Danny Thompson
@dthompsondev.bsky.social
Software Developer |
Director Of Technology at This Dot Labs |
Commit Your Code Conference Organizer |
The Programming Podcast & Modern Web Podcast Host
https://www.dthompsondev.com
Dallas, TX
Director Of Technology at This Dot Labs |
Commit Your Code Conference Organizer |
The Programming Podcast & Modern Web Podcast Host
https://www.dthompsondev.com
Dallas, TX
You can find gaps from multiple viewpoints. Not only that, it has been a great way to expose myself to different views or edge cases I could have missed.
Remember to keep it focused though. Don't just say "Audit my entire site". It's too broad and big. You have to section it.
Remember to keep it focused though. Don't just say "Audit my entire site". It's too broad and big. You have to section it.
January 20, 2026 at 5:12 PM
You can find gaps from multiple viewpoints. Not only that, it has been a great way to expose myself to different views or edge cases I could have missed.
Remember to keep it focused though. Don't just say "Audit my entire site". It's too broad and big. You have to section it.
Remember to keep it focused though. Don't just say "Audit my entire site". It's too broad and big. You have to section it.
Hasn't worked for me. I have to always @ the folder and ask it to review it as we develop a comprehensive plan. When I do that it works well.
January 20, 2026 at 2:53 PM
Hasn't worked for me. I have to always @ the folder and ask it to review it as we develop a comprehensive plan. When I do that it works well.
To Tuesday and I think so. I am watching the analytics for this one and so far when we release on Tuesdays, we are seeing a very big jump in people watching on the day of. When we release on Thursday, it trickles in and then usually on Monday and Tuesday we get a big jump.
January 20, 2026 at 2:52 PM
To Tuesday and I think so. I am watching the analytics for this one and so far when we release on Tuesdays, we are seeing a very big jump in people watching on the day of. When we release on Thursday, it trickles in and then usually on Monday and Tuesday we get a big jump.
It is! This cohort is not associated with Leon but Leon and I do a podcast that is going really strong! The Programming Podcast!
January 19, 2026 at 4:50 PM
It is! This cohort is not associated with Leon but Leon and I do a podcast that is going really strong! The Programming Podcast!
Want to know more? You can see the details of our cohort program here
www.dallassoftwaredevelopers.org/cohorts
Want to be a LEAD and donate some time to the community? Please apply here
forms.gle/c5UjhBx3skZ5...
Want to be a community member and work on a team? apply here
forms.gle/fvVPrhCT2TNU...
www.dallassoftwaredevelopers.org/cohorts
Want to be a LEAD and donate some time to the community? Please apply here
forms.gle/c5UjhBx3skZ5...
Want to be a community member and work on a team? apply here
forms.gle/fvVPrhCT2TNU...
Dallas Software Developers
Join Dallas's premier community of passionate developers building the future together
www.dallassoftwaredevelopers.org
January 19, 2026 at 4:27 PM
Want to know more? You can see the details of our cohort program here
www.dallassoftwaredevelopers.org/cohorts
Want to be a LEAD and donate some time to the community? Please apply here
forms.gle/c5UjhBx3skZ5...
Want to be a community member and work on a team? apply here
forms.gle/fvVPrhCT2TNU...
www.dallassoftwaredevelopers.org/cohorts
Want to be a LEAD and donate some time to the community? Please apply here
forms.gle/c5UjhBx3skZ5...
Want to be a community member and work on a team? apply here
forms.gle/fvVPrhCT2TNU...
Yea the Anthropic CEO really overshot that one lol
December 12, 2025 at 12:58 AM
Yea the Anthropic CEO really overshot that one lol
safeUser is a NEW object with only: id, name, email, createdAt, updatedAt
If you JSON.stringify(safeUser), it will NOT contain passwordHash or isAdmin - they're genuinely not in the object.
return user as PublicUser; NO ERROR, BUT UNSAFE! This would be an issue but the original would not be
If you JSON.stringify(safeUser), it will NOT contain passwordHash or isAdmin - they're genuinely not in the object.
return user as PublicUser; NO ERROR, BUT UNSAFE! This would be an issue but the original would not be
November 13, 2025 at 3:26 PM
safeUser is a NEW object with only: id, name, email, createdAt, updatedAt
If you JSON.stringify(safeUser), it will NOT contain passwordHash or isAdmin - they're genuinely not in the object.
return user as PublicUser; NO ERROR, BUT UNSAFE! This would be an issue but the original would not be
If you JSON.stringify(safeUser), it will NOT contain passwordHash or isAdmin - they're genuinely not in the object.
return user as PublicUser; NO ERROR, BUT UNSAFE! This would be an issue but the original would not be
Great question and totally understand where the thought process is here. In this particular example, safeUser IS truly safe at runtime because the destructuring with rest operator creates a new object that physically excludes those properties:
const { passwordHash, isAdmin, ...safeUser } = user;
const { passwordHash, isAdmin, ...safeUser } = user;
November 13, 2025 at 3:26 PM
Great question and totally understand where the thought process is here. In this particular example, safeUser IS truly safe at runtime because the destructuring with rest operator creates a new object that physically excludes those properties:
const { passwordHash, isAdmin, ...safeUser } = user;
const { passwordHash, isAdmin, ...safeUser } = user;
Yesterday we discussed Pick and it only felt natural for us to discuss Omit today! Share this with a friend and come back tomorrow for another Typescript tip!
bsky.app/profile/did:...
bsky.app/profile/did:...
The scariest bug in production?
Accidentally exposing sensitive data!
Don't just hope you filtered your objects.
Enforce it at the type level!
Here's how TypeScript's Pick utility type acts as your security guard. It lets you create a "safelist" of properties.
Accidentally exposing sensitive data!
Don't just hope you filtered your objects.
Enforce it at the type level!
Here's how TypeScript's Pick utility type acts as your security guard. It lets you create a "safelist" of properties.
![image is a screenshot of code and this is the code
interface User {
id: number;
name: string;
email: string;
passwordHash: string;
createdAt: Date;
updatedAt: Date;
isAdmin: boolean;
}
/*
We will use Pick to define our safely exposed user data and prevent
accidental exposure of sensitive fields.
No sensitive fields are exposed like passwordHash or isAdmin.
*/
type PublicUser = Pick<User, 'id' | 'name' | 'email'>;
function getPublicUsers(db: { user: User[] }): PublicUser[] {
return db.users.map(user => ({
id: user.id,
name: user.name,
email: user.email,
// TRYING TO GET DATA THAT COULD POTENTIALLY BE EXPOSED?
passwordHash: user.passwordHash, // ❌ TypeScript ERROR - not in the Pick type!
isAdmin: user.isAdmin, // ❌ TypeScript ERROR - not in the Pick type!
}));
}](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:fsbiew5lypmnshzzh3iksao7/bafkreie46qd4fqxgeyldszxmbikpwyjsdvuk63atl5ydp6z3ypjd4zbz5a@jpeg)
November 12, 2025 at 5:15 PM
Yesterday we discussed Pick and it only felt natural for us to discuss Omit today! Share this with a friend and come back tomorrow for another Typescript tip!
bsky.app/profile/did:...
bsky.app/profile/did:...