I write about TypeScript, Node.js, React, security and privacy.

Representing SHA-256 Hashes As Avatars

18 April 2021

How to turn 256 bits of entropy into a beautiful, avatar-friendly circular SVG: the Hashvatar

Cargo, Docker and mtime

25 January 2021

The perils of premature optimisation in detecting modified source files when building Docker images for Rust.

The Security of GitHub Actions

24 February 2020

GitHub Actions are a great way to build powerful customised CI/CD workflows using the power of community-driven resources, but they can be tricky to get right in terms of security.