In my estimation, I have given over 2,500 interviews in my career, the bulk of them for Software Engineer positions. I have been interviewing Software Engineers for over 25 years and in my current role as CEO of Solution Street, I conduct, on average, two interviews a week. Solution Street has been evolving its interview process for over 18 years, and we feel like we offer a pretty robust and fair process. In this article, I will give you the tips you need to put your best foot forward and succeed in your next technical interview.
Do’s for a Software Engineer Job Interview
First, let’s talk about interview Do’s. Based on my experience, here is my list of the top seven things you should absolutely Do!
WordPress is a free and open-source website building platform. Using WordPress, anybody can make any kind of website. Years ago, it started out as a blogging platform but soon transformed into a CMS and later into a full-fledged website building platform. Written in PHP and paired with a MySQL or MariaDB database, WordPress has a plugin and template architecture and an infinitely long ecosystem to power websites with plug-ins and themes (template).
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It organises applications in logical units of containers for easy deployment, discovery, management. Kubernetes is THE platform for running modern applications as scale, in a resilient manner with declarative configuration and automation.
The WordPress.org theme directory is becoming little more than a crippleware distributor. I suppose it was inevitable given its reach, which can be worth $1,000s/month for theme authors.
As I think back on that tweet from 2019, I realize how unfair it was to refer to the themes coming into the directory as “crippleware.” At the time, I was a part of the Themes Team (formerly the Theme Review Team). However, there were real cases of crippleware submitted to the directory when I wrote that.
To define crippleware: some themes blocked core WordPress features and made them available via the “pro” versions. It was one of the more blatant abuses of the free themes directory I had seen for a profit.
However, the term does not represent the majority of themes submitted. Most of what we see today are “lite” themes. Some of them are well-designed themes that provide value to end-users at no cost. Others are stripped-down versions of what you would typically see from a starter theme. While they are fully functional — the Themes Team’s rules have been strict on this requirement — the real value of the theme is in the upsell.
This is not the start of an anti-commercial theme rant. When WordPress developers and agencies are successful, it benefits the whole ecosystem. But, how do we balance that with providing value — which is subjective, I know — to the free theme directory? How do we transition the theme directory to something flowing with more artistic or even experimental ideas?
Guidelines and Stumbling Blocks
Matt Mullenweg, WordPress co-founder and project lead, posted the following on the Post Status Slack two weeks ago:
The .org theme directory is particularly bad when you compare it to any half-decent commercial theme marketing page, or the designs available on other site building services or Themeforest directories. The .org theme directory rules and update mechanism have driven out creative contributions, it’s largely crowded out by upsell motived contributions.
There is a lot to unpack in his statement. I agree with most of it. The Themes Team agrees with at least some of it. However, its members lack direct control over the system outside of the guidelines.
“I actually agree with this in a sense,” said Themes Team rep William Patton. “Creativity has not prospered in the directory, and I think a large part of it is the barrier of entry. ‘Don’t do bad things’ is the overarching guideline for the theme directory, but that can be viewed very subjectively. If it were the only guideline we would see a lot of things that might not be best suited here. If we want to encourage creativity then more freedom to express it would likely be a good way to start bringing it back. However, it can be hard to know where the line should be placed.”
The team sometimes gets pulled in two different directions. When the project lead asks for things to be more open, many members rally around that idea. On the other hand, the call for stricter accessibility requirements, for example, are popular with others in the community. It is a choice between two ends of the spectrum that are tough to pull together as the gatekeepers to the official directory.
“Why couldn’t it be more like the plugin directory?” asked Mullenweg. “That has all the same potential issues and has been working pretty well. I’d like it to work just like the plugin directory, with direct access for authors, and most reviews being post-review vs. pre-review.”
The Themes Team is not against the idea. More than anything, they just need the help to make any significant change.
“Having the themes directory work like the plugins directory would be great!” said Themes Team rep Ari Stathopoulos. “And, in fact, it’s something we’ve all been asking for years, but there are many technical challenges because they are built fundamentally differently. Plugin authors have access to their plugin’s SVN while themes don’t. Theme reviews are public while plugin reviews are private and closed. There would need to be lots of changes in systems and meta. Not to mention that, as far as I know, plugins don’t do post-reviews, they do pre-reviews the first time a plugin is uploaded and post-reviews for updates (which is exactly what happens in themes too).”
The team has created tickets, asked for help, and have generally awaited a champion to push innovative ideas — or any ideas — forward. Seven-year-old ticket to support the standard readme files available to plugins? No takers as of yet. Allowing block-based themes to be uploaded? Maybe we can make that happen sometime soon.
The guidelines are likely less crippling than the outdated Trac review system, uploading ZIP files for updates (which Mullenweg mentioned), the limitation of a style.css header for the theme description, and the lackluster theme previewer.
Theme review system on Trac.
For the most part, nearly every guideline has been put in place in hindsight. The team finds consistent abuse or issues and course-corrects.
“I don’t think that Matt’s idea of a creative theme is a theme that is not secure or not compatible with GPL,” said team repo Carolina Nymark. “Creativity is not limited by being asked to sanitize options. It is not limited by making sure that your theme can be translated. If the reviewers saw creative, beautiful themes that lacked in some other aspect like basic accessibility, then the team could help explain to the theme author what kind of changes are necessary. But that is not the kind of themes that are being submitted.”
Financial Incentive
In the mid-2000s, the average theme developer could get away with building an entire theme on a lazy weekend afternoon. WordPress was far less complicated. Theme development was not a race to the bottom, bundling every feature imaginable.
Today, we live in the era of the multi-purpose theme. To soar to the top of the popular list, most themes need to handle everything from being the online face of a pizza restaurant to masonry grids for artist portfolios. They also either need good luck, name recognition, or good marketing. That is the reality for the average theme developers trying to make a name for themselves.
It makes for boring themes in a free theme directory. If the theme author has any financial motivation behind creating a WordPress theme, they need to bundle the nicer features into a paid package.
There is not much incentive to push a free theme out to the directory just for fun. Most themers are spending a month or more of their time in today’s ecosystem to build a theme. The days of the weekend-afternoon project seem all but gone.
Even releasing a theme to give back can often be a letdown. There is little chance of any name recognition as the developer’s creation is swamped by the hordes of lite themes in control of the directory. There is no way for unknown players to get any exposure through the directory except in the brief moments their theme lands in the latest themes list. It is that one make-or-break moment that could potentially help best the algorithm and slip into the nearly unattainable popular list.
In comparison to Themeforest, the WordPress.org directory is lacking. Themeforest is inviting to users because it provides the backend tools for theme authors to market their themes. They can load up custom demos, provide screenshots, use a modern categorization system, and provide all sorts of extra data to end-users. They’re in the business of selling a product to users.
WordPress themes on ThemeForest
While WordPress.org may be free, it should still be selling the promise of a beautiful website to its users. I have always said it, the themes available on WordPress.org are the face of WordPress.
Users deserve better. Theme authors deserve better tools to make it happen.
Even with better tools and a better-designed directory in place, there is no guarantee of an uptick of creative contributions or a better overall balance that keeps pure upsells in check.
“I think that due to the reach a theme or plugin that becomes popular quickly commands, monetization is a necessity to be able to properly ‘support’ such an endeavor,” said Joost de Valk, CEO of Yoast, in response to Mullenweg’s statement on Post Stats. “I think the community also ‘demands’ a certain stability and a certain level of support that is simply unfeasible to expect from any non paid contributor. Because WordPress.org has no way of doing that monetization ‘on platform,’ this is what you end up with.”
He also argued that something akin to an app store would make things like the “balkanization from non-G-based site builders” less attractive to theme authors. Such a store has little or no chance of becoming a reality.
“I think we first need to agree on what the theme directory should be,” he said. “We need a ‘mission statement,’ of sorts. And I think we probably need less control than we currently have, be much more like the plugin directory. But if we have a vision of what it should be, then we could work towards that.”
There is an opportunity to turn things around. Full Site Editing will leave ample room for releasing creative, fully-featured themes with upsells. There is plenty of reason to be excited about pattern design and template packs, better value-adds for theme authors who want to upsell. The problem is going to be getting authors to abandon traditional themes and explore new terrain.
Changes Are Coming, Maybe, Hopefully
Popular listing on the WordPress theme directory.
For some, this is a song and dance they already know the lyrics and steps to. It is a years-long conversation that has netted little in return.
However, the WordPress.org theme directory may be forced to change one way or another. Block-based themes are not arriving in some distant future; they are knocking at the door. Full Site Editing is slated to land in WordPress 5.8 this June.
With this change, the WordPress.org theme directory needs to be prepared. Even with a move today, it will be a mad scramble to get systems ready in a handful of months. If waiting for the last minute, it is just asking for chaos. Block-based themes should already be allowed to be uploaded, for example.
As we saw earlier this week, Automattic launched its Blank Canvas theme. It is designed to work on single-page websites. It does not support commenting out of the box, which is a requirement for inclusion into the official directory.
Block-based themes will forever change the system. In the past, traditional themes needed to cover all their bases, integrating with every front-end feature of WordPress. In the future, that is not necessarily the case. Because everything will be built from blocks and users will have direct access to customize those blocks, a theme has no need to cover everything. The user can add and remove features at their leisure. The review guidelines need to be molded for this future.
Full Site Editing almost seems purpose-built for outside-the-box theme designers. Whether it is a simple, one-page wedding invitation or an author’s book landing page, there are more possibilities upcoming than there ever were in the past. And, these things will be far easier to build on the theme-design side of things. It will remove a lot of burden from developers and from the Themes Team during reviews.
“Regarding the FSE themes: to be honest all my hopes are there,” said Stathopoulos. “They are very different, and it’s a fresh start for the repository. New theme paradigm, a different set of rules (with of course some overlap for basic things), and a new way of doing things and thinking about themes. However, if they are presented in the same way in the same repo we have now, then nothing will change. the theme repo needs to change, and there’s no way around that. But that’s a decision that will have to be made from the WordPress leadership and implemented by meta.”
As always, I remain optimistic about the future of WordPress themes, hoping for the ushering in of a new era. I get the sense that the Themes Team shares some of that enthusiasm, at least cautiously so. More than anything, they need the community, particularly theme authors, to chip in and shape that vision of what the WordPress theme directory should be.
Perhaps today, the stars are nearing alignment. Mullenweg plans to chat with the team and gather feedback in the coming weeks.
A clever use of CSS grid from Jay Freestone to accomplish a particular variation of the media object design pattern (where the image is centered with the title) without any magic numbers anything that isn’t flexible and resiliant.
The trick is to use an “extra” row above and below the title:
The image goes on the first three rows in the first column, and the content goes in the last three rows in the second column using named grid areas:
Read Jay’s post for a little more trickery required to make it entirely resilient.
I love the kind of post that zeroes in on the mental model behind CSS grid like this. It’s like… how can I slice up this design with arbitrary columns and rows, knowing that I can place things on arbitrary rectangular combinations of cells with any type of alignment, to best suit this design?
Website development is the most trending service in the digital world. Undoubtedly, it has turned out to be a key factor in the success of businesses. To meet these modern requirements, it is essential for enterprises to launch websites.
With highly functional websites, companies are able to grow their business and earn higher revenue by targeting a larger number of customers. Furthermore, new technologies have become advanced and now offer unique and next-generation experiences. Today there are several features that help companies and customers connect virtually.
This post provides guidelines to manage APIs using protocol buffers. Check out this blog post to learn more about Protobuf API contract management.
API Contracts
API contracts describe the surface area of the request and response of each individual API method being offered. It is something that both API providers and API consumers can agree upon and get to work developing and delivering, and then integrating and consuming. An API contract is a shared understanding of what the capabilities of a digital interface are, allowing for applications to be programmed on top of.
For years now, it's been clear that cloud storage was going to eventually supplant most on-premises data storage architectures. At the enterprise level, it's already happened. But further down the ladder, among small businesses, that's not the case yet. Part of the reason for that is the fact that some 61% of small businesses believe that their data won't be safe in the cloud.
What's odd about that is the fact that small businesses, as a group, already face some of the biggest security challenges for their on-premises infrastructures. According to the latest Verizon Data Breach Investigation Report, small businesses now account for 28% of all successful data exfiltration events. That number increases each year because hackers now choose to go after the easiest possible targets – and they're it.
Developers likely develop on only one browser – and maybe only one operating system. How does an app maker ensure that defects on other browsers will not affect their user base? In theory, cross-browser testing can help companies catch product defects before products get released to customers. But the legacy approach – setting up a bunch of parallel devices and running tests across each – incurs significant engineering skill and resource cost.
Quick post that explains how to fix the error, “The authorization header is missing”. This error may be found under “recommended improvements” in the WordPress Site Health tool (located under the WP menu ▸ Tools ▸ Site Health).
When running a Site Health check, the “authorization header” warning happens when you’ve upgraded WordPress (to version 5.6 or better) and have Permalinks enabled, but the site’s .htaccess rules have not been updated with the latest. This DigWP tutorial explains what’s happening and shows how to fix the error easily with a few clicks.
When testing your WordPress with the Site Health tool, if you get this:
WP menu ▸ Tools ▸ Site Health — The authorization header is missing. Click for full-size image.
If you click the error and toggle it open, you’ll get a bit more information: “The Authorization header comes from the third-party applications you approve. Without it, those apps cannot connect to your site.” Screenshot:
Details about the authorization-header error. Click for full-size image.
This error means that your WordPress Permalink rules are not up-to-date. To fix the issue, you need to update the Permalink rules in your site’s .htaccess file. There are several ways to do this:
Easy — Visit your Permalink settings and click “Save Changes”
Manual — Manually update .htaccess with current Permalink rules
So try the easy method first. If it works, then stop; you’re done. If it does not work, the “manual” method definitely should resolve the issue. Let’s walk through each of these solutions..
Flush Permalinks
The easiest way to fix the authorization-header issue, is to click on the “Flush permalinks” link, which is displayed right there on the Site Health screen. Here is a screenshot:
Showing the location of the “Flush permalinks” link. Click for full-size image.
That will take you to the WordPress Permalinks settings. This is where you can “flush” (i.e., update) your site’s Permalink rules. You can do this by clicking the “Save Changes” button as shown here:
Permalink settings showing the “Save Changes” button. Click for full-size image.
You do NOT need to make any actual changes to any Permalink settings. All you need to do is click “Save Changes” and done. Once you do that, WordPress will attempt to update the site’s .htaccess file with the latest/current Permalink rules. Thus solving the authorization-header issue. You can verify the fix by running a fresh Site Health test.
Important! Updating/flushing Permalink rules via the Admin Area results in changes made to the .htaccess file on the server. Flushing does not affect the local copy of your .htaccess file. So make sure to update both local and server copies to avoid having to go through this again in the future.
Manually update .htaccess
If the easy method does not work to resolve the “authorization header is missing”, you will need to update your Permalink rules manually. To do it, open your site’s .htaccess file. Look for a block of code that begins with this line:
# BEGIN WordPress
..and ends with this line:
# END WordPress
Located between these two lines are the WordPress Permalink rules. Whatever you have there, you want to replace with the latest set of rules. You can find the current rules at WordPress.org. So grab a copy of the correct rules for your site (Basic or Multisite), and replace your existing rules via copy/paste. Save the file, upload, and done.
That should resolve the Site Health authorization-header issue. To verify success, try another test with the Site Health tool.
If after updating your Permalink rules, Site Health continues to show the error, most likely there is something else that is interfering with normal functionality. In this case you may contact your support team. Or if you’re savvy, follow our Troubleshooting Guide to help diagnose and resolve any outstanding issues.
About the error
So what causes the “authorization header” error? WordPress version 5.6 introduces Application Passwords. This feature enables authenticated users and apps to interact with your site. Application Passwords started as an awesome free plugin that could be added to any WordPress site as needed. Now it’s been integrated into WordPress core so all sites must have it, whether needed or not.
WordPress users may be familiar with the new “Application Passwords” settings that are displayed on the Profile screen of every registered user. If you have yet to check it out, go take a look at the bottom of any “Edit User” screen. Here is a screenshot of how it looks in WordPress 5.6:
WP menu ▸ User Profile/Edit User ▸ Application Passwords settings. Click for full-size image.
That’s all great, but what most WordPress users probably are not aware of, is that the new Application Passwords feature brings changes to the WordPress Permalink rules located in the site’s .htaccess file. The changes are required for WordPress and Application Passwords to work properly.
.htaccess changes in WP 5.6
Here is the new line that is added to WordPress Permalink rules (via .htaccess) in version 5.6:
This line helps to handle the Authorization header for HTTP requests coming from any approved third-party applications. Without proper handling of the Authorization header, apps will not be able to connect with your site.
So for sites using outdated Permalink rules, the above new line will be missing from .htaccess. This causes errors when WordPress tries processing requests. The Site Health error happens because WordPress expects certain authorization headers that are not included with the request.
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Notice the E=HTTP_AUTHORIZATION rule added right up front there. When that line is included as shown here, the Site Health “authorization header” error should not happen.
DigWP Tip: For a complete guide to Apache/.htaccess, check out my book .htaccess made easy. Features an entire chapter covering all things WordPress :)
The global lockdown caused by COVID-19 is making enterprises rethink their business strategies to stay relevant. Remote working became the first order of business for many organizations, to make sure that their employees still work efficiently with the right options and resources provided to them. Before the pandemic changed the way the workforce operated, 70% of people, globally, worked remotely at least once a week. And it’s very, very likely that the pandemic will cause a permanent increase in remote working even after the crisis.
What was once a once-a-week affair for many is now considered the new normal. With this, it’s clear that enterprises need to keep up by utilizing new technologies to continue their operations, that is, if said operations are even possible. Now more than ever is when digital transformation is crucial to ensure the continuation of the business.
This week GitLab announced a pricing change that eliminates its Bronze/Starter tier in favor of a three-tier subscription model. The Starter tier, previously offered at $4/month, included features like single-team project management, next day business support, and 2,000 CI/CD minutes.
GitLab Pricing prior to Jan 26, 2021 Update
GitLab’s updated pricing page shows the benefits that were included in the Starter plan are now only available in the Premium tier at a 5x price increase, introducing a larger gap between free accounts and paying customers. The change specifically impacts those who were happy to pay for a few extras but don’t need the full array of premium features.
GitLab is offering to transition customers at a discount, where existing customers have the option to renew at the current price for an additional year or upgrade to Premium at a discount. The company also makes a case for the free tier, which it says includes 89% of the features in Bronze/Starter, with 450 new features added last year.
“The Bronze/Starter tier does not meet the hurdle rate that GitLab expects from a tier and is limiting us from investing to improve GitLab for all customers,” GitLab co-founder and CEO Sid Sijbrandij said. “Ending availability of the Bronze/Starter tier will help us accelerate development on customers’ priority needs such as improving usability, availability, performance, and delivering enterprise-grade security and compliance.”
It makes sense that GitLab is turning its attention to factors like “hurdle rate,” as Sijbrandij told CNBC that he’s still looking to take the company public after a late 2020 employee share sale, which valued the company at $6 billion. GitLab passed $150 million in annual recurring revenue in 2020, but is tightening up its subscription model as the company tailors commercial offerings for those who need DevOps features.
GitLab did not share the pricing update announcement on Twitter, perhaps in anticipation of how controversial it would be. The company posted the link in the GitLab forums where customers expressed disappointment in the change.
“We are currently paying Bronze level because there are some features that we find interesting,” Riccardo Padovani said. He specifically referenced issue weights, iterations, multiple issue assignees, and issue dependencies.
“These features are now in the premium level. We were not interested in the previous ‘silver’ level. On the long term, this is basically a 5 times price increase. Being a vocal supporter of GitLab in my company, I am not happy about this, at all.”
One customer said the change “feels like a bit of a kick in the teeth,” while another noted that GitLab’s mid-tier offering costs just one dollar less than GitHub’s enterprise plan. Many of GitLab’s existing Starter tier customers have a large number of users who are not developers and do not have access to code or pipeline features. They are supporting staff who check bug reports or project management teams that create issues. Without the ability to pay per user role, upgrading every seat in the team to Premium doesn’t make sense for these types of use cases.
Customers who had recently convinced their organizations to go with GitLab, along with those who have invested time developing processes around the Starter tier features, are some of the most vocal opponents to the change. Some found the announcement off-putting, as it made it seem like paying Starter plan customers were actually costing GitLab money, requiring the tier to be eliminated. Many expressed that they only signed up for the tier to support GitLab and that they only used a handful of the features.
“It’s worth pointing out that you say that ‘many Bronze/Starter customers adopted Gitlab just for source code management,’ – yes – that’s exactly what we use Gitlab for,” one customer said. “We don’t use CI, Issue Tracking, or any other features offered even in the free version, but we do want to have a couple of the SCM features offered in the Bronze/Starter tier. Do you really think that customers like us that are only looking for SCM are going to pay more for unnecessary features?”
The GitLab employees in the thread seemed ready to defend the decision against the onslaught of criticism. While a few said they will take customers’ concerns and feedback under consideration, most were prepared to assure critics that the decision was made “through extensive research,” which likely leaves those most affected further alienated, if the 5x cost increase didn’t already make the decision for them. Bronze/Starter tier customers who are still examining their options can find the various transition paths in the pricing change announcement.
How are modern console games like World Of Tanks built and published? How many people are working on such a game? What programming languages do they use?
How and where do they store all the game assets, like graphics and sounds? How long does it take to build World of Tanks from scratch?
Enterprises consists of N number of systems each supporting different protocols and transports, thereby making enterprise integrations quite complex.
Apache Camel is an open source framework that provides an implementation of various enterprise integration patterns. Camel makes integration easier by providing support for a large variety of transports, data formats, and protocols. There are 100+ components provided for messaging queues, APIs, databases, Kafka, cloud integrations, etc.
In the last episode (Episode 1: Podman Hands on), we got Podman working on CentOS/VirtualBox. We also pulled the tomcat image and got it running. In this episode, we will explore the advantages of Buildah and Skopeo and build a complete custom image with our sample web application.
Why Buildah?
Docker provided a very sophisticated configuration file-based provisioning with Dockerfile and Docker Compose. It provided a simple YAML-based configuration that the Docker daemon would use to build custom images as well as configure and provision the container. Docker daemon has the functionality to build, pull, push, run, and manage containers.
This series is dedicated to the state of JVM desktop frameworks. After having had a look at Swing last week, this post focuses on the Standard Widget Toolkit.
SWT originated with the Eclipse project as an IDE. The developers built a dedicated framework for Eclipse in which to build their graphic components. Swing and SWT have widely different designs. Swing implements the drawing of widgets in Java from scratch. SWT is a thin wrapper API that relies on native graphic objects. This has two main benefits:
