with superior armor and 4,000-5,000 footmen comprising archers and crossbowmen and possibly an additional 10,000 armed valets to the knights for a total fighting force of around 25,000 men. 98 | The French force also had superior training and were well rested. 99 | 100 | At the end of the battle the English were victorious with approximately 112 dead. 101 | The French were utterly destroyed with over 6,000 dead including 90-120 great lords and several thousand taken hostage. 102 | The English won because they didn't have the numbers or will to maintain the norms of chivalry at the battle and because they had the [longbow](https://en.wikipedia.org/wiki/Longbow). 103 | 104 | The French were fully aware of the longbow as the English used it to destroy a superior French force at the [Battle of Crécy](https://en.wikipedia.org/wiki/Battle_of_Cr%C3%A9cy) in 1346. 105 | For nearly 70 years the French were aware of this technology and made no use of it in their own forces and prepared no defences against it. 106 | The reason why the French ignored the longbow is because it takes years to train archers to become effective with it, **which required a dedicated culture of recruitment and training**. 107 | Had King Henry no died almost immediately after his conquest France would likely be an English possession today. 108 | 109 | ## Ethics 110 | Ethics are a branch of moral philosophy, but this paper is only concerned with a narrow category of [professional ethics](https://en.wikipedia.org/wiki/Professional_ethics). 111 | [Morality](https://en.wikipedia.org/wiki/Morality) is concerned with virtues of right and wrong and how such considerations reflect upon an individual person's character or an organization's reputation. 112 | Ethics are more specific than morals in that they are concerned with conformance to rules of practice. 113 | 114 | In most professions conformance to a code of ethics is required to attain employment. 115 | In many cases these codes of ethics are legally sanctioned and required to practice in a given profession such as: law, medicine, school teacher, truck driver, real estate, electrician, engineer, police officer, and many more. 116 | In the case where a profession requires a code of ethics any violation there of may result in complete forfeiture of practice. 117 | Violations in the case of legally sanctioned code of this will likely result in some combination of civil and criminal penalties in addition to complete forfeiture of practice. 118 | 119 | Software has no ethical definitions, yet professionally ethics always apply to all professional matters. 120 | In the absence of clearly delineated rules of conduct, as is the case in software, ethics reflect the intent, or purpose, behind a decision and the proximity of that purpose to one's own self interest, as opposed to the stated purpose of the product or business. 121 | Ethics are an utterly foreign concept to most software developers as they are something that is never taught or enforced. 122 | Communicating ethics to software developers is often challenging because software developers have no frame of reference and may view any such guidance as an unnecessary constraint upon what is otherwise maximum liberty and high self interest. 123 | 124 | It takes strong leadership to enforce ethical norms. 125 | It takes incredible leadership to form those ethical norms where they do not previously exist. 126 | Ethics are perhaps the greatest differentiator between software and any other professional industry, including military. 127 | 128 | ## Professionalism 129 | > True professions are guided by an ethic that establishes the personal and institutional standards expected of its members. 130 | > A professional ethic creates a shared professional identity, and provides an enduring set of moral principles, values and beliefs that guide that profession as it provides its specialized service to society. 131 | > ADP 6-22, 1-44 132 | 133 | Software, as an industry, lacks professionalism. 134 | There are no ethics, guidance, rules, or beliefs to establish any form of shared identity amongst software developers. 135 | In other professions, such as firefighter, there does exist a common identity. 136 | The rules to operate as a firefighter may differ slightly in different geopolitical areas, but the required skills and ethics are universal. 137 | This is achieved because firefighters, like most professions, require licensing that define identity, norms, and ethics. 138 | 139 | Licensing performs a critical function that is completely absent in software: defines a minimum baseline of [competence](https://www.merriam-webster.com/dictionary/competence) to operate. 140 | Like ethics, licensing is a concept that is completely foreign and poorly understood among software developers. 141 | To ensure employees maintain their technical proficiency licenses require continuing education and/or re-certification after a designated time period. 142 | 143 | Another critical function served by licensing is [objectivity](https://en.wikipedia.org/wiki/Objectivity_(philosophy)), which is also foreign to software. 144 | In every software interview I have participated in the interview starts by determining basic competence for the job. 145 | This is unfortunate, because it robs the interviewer of the opportunity to evaluate more important criteria when basic competence could be immediately determined by a variety of external factors such as licensing. 146 | These basic assessments of competence are almost always highly subjective and prejudicial in some way, though unintentionally, and rarely reflect any concept of allowed real world practice. 147 | 148 | ## Summary 149 | It is interesting holding employment in two unrelated industries simultaneously. 150 | One with a strong core of leadership that is well defined by doctrine and the other with nothing of the sort. 151 | Through that comparison it really feels software is an immature industry where the children run the daycare. 152 | Any attempt to raise the bar is frequently greeted with either hostility or irrationally self-indulgent excuses. 153 | 154 | There are many subjects in software that their mere mention immediately spring to mind the [Dunning-Kruger Effect](https://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect). 155 | One of those subjects is certainly leadership. 156 | When a person's entire career confined to a single line of work in a single industry they have nothing to compare it to, so its natural to believe the software industry is performing spectacularly on leadership and thus no more is needed. 157 | However, when your sample size for any kind of comparison is 1 of course you are 100% awesome. 158 | You are also 0% awesome, so unqualified self-assessments based on nothing mean nothing. 159 | This is why it takes an outside observer to form any kind of qualified opinion. -------------------------------------------------------------------------------- /Object_Oriented_Programming.md: -------------------------------------------------------------------------------- 1 | # Object Oriented Programming 2 | Written 18 August 2023. 3 | It seems many people advocate for object oriented programming (OOP) without knowing what it is or what problem it solves. 4 | 5 | ## History 6 | The language [Simula 67](https://en.wikipedia.org/wiki/Simula) invented the concept of OOP in 1967 by a team of Norwegian engineers. 7 | The prior popular programming language paradigm, called [procedural](https://en.wikipedia.org/wiki/Procedural_programming), expressed instructions into groups called procedures. 8 | Each procedure wrote to memory and access to that memory, called *procedure calls*, created the means of an expression that allowed instruction reuse per instruction group. 9 | OOP achieved a more thorough memory reuse scheme through a group of instructions, called an *object*. 10 | A developer then clones and extends the objects as necessary through a process called [poly-instantiation](https://en.wikipedia.org/wiki/Polyinstantiation). 11 | Poly-instantiation allows for the cloning of objects, called *inheritance*, but the cloned object shares the same memory as the object from which it was cloned. 12 | 13 | The only purpose of these programming paradigms, procedural and OOP, involved code reuse versus memory conservation. 14 | Looking at the [historic cost of memory](https://jcmit.net/memoryprice.htm) 1mb costed about $734,000 in 1967 when Simula 67 was invented. 15 | 16 | In 1979 a Danish academic started work on C language with classes. 17 | This did not work and so he started over with a new language named [C++](https://en.wikipedia.org/wiki/C%2B%2B) that he published with his PhD dissertation in 1982. 18 | The language became quite popular and for a while became the de facto programming language of both university computer science departments and corporate software production, thus becoming the normative language of institutional education. 19 | Even by 1985 the cost of memory was still around $880 per 1mb. 20 | 21 | In 1995 Sun Microsystems released the [Java](https://en.wikipedia.org/wiki/Java_(programming_language)). 22 | Java inherited many ideas and idiomatic patterns/styles directly from C++. 23 | One critical distinction between Java and C++ centers around memory management. 24 | C++ uses memory pointers to set and free memory in a manner very similar to C language, but Java uses a more automated process called [garbage collection](https://en.wikipedia.org/wiki/Garbage_collection_(computer_science)). 25 | With garbage collection memory allocation occurs automatically as an application executes by lower level code interpreting the given language and that lower level interpreter frees the memory when the application no longer needs it. 26 | Later in 1995 another garbage collected language named JavaScript was invented. 27 | The cost of memory was down to about $31 per 1mb. 28 | 29 | Java was invented to solve several business problems. 30 | One of these problems included the concept of *write once, run anywhere*, which describes a single programming language environment that executes in an identical way on different operating systems. 31 | Another business solution included making use of the conventions popularized, and later institutionalized, by C++ but with less learning effort and greater access to extensions by only package distribution channels. 32 | 33 | ## Language Style 34 | The design decision to leverage the popularity of C++ also illustrates the single greatest difference between Java and JavaScript. 35 | JavaScript is inherently an OOP language due to its internal definitions and type system, however the JavaScript language takes no position on stylistic conventions of developers. 36 | This allows JavaScript to achieve a designation named multi-paradigm, while Java maintains a single paradigm style imposing a single expressive C++ like system for writing application code. 37 | At 1995 the cost of memory became cheap enough that developers were free to deviate from restrictive memory conserving conventions. 38 | At ths time of this writing memory costs about $0.0015 per 1mb, or $15 per 1gb. 39 | 40 | OOP was created to allow a greater degree of programming expressiveness with a greater conservation of memory. 41 | In modern programming the technical purpose of OOP, memory conservation, is absent from most high level languages and replaced by automated conventions. 42 | The high costs of memory have also largely disappeared. 43 | If [UltraRAM](https://ultraram.tech/) becomes a commercial reality computers will cease to have memory all together. 44 | 45 | ## Institutions 46 | The reason OOP remains popular is due solely to institutional social conventions since both the economic and technical motives are long gone. 47 | OOP is still the primary means of computer science education in universities. 48 | Most of the modern legacy applications in commercial use within the last 40 years make use of OOP. 49 | 50 | The popularity of OOP largely exists as a result of a broken feedback loop. 51 | Universities continue to teach OOP because industry says that is what they want. 52 | Industry claims to want OOP because that is what the universities teach and training developers cost too much. 53 | 54 | Many people will argument that universities primary teach OOP because industry has OOP applications that need to be maintained, but this is faulty logic. 55 | My university continues to teach [COBOL](https://en.wikipedia.org/wiki/COBOL), a language from 1955, because there are still companies that execute COBOL applications. 56 | That is true, but COBOL is not the primary language of education of any computer science program even where it is taught. 57 | The primary reason universities principally teach OOP is because that is the language concept most familiar to the university educators, a deeply institutional environment. 58 | 59 | In industry then there are only two reasons to continue the practice of writing OOP style code. 60 | First, is to maintain legacy applications. 61 | Second, is for social compatibility with older developers who only know OOP programming paradigm. 62 | 63 | ## Future 64 | It appears the [future of programming](http://sevangelatos.com/john-carmack-on/) is [functional programming](https://en.wikipedia.org/wiki/Functional_programming) paradigm, according to [John Carmack](https://en.wikipedia.org/wiki/John_Carmack). 65 | In difference to the Wikipedia link I provide for function programming it is frequently a [declarative](https://en.wikipedia.org/wiki/Declarative_programming) programming style, but not inherently so and may be exceedingly [imperative](https://en.wikipedia.org/wiki/Imperative_programming). 66 | For example a program that makes explicit use of event handling in the control flow of its logic and is designed solely around that consideration would be extremely imperative. 67 | 68 | Functions are yet another form of instruction grouping like procedures and objects. 69 | Functions and procedures differ from objects in that they both execute instructions directly opposed to just grouping instructions into a common point of reference. 70 | Unlike procedures functions may optionally receive input and always return output. 71 | SQL databases illustrate the distinction between functions and procedures because they allow both the concept of stored procedures and functions as separate types of artifacts. 72 | 73 | Some people consider functional programming superior to OOP because the concept of poly-instantiation is wildly complex where object inheritance results in many vaguely similar artifacts. 74 | Functional programming also achieves a substantial reduction in code volume because the code execution point and grouping mechanism are one in the same. 75 | Also there is less need for syntactical decoration in functional programming where variable value assignment is explicit opposed to the implicit nature of a pronoun-like reference referring to artifacts in the call stack or scope chain for value assignment. 76 | 77 | ## JavaScript and OOP 78 | In JavaScript don't use OOP conventions. 79 | OOP conventions greatly increase the code size, which increases the time to maintenance (also known as tech debt), and also increases the complexity of both organizational conventions and syntax. 80 | More explicitly never use the keyword *this* or anything that either makes use of or is reliant upon keyword *this*. 81 | 82 | In JavaScript OOP is far more challenging than in other languages. 83 | This is because in modern times OOP only exists due to social institutions which teach a C++ class based inheritance scheme. 84 | In JavaScript the inheritance mechanism is quite different using a concept called [prototypes](https://en.wikipedia.org/wiki/Prototype-based_programming), which come from the language [Scheme](https://en.wikipedia.org/wiki/Scheme_(programming_language)). 85 | Also the keyword *this* is procedural, which refers to the prior step in the call stack. 86 | In functions that means *this* refers to that which called the function, which could be a different function. 87 | In methods *this* refers to that object on which the method is attached. 88 | In arrow functions, however, *this* is lexical, as opposed to procedural, so it always refers to the function containing the given arrow function. 89 | 90 | Many developers commonly get OOP wrong in JavaScript, and since the language is multi-paradigm just do use OOP, particularly *this*. 91 | Since the value of *this* is never clear or predictable by developers just reading the code many developers will apply unnecessary syntax decoration further increasing code system and reducing both clarity and predictability. 92 | So, just don't do OOP in the language. 93 | I promise, you will thank me later. 94 | 95 | ## Conclusion 96 | The only two times use of OOP cannot be avoided in JavaScript is to extend OOP code you didn't write or to extend internal features of the language directly. 97 | As a thought exercise ask yourself: "Self, what is the most value quality of OOP?". 98 | When you ask yourself that question out loud so you can hear it in your voice typically the place your mind will go to is searching through all things you know of programming. 99 | When you ask it of another person in casual conversation the answer is almost always and almost exclusively something related to attaining employment. 100 | The distinction is both striking and interesting. 101 | The most interesting part of this is that people want to validate this investment of time. 102 | They spend the time and cognitive energy attempting to qualify this consideration so long as that time is available, but in conversation where timing is condensed away the creativity they immediately go to a more honest place. -------------------------------------------------------------------------------- /Performance.md: -------------------------------------------------------------------------------- 1 | # Performance 2 | Like security, performance requires trades off and sacrifices. 3 | This may mean writing code in a less popular way. 4 | Performance certainly means testing and measuring things otherwise not tested or measured. 5 | Also like security everybody claims to want performance, but rarely are they willing to work to achieve it. 6 | 7 | Generally technical discussions of performance imply execution performance, or more specifically time to execute specific measured tasks. 8 | From a managerial or product perspective performance can cover many things from execution time to hours of effort for a human to complete a given task. 9 | While discussions of performance may cover many different topics all discussions of performance contain one important consideration: measures. 10 | Measures ensure performance discussions contain objectivity, reproducibility, and veracity. 11 | 12 | ## Premature Optimization 13 | > We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil. [Knuth, 1974] 14 | 15 | I felt it necessary to include this quote because it is so widely misunderstood and used out of context for developers to qualify performance penalties they don't understand. 16 | This section of an old academic paper speaks specifically to *Efficiency* and is subtitled as such. 17 | In this case efficiency refers to effective use of developer time writing code opposed to software execution time. 18 | More specifically this section directly describes performance penalties that aren't yet known at the time of writing. 19 | When premature optimization is mention it directly describes carefully writing code to avoid these unknown states. 20 | Once performance is measured no longer is it unknown, and thus no longer premature because the developer doesn't have to guess at what the correct course of action is. 21 | Even still the paragraph of the article provides exceptions where such guessing, if well reasoned, is still valuable: 22 | 23 | > mature optimization is the root of all evil. 24 | > Yet we should not pass up our opportunities in that critical 3%. 25 | > A good programmer will not be lulled into complacency by such reasoning, he will be wise to look carefully at the critical code; but only after that code has been identified. 26 | > It is often a mistake to make a priori judgments about what parts of a program are really critical, since the universal experience of programmers who have been using measurement tools has been that their intuitive guesses fail. 27 | > After working with such tools for seven years, I've become convinced that all compilers written from now on should be designed to provide all programmers with feedback indicating what parts of their programs are costing the most; indeed, this feedback should be supplied automatically unless it has been specificMly turned off. 28 | 29 | ### Summary 30 | *Premature optimization* is **only** about guessing at performance of non-critical code. 31 | 32 | --- 33 | 34 | ## DOM Access 35 | I put together a small [micro-benchmark](https://jsbench.github.io/#b39045cacae8d8c4a3ec044e538533dc) to measure and compare various different means of accessing the [DOM]. 36 | Looking at the numbers a few things stand out. 37 | 38 | * The old static DOM methods that do not require string parsing are several orders of magnitude faster than other means of access. 39 | * Query selectors are the fastest method of accessing the DOM only when there is not a static method equivalent, such as access elements by attribute name or value. 40 | * Custom DOM methods are the slowest means of accessing the DOM. 41 | * Perhaps most interesting is that Chrome appears to have a performance ceiling of about 45 million operations per second irrespective of hardware. Firefox has no such performance ceiling. In fact, after measuring these numbers on various different hardware it appears the maximum performance numbers for Firefox are a direct reflection of memory speed and bus speed irrespective of CPU speed or core count. 42 | 43 | The most important consideration from any such micro-benchmark are not the raw numbers, but the differences between those numbers. 44 | Achieving more than 4 billion operations per second in Firefox DOM access sounds impressive, but more important is that its about half a million times faster than access by equivalent query selectors. 45 | Keep in mind all measures returned in this micro-benchmark represent base-case scenarios, which means the differences between the numbers will increase proportionally to frequency of access. 46 | That means if a query selector executes at 25,000 operations per second and 1,000 query selectors execute in a given page total performance for DOM access via query selector is reduced to 25 operations per second as the most optimistic measure. 47 | If, on the other hand a different but equivalent means of DOM access executes at 45 million operations per second and there are 1,000 such points of access in a given page total performance for DOM access is reduced to 45,000 operations per second as compared to 25 operations per second for the query selector scenario. 48 | 49 | These differences in measure are more important for execution time than many developers consider because the quantity of DOM access points is often substantially higher than most developers are aware. 50 | The lack of awareness flows from the distance developers remove themselves from the DOM via layers of abstractions. 51 | More so, when developers are far removed from what actually occurs at the DOM API there may likely be a greater quantity of access points, inefficiency, than is necessary to achieve a desired result. 52 | 53 | Second and third order consequences to performance exist for each point of DOM access. 54 | DOM modifications frequently result in partial or full visual rendering changes to the page each of which imposes a performance penalty. 55 | Furthermore code dependent upon DOM modification cannot execute until the DOM is modified and increasing JavaScript execution speed without consideration for speed of access to the DOM may result in race conditions or intermittent blocking of execution. 56 | 57 | ### Summary 58 | If user interface performance is critical to product quality it is necessary to understand the performance penalties associated with DOM access by comparing numbers. 59 | Failure to measure and compare performance differences will likely result in a sluggish experience even though the technologies are capable of executing extremely quickly, because the potential performance implications are several orders of magnitude. 60 | 61 | --- 62 | 63 | ## File System Access 64 | Like the DOM the file system is a tree model. 65 | This means many of the same performance rules apply. 66 | My personal project of the moment [Share File Systems](https://github.com/prettydiff/share-file-systems) creates an OS GUI in the browser that connects to a Node.js microservice application running on the terminal. 67 | This application displays file system details in the browser similar to OSX Finder or Windows Explorer. 68 | The raw file system display performs a bit more slowly than the equivalent interfaces natively supplied by the operating system. 69 | Despite that my Share File Systems application performs file system search dramatically faster than the operating system with better results. 70 | 71 | I don't know how the operating system code works. 72 | Because of that ignorance I cannot definitively determine why file search in the operating system is so astonishingly slower than my Share File Systems application. 73 | From my knowledge of tree models my assumption is that any query that requires string parsing to determine a qualified result will be several orders of magnitude slower. 74 | Operating systems support a variety of conditions like [Advanced Query Search](https://docs.microsoft.com/en-us/windows/win32/lwef/-search-2x-wds-aqsreference), [Windows Search](https://support.microsoft.com/en-us/windows/search-for-anything-anywhere-b14cc5bf-c92a-1e73-ea18-2845891e6cc8), and [Finder Search](https://support.apple.com/guide/mac-help/narrow-search-results-mh15155/mac). 75 | Each of those search methods support a variety of advanced syntax rules, such as wildcards, that require parsing against a rule set and it is the parsed result that is compared with a file system artifact to determine a search result. 76 | 77 | To make things more complicated the operating systems know file search is slow so they support caching. 78 | Caching is a trade off. 79 | Caching requires a one time performance hit to write results into a remote location so that subsequent identical searches may refer to this cache to quickly display results. 80 | Caching is problematic since file systems are living entities that can change under a variety of conditions, which will invalidate any previous cache. 81 | 82 | The Share File Systems approach to file system search is primitive. 83 | There is no cache. 84 | At each search the file system is walked recursively as if preparing a list of all file system contents of all contained directories. 85 | Only the file system artifacts that match the search criteria are populated into output. 86 | Likewise, the search token is also primitive. 87 | The Share File Systems application only supports string tokens, negative strings, and regular expressions for search. 88 | The string token and negative string tokens do not require any parsing to perform a comparison. 89 | The regular expression requires a one time parse step and all file system artifacts are tested against that parsed regular expression. 90 | 91 | ### Summary 92 | I am able to achieve dramatically faster file system search using a JavaScript application from the browser. 93 | I suspect the performance improvements and better results are the result of doing less work. 94 | 95 | --- 96 | 97 | ## Transmission 98 | Web services typical refer to the transactions of data across a network between web technology, typically a browser as the client and a remote application running on a web server. 99 | The common transmission standard for web technologies is HTTP 1.1. [R Fielding, et al] 100 | Transmission schemes available are typically dictated by support in the browser and also include: 101 | * HTTP/2 [M Belshe, et al] 102 | * HTTP/3 (QUIK) [M Bishop, et al] 103 | * WebSockets [T Fette, et al] 104 | * Server-Sent Events (SSE) [HTML5 Specification] 105 | 106 | Each of these 5 transmission schemes possess different strengths and weaknesses that impact performance. 107 | 108 | ### HTTP 1.1 109 | The common HTTP scheme is the most portable and durable transmission scheme listed because its fully session-less. 110 | In networking session means that two or more end points agree to connect and share data. 111 | In a fully session-less scheme no agreement is required and no identity is implied. 112 | This means an anonymous client is connecting to a known server without authentication and the server will accept that connection if it can understand it. 113 | 114 | ### HTTP/2 115 | HTTP/2 offers substantial speed improvements over HTTP 1.1, but sacrifices portability to do so. 116 | HTTP/2 requires use of TLS, which requires signed certificates to establish trust. 117 | It should be noted the TLS requirement for HTTP/2 is a de facto browser standard not defined in the HTTP/2 protocol. 118 | 119 | HTTP/2 is also is partly session-oriented. 120 | Anonymous clients connect to a server without preconditions using an HTTP request just as with HTTP 1.1, but upon connecting the server establishes a TCP tunnel to the client whereby many resources are pushed to the client. 121 | 122 | HTTP/2 introduces a new technology called [HTTP Server Push](https://en.wikipedia.org/wiki/HTTP/2_Server_Push). 123 | HTTP/2 is a performance improvement in that multiple resources may be pushed into a single HTTP response. 124 | HTTP push cannot be initiated by a client and it is not a notification system outside a response to a request. 125 | 126 | HTTP/2 and HTTP/3 achieve the highest throughput of web transfer mechanisms by separating sockets from sessions. 127 | A single session is established between a client and a server, but each session may have as many sockets as the server has ports available. 128 | Numerous simultaneous sockets allows HTTP/2 and HTTP/3 to achieve a higher quantity of simultaneous transmissions than HTTP 1.1 allows. 129 | 130 | ### HTTP/3 131 | HTTP/3 uses a new technology called QUIK. 132 | HTTP/3 follows a similar architecture to HTTP/2. 133 | HTTP/3 occurs over [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) as opposed to all other web transfer mechanisms that occur over [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). 134 | TCP has built-in integrity checks, commonly referred to as *connection-oriented*, such as: the 3-way handshake, packet ordering, and so forth. 135 | UDP is a faster transmission mechanism because it has no integrity checks of any kind, referred to as *connection-less*. 136 | The common traditional use case for UDP is live media streaming where dropped packets are unrecoverable lost data. 137 | Using UDP as a file transmission mechanism requires an alternate form of integrity check to determine if data is corrupt or incomplete so that it may be resent until complete. 138 | 139 | ### WebSockets 140 | Unlike the various levels of HTTP, WebSockets are fully session-oriented. 141 | This means a session must be established before any data is sent in either direction. 142 | As a result WebSockets, when executed from the browser, require the use of a HTTP server on the remote end as well as a WebSocket server. 143 | The requirement for an HTTP server when connecting outside a browser is determined by the WebSocket server implementation. 144 | Most server implementations lean on HTTP servers, but I have written a WebSocket service that makes no use of HTTP servers, so it is possible. 145 | 146 | Unlike HTTP/2 and HTTP/3 WebSockets do not distinguish between session and socket. 147 | The WebSocket protocol also indicates data frames may not intermingle between separate transmission. 148 | That means WebSockets cannot support multiple simultaneous transmission. 149 | 150 | My personal experience with WebSockets indicates if two data transfers are executed from within the same function a race condition occurs that determines which data will send, or both, or neither. 151 | There is close to a 100% chance the first transmission executed will make it to the remote end. 152 | There is about a 50% chance the second transmission executed will make it to the remote end. 153 | There is close to a 0% chance neither transmission will make it to the remote end. 154 | Once I discovered this problem I solved it in my application by ensuring the least priority transmission is delayed with a *setTimeout* of 5ms. 155 | 156 | WebSockets are the only web transmission mechanism to achieve full bi-directional communication, also referred to as [full duplex](https://en.wikipedia.org/wiki/Duplex_(telecommunications)#Full_duplex). 157 | This means clients may arbitrarily send data to the server and the server may arbitrarily send data to the client. 158 | It also means WebSockets are a simplified and faster alternative to the browser's [XMLHttpRequest](https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest) object, sometimes referred to as AJAX. 159 | 160 | Aside from the limitations mentioned above regarding no parallel transmissions, WebSockets achieve the fastest communication between nodes. 161 | WebSockets do not have a separate mechanism for meta data unlike HTTP, which has headers. 162 | WebSockets also do not have the request/response round trip of HTTP. 163 | WebSockets only have a *send* operation. 164 | 165 | ### Server-Sent Events 166 | Server-Sent Events allow for an arbitrary notification system without a full roundtrip like WebSockets, but only from a webserver. 167 | Server-Sent Events is limited in the number of simultaneous transfers as determined by the server's available ports and the version of HTTP service it is executing. 168 | 169 | Server-Sent Events are similar in performance and handling to WebSockets. 170 | WebSockets are a better choice if the client is frequently sending data to the server, but Server-Sent Events are a better choice if the server is executing a notification service without any messaging from the client. 171 | 172 | ### Summary 173 | Determining the best performing transmission type is a matter of determining your application needs whether your primary needs are parallel transfers, 174 | 175 | --- 176 | 177 | ## Services 178 | Achieving high performance services requires an understanding of available transmission options as well as their limitations and overhead. 179 | Service application speed and resource organization also dictate service performance. 180 | Even when all the ingredients that comprise a service architecture are fast there there still exists low hanging fruit to improve performance. 181 | 182 | At the large-scale commercial/enterprise level service speed is secondary to availability. 183 | Service speed becomes irrelevant when the server fails. 184 | The primary solutions to ensure service uptime are redundancy and distribution, which are generally solved by load-balancers and content distribution networks respectively. 185 | 186 | A load balancer is a traffic distribution machine sitting between incoming traffic and a pool of available servers. 187 | Load balancing ensures traffic is directed away from machines with low resource availability and directed towards machines with high resource availability. 188 | Resource availability refers to hardware usage versus total hardware capability, such as: memory, CPU speed, disk write speed, disk capacity, and so forth. 189 | This means load balancers must be aware of incoming traffic payload size, various server resource availability metrics, and various other variables in near real time. 190 | 191 | In order to get the greatest benefit of a load balancer perform research to determine which incoming service messages associate with levels of resource consumption. 192 | That sort of research requires normalizing many variables as necessary to focus upon the fewest key considerations to achieve research with higher levels of confidence. 193 | Normalizing service data from any kind of parsing scheme may result in the greatest level of noise reduction. 194 | A way to achieve this form of normalization requires wrapping all incoming data in a primitive object that maps the data to a service identifier, for example: 195 | 196 | ```javascript 197 | { 198 | "data": {}, 199 | "service": "name_of_service_here" 200 | } 201 | ``` 202 | 203 | In this code example the data property represents the incoming data of any shape or size. 204 | The service property refers to the name of the service expected to consume that data. 205 | In most cases services consume data of a uniform expected shape, which in TypeScript may be defined as an *interface*. 206 | Knowing this solves several problems immediately: 207 | 208 | 1. A single entry point can consume all incoming data expecting only a single identifier and no additional metadata. 209 | 1. The primitive nature of the single identifier allows service identification at the load balancer. 210 | 1. Service identification before distribution by the load balancer allows the developers the opportunity to identify heuristics to connect specific service data with a pool of specifically designed hardware resources. 211 | 212 | Orchestrating service management in this way also speeds developer maintenance time, because there is only a single funnel at each connection point to troubleshoot connectivity and service health. 213 | 214 | --- 215 | 216 | ## References 217 | * [Knuth, 1974](https://pic.plover.com/knuth-GOTO.pdf) 218 | * [DOM](https://dom.spec.whatwg.org/) 219 | * [R Fielding, et al](https://datatracker.ietf.org/doc/html/rfc2616) 220 | * [M Belshe, et al](https://datatracker.ietf.org/doc/html/rfc7540) 221 | * [M Bishop, et al](https://quicwg.org/base-drafts/draft-ietf-quic-http.html) 222 | * [T Fette, et al](https://datatracker.ietf.org/doc/html/rfc6455) 223 | * [HTML5](https://html.spec.whatwg.org/multipage/server-sent-events.html#server-sent-events) 224 | 225 | [Knuth, 1974]: https://pic.plover.com/knuth-GOTO.pdf 226 | [DOM]: https://dom.spec.whatwg.org/ 227 | [R Fielding, et al]: https://datatracker.ietf.org/doc/html/rfc2616 228 | [M Belshe, et al]: https://datatracker.ietf.org/doc/html/rfc7540 229 | [M Bishop, et al]: https://quicwg.org/base-drafts/draft-ietf-quic-http.html 230 | [T Fette, et al]: https://datatracker.ietf.org/doc/html/rfc6455 231 | [HTML5 Specification]: https://html.spec.whatwg.org/multipage/server-sent-events.html#server-sent-events -------------------------------------------------------------------------------- /Web_Accessibility.md: -------------------------------------------------------------------------------- 1 | # Web Accessibility - Introduction 2 | This guide is merely an introduction. By no means should this document be taken as exhaustive or any form of compliance. 3 | 4 | ## Contents 5 | 6 | 7 | ## What is Accessibility? 8 | Accessibility is the process and validation of providing near equivalent access to content and media for all persons regardless of physical or cognitive barriers. 9 | 10 | ### Categories of Disability 11 | The common disability categories commonly addressed by accessibility are: 12 | 13 | * **auditory** - Auditory disabilities include any impairment related to physical reception of information by the ears, such as: deafness, frequency loss, tinnitis. 14 | * **cognitive** - Cognitive disabilities are a blanket category that convers learning disabilities or any impairment in the understanding or retaining of information. 15 | * **motor-coordination** - Motor-coordination impairment covers any limitation upon physical access by means of self-propulsion of the body with a certain degree of precision, such as: Parkinson's disease, epilepsy, muscular dystrophy. 16 | * **speech and language** - Speech limitations can be due to physical constraints, such as damage to the jaw or throat, but may be due to a cognitive limitation, such as stroke or apraxia, or stuttering. 17 | * **visual** - Visual disabilities include any impairment related to physical reception of information by the eyes, such as: blindness, color blindness, impairment of visual focus. 18 | 19 | ### Disabilities and the Web 20 | Unless we are in the business of creating or publishing moving or interactive media web developers are primarily concerned with visual, cognitive, and motor-coordination. Auditory disabilities are not a priority concern unless music or video is presented. Speech is generally not a priority concern unless voice recognition software is provided. 21 | 22 | ### You Should Care, Because It's The Law 23 | In accordance with various federal laws visual, cognitive, and motor-coordination limitations are priority concerns. The legal statutes and associated regulatory bodies vary by business industry, geography, and relationship to user. As a general concern always make a best faith effort to produce the highest quality product possible. 24 | 25 | At this time most legal bodies and regulatory agencies look to the [Web Content Accessibility Guidelines 2.0 (WCAG)](https://www.w3.org/TR/WCAG20/) level AA conformance for determining acceptance or rejection of accessibility. I urge everybody to glance through the WCAG document to gain a familiarity on basic technical concepts. 26 | 27 | Generally speaking, the commons threats from accessibility violations are class-action law suits and regulatory fines. Class action law suits can be very expensive, such as the case in National Federation of the Blind v Target Corp that resulted in a $6,000,000 award plus $3,738,864 in court costs. Target was also required to rewrite their online shopping technologies to avoid additional fines and lawsuits. Target's online shopping experience is now a strategic partner with the National Federation of the Blind as a strong example of online accessibility. 28 | 29 | An example of regulatory law is the travel industry's 1986 Air Carrier Access Act that was [updated in 2013](https://www.regulations.gov/document?D=DOT-OST-2011-0177-0111) to supersede prior weak judicial review. This update required that all air carriers performing business within the US, regardless of national origin, would have accessible websites and kiosks in conformance with WCAG 2.0 Level AA. Violators risk fines and closing of business services within the jurisdiction of the US Department of Transportation. 30 | 31 | ### Accessibility is not Internationalization 32 | Accessibility does not include internationalization/localization which are the means to convert artifacts and customs to cultural and geographic preferences. Various different locations of the world specify unique preferences for format of date/time, currency, and perhaps even spelling of common words. These differences and all associated conformance do not fall under the umbrella of accessibility. As general usability guidance, however, formats should always be specified to ensure users read, understand, and respond exactly as the application commands. 33 | 34 | ## Accessibility in Development (All Hands on Deck) 35 | Development teams are beholden, as subject matter experts, to creating products that appropriately account for and solve accessibility concerns. Development teams are more than just UI developers writing HTML. Business requirements that fail to account for accessibility, or create ambiguities, must be considered faulty or incomplete. Such requirements must be pushed back for refinement before work can start. Accessibility conflicts that arise in developer code must be considered defects and rejected by any receiving party and blocked from publication to end users. 36 | 37 | In order for accessibility to be achievable everybody must be aware of common defects. By everybody I mean all software developers on the team, business analysts, QA, and even the primary stake-holders. Accessibility violations in the software are defects in much the same way as a broken tail-light on a car and like-wise fail inspection while violating the law. 38 | 39 | In order to think about accessibility developers must first be generally aware of how human impairments impact access to information, how impaired persons contend with this, simplified validation tools, and what assistive technologies are commonly available. At a high level, all associated team members need this level of awareness. Only front-end developers need to have knowledge regarding technical implementation of associated code. 40 | 41 | It is important for all team members to be aware of accessibility in this manner because it changes how they perceive their own work and where they fit inio a corrective process. When accessibility becomes a front-end developer only responsibility it is rarely applied and never enforced. 42 | 43 | ## A Simplified Examination of Common Impairments 44 | 45 | ### Visual 46 | Visual impairments range from focus disorders, complete blindness, slow motor response of muscles around the eye, color blindness, and various other factors. The most common solution for vision related impairments are screeen reader applications that read text aloud as speech and interact with websites only using a keyboard. Some common screen readers: 47 | 48 | * [JAWS](http://www.freedomscientific.com/downloads/jaws) 49 | * [NVDA](https://www.nvaccess.org/download/) 50 | * [Apple VoiceOver](https://www.nvaccess.org/download/) 51 | * [Google ChromeVox](http://www.chromevox.com) 52 | 53 | The most important factor for screen reader compatibility is well written HTML. Well written HTML means content is present in the appropriate order from top to bottom and left to right. All content is well described with valid HTML where tags are appropriately structured with their required attributes. Screen readers navigate within a page by hyperlinks, headers, ARIA, and various other semantic structures the screen readers make available as shortcuts. 54 | 55 | As an experiment try navigating around the website using only a keyboard. Do you get lost? Can you effectively and quickly navigate between various sections of content or form controls? 56 | 57 | If this is too easy turn on a screen reader and turn your monitors off. Can you navigate through a single page app without getting lost? Does the page content make sense? 58 | 59 | These experiments aren't hypothetical draconian challenges. This is common usage for a larger than expected portion of the general population. 60 | 61 | ### Cognitive 62 | Cognitive suggests factors related to understandability, retention, and relational concepts. In this regard solving for many cognitive disorders is generally referred to as *usability*. Solving for many of these problems means ensuring text content is well ordered and is simple to read. Please keep in mind the average reading level in the US is at a 9th grade level, which means writing for a master's level education erodes access to more than half the population. 63 | 64 | The most common cognitive limitations are dyslexia and dysgraphia which dramatically vary by population according to the complexity of the written language. Languages without an alphabet tend to have higher incidents of these disorders while languages with syllabaries tend to have fewer. These users may make use of screen readers even though they aren't visually impaired, which suggests perhaps a larger percent of the population may use screen readers than are actually visually impaired. 65 | 66 | ### Motor-Coordination 67 | People with degraded fine-motor control will often choose to navigate a page using only a keyboard or touch screen. A mouse is diffecult and frustrating to use when a user cannot keep their hand still. If these users accidentally click the wrong form control or accidentally navigate to different area do they lose information or become stuck? 68 | 69 | ## Summary 70 | It is important to remember the purpose of accounting for accessibility is to reduce and eliminate discrimination. In many cases this isn't charity or kindness. It is compliance with the law. As technology experts, it is our job to ensure we develop products that are easy to use and quickly solve the needs of our users. If we go out of our way to frustrate and challenge our uses out of complacency they well take their business else where. -------------------------------------------------------------------------------- /Web_Productivity.md: -------------------------------------------------------------------------------- 1 | # Productivity for Web Developers 2 | 3 | ## Definition 4 | 5 | Productivity, in general, is simply the ability to decrease the expenses required to accomplish a required business task. From an economic perspective qualities such as labor expenses, duration, tools, talent deficits, and so forth can all be classified as expenses. Ultimately this means all discussions of productivity are ultimately subjects of business management. The most simple means to calculate expense is something like: 6 | 7 | var a = number of people assigned to a given effort, 8 | b = average cost per person, 9 | c = total duration; 10 | a * b * c = initial productivity baseline 11 | 12 | The more people assigned to a given effort the more expensive that effort becomes. The longer it takes to complete that effort the more expensive it becomes. Productivity is calculated from the inverse comparison of various measurements of expense for roughly equivalent efforts. If expenses going down for similar tasks this is an indication that productivity has increased. If for example, one developer is capable of completing a task that normally requires three developers that one developer is 3 times more productive or a third of the expense to the business objective. 13 | 14 | ### Personal Productivity 15 | 16 | Understanding productivity at large is important, but for software development is perhaps more important to understand **personal productivity**. Personal productivity, just like the generalized productivity, is a universal phenomenon of economics that can be measured objectively. In short it can be defined as the *frequency of interval*, where an interval is the assignment, effort, completion, and verification of a given effort. That is how many efforts (with verifications) can a person complete in a given period of time. Since this concept is universal it applies exactly the same whether your task is writing software code, scrubbing toilets, or cutting grass. 17 | 18 | While the concept is indeed universal interval frequencies will vary greatly by task and industry. For example modifying software requires a substantially smaller timeframe than constructing or repairing physical infrastructure or running for political office. As a result interval frequency is best measured relative to a given profession. Comparing the number of updates to a given software application against the number of times an astronaut has entered space is not a useful comparison, but comparing interval frequency of a JavaScript developer against a Java developer is far more valid. 19 | 20 | The primary reason why frequency of interval is important is due to learning and behavior. As people accomplish a given task multiple times they learn to improve upon their efforts. This procedural improvement results in refinements to precision and speed. A given craftsman becomes more skilled and faster in his/her craft the more times their provided efforts are completed and verified. This is how Henry Ford profoundly increased productivity with the conveyor system. 21 | 22 | ### Personal Experience 23 | 24 | If personal productivity can be defined as *frequency of interval* then personal experience can be defined as *quantity of completed intervals*. If you were hiking in the woods who would you trust more as a hiking companion: the guy who has completed the hike twice or the guy that has performed this hike once a week for the past two years? While both are qualified companions we can agree that one is more experienced than the other. 25 | 26 | Experience is not merely a measure of effort but is also a qualitative review of that effort. If one person has written software for 20 years we can assume that person has a great deal of experience, however if they constantly struggle to complete their work on time and frequently submit sloppy results their great experience suddenly becomes less valid. Another person who has achieved perfect quality work every time, though only has two years experience, might be considered a superior craftsman even if they have less total experience. This is why *quantity of completed intervals* is important, because its not just about how hard a person has tried but rather a combination of that effort and the resulting achievements. 27 | 28 | ### Examples 29 | 30 | Imagine you are a software developer assigned a given task. You are an expert in your field and you will likely accomplish the task perfectly on the first try. Good for you, but unfortunately there is a 10 minute build process to verify your accomplishment. Now imagine sitting next to you is another developer who doesn't have any build process or compile step. They are going to make a software change and verify the results immediately on the command line. This software developer is very good and doesn't really know what they are doing, but their interval is only 20 seconds long. This means the weak developer is able to complete 30 intervals in the time the good developer can complete 1 interval. 31 | 32 | The common conclusion is that the bad developer can theoretically work 30 times faster than the good developer, but this conclusion is unreliable and is not likely to be valid. A more accurate statement is that the weak developer can fail 29 times and still achieve the same productivity as the good developer. This is incredibly valuable as there is learning in each of those failures. With each an every failure the weak developer is learning to refine their approach, review how they think about the problem, and devise a new approach. Additionally, they are also reviewing the code they are working in and thinking about how things could be better organized so as to make the intervals even faster for themselves and other people. As they fail more often they are also faster to identify areas of frustration that could be refined. 33 | 34 | ## Business Imperative 35 | 36 | If businesses are able to increase productivity they are able to increase the frequency of task completion without hiring additional personnel. This translates to an increased competitive stance in the marketplace without increasing expenses, which allows for increased revenue generation that can be reinvested into the business, and so forth. More important than the economic considerations are the potential business implications. Increased productivity allows for deeper penetration of the target market, consideration of market diversification, and yields second and third order effects that translates into superior brand performance. 37 | 38 | Increasing internal productivity within a business is an absolute good, but it is not absolutely achievable. There are various qualities that are always competing for attention and may limit or defeat productivity. The qualities can be things like: 39 | 40 | * unclear requirements 41 | * developer regression 42 | * rapidly changing business direction 43 | * shifting market segments 44 | * fear and uncertainty 45 | 46 | ### Identify Areas of Improvement 47 | 48 | While some productivity limiting qualities are clearly known many are not known and challenging to identify. The most direct way to identify obstructions and potential gains of productivity is to evaluate individuals doing their jobs directly. Ask basic questions of the observations: 49 | 50 | * Are developers spending half the day surfing the web instead of writing code? 51 | * If so what is preventing the developers from doing work? 52 | * How many times must developers repeat a given task before the task is complete? 53 | * What barriers are in place between writing code, testing that code, and proving the results to stake holders? 54 | * Is there an increased need for documentation, tool configuration, internal processes, and so forth that makes doing the job harder and slower? 55 | 56 | Many times a business leader can simply ask these questions to developers directly and may be surprised by the directness of the answers. Typically developers fall into three categories in response to limited productivity. Senior developers who are confident in their performance potential will generally view productivity barriers as institutional problems that are forced upon them. These senior developers are happy to discuss productivity problems and will generally willing to propose radical solutions that others might find drastic. New developers will generally not have an immediate opinion on the matter and are generally flexible and accepting of changes. Developers who view themselves as imposters or are utterly reliant upon a specific tool, language, or configuration will generally fear any change. Imposters may find increases in productivity threatening. Business leaders need to account for imposters when evaluating productivity. 57 | 58 | ### Train Your Team 59 | 60 | Most developers lack the initiative to learn foundational skills on their own. It is up to the technology leadership in the business to stress and mandate certain levels of technical quality. Many businesses are completely aware that required training is completely missing. This can sometimes be due to a toxic development culture, lack of clear technical direction, or other indirect qualities. More commonly businesses refrain from direct technology training because that is time and money not spent achieving the business's primary objectives to increase revenue. There is also fear that senior developers are highly valued assets in the market place and investments in training may result in lower employee retention. These concerns are valid, but must be evaluated against the need for more competitive product development. 61 | 62 | ## Developer Productivity 63 | 64 | ### Self-Imposed Barriers 65 | 66 | The most direct and important actions to influence developer productivity is to eliminate barriers. If developers are required to use a series of tools that require a build process between code authoring and execution then developers are idle for the duration of that build process. That lost time is an expense that must be multiplied by the total number of builds per day from all developers. For example if a build process takes 30 seconds to execute, but a developer runs that build task 20 times a day that is a loss of 10 minutes of productivity. If there are 30 developers working on the platform that is a loss of 5 developer hours per day from something that only takes 30 seconds of time. 67 | 68 | Many of these barriers are self-imposed, which is to say that developers deliberately put obstacles in their way to make the technologies easier to organize and understand. While these add steps constitute a known and precisely measurable deterrent to productivity the most common counter-argument is that the developer would be harmed and impaired without the added help, which they believe to be a far greater impediment to productivity. This is not a technology problem, as many might believe, but rather a training and hiring problem. 69 | 70 | When developers lack certain foundational skills they may compensate through the addition of tools to bridge these gaps in their competencies. Developers who are hiding behind tools can become very creative in their excuses to avoid accepting responsibility for gaps in their qualifications. It is the responsibility of technology leadership to recognize these excuses and provide positive mentorship. It is important that technology leadership not continue to enable these behaviors. Enablement is how bad developers remain bad developers and harm the entirety of their team through apathy, negative defensiveness, and low quality results. 71 | 72 | When evaluating for productivity the business must have sufficient technical capabilities to discern the differences between a tool or process that is required directly by a business task versus a tool or process that is required by a developer to accomplish that task. It is helpful to determine to what degree the given developer can distinguish between those two facets. Look for terms such as *easier* or *quicker* and be sure to critically examine those terms to determine if the developer is attempting to make things easier for themselves first or for somebody else and at whose expense. 73 | 74 | ### Institutional barriers 75 | 76 | Institutional barriers are qualities enforced by the organization that directly interfere with potential productivity improvements. These can be things like processes and configurations for required applications. These things may exist for good reasons, such as prevention of security violations and ensure product stability. Sometimes these barriers are present because the organization does not trust the technologies which they have been forced to accept, such as Java developers being forced to write web technologies where they lack experience. These barriers may also occur due to poor planning and an incomplete understand of software architecture. 77 | 78 | ### Developer Imperative 79 | 80 | While there is a clear business interest to increase productivity the implications to the individual developer are more direct and profound. A developer who is able to accomplish an effort three times faster than their developer peers is a more productive developer. This means in between task assignments that developer has additional time for independent research, education, and experimentation. This unstructured time allows the more productive developer to grow their confidence and capabilities to become more productive still. It also allows productive developers the opportunity and confidence to solve ever large problems, which increases the marketability when shopping for other future employers or competing for that promotion with the current employer. 81 | 82 | ### Become a Productive Developer 83 | 84 | 1. Learn the standard technologies. This cannot be stressed enough. A developer that is reliant upon extra tools will always be less productive than a developer who is comfortable with solving the same problem in the absence of those extra tools. 85 | 2. Reduce and eliminate barriers. If unit tests are in your build effort move them out to a separate effort. Continue to reduce and eliminate tasks from the build effort so that its execution duration continues to fall until the build effort can be removed entirely. 86 | 3. Solve hard problems early. For example consider cross-browser irregularities. A developer who has spent large blocks of time in the past fighting these dragons will find them easy to solve and diagnose. A developer who is always reliant upon a library or tool to solve these problems will be lost when once that tool is no longer adequate. 87 | 4. Document solutions to hard and common problems. This won't save the documenting developer any time, but it will save substantial time for all their teammates. This increases overall team productivity. 88 | 5. Push back on unclear requirements. Do not accept tasks that require large amounts of guessing, or simply guess and present the solution pending better requirements. 89 | 6. Avoid bad advise. If a hard decision is required and the technical guidance violates basic technology principles independent test things and present the results of the tests as evidence to more senior decision makers. Accepting bad advise will gradually destroy productivity over time like a snowball rolling down a hill. 90 | -------------------------------------------------------------------------------- /Web_Training.md: -------------------------------------------------------------------------------- 1 | Web Training Hierarchy 2 | === 3 | 4 | It is generally really challenging to identify developers who are rockstar super-achievers in the web platform. Part of the problem is that there is no clear or identifiable metric of success. Unfortunately, a deeper cause of the problem is that there is no structured guidance as to which skills are important or how to progress technically. An individual must simply figure it out on their own, which is troubling considering the web platform is constantly growing and contains so many various technologies and requirements. 5 | 6 | To provide some order in chaos this guide seeks to outline training guidance as a series of progressive levels. It is inspired by the organization of educational and task standards taught in the US Army. The guide will start with Level 1, which is the foundation. This is not to say that a Level 1 skill or more less important than a Level 4 skill, but instead seeks only to provide a sense of direction. It is necessary for a wise old sage at the highest levels to occasionally refresh their Level 1 skills. 7 | 8 | Level 1 - Writing Code 9 | --- 10 | 11 | Most discussions on improvement and education of web technologies is on how to write code. Writing code is the foundation. It is a minimal requirement. Surely there is more to being a rockstar than merely write less faulty code. Level 1 is dedicated to write code. If a developer is not competent at this level they shouldn't be employed as a web developer as this is the minimum requirement. Developers are not senior principle level rockstar advocates merely because they are clever at writing code. This only the first level of education/experience. 12 | 13 | * Objective: The expectation is for developers to be competent writing in the essential languages that comprise the web platform. 14 | * Expectations 15 | - Read/Write CSS 16 | - Read/Write JavaScript 17 | - Read/Write HTML 18 | * Success metrics 19 | - Competence 20 | * Understanding of CSS selectors, property names and associated values, and syntax 21 | * Can write CSS code that performs as desired in all modern popular web browsers 22 | * Understanding of HTML tag names and syntax 23 | * Capable of writing HTML entirely without presentation and interaction logic 24 | * Capable of writing syntactically valid HTML code 25 | * Understanding of JavaScript syntax, inheritance, and scope 26 | * Capable of independently writing JavaScript 27 | - Good 28 | * Capable of writing CSS code that works well cross browser including with legacy browsers 29 | * Capable of writing JavaScript without frameworks and helpful libraries 30 | - Rockstar 31 | * Capable of writing DOM methods and querySelectors 32 | * Capable of writing XML conforming HTML 33 | 34 | Level 2 - Accessibility and Security 35 | --- 36 | 37 | Accessibility and Security require a certain amount of education and decision making capacity. These also require a solid (near rockstar) understanding of Level 1 skills. 38 | 39 | * Objectives: Have a solid understanding of accessibility and security 40 | * Expectations 41 | - Understand WCAG 2.0 42 | - Understand OWASP Top 10 43 | * Success Metrics 44 | - Competence 45 | * Able to identify and resolve WCAG 2.0 AA violations 46 | * Able to audit and identify OWASP 10 violations 47 | * Perform code reviews, validate code syntax, and run unit tests 48 | - Good 49 | * Able to achieve and enforce WCAG 2.0 AA compliance 50 | * Able to patch and document OWASP 10 violations 51 | * Able to supply additional unit tests 52 | * Document known error conditions and 53 | - Rockstar 54 | * Able to understand WCAG 2.0 AAA compliance and achieve all AA compliance and some AAA compliance 55 | * Able to validate and enforce compliance against OWASP Top 10 violations 56 | * Able to open discussions with corporate security teams and advise/gather best practices for reducing risks at launch and development 57 | 58 | Level 3 - Architecture 59 | --- 60 | 61 | Architecture builds upon Level 2 skills by requiring a certain amount of experience making tough technical decisions to determine technical planning and the integration of various competing requirements. 62 | 63 | * Objectives: The ability to transform business requirements to a technical plan 64 | * Expectations 65 | - Interface with project stakeholders and validate business requirements 66 | - Ability to review and implement an execution plan 67 | - Ability to convey technical requirements to the technology teams in an understandable way 68 | * Success Metrics 69 | - Competence 70 | * Able to define, audit, or review a technology architecture to accomplish business requirements 71 | * Able to push back on business requirements if they are unclear or demand further specification 72 | * Able to push back on stakeholders to demand a scope of effort and initial requirements definitions before engaging development 73 | - Good 74 | * Able to assist business units in drafting technical requirements to drive a project forward 75 | * Able to engage and influence stakeholders in the value of technical clarity 76 | - Rockstar 77 | * Able to document and explain reductions of effort through a simplified custom architectural solution 78 | * Able to achieve buy in and support from technology teams for a custom crafted approach 79 | 80 | Level 4 - Innovation 81 | --- 82 | 83 | It is completely acceptable to break all the rules and be a renegade, but only if you understand what rules you are breaking and break them intentionally. There is a lot of risk trying something new or original, but if the original idea is valid it could unlock capabilities nobody else has imagined. To be a successful innovator or inventor Level 3 skills must be well understood and broken for deliberate reasons. 84 | 85 | * Objectives: The ability to devise custom tools and new solutions to existing problems in short time 86 | * Expectations 87 | - Identify key business problems 88 | - Document a valid solution that meets the needs of the business 89 | * Success Metrics 90 | - Competence 91 | * The solution is verifiable and easy to implement 92 | * Both the problem and solution are well documented to allow a stranger to easily reproduce the solution 93 | - Good 94 | * The solution influences a change in business practices or major project definitions 95 | * The solution is disruptive 96 | - Rockstar 97 | * The solution is tiny and the problem is either large or has large consequences 98 | * The solution causes other developers to reconsider prior held beliefs or change their approach 99 | -------------------------------------------------------------------------------- /fragility.md: -------------------------------------------------------------------------------- 1 | # Fragility 2 | Fragility is the state of being easily broken, the opposite of durability. 3 | Fragile persons are poisonous weak people looking to bring the world down to their weakness as opposed to strong people who are eager to improvement themselves as necessary to conquer the world's challenges. 4 | 5 | ## Harm 6 | Fragile people are harmful, toxic. 7 | The harm is resultant from self-serving emotional objectives in contradiction to personal relationships. 8 | In healthy relationships people mutually coexist in a symbiotic manner where they fulfill their own needs through positive contributions that strengthen the relationship. 9 | This is a form of brutal tough love, because it can mean telling somebody something they don't want to hear in order to steer them away from harm. 10 | For example good parents are quick to tell their children harsh things while weak parents lie to their children, or simply neglect them, with soft half truths as necessary to reduce effort. 11 | 12 | Imagine a lifeguard attempting to save a drowning person. 13 | Drowning people are often panicky because they are in great fear from a loss of control and that lost control is killing them almost immediately. 14 | The life guard is there to save the life of that drowning person, but if that panicking person grabs the life guard in a restrictive way they could both drown. 15 | It is necessary for the life guard to retain control, which may require hurting or restraining the panicky person. 16 | The worst case scenario is that both people drown. 17 | The best case scenario is that both people survive. 18 | If the panicky person drowns it is not the worst thing that can happen, because they were about to drown anyways. 19 | If both people do survive the best case scenario is absolutely achieved. 20 | If the life guard has to break the nose of the panicky person in order to control them then that injury is irrelevant so long as they both survive. 21 | Like a drowning person a fragile person will attempt to pull you down for their own self-serving needs. 22 | 23 | ## Toxic Behaviors 24 | The behavior driving fragility is a loss of trust that begins from the self and drifts outward. 25 | This creates an emotional vacuum and the purpose of fragile people is to aggressively fill that internalized void through external gratification. 26 | Fragility is often accompanied by an extremely poor, possibly absent or damaged, capability for self-reflection. 27 | If a person were readily capable of self-reflecting on their current emotional state they would more clearly identify the disconnect between their internalized emotional concerns and their externally facing motivations, thus identifying their own fragility. 28 | 29 | The most common behavior associated with self-serving qualities is narcissism. 30 | Other behaviors include unwanted aggressive inter-personal competition, such as somebody competing for superiority in an unstated dominance hierarchy as though public displays of their competition win them social gratification. 31 | Sometimes this unwarranted competition is demonstrated as one-upping where a person feels the need to dominate a conversation with some fantastical victory they achieved in distraction to the subject at hand. 32 | Practice some finesse to ensure if you need to communicate an opportunity for improvement from your own personal experience that you keep to objective criteria and to the subject of conversation. 33 | Take extra care to not make it an opportunity to broadcast your personal victories. 34 | 35 | One particular behavior associated with narcissism is unwanted self-injection. 36 | Unwanted self-injection is the condition where a conversation is occurring and a person from outside the details of the conversation will inject their personal details in an effort to direct the subject matter of discussion to be about them. 37 | You see that a lot with small children, but when you see it occur with adults warning alarms should be going off in your brain, particularly if that behavior occurs repeatedly. 38 | 39 | Although narcissism is the ultimate indicate of selfishness it is not the ultimate relationship killer. 40 | Narcissists will often curate and maintain relationships with great care because it serves their own emotional needs at great expense and trauma to all other persons involved. 41 | The ultimate relationship killer is contempt. 42 | Contempt is a feeling of disdain, dishonor, insignificance, or inferiority of a person in a relationship. 43 | Contempt arises from an emotional position resulting in a feeling of superiority which logically regards the other persons in the relationship as too insignificant to be worthy of the time, energy, or effort required to maintain any relationships much less a positive and beneficial relationship. 44 | 45 | Typically the person with the feelings of contempt will be the person to abandon the relationship, but if not its time to break things off and move on. 46 | Once contempt sets in things are already in a death spiral and nothing positive or worthy of salvage will remain. 47 | This realization is especially hard for the person(s) on the other end of a contemptuous person, but they are likely working extra hard to keep the relationship alive on life support. 48 | That extra effort is all for naught as the person with contempt doesn't care, because they are only looking after their own interests. 49 | Any attempt to maintain what's not valued results in you being the doormat that's about to be thrown away, which makes a fragile person feel strong from a position of power. 50 | Don't let that fragile abuser convince you of some illusory fragile. 51 | Be strong and move on to greener pastures. 52 | 53 | ## Infected Culture 54 | It is possible that fragility be more widely present than an individual concern, such as a cultural phenomenon. 55 | This is common when the weakest members, emotionally, of a group are most eagerly driving the leadership concerns. 56 | The common cliche is: *the squeaky wheel gets the grease*. 57 | In organizations with weak leadership it is more expedient to appease those who whine the loudest at cost to everyone else. 58 | Strong leaders must account for the motivations behind suggestions and complaints to determine their validity to the business and/or the group culture and must demand opposing counter-points. 59 | 60 | Cultures infected with fragility can be cured by dramatically raising standards. 61 | This will be painful and many people will leave, but the result is well worth the struggle. 62 | Such pain can be lowered when strong leaders demonstrate empathy and a frequent willingness to invest in the challenges facing their employees in addition to their regular responsibilities. 63 | 64 | ## Confidence 65 | Contrary to arrogance confidence is a collection of emotional dispositions that are often not deliberately communicated, because its an internalizing quality. 66 | Confidence, both high and low confidence, is then indirectly communicated through actions, non-verbal communication, and patterns of behavior. 67 | 68 | Fragile people are individuals with negative confidence. 69 | Confidence is an honest belief or trust in the capabilities of the self or a device immediately at use to the self. 70 | Knowing that think of confidence according to a baseline where no confidence is in the middle, a state of neutrality. 71 | Above that baseline is positive confidence and below that is negative confidence. 72 | No confidence is different from negative confidence, and typically exists due to a lack of experience or apprehension at a new encounter. 73 | 74 | People with high confidence believe in their own ability to accomplish a task. 75 | People with negative confidence are people with deep trust issues that resonate from the self and feed off those around them like an emotional parasite. 76 | Negative confidence is responsible for a variety of harmful behaviors such as narcissism, pathological deception, cheating, and so forth. 77 | Negative confidence is the key to identify fragile people. 78 | 79 | For example a software developer new to a programming concept will likely have no confidence in their ability to perform that new concept. 80 | That person will grow their confidence over time through practice as their familiarity and experience grows. 81 | People with negative confidence, however, will attempt to avoid the new concept out of fear or disgust, and so their confidence will never increase. 82 | Furthermore, the non-cognitive emotional state driving their fear/disgust response will redirect their cognitive decisions and communication towards areas of familiarity or comfort and away from the immediate subject. 83 | 84 | ## Ethics 85 | For a concise examination of ethics please see my document on [Leadership in Software](./Leadership_In_Software.md#ethics). 86 | A fragile person is not capable of adhering to an ethical standard. 87 | Ethical standards establish a common framework of accepted behavior for the attainment of a collective goal, such as delivery of a key business objective. 88 | Fragile people are focused upon self-serving emotional goals in direct conflict to organizational goals. 89 | 90 | For example a fragile person may strongly advocate for use of a tool or programming concept they know to be harmful in order to avoid a fear of failure. 91 | The harms for the organization may include a loss of execution performance, slower task completion, loss of software quality, increased security violations, and more. 92 | This behavior becomes apparent when the person is confronted with evidence of harm, according to measures or other objective criteria, and they irrationally discard the evidence out of hand. 93 | 94 | ## Be a Leader 95 | Don't let fragile people drive the bus. 96 | Be firm and resolute and stand on the side of evidence. 97 | Perform a variety of frequent measures to determine the operating conditions and product quality of your organization. 98 | Set baselines of accepted quality. 99 | 100 | Strong leaders provide sufficient purpose, direction, and motivation to steer the organization towards greater accountability and delivery. 101 | This means spending time with your people raise up the people with no or low confidence. 102 | It also means identifying the people with negative confidence and separating them from the rest of the group. 103 | People with negative confidence must be counseled about their harmful behavior and provided the opportunity to improve. 104 | If after a satisfactory period of time the persons with negative confidence cannot demonstrate improvement, or they regress, they must be separated from the organization. 105 | That separation is necessary for the greater health and culture of the organization, similar to surgically removing a tumor. 106 | Surgery is unpleasant, but cancer spreading across your body is more unpleasant. 107 | 108 | ## Trust 109 | The enemy of fragility is trust. 110 | Trust means empowering your people to be more than they currently are, which may result in a task failure. 111 | This requires mentorship on the part of a leader and a bit of bravery on the part of the subordinate. 112 | Good leaders seek to reassure their people to properly evaluate risk conditions and take minor risks. 113 | That also means that good leaders provide a safe working environment where people know they have the support to do their best when evaluating risk. 114 | People not capable of accepting or extending trust must be identified as a potential point of toxicity. 115 | 116 | ## Becoming Less Fragile 117 | To be less fragile a person must invest in honesty as deep internalizing emotional quality. 118 | Low fragility cultures encourage brutal honesty among their members. 119 | It takes great strength to communicate your weaknesses and insecurities, and a strong culture of openness to receive that communication necessarily to improve upon it for everyone's benefit. 120 | This requires thick skin as people around you who are eager to help and support you may tell you things that are hurtful. 121 | This is why trust is so important, because strong honest relationships demand a minimal amount of emotional security in order to work effectively. 122 | People with thin skin, who are unable to build trust sufficiently, will take many forms of honest commentary as a personal attack that challenges their negative confidence. 123 | -------------------------------------------------------------------------------- /images/performance_frontend1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/prettydiff/wisdom/ca86323a1988a7bbcdbedd6b76fcfdbf8ebc3bc5/images/performance_frontend1.png -------------------------------------------------------------------------------- /images/performance_frontend2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/prettydiff/wisdom/ca86323a1988a7bbcdbedd6b76fcfdbf8ebc3bc5/images/performance_frontend2.png -------------------------------------------------------------------------------- /images/performance_frontend3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/prettydiff/wisdom/ca86323a1988a7bbcdbedd6b76fcfdbf8ebc3bc5/images/performance_frontend3.png -------------------------------------------------------------------------------- /images/performance_frontend4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/prettydiff/wisdom/ca86323a1988a7bbcdbedd6b76fcfdbf8ebc3bc5/images/performance_frontend4.png -------------------------------------------------------------------------------- /javascripting.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # JavaScripting 4 | This is an opinionated manual for people who have never programmed before to go from zero to hero programming in JavaScript. 5 | This manual will focus on directness and simplicity, where simplicity means fewer. 6 | 7 | This manual is not exhaustive. 8 | It deliberately leaves much information out, perhaps most. 9 | The goal is zero to hero. 10 | There is much in the language a developer does not need. 11 | If more information on unmentioned features becomes desirable people should know where to look after reading this manual. 12 | 13 | ## What is programming 14 | Programming is the craft of writing software. 15 | Software is a tool to achieve automation and automation is the process of eliminating labor. 16 | If everything you do or accomplish when writing software does not seek to achieve automation you are wrong. 17 | 18 | Reading software is much different than reading natural language. 19 | In natural language, like novels or essays, there are too many letters and too few articles of syntax. 20 | That can make reading natural language slow and challenging for people with low orthographic processing capacity, such as dyslexia. 21 | In software code syntax is abundant, so many people with dyslexia find reading code not at all challenging. 22 | 23 | Writing software, however, from a neurological perspective is exactly like writing in natural language. 24 | The same thought processes about what to write, order of operations, planning, vocabulary, and so forth occur in exactly the same way. 25 | If a person cannot easily write an article or an essay they will find writing software supremely challenging for exactly the same reasons with equivalent output. 26 | If a person can easily write then programming is just a matter of practice to learn a specific type of writing. 27 | 28 | ### Falsehoods about Programming 29 | #### Simple is easy. 30 | Simple is not easy. 31 | Easy is defined in terms of least effort while simple is defined in terms of less quantity. 32 | Simplicity requires great effort to achieve after multiple drafts each with their individual refactoring effort. 33 | Simple code might be easier for later persons to understand, but only because the prior authors took extended effort to achieve that simplicity. 34 | Complex, or many, is far easier to achieve, because it requires less refinement and less careful extended consideration. 35 | 36 | #### Programming is a form of math. 37 | I have heard this a lot and its completely wrong. 38 | Programming is far more similar to writing law than performing math. 39 | The key constituents to programming are writing and logic and the logic is most directly practiced through argumentation. 40 | As an example of how logic is not math see this list of [common logical fallacies](https://en.wikipedia.org/wiki/List_of_fallacies) that have nothing to do with math. 41 | 42 | As a counter point I often program so that I do not have to perform math. 43 | I just have to know the correct order of operations and a process to successfully test the output of a program. 44 | For everything else I just let the computer perform math as the computer is much better at math than I am. 45 | 46 | #### Programming must be performed in a certain way. 47 | I see this a lot from junior developers. 48 | This typically occurs when a developer fails to apply individual thoughts to a given software process, because they fear deviation from popular norms. 49 | The goal is to achieve automation, not do what everybody else is doing. 50 | I once had somebody argue that my position on executing TypeScript was incorrect but it was not the common practice even though it required less effort to write and achieved compile times possibly hundreds of times faster. 51 | My best advise is to do what makes the most sense to you personally in any given context. 52 | Don't ever waste your time doing something measurably inferior without a strong argument for doing it. 53 | 54 | #### Popular software cannot be wrong because many people are using it. 55 | This is just as common as it is wrong. 56 | Any piece of software can be critically defective irrespective of the number of users of such software. 57 | The common thinking is that if many people use a piece of software then somebody would have a caught some given defect before you use that given software, and is referred to as *vetted by the community*. 58 | This is a form of bias, not qualified by evidence, that takes the form of a [bandwagon fallacy](https://en.wikipedia.org/wiki/Argumentum_ad_populum). 59 | The quality and durability of a given software application is purely a result of the dedicated testing of that software and not the frequency of use. 60 | 61 | #### Code style is critically important. 62 | Code style often refers to choice of conventions and vanity of formatting. 63 | These qualities are highly subjective and will substantially differ in preference from person to person. 64 | What matters most is achieving software that requires less effort to read and maintain, what ever those style conventions are to whomever applies them. 65 | 66 | From a team perspective there should be some consensus, buy in, from the team members but otherwise arbitrarily dictated by a team authority. 67 | In a team perspective the most important consideration is uniformity such that any team member may jump in and modify some piece of code non-disruptively. 68 | Enforcement of code style should be automated as much as possible, because otherwise the enforcement effort becomes an extension of code debt. 69 | If a given team is not willing to spend the effort to automate their enforcement of code style then code style is just not a high priority. 70 | 71 | Perhaps the primary reason why any developer or team might over emphasize the importance of code style is because they struggle to read and write software code. 72 | Always remember that programming is the craft of writing software just as a novelist writes novels. 73 | Writing software requires many skills beyond the mere legibility of minimal reading and writing just as a novelist is so much more than a person that struggles to write a few words. 74 | 75 | #### Speed 76 | Developers tend to believe the code they write, use, or support is fast or that solutions they disapprove of are slow. 77 | It's all bullshit. 78 | My experience in software has reinforced that developers rarely measure anything. 79 | As a result developers believe all manners of incorrect things about speed and performance. 80 | The overwhelming majority of the time these beliefs are completely unfounded and incorrect. 81 | Worse, many, perhaps most, of those incorrect conclusions tend to be incorrect by several orders of magnitude. 82 | There is no greater example of bias than a software developer's opinions on speed. 83 | 84 | Accurately measuring things requires additional effort. 85 | Because of that additional effort most developers simply do not do it. 86 | Instead they invent fictional realities to provide themselves emotional comfort. 87 | Any opinions about speed or performance not reinforced with evidence should be discarded and abandoned outright. 88 | Again, it's all bullshit. 89 | 90 | ### Goals of Software 91 | The goal of software is automation, which itself is the reduction of labor. 92 | If everything you do in writing software is not about labor reduction you are **wrong**. 93 | 94 | One form of labor reduction is elimination of learning. 95 | The process to eliminate learning is called *usability*, which is to say a product becomes more intuitive such that it requires less learning time from its users. 96 | 97 | Another form of labor reduction is elimination of repetition. 98 | That typically means to compress many steps into fewer steps, most desirably a single step. 99 | That can be taken further by eliminating that newly refined single step into a scheduled task the computer executes without any human intervention. 100 | 101 | Reduction of steps and tasks is also beneficial for the developer writing the code which is referred to as code reuse. 102 | The best way to make code reusable is to package a series of instructions into a function that can be called as necessary. 103 | Larger tasks may comprise a larger function calling multiple other functions internally. 104 | 105 | #### Maintenance 106 | All things created and/or used by people, and even people themselves, require maintenance. 107 | Maintenance is the process of reviewing, refining, and correcting a thing periodically to ensure desired operational conditions. 108 | For example automobiles require oil changes, refueling, tire rotations, and plethora of other tasks. 109 | Regularly servicing the automobile increases the life and desired operational status of the vehicle. 110 | Without such regular servicing the vehicle would die and early of catastrophic failure. 111 | 112 | Like automobiles software requires regular servicing. 113 | Sometimes defects become apparent that require resolution. 114 | A software developers is almost never aware of defects until the given software application is used and such usage demonstrates the defect. 115 | That means somebody, such as the developer and/or audience, must be using the software aggressively to identify defects. 116 | 117 | #### Test Automation 118 | Sometimes resolutions to defects can introduce other defects. 119 | This is called *regression*, which means taking a step back. 120 | Regression can be especially challenging to identify in more complex software. 121 | The solution for avoiding regression is test automation. 122 | Test automation provides a means one computer application tests another computer application using a provided set of inputs and expecting a known set of outputs. 123 | This allows developers to provide many tests to account for most of an application's features, which is called *test coverage*. 124 | Provided large enough test coverage if a developer introduces regression the test automation should detect the broken feature quickly allowing the developer to provide durable updates with greater confidence. 125 | 126 | #### Performance 127 | Superior software developers are not necessarily smarter people or people with more knowledge of software. 128 | Superior software developers iterate faster, which dramatically increases both speed of learning or speed of troubleshoot. 129 | As an example if a developer is producing a product in a language with a 10 second compile time and a different developer is producing a product in a different language with a 10 minute compile time that first developer can iterate 60 times faster. 130 | What that really means in practical terms is that this first developer can fail 59 out of 60 attempts and still be as productive as the second developer, but only if that second developer never fails. 131 | 132 | In order to achieve superior iteration speed all steps, execution, and process in writing a piece of software must be faster. 133 | Any time I mention speed I mean according to measures. 134 | The more precise those measures are and the less variable those measures are the better they are. 135 | 136 | There is a term in software development called the *mythical 10x developer*. 137 | This describes developers capable of producing more than ten times faster than their peers. 138 | A person does not need to be good at writing software to achieve *mythical 10x developer* status. 139 | They just need to measure things, apply a little common sense, and ask the right questions. 140 | 141 | ## How to write software 142 | Software can be written just about anywhere that keyboard characters appear on screen. 143 | Writing in natural language is aided by use of tools designed to help with writing, like word processor applications, likewise a code editor aids in writing software. 144 | Here are some current popular code editors: 145 | 146 | * [VS Code](https://code.visualstudio.com/) 147 | * [Notepad++](https://notepad-plus-plus.org/) 148 | * [Sublime Text](https://www.sublimetext.com/) 149 | * [Atom](https://atom-editor.cc/) 150 | * [Vim](https://www.vim.org/) 151 | 152 | I strongly recommend building some confidence with Vim. 153 | Vim is unique in that it executes in a command terminal (command line interface). 154 | That is valuable because if you can remotely access a computer/server via terminal, such as through SSH, you can execute Vim on that remote machine to edit code without need for any kind of remote desktop experience. 155 | 156 | ### REPL 157 | REPL stands for read, evaluate, print, loop. 158 | A REPL is any simple application that allows code input, evaluates that input, and then writes output to the same location. 159 | This is an incredible way to learn a software convention with the least possible effort. 160 | Node.js defaults to a REPL when executed without pointing to other application code. 161 | All modern web browsers come with a REPL in the *console* tab of their embedded developer tools utility. 162 | 163 | ## JavaScript in about 60 seconds 164 | JavaScript was designed to be a small hobby language for amateurs to sprinkle dynamic insanity into web pages. 165 | That is a polite way of saying the language allows far too much sloppiness, which means it forgives errors that will allow code to unexpectedly fail in production. 166 | 167 | Over the nearly 30 years of its life JavaScript has since emerged as one of the most dominate languages on the planet and executes at around half the speed of C++. 168 | So, its fast and absolutely everywhere, both in the web browser, and in command terminals via things like [Node.js](https://nodejs.org/en) and [Deno](https://deno.com/). 169 | 170 | Node gained popularity for high concurrency. 171 | JavaScript is a single threaded language, which means it can only do one thing in the language at a time. 172 | JavaScript also features a convention called the *event loop*, which is multi parallel stacktraces. 173 | Although it can only do one thing at a time it can do something else while waiting on a prior thing. 174 | That means that provided enough memory on the local computer JavaScript can manage many tasks executing outside the language at the same time. 175 | The original goal was for a single JavaScript instance to manage 10,000 concurrent user sessions in a server, which had not been done before from a single application process. 176 | 177 | ## JavaScript syntax 178 | ### Characters 179 | * Characters 180 | * JavaScript respects Unicode character literals in the code. 181 | * Any Unicode character may be referenced using the convention `\uHHHH` for UTF8 characters, or `\uHHHH\uHHHH` for UTF16 characters, `\uHHHH\uHHHH\uHHHH\uHHHH` for UTF32 characters where H is for any hexadecimal value. 182 | * Hexadecimal is a base-16 counting system displayed as 0-9 and a-f where a is decimal 10, b is decimal 11, c is decimal 12, d is decimal 13, e is decimal 14, and f is decimal 15. 183 | * Characters in JavaScript strings are [UTF16 strings](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String#utf-16_characters_unicode_code_points_and_grapheme_clusters). 184 | * JavaScript has [named character escapes](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Regular_expressions/Character_escape). 185 | * Any character can be escaped when immediately preceded by a forward slash, but be aware of named character escapes that already prefix with a forward slash. 186 | * My recommendation is never escape alpha characters with a forward slash to avoid confusion between named character escapes and characters escaped from syntax. 187 | * Statement Termination 188 | * `;` Semicolons terminate code statements. Semicolons are required. If you don't add them the code interpreter will add them for you in ways you might not expect. 189 | * Containment 190 | * `{}` Curly Braces. Curly braces allow definition of object bodies, function bodies, and code blocks. In C language these would be called: hash maps, functions, and procedures. 191 | * `[]` Square Braces. Square braces allow definition of array bodies and dynamic access to objects. 192 | * `()` Parenthesis. Parentheses allow grouping of logic within an expression, which is helpful to dictate order to arithmetic operations. 193 | * White space 194 | * `\f\n\r\t\v\u0020\u00a0\u1680\u2000-\u200a\u2028\u2029\u202f\u205f\u3000\ufeff`. 195 | * White space is important for code syntax as it separates key words from each other and some white space literal characters will cause syntax errors in certain contexts. 196 | * New line characters terminate a code statement, in most cases. This is due to some insanity called *Automatic Semicolon Insertion*, so for safety always insure statements are terminated with semicolons. 197 | * Space characters are generally safe everywhere. 198 | * Word characters 199 | * `a-f`, `A-F`, `0-9`, `_`, `$`. These characters may be used safely in variable names and property names. Variables and property names cannot start with a number. 200 | * Assignment 201 | * `=` The equal sign assigns values to variables. 202 | * `:` The colon character assigns values to object properties. 203 | * Comparison 204 | * `===` Compares two things for value equality. 205 | * `<` Compares if one thing is less than a second thing. 206 | * `>` Compares if one thing is greater than a second thing. 207 | * Arithmetic 208 | * `+` Addition 209 | * `-` Subtraction 210 | * `*` Multiplication 211 | * `**` Exponent 212 | * `/` Division 213 | * Strings 214 | * `'` Single quote string literal 215 | * `"` Double quote string literal 216 | * \` String template 217 | * My recommendation is to just use string templates for all strings. 218 | * Comments 219 | * `//` Line Comment. A line comment is terminated by a new line character. 220 | * `/*` Block Comment. A block comment is terminated by either the code sequence `*/` or end of file. 221 | 222 | ### Key words 223 | * `break` Immediately exits a loop. 224 | * `const` Declares one or more, comma separated, variables that **cannot** be reassigned. 225 | * `do` Invokes a *do/while* loop. 226 | * `else` Provides an alternate branch to a choice invoked from an `if` keyword. 227 | * `export` Turns a code file into a module that can be imported by other files. 228 | * `if` Allows a code choice by evaluating an expression. 229 | * `import` Allows importing code modules, separate files, into a given code file. 230 | * `function` Invokes a function. 231 | * `let` Declares one or more, comma separated, variables that **can** be reassigned. 232 | * `return` Immediately exits a function with a value. If no value is specified with the return keyword the given function's output is value *undefined*. 233 | * `while` Either invokes a *while* loop or terminates a *do/while* loop. 234 | 235 | ### Data types 236 | #### Primitives 237 | * BigInt - numeric values that are always positive integers. The bigInt type allows larger values than the number data type. bigInt values look numeric but end with a letter *n*, such as: `1234n`. 238 | * Boolean - Values are limited to `true` or `false` for explicit comparisons. 239 | * Number - Numeric values are for arithmetic. 240 | * RegExp - Stores a *regular expression* pattern for pattern matching against string values. 241 | * String - Strings store text that people read. Strings are always wrapped in some manner of matching quotes. `"1234"` is a string and not a number. 242 | * **null** - A type and generic empty value that can be assigned to any variable or object property irrespective of data type. 243 | * **undefined** - A type and value supplied to variables that never assigned a value or to functions that do not explicitly return a value. 244 | 245 | #### Complex 246 | * Array - An array is a list that you can iterate over. In JavaScript arrays are variable length and each stored item may be of any data type, even complex types. 247 | ```javascript 248 | const myArray = [1234, "string", function () { 249 | return "x"; 250 | }]; 251 | ``` 252 | * Function - Functions optionally receive input, always return a single value, and otherwise store statements for execution when the given function is called. 253 | * Input to function is optional and is provided as arguments. 254 | * If output is not specified with a *return* key word the given function will simply return value **undefined**. 255 | * Functions are extremely portable in JavaScript in that they may be used anywhere a primitive type may be used. 256 | That convention is called *first-class citizens*, and most other languages do not have this. 257 | * Functions my optionally be assigned to a variable, may optionally be named, but will throw an error if not provided at least one of those prior forms of identity. 258 | ```javascript 259 | const myFunction = function functionName(input1, input2, inputN) { 260 | return "output"; 261 | }; 262 | ``` 263 | * If parentheses are written immediately following a function body, the closing curly brace, that function will be executed immediately. 264 | This convention is called IIFE, immediately invoked function expression and is usually wrapped in an additional set of parenthesis to prevent to separate that statement from any following statement. 265 | In the following example the function will execute and return a value before the outer assignment completes. 266 | ```javascript 267 | const myString = (function () { 268 | return "output"; 269 | }()); 270 | ``` 271 | * Object - An object stores key/value pairs. The keys are always string type but the values may be any data type, event complex types. 272 | 273 | ## JavaScript conventions 274 | ### Complex types 275 | In this language complex types can be assigned to a variable, such as: 276 | ```javascript 277 | const myTool = function () { 278 | return "something"; 279 | }; 280 | ``` 281 | 282 | Or, complex types can be written literally for a single use, such as: 283 | ```javascript 284 | const myTool = function () { 285 | return "something"; 286 | }; 287 | const myFunctions = [myTool, function () { 288 | return "some value"; 289 | }]; 290 | ``` 291 | 292 | In this case a function and an array are declared. The array stores two functions: the declared function and a second function. 293 | 294 | ### Arrays 295 | Arrays are lists of variable length and any combination of data types where each item is separated by a comma. 296 | For example the following is perfectly valid: 297 | ```javascript 298 | const myArray = [ 299 | "string", 2, true, null, function () { 300 | return 3; 301 | } 302 | ]; 303 | ``` 304 | 305 | All arrays features a *length* property indicating the number of items within the array. 306 | Arrays allow iteration over their stored values using a loop and such loops can be terminated by checking for the array's length property. 307 | 308 | Array values are referenced using a numeric index, starting from 0, in square braces, and attempts to reference an array index that does not exist will return **undefined**: 309 | ```javascript 310 | // makes use of the prior code sample 311 | myArray[2]; // returns boolean true 312 | myArray[5]; // returns undefined 313 | ``` 314 | 315 | An array index can be gathered by calculation, but if the resulting value of such a calculation refers to an index not present in the array the value **undefined** is returned; 316 | ```javascript 317 | myArray[Array[1] + 1]; // returns null, which is the fourth index in the array, or index value 3 318 | myArray[(Array[1] * 500) / Math.pi]; // returns undefined, because such index does not exist in this array 319 | ``` 320 | 321 | ### Objects 322 | Objects store comma separated lists of key value pairs. 323 | Here is a simple example: 324 | 325 | ```javascript 326 | const myObj = { 327 | "first": 1, 328 | "second": 2, 329 | "third": 3 330 | }; 331 | ``` 332 | 333 | Values are assigned to key names using the colon character, `:`. 334 | Key names are always string data types, but the values may be any data type, even complex types like arrays, functions, and other objects. 335 | Each key value pair in an object is called a *property* of that object. 336 | 337 | Object properties are typically access using dot separated reference notation. 338 | Using the prior example we could access the object like: `myObj.first` which would return the value `1`. 339 | That only works if a given key name conforms to the rules of JavaScript named references. 340 | 341 | Object properties may also be accessed using the *array notation* convention making use of square braces: `myObj["first"]` which would return `1`. 342 | Array notation allows accessing an object with variables. 343 | Consider the following example: 344 | 345 | ```javascript 346 | const myObj = { 347 | "first": 1, 348 | "second": 2, 349 | "third": 3 350 | }; 351 | const keys = Object.keys(myObj); 352 | let index = 0; 353 | myObj[keys[index]]; // returns 1 354 | ``` 355 | 356 | In the above example an object is declared and a variable named *keys* is declared. 357 | The `Object.keys` method returns an array of key names for the passed in object. 358 | Since the variable `index` is assigned a value of 0 and the first key in the object is `first` then `keys[index]` returns `first`, the first key name of the object and that is passed as a property reference to the object via array notation. 359 | 360 | ### Lexical scope 361 | Lexical scope refers to nesting. 362 | With exception to objects any use of curly braces provides a section of code called a *block*, and each block provides scope. 363 | Variables and functions declared in a given block are scoped to that block. 364 | 365 | Since lexical scope refers to nesting different blocks may be nested. 366 | Variables declared in a given block are available for reference everywhere in the given block including child scopes. 367 | However, variables declared in a child scope are only available for reference in the given scope they are declared which means this given child scope and any scopes nested within this child scope. 368 | Attempting to reference a variable from a scope higher than where the variable is declared will not work as expected because the language won't know how to resolve the reference. 369 | 370 | The way that works in the language is that every time a reference is encountered it is resolved by first looking at the local scope and then stepping up one scope at a time until the declaration point is found. 371 | That process is referred to as *traversing the scope chain*. 372 | Here is a brief code example: 373 | 374 | ```javascript 375 | function hello(x, y) { 376 | // a hypothetical outer scope 377 | // variable "a" is declared in a child scope, so you cannot reference it here 378 | if (x > 3) { 379 | let a = x + 3; 380 | // middle scope 381 | // variable "a" is available here, because this is its local scope 382 | // variable "x" and "y" are available here because they are declared in the parent scope 383 | // variable "b" is not available here because it is declared in a child scope to this scope 384 | if (a < 10) { 385 | let b = 15; 386 | // most inner of these three scopes 387 | // variables declared here will not be available to the two higher scopes 388 | // variables declared in the two higher scopes will be available here 389 | return y; 390 | } 391 | } 392 | } 393 | ``` 394 | 395 | Notice the code example above features three scopes where one is nested within another. 396 | The code comments explain the three scopes and what is available where. 397 | Also, notice where variables *x* and *y* are declared as function arguments (function inputs). 398 | Function arguments always take the scope of the function's body. 399 | 400 | You must also understand that lexical scope is always available in the language and cannot be disabled or altered. 401 | 402 | ## Summary 403 | That is all there is to how I program in JavaScript. 404 | In summary all I need is: 405 | 406 | * Primitive data types 407 | * operators 408 | * scope 409 | * loops 410 | * objects 411 | * arrays 412 | * functions 413 | 414 | Everything beyond this is just a matter of organization, calling the correct instructions in the correct order, and then maximizing code reuse where possible. 415 | 416 | ### Further Learning 417 | This document does not cover the language's standard methods. 418 | This will be required learning, so consider that homework. 419 | 420 | This document also does not discuss external APIs. 421 | External APIs scare the shit out of developers. 422 | As somebody who struggles to find any feeling of fear I cannot relate, nor do I have sympathy. -------------------------------------------------------------------------------- /military.md: -------------------------------------------------------------------------------- 1 | # Military service 2 | This document explains what military service feels like. 3 | I am a senior warrant officer 2 (CW2) in the US Army with 25 years of service. 4 | Warrant officers are trained as technology experts equivalent to technology principles in the corporate world, but can jump into the traditional commissioned officer command position if so required. 5 | I have never been in a combat firefight, but I have completed 5 Army Reserve deployments to the [CENTCOM](https://en.wikipedia.org/wiki/United_States_Central_Command) location comprising about 50 months of time. 6 | 7 | ## Becoming a soldier 8 | In the US military all entry level service members go through some form of basic training. 9 | The idea of basic training is to degrade a person's natural reasoning abilities so that they learn to follow orders without distraction and increase their social/environmental awareness. 10 | This process greatly increases agreeability and moderately increases conscientiousness. 11 | Agreeability is increased more than conscientiousness only because it is more directly influenced by a system of rewards and punishments, but the goal is to increase both personality conditions on all students in an equal way. 12 | 13 | Personality modification is stressful. 14 | This means personality modification is the result of a continuous high stress environment. 15 | In hindsight its similar to training dogs to respond to commands, except the process instead modifies behavior and requires substantially greater dedicated effort. 16 | 17 | I remember when I was a young soldier, I entered the Army at age 17, I frequently felt fear. 18 | It was mostly a fear of failure or a fear of not knowing what is going on around me. 19 | Now that I am old, I cannot remember the last time I felt fear as a cognitive emotion, which is quite numbing, perhaps apathetic. 20 | 21 | ## Becoming a leader 22 | As a soldier rises in the army expectations change. 23 | At no point in a soldier's career are they expected to follow orders blindly. 24 | At all points in a soldier's career they are expected to question orders as necessary to, at least, attain clarity and an agreed understanding. 25 | That is why high conscientiousness is important. 26 | A good soldier is willing to ask challenging questions. 27 | 28 | As a leader conscientiousness becomes more important because there are more variables to consider when you must manage people and perform task delegation. 29 | Agreeability becomes less important when tough decisions require balancing the substance of an assigned task against the welfare of the people you manage. 30 | From this point forward agreeability becomes inversely proportional to the level of responsibilities assigned. 31 | A good military leader knows how to follow orders, but they are also comfortable challenging orders which violate their personal risk analysis. 32 | 33 | ## In over your head 34 | As a military leader there are times when you can find yourself owning a greater amount of responsibility than you are prepared to accept. 35 | This could be a result of various different things, such as a shortage of qualified leaders therefore you are tagged to operate a position of leadership well above your pay grade. 36 | Another factor can be a lack of qualified subordinate leaders. 37 | A third factor could be unqualified expectations from senior leadership, such as misunderstanding the mission to be far more than defined. 38 | When these factors all occur there is disaster. 39 | 40 | As a leader in an impossible position the stress can be extreme perhaps almost paranormal to reality. 41 | Leaders might fail, but they don't quit. 42 | The reason for this is that it isn't about what you, as the leader, want. 43 | You have the welfare of the people assigned to you to consider first. 44 | 45 | In the stress of an impossible position there a few things that can happen: 46 | 1. Your level of conscientiousness increases to levels you never thought capable. 47 | 1. You become overwhelmed by negative emotions resulting in mental health disease, which can happen rather quickly with dire consequences. 48 | 1. You abandon your people in an effort to save yourself. 49 | 50 | The second of those options is what occurs to a person with high neuroticism and third option is what occurs when a person's narcissism outweighs their capacity for decision making. 51 | The only acceptable option is the first option, which requires a few thought exercises: 52 | 1. You must known where your people are, which is accountability. This means the ability to instantly recite the position or assignment of each of your people from memory in a highly fluid environment which requires high intelligence. 53 | 1. You must know all of the tools and capabilities available to you and whom amongst your people and exercise which tools. 54 | 1. You must form relationships all external parties so that you know from whom to ask for help. High extroversion is helpful, but under the right stress conditions a highly introverted person will become as extroverted as they need to be. 55 | 1. You must form superior communication skills. Some of the stress you feel as a leader will be passed onto the soldiers you manage and as a leader you must continue to exert influence and motivation while simultaneously requesting assistance from peers and keeping senior leadership informed of current status and confidence levels. 56 | 57 | These are all capabilities that can be shaped and formed in an extremely short time provided strong examples, possibly a mentor, a necessary minimum level of intelligence, and the proper stress conditions. 58 | This applies even to people who might normally not score highly in conscientiousness. 59 | For people who normally score extremely high in conscientiousness this will still present as a high stress situation as they will have to learn to abandon perfectionism in an environment where everything is close to imminent failure. 60 | 61 | ## Creativity 62 | Creativity is not necessary to achieve success in the military, but it is extremely helpful. 63 | There is a process for everything in the military whether it is strictly administrative, a computer information system, tradition, a standard operating procedure, or a commander's policy. 64 | Each of these things exist for a good reason to reduce some form of risk, but these many rules produce an environment that is highly restrictive. 65 | Creative people have a superior advantage in that they will find ways to circumvent some of these processes to accomplish the mission and then figure out how to bridge the gap between their creativity and a crime to ensure a viable solution. 66 | People lacking creativity will never be able to do this and so are limited to the channels provided. 67 | 68 | ## Athleticism 69 | Athleticism is always important. 70 | Most soldiers are not infantry soldiers dodging bullets from day to day. 71 | Athleticism is important because it increases intelligence, increases confidence, increases stamina/endurance, and lowers risk of injury. 72 | Even for people working in an office typing on a keyboard these factors of health are always important and contribute to job success. 73 | 74 | ## Leadership in the reserves 75 | The reserves is a part-time military force. 76 | Reservists meet for two planned days per month and an additional two week training period per year. 77 | This means leaders have two days to accomplish all the administrative responsibilities their active duty counter-parts have the entire month to accomplish. 78 | This means, for leaders, a monthly meeting can feel like a non-stop sprint. 79 | In many cases there are additional tasks that must be performed outside the scheduled meeting times. 80 | For example this year I attended two conferences, a site survey, and a variety of meeting/planning activities in addition to my administrative/mission requirements that fill my planned meeting days and I have to balance that against the time time requirements of my civilian job. 81 | 82 | ## Pareto Principle 83 | In psychology the [Pareto Principle](https://en.wikipedia.org/wiki/Pareto_principle) states that 80% of outcomes result from 20% of participants. 84 | This means that provided a pool of software developers 20% of people are contributing 80% of the results. 85 | The Pareto Principle explains the so called 10x software developer who achieves 10 times the results of their peers, but its more dramatic than that. 86 | Software developers who exemplify the Pareto Principle, the 10x developer, tend to see evidence of this frequently because they can readily identify it apart from the noise. 87 | Software developers who don't exemplify the Pareto Principle have trouble identifying this principle at all with many doubting it even exists. 88 | 89 | Army Reservists are in an ideal position to identify the Pareto Principle in a variety of careers, and frequently exemplify this phenomenon themselves. 90 | One explanation for this is a diversity of experience not shared by other people. 91 | An army reservist has two separate careers, often in unrelated industries, that allow for comparisons of success and failure that other people are incapable of seeing. 92 | 93 | Another explanation is that a part-time military is itself an example of the Pareto Principle. 94 | The military asks for a lot of contribution for what is otherwise a tiny part-time job. 95 | I have never had a civilian job, as a software developer, set such high expectations or require an equivalent level of responsibility despite occupying 90% of my employment time and paying considerably more. 96 | 97 | I suspect a major factor contributing to the Pareto Principle is candidate selection. 98 | In the military candidates are selected for promotion either as a result of an candidate submitting a promotion packet or as a result of the needs of the Army to fill a shortage at the next higher level. 99 | The military has a variety of measures and an elaborate education system to determine selection criteria that simply don't exist in the civilian world. 100 | Furthermore the military will often promote soldiers into higher levels of responsibility and the soldier is expected to figure it out with proper mentorship. 101 | In the civilian world, especially as a software developer, appropriate candidate selection often isn't clearly understood. 102 | Regardless of job the military generally has a good idea of what defines a good soldier and a good leader, but software does not appear to have any idea why some software developers out perform other developers by a factor of more than 10 fold. 103 | 104 | ## Qualities of a good military leader 105 | All of the excellent leaders I have encountered share some personality traits: 106 | * Low agreeability 107 | * Low neuroticism 108 | * High conscientiousness 109 | 110 | Of the psychology big 5 personality index I did not mention extroversion or openness, which is creativity. 111 | Most senior officers tend to be introverts, which I imagine is helpful in time management towards study and academics, but I have also met several extroverts as colonels and generals. 112 | Creativity is helpful and provides an edge over the competition, but isn't a requirement to achieve success in the military as the military is an extremely structured environment. 113 | 114 | Low agreeability is required to challenge authority, especially in a high authoritarian culture. 115 | The higher a soldier promotes into leadership the most important and pronounced this becomes. 116 | I have never seen such explicit low agreeability in the civilian world, except from people who are manipulative narcissists. 117 | From my own experience I can honestly say low agreeability is a quality that is crafted from experience as a result of stress conditions amid conflicting priorities. 118 | This one factor is what most striking differentiates military service from the depictions of military in the media. 119 | 120 | Low neuroticism applies to all soldiers in leadership at all levels of leadership. 121 | I imagine this quality is essential for staying cool to make calm decisions in combat. 122 | There is an infantry saying that explains it this way: *slow is smooth, smooth is fast*. 123 | That means be deliberate in what you do and always remain rational even when the world has flipped upside down, because you will complete the task earlier if you make fewer mistakes. 124 | 125 | Where I have seen low neuroticism having the largest influence during the course of my career is from commanders and persons running operations. 126 | There is a misconception, even among the active duty, that you need somebody with the personality of an aggressive nightmare hammer to run operations because operations are the staff that issues unit level orders and these people must not be intimidated. 127 | In my observations this line of thinking always ends in failure, because nobody trusts that kind of personality. 128 | Instead the most effective operations people are those people with an inhumane level of calm that knowns how to reduce friction and only pulls out their hammer as a last possible approach. 129 | 130 | That is interesting because in the civilian world women tend to score higher in neuroticism than men, but in the military some of the most calm and collected leaders I have ever observed where women. 131 | I suspect that is due to some combination of women who were naturally low in neuroticism, who brought it down even lower than natural due to their leadership development, and who had developed powerful communication skills that further elaborated the appearance of their calm. 132 | 133 | High conscientiousness is absolutely required for all military leaders at all levels. 134 | It does not matter if this is outside your normal personality. 135 | If you join the military young the stress conditions that will shape your perception of the world will allow you to expand your conscientiousness. 136 | For example I suspect I would score moderately low in conscientiousness, but under the right conditions I have found I can really kick this into extreme overdrive like a senior executive. 137 | I have also found that I can go a few months operating in an unnatural extremely high mode of hyper conscientiousness, but with too long a time duration it becomes a point of mental exhaustion as its not natural to my personality. 138 | 139 | ## Negative behaviors associate with military service 140 | The military is extremely appealing to persons with high risk personalities, such as persons that score highly in openness to new experiences. 141 | It takes an unusual person to want to jump out of airplanes with a full combat load or repel out of helicopters. 142 | These are high risk activities. 143 | 144 | High risk personalities are also the people most open to abuse drugs and alcohol as well as engage in high risk sexual behavior. 145 | Most sex crimes in the military tend to occur among young people and tend to involve alcohol. 146 | Sex crimes are reported in the military at a substantially higher volume than in the civilian culture outside the military. 147 | A small part of that distribution is reflective of a superior reporting process for sexual offenses in the military than in the civilian world, but that does not account for the significance of the disparity. 148 | The largest explanation for the disparity is a willingness for both the victim and perpetrator to put themselves into a high risk social situation that is resultant of high risk personalities and low maturing engaging in social contexts they would not as likely engage in outside the miliary. 149 | To be clear the victim of a sex crime can be a male or a female and though the perpetrator is most typically male females are statistically significant sexual aggressors in the military. 150 | 151 | The military also scores substantially higher in suicides comparative to the civilian world outside the military. 152 | There is a collection of factors that account for this as well: 153 | * Low adversity prior to joining the military 154 | * Depression 155 | * A loss of fear of death 156 | * Social isolation 157 | 158 | Social isolation appears to be a product somewhat unique to American social culture in general and may explain why Americans are at greater risk of suicide than citizens of many other nations. 159 | People more involved in rich social relationships are at a lower risk of suicide whether those relationships are family, community oriented, or social. 160 | 161 | Mental health illness, especially depression, is perhaps the most significant contributing factor towards suicide. 162 | Combat medics, for example, are 3 times more likely to develop post traumatic stress disorder than the infantry personnel they perform with. 163 | As a result combat medics are more likely to attempt suicide than their infantry peers. 164 | Military personnel diagnose with PTSD substantially more frequently than the civilian world at large, which puts the military population at greater risk of suicide. 165 | 166 | In order to fulfill, but not necessarily to attempt, suicide the victim must overcome a fear of death. 167 | This is the one single factor that most differentiates military from the civilian world and simultaneously aligns the military suicide rates to those of law enforcement. 168 | In order to enter combat, or an equivalent high risk situation, you must overcome a fear of death. 169 | The ability to turn off that fear allows soldiers to be more effective at their jobs, but it also removes the most significant inhibition preventing suicide. 170 | 171 | The single factor that most specifically explains high risk populations within younger members of the military is the degree of adversity they have experienced before joining the military. 172 | The highest risk statical population are white males from middle income households who grew up in the suburbs. 173 | Conversely, the lowest risk statical population for suicide within the military are black females irrespective of additional identifiers. -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | Project Wisdom 2 | === 3 | 4 | I frequently see web developers struggling to become better, but without a path or any indication of clear direction. This repository is an attempt to sharing my experiences, and any contributions, that can help provide such a direction. 5 | 6 | The goal 7 | -- 8 | 9 | The goal of this repository is to provide some structure and educational direction for web developers so that they can earn that rockstar status at their own pace. 10 | 11 | The problem 12 | --- 13 | 14 | Many developers wish to earn rockstar status, but don't know how to get there. In my experience it isn't about being a better coder. I frequently see developers struggling to satisfy *how to write code*. That is only the beginning. Rockstar developers don't spend their energy intentionally trying to become better coders. If all you can do is merely write code then it doesn't matter how great you are, because you certainly aren't a rockstar developer. 15 | 16 | The solution 17 | --- 18 | 19 | Rockstar developers achieve their status through providing better solutions. When developers struggle all their energy on *how* to write code they loose focus of *what* to write more importantly *why*. 20 | 21 | I have found, in my experience, that through education in a wider distribution of subjects related to web technologies I have become aware of more problems to solve. Attempting to solve some of these problems provides the practice to make me a stronger developer, but it also challenges my perceptions of *how* to write code. Therefore I am constantly struggling through the *how to write code* like everybody else, but the primary difference is that it is often completely unintentional. I have found that by expending more energy questioning *why* I should do something I am unintentionally answering *how to do it* and learning far more at the same time. 22 | 23 | The implied difference between a *how* question and a *why* question is structure. There is no structure associated with answering a *how* question. The solution to help make stronger developers then is simple: **provide some clear educational direction**. Most developers are incredibly brilliant and disciplined at self-education. They just need a little nudge in the right direction and diversity of things to study. 24 | 25 | Contributions are welcome 26 | --- 27 | 28 | I'm not a rockstar. Anything written here is open to debate and challenges are encouraged. I want this to be a completely open project, so you wish to contribute please submit a pull request with your changes or open an issue for discussion. 29 | 30 | I am a huge fan of freedom of speech, but I will delete or remove any commentary at my discretion. Hateful, discriminatory, disrespectful, and otherwise negative communications towards another person will not be tolerated. So long as you focus on the subject matter instead of the author you should have no fear of censorship. 31 | -------------------------------------------------------------------------------- /state_management.md: -------------------------------------------------------------------------------- 1 | # State Management 2 | 3 | ## Overview 4 | State management is the means by which settings and configurations of an application are stored and applied. It is not associated with the collection or storage of human consumable content or contributions. 5 | 6 | ## Ingredients 7 | There are only 4 parts to state management: 8 | 9 | 1. State Artifact 10 | 1. Collection 11 | 1. Storage 12 | 1. Recovery 13 | 14 | ### State Artifact 15 | A state artifact is one or more data structures that retain an application's configuration. This is certainly the single most important consideration of state management. My preference is to use a single object that stores a collection of similar items where an item is a uniquely separated area of content or functionality as determined by your application. Contrary to many frameworks I strongly suggest separating the state artifact from the components represented by that state information. 16 | 17 | ### Collection 18 | Collection is the means by which the state artifact is updated. My preference is to write to the state artifact directly for a given piece of functionality, but many application frameworks will provide an API to solve this issue because they do not provide a single state artifact. I strongly suggest state updates via abstraction only as necessary to eliminate repetition in your code. 19 | 20 | ### Storage 21 | Storage is the means of writing the state artifact to a file. In the case of web technologies you have several different options: [cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies), [local storage](https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage), [IndexedDB](https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API), the file system, or a server side application. I strongly recommend not using cookies, because they are limited in size to 4kb per domain and are the slowest option available. My personal preference is to write state to the local file system if you are running local services, because this allows computer wide availability of the state data without a performance penalty. If a local service is not running on the given computer I recommend storing state data in either local storage or IndexedDB because they allow for a large volume of data storage without penalty of waiting on the network or a distant server. 22 | 23 | ### Recovery 24 | Recovery is the means of reading state artifacts from storage and applying this data to the application. A well written application only needs to apply state recovery on start up or page load. Many web frameworks will either ignore state recovery on page load or apply it every time a component loads or becomes available, which are both poor practices. 25 | 26 | ## Example using Shared File Systems 27 | [Shared File Systems](https://github.com/prettydiff/share-file-systems) is a peer-to-peer file system application I wrote in TypeScript with a full Windows-like GUI. In this application the various *windows* are internally referred to as modals. Each modal has a uniform data structure even though their content and functionality may differ wildly. I use a TypeScript interface named *ui_data* as my single storage artifact and the modals are defined as interface *modal*: 28 | 29 | 30 | ```typescript 31 | // https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/typescript/environment.d.ts#L22-L38 32 | interface ui_data { 33 | audio: boolean; 34 | brotli: brotli; // 0-13 35 | color: colorScheme; // a choice of string names 36 | colors: colors; // a data structure of two colors applied to allowed agents 37 | hashDevice: string; 38 | hashType: hash; // a choice of string values for user's choice of hash functions 39 | hashUser: string; 40 | modals: { 41 | [key:string]: modal; 42 | }; 43 | modalTypes: modalType[]; // a set of strings indicating the types of modals current opened to the user 44 | nameDevice: string; 45 | nameUser: string; 46 | storage: string; 47 | zIndex: number; 48 | } 49 | // https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/typescript/browser.d.ts#L149-L182 50 | interface modal { 51 | agent: string; 52 | agentType: agentType; 53 | callback?: () => void; 54 | content: Element; 55 | focus?: Element; 56 | height?: number; 57 | history?: string[]; 58 | id?: string; 59 | inputs?: ui_input[]; 60 | left?: number; 61 | move?: boolean; 62 | read_only: boolean; 63 | resize?: boolean; 64 | scroll?: boolean; 65 | search?: [string, string]; 66 | selection?: { 67 | [key:string]: string; 68 | }; 69 | share?: string; 70 | single?: boolean; 71 | status?: modalStatus; 72 | status_bar?: boolean; 73 | status_text?: string; 74 | text_event?: EventHandlerNonNull; 75 | text_placeholder?: string; 76 | text_value?: string; 77 | timer?: number; 78 | title: string; 79 | top?: number; 80 | type: modalType; 81 | width?: number; 82 | zIndex?: number; 83 | } 84 | ``` 85 | 86 | That is the entirety of the state artifact for that application. 87 | 88 | The state data is updated on each user interaction by directly writing to that object. Here are some examples: 89 | 90 | * Modal Deletion https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/browser/modal.ts#L42-L43 91 | * Modal Movement https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/browser/modal.ts#L686-L688 92 | * Modal Resize https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/browser/modal.ts#L814-L816 93 | * Save TextPad Text https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/browser/modal.ts#L1016-L1017 94 | 95 | In those examples state changes are assigned to the state artifact directly and then stored using the `network.settings` method. This method issues an XHR to a local service with the state artifact which is then written to a file named *configuration.json*. This occurs frequently. The slowest part of this process is actually writing files to disk. The application addresses this by first writing to a randomly named file and then renaming that randomly named file to the correct *configuration.json* thereby overwriting the older data. It is faster to rename a file than to write a new file, so this effort is used to prevent conflicts and race conditions that may arise from writing to disk too frequently. This occurs in the application at: https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/terminal/server/settings.ts 96 | 97 | The recovery process involves multiple steps. When the page is requested from the local service the *configuration.json* file is read from disk as well as the page's HTML file and other stored data. The contents of the configuration.json file, and some other data, are embedded into an HTML comment and injected into the bottom of the page HTML. See: https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/terminal/server/methodGET.ts#L75-L99 98 | 99 | The local service responds with the HTML. A JavaScript file executes automatically as the page is parsed into the browser and this JavaScript walks the DOM to find that comment and extracts the embedded data, which is then assigned to the state artifact data object over the default data structure. See: https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/browser/localhost.ts#L232-L241 100 | 101 | Using the state data the JavaScript recreates each user interface artifact order to the parameters provided in the state artifact. See: https://github.com/prettydiff/share-file-systems/blob/06e7ae50e753e7f54867fdb571ab384be7815ab7/lib/browser/localhost.ts#L471-L490 102 | 103 | ## Conclusion 104 | State management is trivial easy. Don't over think this. This is something any developer can easily perform without a framework. --------------------------------------------------------------------------------