A couple months ago a bunch of my most active twitter followers were migrating to the federated open-source social media platform Mastodon. Instead of a single centralized service, its a wide collection of independent instances that are able to “federate” together. Some have compared it to email: You can pick any host (instance) you want, and mostly still communicate with anyone on different hosts. Theres nothing stopping gmail users from sending things to hotmail users, for example.

I found this very interesting and naturally wanted to run my own instance to check it out: thus was born social.mattburkedev.com.

Hi CodeMash attendees! If you’re here you probably came to my talk on Friday about being a new lead developer. We talked at length about building trust through 1:1s and how to give feedback effectively. I really hope it will prove helpful

I had fun speaking with everyone after the session and trying my best to answer your great questions.

The slides are here and I’m also curating some more resources on the talk page.

If you have additional questions, I’d be happy to chat with you further. You can find me on Twitter at @mattburkedev¹, LinkedIn and I’m trying out Mastodon on my own instance at @matt@social.mattburkedev.com.

Thanks again to all the hard working CodeMash organizers and sponsors for making it such a great event! And shoutout to my team at Viagio Technologies for teaching me so much and making it possible for me to attend.

I’ve been working on a project that needed some integration tests. Before any tests in a suite run, I wanted to open a connection to the database and do some other setup. At the end of the suite, I wanted to close the connection and tear down cleanly.

Jest has beforeAll and afterAll hooks that run before and after all tests in a test suite, which is basically what I wanted. But I don’t want to copy and paste the same code into every test file. I could of course just export some shared functions, but anytime someone adds a new test they have to remember to implement beforeAll and afterAll correctly. That seems annoying: I really wanted a “mixin” that I could easily bring in that would automatically apply the hooks to the test suite.

This year we completed a project in the medical space where we leveraged FHIR as the data storage mechanism. FHIR is the Fast Healthcare Interoperability Resources specification and defines a data model, interchange format (xml or json) and REST API specification for disparate systems to exchange healthcare data. Previously, every medical system would expose its own APIs and data interchange mechanisms, and so to write some middleware syncing things together, you needed to speak a lot of protocols and translate between them. With FHIR, each system should ostensibly speak the same protocol and simplify a lot of work for the implementer.

Here’s some miscellaneous observations from working with it.

To avoid socket exhaustion/, you need to pool HttpClient instances and inject them into FhirClient. The default constructor will instantiate its own HttpClient, which can leak sockets and cause latency spikes in your app.

You can use IHttpClientFactory to help with this. See the documentation for all the nitty-gritty details.

We have an app we’re working on that has been experiencing some weird inconsistent latency spikes in Azure. It’s a .NET 6 (C#) REST API on a P1V2 Linux AppService and using Azure Health Data Services - FHIR API as the primary data store¹. While this post discusses the Azure FHIR service, the findings apply to any third party HTTP service your app uses.

Load testing the app indicated really high latency spikes every couple of minutes. Most requests were well under a second response time, but after awhile it would spike up to over a minute, sometimes encountering socket timeouts. This was not even a particular big load test, just five users clicking on a listing page and then accessing the details page of a random item. Maybe 2-3 requests per second.

Just look at this thing. I’m completely astounded at its capabilities.

Most .NET developers are familiar with using the [Authorize] attribute on their controller actions to specify access requirements for certain operations. It’s often combined with a Role property to require the current user to belong to a certain role. Recent versions of .NET and .NET Core introduced a Policy authorization mechanism as well.

Instead of specifying a Role you can specify a required Policy. This is an improvement because we can get a little more precise: an operation requires the Read permission policy, not simply that the user belongs to the Admin role. Flexibility! We can easily change what permissions are granted by each role, and have very little code to change.

This all works pretty well for coarse permissions like “can this user read things in general?” but it is insufficient for the more complicated case of evaluating access to particular resources and entities in the system. Just because the user is in the right role or group to grant them the ReadRecipe permission doesn’t mean they have access to “this particular recipe”. Handling rules like that requires a bit of custom code, but ASP.NET Core provides some hooks that can help us make our business logic clear, without being too muddled with authorization concerns.

What follows is a sketch of my approach to resource based authorization.

I think using prettier on your front end projects is a great idea.

Prettier is code formatting tool. When you run it over a file, it reformats it according to some configurable rules. You can configure most editors to run it on save, or put it in a git pre-commit hook.

UPDATE: I’ve landed on my feet at Artisan Technology Group. Thank you to everyone who reached out with contacts and assistance.

I have greatly enjoyed my time at The Nerdery. Unfortunately, after 4+ years of service, the regional office where I worked was shut down.

For the first time in almost a decade I suddenly find myself out of work. I am immediately available for hire in senior or team lead positions in .NET or Javascript. While much of my career has been in consulting companies, I would also be interested to try working for a product company. In either type of role, one of my main interest is in getting opportunities to guide and mentor newer developers and help them level up their skills and careers.

If you are looking to fill roles similar to this, please get in contact with me at hello@mattburkedev.com. Further contact information can be found on my CV. See also my LinkedIn profile for additional detail and recommendations from my previous coworkers.