Stop Apple Spotlight from slowing down your Mac by preventing it to index node_modules folders

Speaking of node_modules folders, this tip by Roel Van Gils came to mind:

Hat tip, Roel! But wait dear reader, there’s more …


In case you want to retroactively add .metadata_never_index files to your node_modules folders, use this command as suggested by @malfaitrobin (a former student of mine):

$ find . -type d -name "node_modules" -exec touch "{}/.metadata_never_index" \;

You might need to reindex Spotlight after this before it takes effect:

$ sudo mdutil -i on /


To stay ahead of things, it’d be much better to create this .metadata_never_index file before running npm install.

As nor npm install (issue) nor yarn install (issue) have the creation of said file integrated, I use a preinstall script that does the job for me.

To enable it, add the line(s) below to your package.json:

"scripts": {
  "preinstall": "mkdir -p ./node_modules && touch ./node_modules/.metadata_never_index"

The preinstall script will be run right before npm install does its thing, ensuring the presence of the .metadata_never_index file inside ./node_modules 🙂

Did this help you out? Like what you see?
Consider donating.

I don’t run ads on my blog nor do I do this for profit. A donation however would always put a smile on my face though. Thanks!

☕️ Buy me a Coffee ($3)

Easily find and remove old and heavy node_modules/vendor folders with npkill

When working in web, you can be left with several lost node_modules (JS) and vendor (PHP) folders spread across your filesystem, unnecessarily taking up space.

To find these, I use the following command:

# List all node_modules (from current directory down) and their size
$ find . -name 'node_modules' -type d -prune -print | xargs du -chs

To remove all these, I use the following command:

# Remove all node_modules folders (from current directory down)
$ find . -name 'node_modules' -type d -prune -print -exec rm -rf '{}' \;

ℹ️ Replace node_modules with vendor to search for vendor folders (PHP)

But what if you only want to delete only a select few of those folders? Enter npkill, a tool that offers a UI to allow you to do just that in quick way:

This tool allows you to list any node_modules directories in your system, as well as the space they take up. You can then select which ones you want to erase to free up space. Yay!

You could install it globally, or leverage npx to run it immediately:

$ npx npkill

Using its --target option, you can use it to target vendor folders

$ npx npkill --target vendor

NPKILL – Easily find and remove old and heavy node_modules folders →

Paint Holding in Google Chrome

One of the features that shipped with Chrome 76 is “Paint Holding”. It’s a technique that removes the “flash of white” – e.g. the white page you briefly see while the browser is loading the next page – when navigation between two pages on the same origin, thus delivering a smoother experience to the user.

The way this works is that we defer compositor commits until a given page load signal (PLS) (e.g. first contentful paint / fixed timeout) is reached. Waiting until a PLS occurs reduces likelihood of flashes of white/solid-color.

No idea what the fixed timeout is, but let it be another reason make your site as fast as hell 🙂

Paint Holding – reducing the flash of white on same-origin navigations →

Star Wars: The Mandalorian

Trailer for The Mandalorian, a Star Wars live-action series, due November 12 on Disney+:

After the stories of Jango and Boba Fett, another warrior emerges in the Star Wars universe. “The Mandalorian” is set after the fall of the Empire and before the emergence of the First Order. We follow the travails of a lone gunfighter in the outer reaches of the galaxy far from the authority of the New Republic.

How To Organize Team Building Retreats

UX studio, a Budapest based 30-person design company on how they plan their team retreats, how they keep the balance between fun activities and serious work during those retreats, etc:

Every six months, our whole UX company travels to a remote location in Hungary’s countryside for two days to have fun and decide together about our big goals.

These team building retreats play an important part in UX studio’s culture. We have been doing them for five years now, and we love them dearly. So, after ten of them, I’m sharing my learnings and giving tips to those of you just starting out with the corporate retreat concept.

How To Organize Team Building Retreats →

Learn about security by hacking a fake bank using a real hacking method

Cool interactive site showing your how to perform a Server Side Request Forgery hack, based on a true incident:

The following interactive tutorial is a reconstruction of Capital One’s data breach incident that exposed the records of almost 106 million customers.

Paige Thompson is accused of breaking into a Capital One server and gaining access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers.

To all developers: As always, beware when processing user input …

Contra – Interactive Application Security Training →

Via Jesse

Time to First Byte: What It Is and Why It Matters

Harry Roberts has done an extensive write-up on Time To First Byte (TTFB), an often overlooked metric when it comes to measuring the performance of websites.

While a good TTFB doesn’t necessarily mean you will have a fast website, a bad TTFB almost certainly guarantees a slow one.

To see what happens during your TTFB, you can leverage the Server Timing API.

Time to First Byte: What It Is and Why It Matters →

Connect to Remote MySQL Server with SSL Certificates from PHP: Fixing the error "Terminated due to signal: ABORT TRAP (6)"

Photo by Clem Onojeghuo on Unsplash

To connect to a MySQL Server that requires SSL from PHP with PDO, you can use this piece of code:

try {
	$db = new PDO('mysql:host=DB_HOST;dbname=DB_NAME', $user, $pass, [
		PDO::MYSQL_ATTR_SSL_KEY => 'path/to/client_private_key',
		PDO::MYSQL_ATTR_SSL_CERT => 'path/to/client_cert',
		PDO::MYSQL_ATTR_SSL_CA => 'path/to/server_ca_cert',
} catch (PDOException $e) {
	print "Error!: " . $e->getMessage() . "<br/>";

To my surprise I was greeted with an abort signal (not an Exception!) when running this piece of code when trying to connect to a MySQL 5.7 Server on Google Cloud SQL:

Terminated due to signal: ABORT TRAP (6)

Thinking it was a problem with the used certificates I turned to the mysql binary to verify their contents:

$ mysql \
	--ssl-cert='path/to/client_cert' \
	--ssl-key='path/to/client_private_key' \
	--ssl-ca='path/to/server_ca_cert' \
	--host=DB_HOST \
	--user=DB_USERNAME \

And guess what: that command, of course, worked just fine … but what is the problem then? Is it Google Cloud SQL? Is it PHP acting up?

At the root of the problem is the fact that I’m connecting to the host using an IPv4 address and that the Common Name in the certificate – which one needs to choose manually when generating an SSL Certificate for a Cloud SQL instance – does not match (ref).

To work around this issue you have two options:

  1. (recommended) Connect to your Cloud SQL instance using the Cloud SQL proxy
  2. (not recommended, but needed when solution 1 is not an option) Disable the verification of the server SSL certificate

For the first solution follow Google’s instructions on the Cloud SQL Proxy.

For the second solution, set the PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT option to false:

try {
	$db = new PDO('mysql:host=DB_HOST;dbname=DB_NAME', $user, $pass, [
		PDO::MYSQL_ATTR_SSL_KEY => 'path/to/client_private_key',
		PDO::MYSQL_ATTR_SSL_CERT => 'path/to/client_cert',
		PDO::MYSQL_ATTR_SSL_CA => 'path/to/server_ca_cert',
} catch (PDOException $e) {
	print "Error!: " . $e->getMessage() . "<br/>";

💁‍♂️ Do note that in this case your connection is encrypted, but you’re not validation the server SSL certificate, and therefore cannot be guaranteed that you’re connecting to the correct server …

With all these set, your PHP code should be able to connect to the MySQL instance without being terminated prematurely …

Did this help you out? Like what you see?
Consider donating.

I don’t run ads on my blog nor do I do this for profit. A donation however would always put a smile on my face though. Thanks!

☕️ Buy me a Coffee ($3)

The ingredients of a classic house track

Another great video in the Vox Earworm series, a must see for any (house) music lover. Perfect fit to watch right after their previous “The Disco Invention that Changed Pop Music” video.

On June 12, 1979, thousands of disco records were destroyed at Chicago’s “Disco Demolition Night”. Within one year, Chicago DJs and producers had reinvented the genre, and house music rose from the ashes of disco.

5 Tips to Help You Avoid React Hooks Pitfalls

Kent C. Dodds:

As hot as it is, React Hooks require a bit of a change in the way you think about React Component Lifecycles, State, and Side Effects and it can be easy to fall into problematic scenarios if you’re not thinking about React Hooks properly. So let’s look a bit at what pitfalls you could come across and how you can change your thinking so you avoid them.

Glad to see one of the tips is to no longer think in lifecycles, but in effects. Also, must say I hadn’t really checked out the ESLint React Hooks Plugin yet 😬.

5 Tips to Help You Avoid React Hooks Pitfalls →