Rietta.com Security
You are reading The Rietta Blog, a publication about the web since 2005. If you enjoy this, you may also want to subscribe via RSS.

Prevent an Outdated and Broken Bin/setup With This Simple Trick

Having a good bin/setup is very essential to having a quick onboarding time as well as getting your environment back up and going in case of emergency.

But how often do you run this bin/setup if it’s only ran when you setup your repo? Most developers setup their environment only every once in awhile. What happens when changes to the codebase happen and the bin/setup isn’t modified as well?

Writing a Good Bin/setup

Nothing is better than cloning a code repository, running the bin/setup, and everything about the project just works. It’s the developer equivalent of waking up before your alarm goes off and realizing you can sleep for another two hours.

A good bin/setup can mean the difference between a frustrating on-boarding process and a fantastic one.

When you have a completed bin/setup, you have an easy way to get new and existing developers up and running quickly, stress-free. It can also streamline continuous integration setup and maintenance. A good bin/setup gives you peace of mind when setting up a new machine and offloads the mental work of project setup to a verifiable tool.

Deep Work and Remote Work

The ability to deeply concentrate and sink your teeth into a task is more valuable than ever, and yet, our attention has never been more scattered at work. Slack, email, and social media beg for our attention, and a lot of the time, it’s the path of least resistance to give in to the urge to check Reddit. There is a better way to work. The antidote to the scattering of our attention and lack of using our mind’s full potential is deep work.

Automate Scheduled Security Scans With CircleCI

Continuous integration is a now common way of having constant feedback for teams. Being able to verify new code on whether it is working is important, but what about CVEs? CVEs are reported and patched constantly by open source communities and unless your team is scouring the web for dependency vulnerabilities daily, it can quickly become difficult to keep up. Not only time consuming, but if they are not dealt with swiftly, they will pose as a risk to the well-being of your business and user base. At Rietta, we have automated security scans by utilizing scheduled workflows on CircleCI. This blog post will briefly go over how you can set up an automated security scan that will help boost confidence when dealing with CVEs.

6 Easily Avoidable Mistakes New Developers Make When Asking for Help Online

The majority of software development includes asking a lot of questions. Administrating the Ruby On Rails Link Slack, I’ve seen some of the best and worst questions asked.

Good questions save time and effort for both the asker and answerer, follow these tips to become a superstar question asker and super power your development cycle with and without community assistance.

Migrate Away From SSL/Early TLS for PCI Compliance

Systems that handle payment information, particularly e-commerce systems, are regulated by PCI DSS. Changes to the PCI compliance requirements have reclassified the use of outdated and insecure versions of TLS (and its predecessor, SSL) as non-compliant. This has some significant impact across the software industry as the changes went into enforcement today, June 30, 2018. The key takeaways for us as web application developers are that we must ensure that our deployed systems are using modern and secure TLS configurations, and that we should now do so at the expense of supporting legacy web browsers that are non-compliant, namely old versions of Internet Explorer and Windows.

3 Developer Onboarding Tips From My Recent Experiences

Starting out in a new job can bring about feelings of excitement and eagerness. Those emotions can also be accompanied with doubts about being useful, anxiety, and imposter-syndrome. Having experienced everything listed above, I’ve learned some strategies to help overcome the negatives and be proactive.

Working with the Rietta team has been an amazing experience with comradery and mentorship. This article briefly explores my experiences at Rietta to help equip new developers with a plan to synergize and grow with a new team.

Harvest vs. Productive.io


Choosing a time tracking and invoicing solution can be tricky. There are a lot of different options and the best solution for your company might differ from other companies. This article compares and contrasts Harvest and Productive as of .