Writing a Fuzzing API with Clojure’s test.check

I’ve written before about testing CSS using a fuzzing API. Having relied on my fake, random API over the last several months, I’m confident that it’s a tool I’ll use on all my future projects. Besides supplying the app with random data, it’s also given me an unprecedented ability to customize the fake API’s behavior and test unusual and hard-to-reproduce scenarios. In this post, I’ll walk you through the key components of my API and some ways that I’ve used it.
Read more on Writing a Fuzzing API with Clojure’s test.check…

Authentication and Authorization: OpenID vs OAuth2 vs SAML

My current project at AO has provided a lot of opportunity to learn about web security and what’s going on when you click that ubiquitous “Sign in with Google/Facebook” button. As both a computer developer and an end user, I want applications that are secure without being too difficult to use.

Read more on Authentication and Authorization: OpenID vs OAuth2 vs SAML…

Avoiding “Undefined is Not a Function” with Constants

How many times have you come across JavaScript’s “Undefined is not a function”? Too many. JavaScript is known for being so flexible that it’s easy to create unintentional bugs.

One way we can add structure to JavaScript code is to make a habit of using constants. Constants pair well in JavaScript with JS’s powerful object data structure, and they can prevent all kinds of problems, Read more on Avoiding “Undefined is Not a Function” with Constants…

Bye-Bye, Sinon – Hello, testdouble

UPDATE: Justin Searls, the author of testdouble.js sent me an email with some notes on this post.
I’ve added some his comments below to provide some additional context.

I’ve been working in JavaScript-land for the last little while, writing lots of Node.js code. Since I practice TDD, I’m always trying to keep my eye on the best new ways to test JavaScript code. Read more on Bye-Bye, Sinon – Hello, testdouble…

4 Types of APIs and When to Use Them

Most apps today draw a strong line between the server and the client. The client, maybe a single-page web application or a native mobile app, focuses on the user-facing features, while the server provides the data and a way to update it. Atomic has done a lot of projects this way, and we’ve found it’s a solid way to decouple the core business logic and database from different platforms.

Decoupling the client from the server means we can use an alternative back-end instead of the eventual production server. Several projects I’ve worked on have used this ability to keep development on the client moving forward, even though the actual production back-end wasn’t ready yet. Ryan wrote about the benefits of fake APIs like this a couple of years ago. But there’s more to swappable back-ends than fake APIs. Different situations call for different servers with different powers.
Read more on 4 Types of APIs and When to Use Them…

JavaScript Promises – How They’ll Work Someday

In my last two posts, I showed you how JavaScript Promises, an ES6 API that streamlines and simplifies asynchronous programming, work—and how they can break.

In this final post in the series, I will show you how you can reduce the pain of working with Promises using new JavaScript language features–if your target environment supports them. Read more on JavaScript Promises – How They’ll Work Someday…

JavaScript Promises – How They Break

In my previous post, I took you through an introduction and gave a peek under the hood for ES6 Promises, showing you how they work and how to use them. Today, I’m going to talk about how JavaScript Promises can break. Hopefully, this will equip you to track down Promise bugs in code that fails in mysterious ways. Read more on JavaScript Promises – How They Break…

JavaScript Promises – How They Work

JavaScript literally cannot do two things at once—it is single-threaded by design. To operate in the browser, where lots of tasks are going on concurrently at all times, it uses events. All you have to do is register an event handler that will execute when something interesting happens.

But the event model, while quick and easy for responding to things like user input, becomes unwieldy when chaining together sets of “do this, wait for that” tasks.

In ES6, we have a standard model for this: the Promise object. Read more on JavaScript Promises – How They Work…