Learn Flexbox with the Free Flexbox Zombies course

flexbox zombies

Flexbox Zombies is a brand new training course driven by a storyline where you use Flexbox and a crossbow to hunt zombies. Check out this video Dave Geddes, the course creator, posted for the launch:


Having just started diving into Flexbox this course couldn’t have come at a better time. It’s an interesting take on learning and should help reinforce memorizing all the different types of Flex options that are available.

The course is free with three chapters available, with the goal of having twelve available in the future. It’s free to start the course but it does require registration.

Github Now Allows You To Limit Who Can Delete Repos

Today, Github announced a new feature for organization owners that gives them the ability to limit who can delete repositories.

The setting is enabled by default, allowing organization members with admin permissions for a repository to delete it. When the feature is disabled, only organization owners will be able to delete the repository.

You can find this new setting under the organization settings page and “member privileges” tab.

github repository delete privileges

In the announcement, Github also said, “The next GitHub Enterprise release will include the same organization setting for repository deletion. In addition, there will be an appliance-level override that will limit repository deletion to only site-administrators.”

This is just a small change but will be beneficial for working in team environments.

VueUnit – Component testing utilities for Vue.js

VueUnit is a new library for Vue.js that makes it easier to create and unit test components. The project pages claims:

  • Easily test props, events, and slots (including named slots)
  • Optionally shallow render components
  • Simulate simple DOM events (click, input, etc.)
  • Use any test runner / assertion library

VueUnit renders all components in the DOM and needs to handle setup and tear down. VueUnit provides two helpers for this: beforeEachHooks() and afterEachHooks() when need to be called before and after each test, respectively.

The readme contains several examples in mocha, chai, sinon, and chai-jquery to get you started but it’s not limited to those. If you are interested in unit testing your Vue.js app, definitely check out this package.

Cloudflare Launches Orbit – A Private Network for IoT Devices

IoT devices are notoriously bad at security and hackers keep taking over large swaths of devices to launch massive DDOS attacks across the internet. One example comes from late last year when Krebs on Security, a security news site, wrote about a large scale attack. This is an example of what Cloudflare’s new service Orbit aims to help.

As we talked to IoT companies, over and over again we heard the same thing. In the consumer electronics space, IoT manufacturers were telling us that they were shipping patches to their devices, but their end users didn’t always download and install them. (Reserve your judgment, how many times have you pressed ignore when your phone asked you to update its operating system?) In the industrial control, medical and automotive spaces, where devices are used in life-critical functions, we heard a different story. Even if someone wanted to apply a patch, it just wasn’t that easy.

“Orbit sits one layer before the device and provides a shield of security, so even if the device is running past its operating system’s expiration date, it protects it from exploits”, Cloudflare says in in the announcement, “And while devices may be seldom patched, the Cloudflare security team is shipping code every day, adding new firewall rules to Cloudflare’s edge. Think of it like changing IoT to I*oT — devices can still access the Internet, but only after passing through Cloudflare where malicious requests can be filtered.”

Orbit looks like a helpful step in the right direction for getting IoT devices patched and updated in a reasonable manner, while also giving vendors more time when one-day exploits are found.

Airbnb Releases a React Sketch.app

Airbnb released a new open-source library named React-sketchapp that allows you to write React components that render to Sketch documents.

They said they’ve built this tool because managing the assets of design systems in Sketch is complex, error-prone and time-consuming. Sketch is scriptable, but the API often changes. React provides the perfect wrapper to build reusable documents in a way already familiar to JavaScript developers.

Getting started with this new tool is easy. Just be sure you are running Sketch 43+ and have a recent install of NPM. Then install it and run it with the following:

git clone https://github.com/airbnb/react-sketchapp.git
cd react-sketchapp/examples/basic-setup && npm install

npm run render

Even the code output from their example is not horrid like you might expect from a tool like this:

import { render, Text, Artboard } from 'react-sketchapp';

const App = props => (
    <Text style={{ fontFamily: 'Comic Sans MS', color: 'hotPink' }}>
      { props.message }

export default (context) => {
  render(<App message="Hello world!" />, context);

For more information check out their announcement and Github repo.

HipChat Security Breach

Yesterday, HipChat released a statement saying that their team had detected a security incident affecting a HipChat cloud tier and was caused by a vulnerability in a popular third-party library they used.

As a precaution, we have invalidated passwords on all HipChat-connected user accounts and sent those users instructions on how to reset their password. If you are a user of HipChat.com and do not receive an email from our Security Team with these instructions, we have found no evidence that you are affected by this incident.

In their announcement they believe the attacker may have accessed the following data:

  • for all instances (each of which is represented by a unique url—e.g. company.hipchat.com), the attacker may have accessed user account information (including name, email address and hashed password). HipChat hashes passwords using bcrypt with a random salt. Room metadata (including room name and room topic) may have also been accessed.
  • for a small number of instances (less than 0.05%), messages and content in rooms may have been accessed. We are contacting and will work closely with these customers.
  • for the vast majority of instances (more than 99.95%), we have found no evidence that messages or content in rooms have been accessed.
  • Additionally, we have found no evidence of unauthorized access to financial and/or credit card information.

Finally, they are confident they have isolated the affected systems and closed any unauthorized access. They are also working with authorities to investigate this breach.


Lyrebird – Copy the voice of anyone

Lyrebird, a Montreal-based startup, today announced a voice imitation algorithm that can mimic a person’s voice and have it read any text with a given emotion, based on the analysis of just a few dozen seconds of audio recording.

Based on their website it works by recording a one-minute audio clip of someone’s voice and the software can compress the voice into a unique key. Then, it uses this key to generate anything with its corresponding voice.

Here are a few examples from some politicians:

For more demo’s check out their website. This could be an interesting technology with lots of good and bad ramifications. They’ve included an ethics page with the disclaimer:

Voice recordings are currently considered as strong pieces of evidence in our societies and in particular in jurisdictions of many countries. Our technology questions the validity of such evidence as it allows to easily manipulate audio recordings. This could potentially have dangerous consequences such as misleading diplomats, fraud and more generally any other problem caused by stealing the identity of someone else.

By releasing our technology publicly and making it available to anyone, we want to ensure that there will be no such risks. We hope that everyone will soon be aware that such technology exists and that copying the voice of someone else is possible. More generally, we want to raise attention about the lack of evidence that audio recordings may represent in the near future.

Bad actors aside, I believe this will be a fantastic technology and bring all sort of new things. Now those introverts will be able to podcast without actually talking.

Apple Releases a JavaScript LivePhotosKit

Today Apple released a JavaScript API for live photos and you can now embed Live Photos on your website.

The integration looks simple and you can use their hosted JavaScript file or pull it in via NPM:

npm install --save livephotoskit

Next add the following HTML tags for the static image and one for the .mov file:

The tricky part is exporting the raw live photo and their documentation outlines how it can be done. I use iCloud to auto sync to the MacOS photos app and after it synced I just had to run the following, “Use File > Export > Export Unmodified Original to export to your file system”

This should breath new life into live photos by making them accessible on the web, but for storage, and family viewing Google’s Motion Stills app is really fantastic.

Wunderlist to Microsoft To-Do Preview Release

Wunderlist joined Microsoft in 2015 and they will begin retiring Wunderlist as you know it today. In the future it’ll be named Microsoft To-Do, and they’ve just launched the first preview release and the screenshots of the new app look fantastic:

This preview is available for download today and there will not be any new features brought to Wunderlist, however, they have built an importer to transfer from Wunderlist to the new To-Do app.

Passing by Value vs. by Reference

I’ve seen this awesome image shared by many of my friends on social media and it’s such a great way of explaining passing by value vs by reference.

Penjee is the source and they go more in-depth in their tutorial if you’d like to learn move about this.