Author: Sergio Lema
-
5 Essential Tips for Securing Your Spring Application
In the world of application security, one weak point can bring everything crashing down. This article explores why layering multiple security measures—like password encryption, session management, and using third-party authentication—is key to protecting your Spring Boot application from potential threats. By combining these strategies, you can create a more resilient defense and minimize the risk…
-
Estimate a Task in Points or Time
In this post, I dive into the age-old debate of task estimation: should you estimate in time or complexity points? I explore the pros and cons of each approach, from the product owner’s need for clear timelines to the unpredictability of time-based estimates when different developers are involved. We also look at how complexity points…
-
Understand the Most Important DNS Records
After buying the domain name, each service provider allows me to configure the DNS records. Some are already in place at give conflicts with new ones. The questions I was asking to myself were: What is this record for? How do I add a subdomain URL? How do I test it? So, to better answer…
-
AWS API Gateway With A Proxy Lambda and Binary Content
Recently, I’ve decided to create a serverless web application. I’ve published my Spring Boot application into AWS Lambda. The thing is that in front of my AWS Lambda, I’ve used AWS API Gateway, and AWS API Gateway pre-format the payload when sending it to the Lambda.
-
Authenticate Your Spring Application With AWS Cognito
Recently, I needed to create an authentication system for one of my applications. But I need to create it quickly and securely. I may use a JWT with email and password, but people are lazy creating new passwords. So, I choose for a social Sign-In with AWS Cognito.
-
5 Tips to Maintain a Code Clean
In this article, I list 5 of the main points to keep a code clean. Organize the imports, use short methods, don’t use utility methods or classes, use a naming convention and use a code quality checker tool.
-
How To Create SSH Keys
In this article, I explain how to create SSH keys on Linux, MacOS and Windows, what are the main SSH keys types and how do they work in an SSH communication.
-
Code Review Tips
In the following post, I’ve written an extended list of all the items I check when I read a Merge Request.
-
Where To Write Documentation
I can use Word file, a private Wiki or write the documentation into comments inside the code base. Which one is the best? What are the advantages and disadvantages of each documentation? In this post, I explain 3 types of documentation, with their advantages and disadvantages.
-
When It’s Time To Refactor
Refactoring the code means review the existing code, extract duplicated code and remove unused features. This operation is never accepted by product owners, as it doesn’t produce any new feature. But refactoring the code base allows the developers to add more features faster. In the following post, I’m listing 3 metrics that must trigger a…
The Dev World - Sergio Lema 