September 2023 Summaries
8 posts from Vercel
Filter
Month:
Year:
Post Summaries
Back to Blog
Here's a neutral and interesting summary of the provided text:
CSRF attacks trick users into executing unwanted actions on a web application where they're currently authenticated, often without their knowledge or consent. These attacks occur in multiple steps, including identifying vulnerable sites, creating malicious requests, and tricking an authenticated user into triggering the request. To prevent CSRF attacks, developers can implement anti-CSRF tokens, which add an extra layer of security by requiring state-changing requests to include a token that the server verifies. Additionally, using SameSite cookies, checking Referer headers, avoiding GET for state-changing operations, and reserving POST for actions are effective measures against CSRF attacks, enhancing both security and predictability in web behaviors.
Sep 29, 2023
1,024 words in the original blog post.
Optimizing web fonts is crucial for branding and user experience, as inconsistent rendering of these fonts can cause unintended shifts in layout. The font-display property allows developers to control the behavior of web fonts by setting it to various strategies such as block, swap, fallback, optional, or auto. Ensuring consistency with fallback fonts requires careful selection and adjustment using CSS descriptors like size-adjust. Reducing download times is achieved through resource hints like preconnect and preload. The next/font module in Next.js automates many font optimization tasks, including downloading the web font at build time, adding a fallback font, automatically preloading the font, calculating necessary measurements, and improving performance and user experience.
Sep 26, 2023
830 words in the original blog post.
Whop, an online marketplace for digital products, transformed their platform by migrating from Ruby on Rails to Next.js and then adopting App Router for improved page speed and developer experience. The company achieved significant improvements in their Real Experience Score, percentage of Good URLs, and Core Web Vitals, showcasing the power of modern web development tools like Next.js and App Router. Whop's commitment to speed, scalability, and developer experience has paid off with impressive performance gains and a more streamlined development process.
Sep 21, 2023
669 words in the original blog post.
L’Officiel Inc., a century-old fashion media group, migrated from a Ruby on Rails stack to Vercel and Next.js to achieve improved developer and end-user experience. The company aimed to optimize its site for SEO visibility and reduce the burden of infrastructure management. After a zero-downtime migration, they observed a 60% increase in site traffic across multiple countries, thanks to the optimized fonts, images, and user experience provided by Next.js and Vercel. With Vercel's Managed Infrastructure, L’Officiel could focus on user and brand experiences instead of managing their backend infrastructure, resulting in a more streamlined workflow and reduced overhead for the team. The company is now excited to see what the next century will bring with their new tech stack in place.
Sep 21, 2023
664 words in the original blog post.
Vercel has achieved the ISO 27001:2013 certification, further strengthening its commitment to security in its Frontend Cloud. This globally recognized standard provides a framework for establishing and maintaining information security controls, which Vercel aims to uphold through ongoing surveillance audits and continuous improvement processes. With this certification, Vercel demonstrates its dedication to safeguarding customer data while maintaining trust, and its position as a trusted partner in providing innovative tech solutions. The achievement of ISO 27001 solidifies Vercel's commitment to security, which is fundamental to successful Frontend Cloud adoption, and enables the company to continue offering robust solutions that empower organizations to build and deploy secure web applications with confidence.
Sep 12, 2023
480 words in the original blog post.
The text discusses the importance of creating an optimal developer workflow, which directly impacts a company's bottom line. Poor developer experience can lead to slow builds, tech debt, configuration and maintenance issues, and friction in collaboration, resulting in hidden costs such as lost productivity, sunk costs from outdated infrastructure, opportunity costs from bogging down workflows with customization, and cultural effects on team morale. To overcome these roadblocks, the text suggests prioritizing speed up feedback loops by using tools like CI/CD pipelines, choosing open-source and zero-configuration solutions, and enabling collaborative feedback across teams. Additionally, it emphasizes the importance of removing bad workflows, allowing developers to focus on creating unique experiences through code.
Sep 12, 2023
1,274 words in the original blog post.
Hydrow, a personal rowing machine and immersive workout content provider, was looking for a seamless digital experience for its users, but found that Shopify Liquid and WordPress offered limited custom, dynamic content capabilities. The company needed to create an ecosystem where content authors, designers, and marketers operated seamlessly, with real-time content updates, streamlined collaboration, and an unparalleled user interface. Hydrow chose Contentful as the headless CMS, Next.js for dynamic content, and Vercel for a managed infrastructure, enabling them to move away from managing their own architecture and achieve elastic scalability. The solution provided several wins, including peak web performance, drastically cut authoring time, real-time content updates, seamless collaboration, and infrastructure stability. With this transformation, Hydrow now has plenty of headroom to grow and quickly develop new ideas.
Sep 11, 2023
1,702 words in the original blog post.
We've been porting Turborepo, a high-performance build system for JavaScript and TypeScript, from Go to Rust. After implementing global turbo and command line argument parsing in Rust, we split the code into two binaries: one Rust and one Go due to compatibility issues with Alpine Linux. We then ported auxiliary commands like login, link, and unlink, which were relatively simple. However, running and pruning, the core commands that do most of the work, proved challenging. We considered strategies for incremental migration, including building from scratch, writing a trampoline function, adapting the daemon, or using protobuf to communicate between Rust and Go. After weighing options, we settled on the "Rust-Go-Rust sandwich" approach, where a Rust binary calls a Go binary, which in turn calls Rust libraries statically linked into the Go binary. This allowed us to port individual dependencies incrementally and tackle the codebase through testing and debugging. With this setup, we released Turborepo with cross-platform compatibility for 6 targets: Windows x86-64, Windows ARM, Linux x86-64, Linux aarch64, macOS x86-64, and macOS aarch64. The Go sandwich proved to be a complex solution, but it ensured that our users continued to receive new features without stalling the release process.
Sep 08, 2023
2,576 words in the original blog post.