Posted on

Adding Blocks With Animated Backgrounds Using WebArea’s Latest Plugin

As always, I like to highlight some things on the lighter side of the WordPress world. We have had enough business acquisitions in the past week — the whole year, really — that we need to take a break and enjoy the more experimental developments that the community has to offer.

Such as the case with WebArea’s latest plugin, Background Animation Blocks. It is a collection of six blocks with different animated effects.

I am obsessed with all things space and night-sky related, so I was immediately drawn to the Stars block. It has an animated background of simple dots floating in the background. It is also the most advanced animation, following the mouse cursor of the end-user.

Container block with an animated stars background.
Stars animated block.

The Stars block has a size, scale, and color setting for the background effect. Each of the other blocks has unique options, depending on what it does. Some, such as Bubbles and Gradient, allow the end-user to control the animation speed. Others have multiple color inputs.

In total, the plugin provides six individual blocks with unique animation effects for the background. Effectively, they behave like the Group block, serving as a simple container.

Each of the blocks supports both wide and full alignment. They allow users to control the text and background colors. And, any other block can be placed inside of them, just like you would expect from the core Group or Container blocks.

They do not support some of the newer layout features from the Gutenberg plugin that other container-type blocks have. There is no need yet because those features have not landed in WordPress, but it is something to watch out for in the future. It is easy enough to wrap these animated blocks inside of another Group block for those features, though. However, I prefer not to put the burden of nesting on the end-user if possible.

There are some downsides to the approach the plugin developer took. The animated backgrounds could have been tacked onto the existing Group or Cover blocks for WordPress, essentially behaving as a settings extension. An alternative route would have also been to create a single “Animated Container” block and allow the user to choose the specific background effect. With this method, the plugin author could have used the variations API to make each of the animations searchable and appear via the block inserter.

However, the individual block route has been done before. Automattic took the same approach via its Starscape and Waves blocks. They are simply shipped as separate plugins instead of bundled as a collection. I prefer this solution because it allows users to pick and choose only the blocks they want. Assuming the library of animated blocks grows in future versions of the plugin, it could become overkill.

The second issue is the plugin does not make use of the theme color palette in some instances. It uses the standard text and background color options for its blocks, but any custom setting only displays a color picker. For those who want to use a theme-defined color in those cases, they must know the hex code. Or, simply eyeball it to get it close enough.

Despite what are, at best, trivial issues, the plugin was fun to tinker with. The blocks do not have to be relegated to the zanier side of WordPress. It is easy enough to adjust their settings for more subtle effects that could work for business-related or other types of sites.

Posted on

Systems for z-index

Say you have a z-index bug. Something is being covered up by something else. In my experience, a typical solution is to put position: relative on the thing so z-index works in the first place, and maybe rejigger the z-index value until the right thing is on top.

The danger here is that this sets off a little z-index war. Raising a z-index value over here fixes one bug, and then causes another by covering up some other element somewhere else when you didn’t want to. Hopefully, you can reason about the situation and fix the bugs, even if it means refactoring more z-index values than you thought you might need to.

If the “stack” of z-index values is complicated enough, you might consider an abstraction. One of the problems is that your z-index values are probably sprinkled rather randomly throughout your CSS. So, instead of simply letting that be, you can give yourself a central location for z-index values to reference later.

I’ve covered doing that as a Sass map in the past:

$zindex: (
  modal     : 9000, 
  overlay   : 8000,
  dropdown  : 7000,
  header    : 6000,
  footer    : 5000
);

.header {
  z-index: map-get($zindex, header);
}

Now you’ve got a central place to manage those values.

Rafi Strauss has taken that a step further with OZMap. It’s also a Sass map situation, but it’s configured like this:

$globalZIndexes: (
  a: null,
  b: null,
  c: 2000,
  d: null,
);

The idea here is that most values are auto-generated by the tool (the null values), but you can specify them if you want. That way, if you have a third-party component with a z-index value you can’t change, you plug that into the map, and then the auto-generated numbers will factor that in when you make layers on top. It also means it’s very easy to slip layers in between others.

I think all that is clever and useful stuff — but I also think it doesn’t help with another common z-index bug: stacking contexts. It’s always the stacking context, as I’ve written. If some element is in a stacking context that is under some other stacking context, there is no z-index value possible that will bring it on top. That’s a much harder bug to fix.

Andy Blum wrote about this recently.

One of the great frustrations of front-end development is the unexpected interaction and overlapping of those same elements. Struggling to arrange elements along the z-axis, which extends perpendicularly through the computer screen towards and away from the viewer, is such a shared front-end experience that an element’s z-index can sometimes be used as a frustrate-o-meter gauging the developer’s mood.

The key to maintainable z-index values is understanding that z-index values can’t always be directly compared. They’re not an absolute measurement along an imaginary ruler extending out of the viewport; rather, they are a relative order between elements within the same stacking context.

Turns out there is a nice little debugging tool for stacking contexts in the form of a browser extension (Chrome and Firefox.) Andy gets into a very tricky situation where an RTL version of a website has a rule that uses a transform to move a video on the page. That transform triggers a new stacking context and hence a bug with an unclickable button. Gnarly.

Kinda makes me think that there could be some kinda built-in DevTools way of seeing/understanding stacking contexts. I don’t know if this is the right answer, but I’ve been seeing a leaning into “badges” in DevTools more and more. These things:

In fact, Chrome 94 recently dropped a new one for container queries, so they are being used more and more.

Maybe there could be a badge for stacking contexts? Typically what happens with badges is that you click it on and it shows a special UI. For example, for flexbox or grid it will show the overlay for all the grid lines. The special UI for stacking contexts could be color/texture coded and labelled areas showing all the stacking contexts and how they are layered.

The post Systems for z-index appeared first on CSS-Tricks. You can support CSS-Tricks by being an MVP Supporter.

Posted on

YAKD: Yet Another Kubernetes Dashboard

No, YAKD is not a new Kubernetes Dashboard project, but that could be a good name for a new Kubernetes Dashboard application.

The purpose of this post is to list some existing dashboard projects. The number of dashboards seems to be increasing each day, although some projects listed below already meet all the requirements of a dashboard application.

Posted on

The Basics of MySQL Query Caching

MySQL Caching Techniques logo.

Introduction

Queries are ubiquitous in the life of every MySQL database administrator or even a database-savvy developer. As we have already stated in some of our previous blog posts, queries are simply tasks composed of smaller tasks. To optimize their performance, we should make those smaller tasks execute quicker or not execute at all. First, we must examine how MySQL performs its queries. We have already covered the basics of what makes queries slow in MySQL and we came down to the fact that we need to profile our queries-the query cache was one of the first things that MySQL looked at, remember?

What Is the Query Cache?

The MySQL query cache, though deprecated in MySQL 5.7 (and removed in 8.0), stores statements that have previously been run in memory: in other words, a query cache usually stores SELECT statements in the memory of a database. Therefore, if we run a query and then run precisely the same query again after a while, the results will be returned faster because they will be retrieved from memory and not from the disk.

Posted on

Why Businesses Should Ensure the Security of Data on the Cloud

Cloud storage is projected to have significant utility for small and large businesses in the next few years. Currently, around half of corporate data is still stored on-premises. According to Statista, 50 percent of corporate data is stored on the cloud, although it is growing at a consistent rate.

There are still some misconceptions about cloud storage, and businesses do not realize at this stage its importance to their operations. Incidentally, many companies are using Google Drive and Dropbox, which are popular cloud providers.

Posted on

Microservice Architecture Roadmap

Why Microservice Architecture?

Microservice Roadmap.

Nowadays, with the rise of social media, fast internet, etc., the tendency to use applications is getting more and more. As a result of these behavior changes, monolithic applications need to deal with a tremendous majority of changes.

Posted on

The Self Provisioning Runtime

Big thoughts on where the industry is headed from Shawn Wang:

Advancements in two fields — programming languages and cloud infrastructure — will converge in a single paradigm: where all resources required by a program will be automatically provisioned, and optimized, by the environment that runs it.

I can’t articulate it like Shawn, but this all feels right.

I think of how front-end development has exploded over time with JavaScript being everywhere (see: “ooops, I guess we’re full-stack developers now”). Services have also exploded to help. Oh hiiii front-end developers! I see you can write a little JavaScript! Come over here and we’ll give you a complete database with GraphQL endpoints! And we’ll run your cloud functions! But that means there are a lot more people doing this who, in some sense, have no business doing it (points at self). I just have to trust that these services are going to protect me from myself as best they can.

Follow this trend line, and it will get easier and easier to run everything you need to run. Maybe I’ll write code like:

/*
  - Be a cloud function
  - Run at the edge
  - Get data from my data store I named "locations", require JWT auth
  - Return no slower than 250ms
  - I'm willing to pay $8/month for this, alert me if we're on target to exceed that
*/

exports.hello = (message) => {
  const name = message.data
  const location = locations.get("location").where(message.id);

  return `Hello, ${name} from ${location}`;
};

That’s just some fake code, but you can see what I mean. Right by your code, you explain what infrastructure you need to have it work and it just does it. I saw a demo of cloudcompiler.run the other day and it was essentially like this. Even the conventions Netlify offers point highly in this direction, e.g. put your .js files in a functions folder, and we’ll take care of the rest. You just hit it with a local relative URL.

I’d actually bet the future is even more magical than this, guessing what you need and making it happen.

Direct Link to ArticlePermalink

The post The Self Provisioning Runtime appeared first on CSS-Tricks. You can support CSS-Tricks by being an MVP Supporter.

Posted on

7 Mantras to Pivot Your Career

The coronavirus pandemic caused massive downturns in numerous industries across the world resulting in unemployment, pay cuts, furloughs, and layoffs. This has changed the idea of a career pivot from something a professional considers for a change, to the necessity for survival. Even employers have noticed and utilized the advantage of people who pivot their careers.

Today’s professionals change their careers multiple times. Career pivots allow people to make agile transitions and create different, better paths for themselves. It is important to change and adapt.

Posted on

WooCommerce 5.7.0 Patches Security Issue that Could Potentially Leak Analytics Reports

WooCommerce shipped version 5.7.0 through a forced update for some users earlier this week. The minor release was not billed as a security update but the following day WooCommerce published a post explaining that the plugin was vulnerable to having analytics reports leaked on some hosting configurations:

On September 21, 2021, our team released a security patch to address a server configuration setup used by some hosts, which under the right conditions may make some analytics reports publicly available.

This was technically classified as a broken access control vulnerability, according to the WPScan.

WordPress.org pushed an automatic update to affected stores beginning on September 21, for all sites that have not explicitly disabled automatic updates. The WooCommerce team created a patch for 18 versions back to 4.0.0, along with 17 patched versions of the WooCommerce Admin plugin. Those whose filesystem is set to read-only or who are running WooCommerce versions older than 4.0.0 will not have received the automatic update and should proceed to manually update their sites.

WooCommerce recommends users update to the latest version, which is now 5.7.1, or the highest number possible in your release branch. The security announcement post has detailed instructions for how store owners can check to see if their report files may have been downloaded.

More than 5 million WordPress sites use WooCommerce. At the time of publishing, 59.8% are running on version 5.4 or older. Only 12.8% are using the lates 5.7.x release. It’s not possible to see how many sites are still vulnerable, because WordPress.org only displays a breakdown for the major branches users have installed. Some site owners running older versions may still be active in applying security patches but not prepared to update to the latest release.

WooCommerce 5.7.1 was released earlier today after the team received multiple reports of broken sites following the 5.7.0 update. This release includes fixes for regressions and new bugs identified in the previous update.

Posted on

Cycle Time Breakdown: Reducing PR Review Time

The Issue

As a manager of a software development team, you are always under pressure to deliver value to the customer.  In order to do that more effectively, you monitor your Cycle Time and work to keep it as low as possible so that features get into production as quickly as possible.  

One of the issues that can be a bump in the road towards meeting that goal is Review Time. Review Time is defined as the time between the first comment on your code and the time it is merged back into the main branch.  It’s the third phase of Cycle Time and keeping it inside proper boundaries is critical to keeping quality code moving through the pipeline.

Posted on

Using Newman to Run Postman Collections

This is a brief introduction to how you can use the Newman library to make API testing automation a part of the continuous integration process. I will brief you on a few important things before on how we can set up API collections on Newman.

Newman

Newman is a command-line collection runner for Postman. It allows you to effortlessly run and test a Postman collection directly from the command line. It is built with extensibility in mind so that you can easily integrate it with your continuous integration servers and build systems.

Posted on

Top Cybersecurity Trends Ruling the Financial Market

While 2020 was all about the COVID-19 pandemic, it allowed the digital world to flourish, with businesses investing more and more resources in developing frameworks to interact with customers online. The demand for technologies like Artificial Intelligence (AI), real-time cloud computing, and machine-learning-based systems outgrew the existing solutions in the market. 

Unfortunately, the surge in the digital revolution came at a price of increased cybersecurity risks, since perpetrators became active on digital platforms as well. As a counter to these concerns, enterprises and SMEs started employing quick and efficient cybersecurity solutions to combat perpetrators from hijacking customer identities. 

Posted on

Apache Kafka vs. Oracle Transactional Event Queues as Microservices Event Mesh

This blog focuses on transactional and message delivery behavior, particularly as it relates to microservice architectures.  There are of course numerous areas to compare MongoDB, PostgresSQL, and Kafka with the converged Oracle DB and Oracle Transactional Event Queues/AQ that are beyond the scope of this blog.

The Oracle database itself was first released in 1979 (PostgresSQL was released in 1997 and MongoDB in 2009).  Oracle Advanced Queuing (AQ) is a messaging system that is part of every Oracle database edition and was first released in 2002 (Kafka was open-sourced by LinkedIn in 2011 and Confluent was founded in 2014).  

Posted on

NgRx Best Practices Series: Introduction

This is the first in a series of articles about building reactive applications in Angular using NgRx state management. I want to begin by laying out my personal relationship with NgRx and introduce an example application that we will use throughout the series. 

You should already be familiar with common NgRx concepts to get the most out of these articles. In later articles, I will share the good and bad things I have learned about state management and illustrate best practices for NgRx.

Posted on

Application Security Checklist

Editor's Note: The following is an article written for and published in DZone's 2021 Application Security Trend Report.

In today’s technology landscape, organizations are supported by web applications that act as essential enablers to streamlining operations. While these applications enable automation, wider collaboration, and ease of sharing data, they also act as vectors that are prone to malicious attacks. Besides this, as modern applications rely on loosely connected components and services in constant communication, security becomes a complex, time-consuming challenge.