I recently had to figure out client-side mTLS certificates. I've never had to deal with them before, and it was quite annoying, so I documented what I learned.

Npm has recently been making a lot of changes around package publish security because of recent supply-chain attacks targeting Npm.

What does this mean for the lonely dev self-publishing packages from their local CLI?

A quick guide on setting up a minimal but secure HTTPS web server on a Debian (12) Linux server.

To create and authorize a new SSH:

1. Run ssh-keygen -t ed25519 on the client machine.
2. Enter an absolute path to your .ssh folder and the name of the id (id_*).
3. Enter a new passphrase twice.
4. Upload the *.pub file to whatever service the SSH key is for, or add it to ~/.ssh/authorized_keys on the host machine.
5. Add the following to the client machine's ~/.ssh/config file (for macOS at least). Be sure to fill in the <fill-me> parts

   Host <choose-a-name>
       HostName <ip-or-domain-here>
       User <username>
       AddKeysToAgent yes
       UseKeychain yes
       IdentitiesOnly yes
       IdentityFile ~/.ssh/<your-non-pub-id-file-name>
   
6. Connect with ssh choose-a-name (use the name you entered next to Host in the config file).

For cleaner tsc (TypeScript compiler) output: pipe its output into my package tidy-tsc:

npm i -g tidy-tsc

npx tsc | tidyt
npx tsc -b | tidyt # etc.

# in one of my packages
npm run compile | tidyt

| tidyt cleans up the tsc output so instead of seeing tons of logs for every single file's errors like this:

src/file.ts:9:18 - error TS2304: Cannot find name 'missingValue'.
9 const value = missingValue;
                ~~~~~~~~~~~~
src/file.ts:18:15 - error TS7006: Parameter 'char' implicitly has an 'any' type.
18         .map((char, index) => (index % 2 ? char.toUpperCase() : char.toLowerCase()))
                 ~~~~
src/file.ts:18:21 - error TS7006: Parameter 'index' implicitly has an 'any' type.
18         .map((char, index) => (index % 2 ? char.toUpperCase() : char.toLowerCase()))
                       ~~~~~
Found 3 errors.

All you see is this:

Failed files (1):

src/file.ts

My (very) opinionated Git conventions. If you follow these, you will be much less likely to create messed up git histories, and your git setup will make much more sense.

An idea for a postmortem template.

Sleeping on macOS messes up Thunderbolt USB devices, so I just can't have it happening.

sudo pmset -a sleep 0

For good measure, also enable "Prevent automatic sleeping when the display is off" under System Settings > Energy

A guide on how to setup git commit signing through GPG and GitHub.

To show the macOS app switcher on all screens:

defaults write com.apple.dock autohide-delay -int 0
defaults write com.apple.dock autohide-time-modifier -float 0.1

To see the change, restart the Dock with killall Dock.