management.endpoints.web.exposure.include=* in production - spring-boot-actuator

Small question regarding Spring Actuator and the property management.endpoints.web.exposure.include=* please.
It is well known, seen in many tutorial, docs, online video, etc, this property management.endpoints.web.exposure.include=* should not be enabled with * in production. I remember seeing many "do not do this in production".
My question is, while it is clear this should not be done in prod, what would be the best setting please?
I understand the "well, it depends on your needs, you should configure this based on your use case, etc" but may I ask, what are the no-no endpoints to be enabled in prod? What are those who can stay?
Thank you

Related

Using LinkedIn API's in 2019

Looking around it is currently unclear to me whether or not LinkedIn allows 100% usage of all their API's. I see many sources from as long ago as 2017 saying "not unless you're a partner" and sources from 2018 saying "they brought the feature back" but I can't seem to find it or rather: they have 2-4 websites with their application creation and/or documentation and there is not a clear answer anywhere as to which one is the place with the current up-to-date documentations and application creation/approval.
Has anyone in the past year developed with LinkedIn's API's and could they point me in the right direction?
Can I develop on a POC, e.g. something like http://localhost[insertport] or do I have to use a live website? (which would be dumb, but whatever)
Check this : https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin?context=linkedin/consumer/context
Every thing is written there if you need any other help then let me know
but before asking any question read this link document carefully
Yes, you can use localhost for development

Please advice about security issue when using bitbucket

I am new and I am not sure if this is a place to ask this question.
I developed a web site alone using wordpress framework.
Now, I got a guy who I don't know much to join me to develop the site. We live in different countries and we decide to use Bitbucket for code management.
I do not have any experiences in team working, Bitbucket.
My concerns are:
1. Do I need to upload both source code and database to Bitbucket?
Do you think he will just take all the source code and database and make his own website and become my competitor?
What should I be careful when working in a team? I mean sharing code.
I know maybe I am quite small-minded. I am worried about security problems.
But definitely, I need to have someone to work with me to develop the site.
Please advice and write any sources that are useful for this problem.
Thank you.
I'm not an expert in Wordpress, but the concept still applies:
Source code: yes. Database: no, only the database schema/ SQL scripts to recreate it.
Depends on his ethics. You should reach an agreement with him that guarantees that he won't do so, by writing a contract for example.
Take the following into consideration: coding standards, conventions are followed in naming variables, pages, urls, etc, repository privacy is set correctly, repository privileges are distributed to enable the contributors to do only what they're supposed to do.
I'll leave the rest to you and other fellows on this website to figure out depending on your experience :)

How to handle routing in a DukeScript web application

DukeScript looks like a life saver for we Java guys! I am considering it for a serious project. Was curious to know whether it's production ready and well documented. Also, liked to know what would be the best way to support routing in a web application.
I asked this question at the official google forum, but didn't get a reply. So, thought to re-ask here.
Here's a blog post with a little example. It shows a simple integration of location hash based routing with knockout templates. The full example code is available on github.
You might also use one of the javascript libraries like sammy or pagerjs, which would require integration with these frameworks, but I wanted to keep it simple.

Issue tracker for web agency workflow

We're looking into implementing an issue tracker for our web agency. The problem is that most issue trackers seem to revolve around the assumption that an issue is a bug, whereas in a web agency environment, a lot of the issues (request, or whatever you want to call them) are about changes and additions to a current web site.
It also seems to me that a lot of issue trackers assume that you're working on one main software project, and uses that project as the focus of the tracker. A good issue tracker for a web agency would be one which puts each separate client and their issues at the heart of the system, making it easy for them to track and report issues.
Does anyone know of a good issue tracker for the web agency workflow? What are other people using?
In my experience, issue trackers are so closely coupled to the workflow of the organisation that what works in one place may be a complete misfit in another. That said, could basecamp work for you?
We are using Gemini very flexible with the ability to have workflow at the project level.
But where Gemini really helps us is the cross project views. You can view your work across all projects with really good fitering.
Have you had a look at fixx at all? Obviously, being the developer of fixx, I will want to plug it but I know from first-hand experience that a lot of our customers are web agencies who work in a service-oriented environment and need to track more than just "software development" projects.
With fixx, you can define custom issue types (for example "change request" or "Copy changes") and track work against that type.
Unfortunately, fixx still does suffer from the "project-centric" view but a lot of our customers work around this by defining a project per client/website. So, if you were doing web/maintenance on stackoverflow.com, you would have a project called "stackoverflow.com maintenance" and would assign all your users from that company to that specific project. From there, using notifications and filters, it would be very easy for clients to keep track of progress on their specific issues.
FogBugz – it's simple by default, but extensible; it's got an integrated wiki, charts, tags, and you can even tie it to your source-control system (and they also offer their own integrated source control system, Kiln, which is pretty amazing with FogBugz).
Are you using other applications to manage the rest of your business' operations?
I ask because WORKetc has great issue tracking software, and this software is combined with other aspects of business management which can simplify the management process. So not only could you manage all support inquiries and responses in one place, but also your projects, finances, and contacts. Most importantly, it would allow you to use one central contact base for your entire company, while allowing you to reference that contact information (as well as lead information) while working on support inquiries, projects, invoices, etc.
WORKetc's support system works around email integration and simple ticket system (as well as prioritizing) and directly integrates with projects, contacts, and other aspects of the system so that you can save time while responding and managing tickets.
I think especially for the use case of a web-agency, where it's not really about bugs, but mostly (visual) feedback and all of it happens on the web, a visual feedback tool might be the thing you're looking for. Most of these tools will create a screenshot of the webpage and include the given feedback on it.
Some of them also have some kind of dashboard where you can discuss further, or have integrations to other tools like Basecamp (and some them do both).
Here's an article from smashing magazine, which describes a lot of them, e.g.: TrackDuck, BugMuncher. Another great tool the article doesn't mention, maybe because the article is a bit dated, is Usersnap – this one even includes browser extensions.

checklist pre-release

I have developed a asp.net page and I'm ready to release it for the public. This is my first asp.net page and I would appreciate if I could get some tips of what to do pre-release. So I hope you all can help me put together a checklist before publishing.
Thanks
M
Choose a well voted, trustful hosting.
Check overall security of your site, be sure you have nothing in Debug state. Also take a look at a recently discovered security issue on .NET
Don't forget logs. They are a key to check how things are going on once the app is released.
Ask some relatives/friends to take a look from their point of view. Test as much as you can, remember that if you have 99% finished, there is another 99% yet to be finished :)
Check your configuration files, and every setting on IIS once released.
Be prepared (if not before) to apply SEO techniques in order to let your work be seen on most search engines.
Test your site from many browsers (even the special ones as IE6 and Safari)
Take a look at this link. here in StackOverflow.
Now, just cross your fingers and go on!
Hope that helps,

Resources