Jim Jonah
@jimjonah.bsky.social
Principal Software Engineer who loves architecting and building highly available secure applications. When not at the keyboard you’ll find me enjoying the water or traveling, usually on two wheels.
If Epstein’s end game was to blackmail the wealthy and famous into investing in his hedge fund it makes sense. There’s a couple of famous, wealthy magicians from that era I could see being targets of his.
November 23, 2025 at 11:53 AM
If Epstein’s end game was to blackmail the wealthy and famous into investing in his hedge fund it makes sense. There’s a couple of famous, wealthy magicians from that era I could see being targets of his.
While our tools may not be a big target for hackers Bluesky and AT certainly would.
November 11, 2025 at 12:59 PM
While our tools may not be a big target for hackers Bluesky and AT certainly would.
When I implemented a device auth flow for our CLI and IDE plugins I was surprised that the flow, and Okta, didn’t use DPoP for the entire flow.
This proposal helps: datatracker.ietf.org/doc/draft-pa...
This proposal helps: datatracker.ietf.org/doc/draft-pa...
DPoP for the OAuth 2.0 Device Authorization Grant
The OAuth 2.0 Device Authorization Grant [RFC8628] is an authorization flow for devices with limited input capabilities. Demonstrating Proof of Possession (DPoP) [RFC9449] is a mechanism to sender-con...
datatracker.ietf.org
November 11, 2025 at 12:57 PM
When I implemented a device auth flow for our CLI and IDE plugins I was surprised that the flow, and Okta, didn’t use DPoP for the entire flow.
This proposal helps: datatracker.ietf.org/doc/draft-pa...
This proposal helps: datatracker.ietf.org/doc/draft-pa...
The sad part is it used to work that way. Once the series D round happened it went away and became cloud only.
October 21, 2025 at 10:12 AM
The sad part is it used to work that way. Once the series D round happened it went away and became cloud only.
I don’t have a link handy, but, I remember reading that iCloud is also architected this way - one SQLite Db per user.
October 9, 2025 at 10:45 AM
I don’t have a link handy, but, I remember reading that iCloud is also architected this way - one SQLite Db per user.
Reposted by Jim Jonah
Non-shortened link: medium.com/@fyattani/bu...
Building a Decentralized File Upload Service with Storacha & UCANs
Every now and then, a small project ends up teaching you something much bigger.
medium.com
October 9, 2025 at 7:09 AM
Non-shortened link: medium.com/@fyattani/bu...
Won’t this lead to the very polarized world that bluesky was trying to avoid?
October 9, 2025 at 9:51 AM
Won’t this lead to the very polarized world that bluesky was trying to avoid?
Reposted by Jim Jonah
Lucas intended this to be historical allegories. Trying to “cleanse” space, committing genocide like on Alderaan. People saw this and the mass propaganda the Empire had everywhere and were either scared into believing for survival, or just truly agreed. Just like many global powers do in real life.
The Real History That Inspired 'Star Wars' | HISTORY
Historical figures and events informed George Lucas as he created his sci‑fi saga in a galaxy far, far away.
www.history.com
February 6, 2025 at 3:27 PM
Lucas intended this to be historical allegories. Trying to “cleanse” space, committing genocide like on Alderaan. People saw this and the mass propaganda the Empire had everywhere and were either scared into believing for survival, or just truly agreed. Just like many global powers do in real life.
That and the ability to schedule when a message gets sent are both great features!
September 29, 2025 at 12:39 PM
That and the ability to schedule when a message gets sent are both great features!
Reposted by Jim Jonah
Sure one is disrespectful to the dead person, the other is well, murder. It should be obvious that disrespect != murder, but apparently it's not?
September 20, 2025 at 1:57 AM
Sure one is disrespectful to the dead person, the other is well, murder. It should be obvious that disrespect != murder, but apparently it's not?
For our products we push our customers to use IP allow lists for their users.
It helps a little, ish.
It helps a little, ish.
September 19, 2025 at 4:58 PM
For our products we push our customers to use IP allow lists for their users.
It helps a little, ish.
It helps a little, ish.
We've published other Postman collections.
If you're interested I'll see if I can publish one that I used for this flow.
If you're interested I'll see if I can publish one that I used for this flow.
September 19, 2025 at 3:27 PM
We've published other Postman collections.
If you're interested I'll see if I can publish one that I used for this flow.
If you're interested I'll see if I can publish one that I used for this flow.
I implemented this for our CLI and IDE plugin products.
The path I took was implement the device auth flow first, without DPoP, then tacked on DPoP.
I just worked from the specs for each, since I also didn't find a concise article/example.
We use, for this, Okta as the auth server.
The path I took was implement the device auth flow first, without DPoP, then tacked on DPoP.
I just worked from the specs for each, since I also didn't find a concise article/example.
We use, for this, Okta as the auth server.
September 19, 2025 at 3:26 PM
I implemented this for our CLI and IDE plugin products.
The path I took was implement the device auth flow first, without DPoP, then tacked on DPoP.
I just worked from the specs for each, since I also didn't find a concise article/example.
We use, for this, Okta as the auth server.
The path I took was implement the device auth flow first, without DPoP, then tacked on DPoP.
I just worked from the specs for each, since I also didn't find a concise article/example.
We use, for this, Okta as the auth server.
? We use it in a couple of products at work.
And, thanks to postman allowing npm libraries I finally have it working in a postman collection. What is the context that’s not working for you?
And, thanks to postman allowing npm libraries I finally have it working in a postman collection. What is the context that’s not working for you?
September 19, 2025 at 12:42 PM
? We use it in a couple of products at work.
And, thanks to postman allowing npm libraries I finally have it working in a postman collection. What is the context that’s not working for you?
And, thanks to postman allowing npm libraries I finally have it working in a postman collection. What is the context that’s not working for you?
Reposted by Jim Jonah
Full article: newsletter.pragmaticengineer.com/p/the-pragma...
The Pragmatic Engineer 2025 Survey: What’s in your tech stack? Part 2
Which tools do software engineers use for project management, communication and collaboration, databases and backend infrastructure? Reader survey with analysis, based on 3,000+ responses
newsletter.pragmaticengineer.com
August 20, 2025 at 5:38 AM
Full article: newsletter.pragmaticengineer.com/p/the-pragma...
Cloudflare has been good for me.
January 31, 2025 at 8:03 PM
Cloudflare has been good for me.