Fredrik's Homepage

Welcome! I'm Fredrik — a software engineer who enjoys tinkering with infrastructure, programming languages, and whatever else catches my curiosity. Have a look around and feel free to leave a note in the guestbook.

Blog posts

Tailscale is great

After reporting over 32 000 IP addresses for trying to hack my box, I decided to finally just shut off port 22, and migrate to Tailscale.

Published 3 months ago

My take on AI is changing

Less than half a year ago I was not only skeptical towards AI in my field, software development, but also not very impressed by the results it produced at the time. Now, however, I rarely write code myself anymore, and I'm not really observing the problems I envisioned would arise by the increased use. But. Some concerns I had, I still have.

Published 3 months ago

I want to love you, Orion by Kagi. I really do

As a fan, and user, of Kagi, I decided to give their browser Orion a try as my daily driver, only to want to tear my hair out after under two days of use.

Published 6 months ago

Where did all the humans go?

I'd love to read more tech blogs, interesting tweets/mastodon-posts, or other programming content, but the massive influx of AI slop and AI hype content takes the joy out of it.

Published 6 months ago

Follow up to post about invalid fallback values

Discussing how you can use the type system to your advantage to avoid passing around values that don't make sense. How types alone aren't enough to ensure your value is "valid", and response to my previous post's feedback on Reddit.

Published 6 months ago

Invalid values and the nullish coalescing operator in JavaScript

After working as a JS/TS developer for quite some years I've grown quite used to seeing || "" or ?? "" strewn around codebases as a quick fix to "remove" nullability, usually due to some value which you assume is set, but can't "prove" type-wise. I think this is a code smell, and I generally think it's not the right solution. In this post I try to explain why I don't think so, and provide some patterns that could help combat the downsides introduced by this pattern.

Published 6 months ago

Zed, AI in editors, and where did all the feature development go?

My experience using the Zed editor, why I'm struggling to adopt it as my full-time editor, and what I love about it.

Published 6 months ago

My very own homepage

An introduction to my new website. Quick explanation of the different technologies used, and my goals for the site. How I've used (and more importantly, not used) AI.

Published 7 months ago

XxX__hackerb0i__XxX14 days ago

fredrik14 days ago

hi, i am the creator of this website! My favourite programming languages are HTML and CSS - you don't need a framework or backend IMO. blog post coming soon

Janne T2 months ago

Another blog to subscribe to 🫡

Erik2 months ago

I like your thoughts!

Fredrik August3 months ago

Finally updated my website. Simplified the architecture and made it a lot easier to maintain. Now realising the selling point of Vercel for Next.js. It’s a real hassle to host this Payload CMS project to be honest, compared to a “normal” MPA like RoR.

Jade6 months ago

I agree!! Greetings from Brussels

Casey6 months ago

I like your writing, please keep it up! You've earned yourself an RSS subscriber

undefined6 months ago

undefined

C & M6 months ago

Totally agree with if (process.env.MY_ENV_VAR === undefined) { throw new Error("MY_ENV_VAR is not set") } The other was is lazy and annoying!

Fredrik6 months ago

What I thought would be an article that most agreed on turned out to be anything but, and it's currently first place in controversial posts on /r/programming. Very exciting to see that people are reading it though:)

A6 months ago

MALMÖÖÖÖ

Fredrik6 months ago

Instagram has started automatically dubbing my reels, and changing the mouth to match the dub. Crazy. It also, of course, is seemingly impossible to turn off, just like YouTube, and ruins the experience of anyone who watches content in more than one language.

Fredrik7 months ago

Finally made an effort to rework the content here:) The photos are now uploaded and managed using Payload CMS self-hosted on my VPS, and I plan to add a blog section soon!

Fan7 months ago

crazy website

Fredrik7 months ago

I wish Cloudflare Connectors would let me connect my Hetzner Cloud S3-compatible endpoint, and not just the official s3 from AWS. I would like to serve my S3(-compatible) content from behind their proxy to benefit from their caching, but that requires a) using AWS s3, or b) paying for Enterprise which seems a bit overkill for my personal website.

Fredrik7 months ago

Why does the Auth0 login page email field auto-fill my full name and not my email?

Fredrik7 months ago

I got hacked! Turns out, at 11 PM last night, a Chinese botnet gained access to my box on Hetzner by brute forcing the password of my cluster account. It happened because I used an insecure password on the account, not knowing that SSH password authentication was turned on. Hetzner let me know this morning that my box was found to be performing netscans outwards. I managed to stop the scripts running and clean out the malware which consisted of a bitcoin miner, a network scanner and some other bits and bobs. Remember to use strong password, and to only use SSH key access on your boxes.

Claire8 months ago

GREAT HOMEPAGE!

Fredrik8 months ago

As I've been running my session store for authentication in memory, every time I've restarted my dev server I've had to log in again. It became a little tiring so I decided to switch over to using redis for sessions so I can stay logged in across restarts and upgrades in prod. Inspired by [this article by Mitchell Hashimoto](https://mitchellh.com/writing/building-large-technical-projects).

Jonathan (SEO bot)8 months ago

How can I get to this website from google?

Fredrik8 months ago

Okay it doesn't really take ~88 ms. I forgot to check the HTTP response so it's actually closer to 300 ms.

Fredrik8 months ago

It works by generating a key before you submit the form, which is then sent back to Cloudflare from the backend to be verified. It all just takes ~88 ms. Also turns out I forgot to spawn the email notifier in a background `context.Context` so now it should be a lot quicker. Not that you'll really notice, but it looks better in my graphs.

Fredrik8 months ago

After getting spammed by some SEO marketing bots, I decided to implement Cloudflare Turnstile which is the little black box under the message input that you may or may not see. It should in theory prevent bots from posting more comments 👽 Have a great Wednesday

Henrik8 months ago

Hei! :D

Fredrik8 months ago

Got observability in place as well using the Go OpenTelemetry SDK and Dash0. A little hard to get Chi to play nice with the open telemetry instrumentation but got there in the end.

Fredrik8 months ago

I've used Resend to set up email notifications on new comments. Worked like a charm, and their SDK and setup process for DNS settings was very straightforward.

Fredrik8 months ago

Finally took the time to implement authentication, so I can now log in and remove those pesky SEO bot spam comments. Tried going old-school and not using Clerk/BetterAuth/Auth0. Feel free to try to hack my website, but please don't delete anything if you manage to get access. If you find any vulnerabilities I can be reached on contact@fredrikmalmo.com

Kanskje Picker8 months ago

Anders er søt 🫶

Hvem vet? 8 months ago

Anders er søt 🫶

Anårs8 months ago

Er det realtime da?

owner8 months ago

thank you, claire!

!8 months ago

wow, the title sparkles

Fredrik8 months ago

sjekk nå Picker!!

picker8 months ago

nice photos!

Claire8 months ago

Wow, impressive work! Way to Go #Gomponents #writteninGo

Fredrik8 months ago

Hello guestbook