FAUN.dev's Programming Weekly Newsletter
 
🔗 View in your browser   |  ✍️ Publish on FAUN.dev   |  🦄 Become a sponsor
 
Allow loading remote contents and showing images to get the best out of this email.
VarBear
 
#SoftwareEngineering #Programming #DevTools
 
 
📝 The Opening Call
 
 
FAUN.sensei() is finally live.

The first 6 courses are out, and this feels like the start of something big. To mark the launch, I'm giving every subscriber 25% off with the code SENSEI2525. The discounts is available for 1 week. Use it whenever you want, as many times as you need - just apply the code at the checkout.

The name matters to me. Sensei, Seonsaeng, or Xiansheng (先生) is an old honorific shared across Japanese, Korean, and Chinese cultures. It means “one who comes before' - someone who guides you because they've lived the journey already. That's the idea behind this platform.

FYI, this is the list of the available courses at the moment:

👉 End-to-End Kubernetes with Rancher, RKE2, K3s, Fleet, Longhorn, and NeuVector - The full journey from nothing to production

👉 Building with GitHub Copilot - From Autocomplete to Autonomous Agents

👉 Observability with Prometheus and Grafana - A Complete Hands-On Guide to Operational Clarity in Cloud-Native Systems

👉 DevSecOps in Practice - A Hands-On Guide to Operationalizing DevSecOps at Scale

👉 Cloud-Native Microservices With Kubernetes - 2nd Edition - A Comprehensive Guide to Building, Scaling, Deploying, Observing, and Managing Highly-Available Microservices in Kubernetes

👉 Cloud Native CI/CD with GitLab - From Commit to Production Ready

Thanks for being here at the start of this journey. More is coming!

— Aymen (@eon01), Founder of FAUN.dev()
 
 
🔍 Inside this Issue
 
 
This week runs hot: a lean 10k‑TPS Go blockchain, a deliberate exit from serverless, and a Mac farm pushing 2,000+ iOS pipelines—set against quality gates, test culture, and a real npm supply‑chain campaign. Python’s steady hand, DynamoDB heat controls, a password reality check, and one honest confession bring it home—dig in and take what you can use.

🧪 Before You Push: Implementing Quality Gates in Your Software Project

⛓️ Building a Blockchain in Go: From 'Hello, Block' to 10,000 TPS

🍏 Building Mac Farm: Running 2000+ iOS Pipelines Daily

📝 Confessions of a Software Developer: No More Self-Censorship

🐍 Guido van Rossum: "AI Should Adapt to Python - Not the Other Way Around"

🧰 How to Get Developers in Your Team to Contribute to Your Test Automation

🛡️ Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks

🔐 NordPass: Worst Passwords of 2025 and How Each Generation Compares

📊 Partitions, Sharding, and Split-for-Heat in DynamoDB

⚡ Why we're leaving serverless

Sharper instincts, cleaner code—now steal one idea and ship.

Happy coding!
FAUN.dev() Team
 
 
ℹ️ News, Updates & Announcements
 
faun.dev faun.dev
 
NordPass: Worst Passwords of 2025 and How Each Generation Compares
 
 
NordPass’s 2023 report confirms what we all feared: people still rely on the digital equivalent of leaving the front door wide open. Think "123456", "password", even "admin" - still topping the charts, across every age group.

The data comes straight from breach dumps and dark web leaks. So yeah, it’s real. And it’s clear - stronger password habits just aren’t sticking, no matter how many alarms go off.

The bigger picture: This kind of password reuse isn’t just lazy. It’s a ceiling. And it’s cracking. The future’s screaming for passwordless auth, because users aren’t built to remember 30 unique 16-character secrets.
 
 
faun.dev faun.dev
 
Guido van Rossum: “AI Should Adapt to Python - Not the Other Way Around”
 
 
Guido van Rossum tipped his hat to TypeScript for edging past Python in GitHub usage - but didn’t miss the chance to point out Python’s 49% growth in 2023. The language still owns the AI, science, and education corners of the internet.

He doubled down on Python’s real edge: clean syntax, safe defaults, and a slow-but-steady evolution. Optional typing keeps getting sharper. And the ecosystem? Still stacked - PyTorch, pandas, the usual legends.
 
 
👉 Enjoyed this?Read more news on FAUN.dev/news
 
🔗 Stories, Tutorials & Articles
 
nedspnt.medium.com nedspnt.medium.com
 
Before You Push: Implementing Quality Gates in Your Software Project
 
 
This post discusses best practices for automated testing in software engineering, including unit tests and integration tests for databases, APIs, and emulators. It also covers end-to-end tests using tools like Cypress, Appium, Postman, and more. Additionally, it highlights the importance of environment isolation, using Docker containers and Terraform for deployment consistency across different environments.
 
 
newsletter.simpleaws.dev newsletter.simpleaws.dev
 
Partitions, Sharding, and Split-for-Heat in DynamoDB
 
 
DynamoDB starts to grumble when a single partition gets hit with more than 1,000 WCU. To dodge throttling, writes need to fan out across shards.

Recommended move: start with 10 logical shards. Watch CloudWatch metrics. Dial N up or down. Let burst and adaptive capacity buy you breathing room - until Split-for-Heat kicks in and shuffles partitions.
 
 
medium.com medium.com
 
Building Mac Farm: Running 2000+ iOS Pipelines Daily
 
 
At Trendyol, they run over 2,000 iOS pipelines daily across 130 Mac machines, executing 50,000+ unit tests and 10,000+ UI tests for their iOS apps. The team initiated a mobile CI transformation to address the challenges of scale and performance as their team grew and AI usage increased. They built a macOS farm from scratch with a system topology consisting of critical layers including the Host Agent, VM Agent, User Terminal, and Server. They also optimized their GitLab CI pipelines by creating common pipelines for all repositories and implementing a log structure without unnecessary parts.
 
 
nicolalindgren.com nicolalindgren.com
 
How to Get Developers in Your Team to Contribute to Your Test Automation
 
 
A fresh blog post dives into how to get devs pulling their weight on test automation - not as extra credit, but as part of shipping code.

The playbook: tie automation work straight to the definition of done, clear up who owns what, and stop pretending delivery pressure is a mystery. The big idea? Most “why aren’t tests written?” problems aren’t technical. They’re cultural.
 
 
socket.dev socket.dev
 
Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks
 
 
The Socket Threat Research Team has been following North Korea’s Contagious Interview operation as it targets blockchain and Web3 developers through fake job interviews. The campaign has added at least 197 malicious npm packages and over 31,000 downloads since last report, showcasing the adaptability of North Korean threat actors to modern JavaScript and crypto development workflows. The recent wave of malicious npm packages exposes a delivery stack that leverages GitHub for hosting malware-serving code, Vercel for payload delivery, and a separate command and control (C2) server for data collection and tasking, highlighting how threat actors are exploiting npm to target developers.
 
 
skoredin.pro skoredin.pro
 
Building a Blockchain in Go: From 'Hello, Block' to 10,000 TPS
 
 
A new Go tutorial shows how to build a lean, fast blockchain - clocking ~10,000 TPS - without the usual bloat. It covers the full stack: P2P networking, custom consensus, and proper state management.

No unbounded mempools. No missing snapshots. Just a chain that actually runs, benchmarked on real machines - not theory.
 
 
kerrick.blog kerrick.blog
 
Confessions of a Software Developer: No More Self-Censorship
 
 
A mid-career dev hits pause after ten years in the game -realizing core skills like polymorphism, SQL, and automated testing never quite clicked. Leadership roles, shipping products, mentoring junior devs - none of it filled those gaps.

They'd been writing C#/.NET for a while too. Not out of love, just chasing a stack shift that got rolled back months later. Classic.
 
 
unkey.com unkey.com
 
Why we're leaving serverless   ✅
 
 
Every millisecond matters in the critical path of API authentication. After two years of battling serverless limitations, the entire API stack was rebuilt to reduce end-to-end latency. The move from Cloudflare Workers to stateful Go servers resulted in a 6x performance improvement and simplified architecture. The transition enabled self-hosting, platform independence, and eliminated complex caching workarounds.
 
 

👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community.

 
⚙️ Tools, Apps & Software
 
github.com github.com
 
empowerd-cms/nyno
 
 
Create and Run Linux Workflows without Limits. Short for "nine" / "yaml" / "no-code" / "automation".
 
 
github.com github.com
 
kavishdevar/librepods
 
 
AirPods liberated from Apple's ecosystem.
 
 
github.com github.com
 
gvanrossum/abc-unix
 
 
The original ABC language (Python's predecessor), from 1991
 
 
github.com github.com
 
mutativejs/travels
 
 
A fast, framework-agnostic undo/redo core powered by Mutative JSON Patch
 
 

👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.

 
🤔 Did you know?
 
 
Did you know that the widely used monitoring system Prometheus was born because its predecessor failed at scale? Back in 2012, a company found their metrics tools couldn’t handle high-volume data - prompting Prometheus’s creation with a multi-dimensional data model and scalable architecture.
 
 
🤖 Once, SenseiOne Said
 
 
"We celebrate deleting code, then ship more configuration than logic. When it breaks, you won't debug the feature—you'll debug your toolchain's defaults."
— SenseiOne
 

(*) SenseiOne is FAUN.dev’s work-in-progress AI agent

 
⚡Growth Notes
 
 
Treat mastery as the habit of making system truths explicit: before changing code today, spend 10 minutes writing a short contract for the function or module you will touch, listing inputs, outputs, invariants, failure modes, and a simple baseline to measure; then encode it with two assertions and one small property test, and add a lightweight metric or trace to observe it in production. This quiet practice yields smaller PRs, clearer names, easier reviews, and safe rollbacks now, while compounding into clarity, debugging depth, and risk control that will serve you for decades.
 
Each week, we share a practical move to grow faster and work smarter
 
👤 This Week's Human
 
 
This week, we’re highlighting Steve McKinney, CEO of McKinney Consulting Inc., Executive Coach, and M&A Deal Originator working between Seoul and Charlotte. After 13 years in senior roles at Adidas and Reebok, he built a global executive search and leadership practice over 25+ years (via Kestria’s 40+ offices), coaching hundreds of leaders and shaping Proactive Agility and the forthcoming Global Mindset (Q1 2026). Featured by Forbes, Business Insider, and Yahoo Finance, his throughline is practical, cross-cultural decision-making under uncertainty.
 
💡 Engage with FAUN.dev on LinkedIn — like, comment on, or share any of our posts on LinkedIn — you might be our next “This Week’s Human”!
 
😂 Meme of the week
 
 
 
 
❤️ Thanks for reading
 
 
👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📰Reddit
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could forward it to your friends!

🙏 Never miss an issue!
To receive our future emails in your inbox, don't forget to add community@faun.dev to your contacts.

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.
 

VarBear #505: Worst Passwords of 2025 and How Each Generation Compares
Legend: ✅ = Editor's Choice / ♻️ = Old but Gold / ⭐ = Promoted / 🔰 = Beginner Friendly

You received this email because you are subscribed to FAUN.dev.
We (🐾) help developers (👣) learn and grow by keeping them up with what matters.

You can manage your subscription options here (recommended) or use the old way here (legacy). If you have any problem, read this or reply to this email.