Gonçalo Valério

Blog

blog.ovalerio.net/

Profile

blog.ovalerio.net/archives/aut

Homepage

ovalerio.net

  • worker-planet

    Some time ago I wrote about using “Cloudflare Workers”, first as a way of adding Content-Security-Policy headers to your pages (when you don’t have other easy ways of doing it) and after I even built an easy to deploy DDNS solution on top of them. This time I just used this tool to build a…

  • Django Friday Tips: Password validation

    This time I’m gonna address Django’s builtin authentication system, more specifically the ways we can build custom improvements over the already very solid foundations it provides. The idea for this post came from reading an article summing up some considerations we should have when dealing with passwords. Most of those considerations are about what controls…

  • My picks on open-source licenses

    Sooner or later everybody that works with computers will have to deal with software licenses. Newcomers usually assume that software is either open-source (aka free stuff) or proprietary, but this is a very simplistic view of the world and wrong most of the time. This topic can quickly become complex and small details really matter.…

  • And… the blog is back

    You might have noticed that the website has been unavailable during the last week (or a bit longer than that), well, the reason is quite simple: It took sometime but the blog was finally put online again, new content should be flowing in soon. And kids, don’t forget about the backups, because the good old…

  • Django Friday Tips: Subresource Integrity

    As you might have guessed from the title, today’s tip is about how to add “Subresource integrity” (SRI) checks to your website’s static assets. First lets see what SRI is. According to the Mozilla’s Developers Network: Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from…

  • Documentation done right

    One critical piece of the software development process that often gets neglected by companies and also by many open-source projects is explaining how it works and how it can be used to solve the problem in question. Documentation is often lacking and people have an hard time figuring out how they can use or contribute…

  • 10 years

    The first post I published on this blog is now 10 years old. This wasn’t my first website or even the first blog, but it’s the one that stuck for the longest time. The initial goal was to have a place to share anything I might find interesting on the Web, a place that would…

  • Django Friday Tips: Permissions in the Admin

    In this year’s first issue of my irregular Django quick tips series, lets look at the builtin tools available for managing access control. The framework offers a comprehensive authentication and authorization system that is able to handle the common requirements of most websites without even needing any external library. Most of the time, simple websites…

  • Mirroring GitHub Repositories

    Git by itself is a distributed version control system (a very popular one), but over the years organizations started to rely on some internet services to manage their repositories and those services eventually become the central/single source of truth for their code. The most well known service out there is GitHub (now owned by Microsoft),…

  • Django Friday Tips: Inspecting ORM queries

    Today lets look at the tools Django provides out of the box to debug the queries made to the database using the ORM. This isn’t an uncommon task. Almost everyone who works on a non-trivial Django application faces situations where the ORM does not return the correct data or a particular operation as taking too…

  • The app I’ve used for the longest period of time

    What is the piece of software (app) you have used continuously for the longest period of time? This is an interesting question. More than 2 decades have passed since I’ve got my first computer. Throughout all this time my usage of computers evolved dramatically, most of the software I installed at the time no longer…

  • Giving a new life to old phones

    Nowadays, in some “developed” countries, it is very common for people to have a bunch of old phones stored somewhere in a drawer. Ten years have passed since smartphones became ubiquitous and those devices tend to become unusable very quickly, at least for their primary purpose. Either a small component breaks, the vendor stops providing…

  • Why you shouldn’t remove your package from PyPI

    Nowadays most software developed using the Python language relies on external packages (dependencies) to get the job done. Correctly managing this “supply-chain” ends up being very important and having a big impact on the end product. As a developer you should be cautious about the dependencies you include on your project, as I explained in…

  • Dynamic DNS using Cloudflare Workers

    In this post I’ll try to describe a simple solution, that I came up with, to solve the issue of dynamically updating DNS records when the IP addresses of your machines/instances changes frequently. While Dynamic DNS isn’t a new thing and many services/tools around the internet already provide solutions to this problem (for more than…

  • Security.txt

    Some days ago while scrolling my mastodon‘s feed (for those who don’t know it is like Tweeter but instead of being a single website, the whole network is composed by many different entities that interact with each other), I found the following message: To server admins: It is a good practice to provide contact details,…