Jons Mostovojs @jonn@social.doma.dev

My Sunday Feeling

#doauth

My very first #ecto validator.

At first I was kind of repelled by the notion of validators in ecto because, as Alexis King teaches us mere mortals, "parse, not validate".

But then I realised that ecto validators don't discard error / success information (see xor_mark_as_required and xor_insert_errors). So I am content.

#elixir #myelixirstatus

Oh yeah, baby, nice UX to insert stuff into the database.

Important bit is that we just supplied PK as a string and we let Ecto figure out how to fetch it...

I wish there was a cache layer so that I don't have to query stuff every time I make a changeset...

#doauth #myelixirstatus

There isn't much that is similar to a pure joy of using new technology for the first time.

My first insert into an #ecto-powered #pgsql:

#myelixirstatus #postgresql

Write good commit messages.

Had to look up a hint for "the Goat Puzzle".
So embarrassed, I think I could've solved it, since I've spotted the main element of the puzzle myself.

A huge milestone for #doauth.

The architecture and data flow spec is encoded in #SQL.

While thinking about a way for #doauth users to control their identity, disclosing nothing by default AND high availability / replication, I came up with the notion of disclosure event logs.

After just a little bit of tinkering with the definition, it turned out that it's getting modelled with existing approach to credentials / claims really well.

I love that immediate positive feedback on design and architecture.

#doauth

https://doma.dev/blog is live for 25 days. Here is a rough distribution of visitors by country.

(Thanks, @plausible!)

"asphalt... and trouble"

I'm really bummed out by the fact that #elixir doesn't come with a property-based test engine.

Since propex is unstable right now, I write plain stupid unit tests and hate every moment of this bullshit.

#myelixirstatus #elixir #doauth

URI implementation: one of the few reasons why you might want to have optional values.

#doauth #did

Asked my first question on W3 IRC!

#doauth #did #vc

Basically dependent types, amirite? #elixir #myelixirstatus

Work slack has some interesting guests today.

Of course, libsodium23 is the name of the package containing libsodium 1.0.18.

Why wouldn't it be.

Sometimes I miss #nix and #nixos.

I used to overengineer, now I overpolish.

Should learn how to stop at "good enough".

#doauth #chappy

Hot take: calling protocols like CHAP "authentication" protocols just because they prevent MITM (frontrunning) and replays, is misleading and yields a ton of vulnerable software.

People at best think of authentication as something to do with identity, not as of a way to validate integrity of an API request.

I'm currently making a CHAP-inspired implementation, and I think, I'm managing to document it well enough without claiming that it's an "authentication" solution.

Purple all around on the softs for the two Mercedes. I really can't wait for quali 🦖 Hoping for a real fight with Red Bull this season.

Also, I don't even waste time thinking about who's going to be the top of the mid-field, completely unpredictable.

Vettel is back, baby! Really hoping for a good performance this season to prove that toxic teams like #Ferrari don't boost the results with their shitty culture.