Articles
Serve Static Files during Development with Parcel
Serving static files like images is an essential ingredient for front-end development. With bundlers such as webpack and Parcel, this task has become as easy as developers could wish for. While this holds for the production environment of a front-end, matters are a little more complicated during development. parcel serve does not copy static files to the output directory during development, leaving developers on the outlook for a custom solution.published on 2022-09-11
Open Third-Party URLs in a SwiftUI App Using a Share Extension
There are two widespread ways of opening an URL with a SwiftUI app, namely custom URL schemes and universal links. Since the latter are not applicable for third-party URLs, I utilize a share extension combined with a custom URL scheme to open third-party URLs in a SwiftUI app.published on 2022-08-29
Infinite Scrolling List for Paginated Results from GraphQL with SwiftUI
Creating a list in SwiftUI is pretty simple. To populate lists, we usually refer to other data sources, e.g., an API. This way, the items in the list can easily exceed the available vertical display space which automatically makes the list scrollable. However, the API used as the list’s data source may not return all items that satisfy the corresponding request. Rather, the returned results are paginated where only one of the pages is returned at a time. To enable the user to scroll through the list of all items seamlessly, we refer to the paradigm of infinite scrolling.published on 2022-07-06
Synced Realm on iOS with SwiftUI using Sign-in with Apple for Authentication
Some apps store sensitive user information that requires authorized access. For example, an app may store a user’s first and last name which should not be accessed by any other user. As such, these apps need to integrate with authorized data storage. On iOS, two commonly employed technologies for authentication and authorized data storage are Sign-in with Apple and Realm, respectively.published on 2022-06-11
Security Vulnerability in GitLab: Sending Arbitrary Requests through Jupyter Notebooks
With GitLab 14.3, the DevOps platform fixed a security vulnerability that enabled an attacker to impersonate a victim while sending arbitrary HTTP requests. Exploiting this vulnerability would allow an attacker to gain maintainer access to a third-party project, for example. This exploit was possible due to a stored XSS vulnerability in the rich representation of Jupyter notebooks. Combining the lack of HTML sanitization with an npm package used by GitLab triggered an arbitrary HTTP request on behalf of the victim, impersonating them.published on 2022-02-10
Migration of a dockerized MySQL database with SQLAlchemy and Alembic
The data models in a database evolve with the development of a codebase. Hence, applying changes to these data models is a common task of developers. While tools like SQLAlchemy and Alembic come in handy to accomplish these tasks, using Docker for the development process adds another layer of challenges on top. In this article, I showcase the migration of a dockerized MySQL database in Python with the aforementioned tools.published on 2021-01-02