Interesting stuff I found - August 2025
Hosting HTTP(s) enabled endpoints during .NET testing
Hanselman identified a hackish way to do it for .NET 8, and there is official support coming in .NET 10.
I might just hold off until .NET 10, but it will be nice, as it will allow less brittle integration tests of Blazor UIs, something that work very poorly against live environments atm.
Best Current Practice for OAuth 2.0 Security
Spent a bit of time browsing through the new stuff (it was published in January). Even in the final version it still mandates the use of mTLS or DPoP for public client refresh tokens, something the Duende folks decided was actually not useful when they dropped their rotation-by-default policy around draft 26.
Anyway, the recommendation for me is clear: Make everything confidential clients going forward, use BFF if you have to.
RFC9700 - Best Current Practice for OAuth 2.0 Security
Blazor PacMan
Oldie but goldie
PostmarketOS - Self-hosting a cluster on old phones
I find the idea of a home-made cluster of old phones strangely appealing, and PostmarketOS is doing the hard work of making it happen. Unfortunately, many old phones are so locked-down they are nothing more than e-waste, and for real world usage I think you would want to be able to remove the batteries to avoid making a huge fire hazard. But all that compute…fun stuff could be made.
Self-hosting a cluster on old phones
Pinball (and Batman)
Played on a Batman ‘66 today. I miss daily pinball (since Alien Poker at work broke :-/) and 1966 Batman.
Metalama in Linqpad
Query source code with Linq - in Linqpad. Very cool, opens up many of the ad hoc query scenarios that tools like NDepend excels at.
Inspecting source code and dependencies using LINQPad
Nowgrep and RipGrep
Interesting to see if Nowgrep can be turned into a viable product, until then RipGrep will do.
winget install BurntSushi.ripgrep.MSVC
Having either tool integrated in Total Commander search (like Everything) would be even greater. I love Total Commander search, but the combination of node_modules and the .git folders (if you are searching hidden files) acts like a tar pit….
BlendOS
Inspired by DHH and Omarchy, I am dabbling with Linux again outside of work, on an old laptop. BlendOS is a representative of an interesting new approach: Run the core OS (here Arch) more or less immutable, that is packages are defined and built to a “system image” based on a “track” (think Phone OS firmware upgrade, with tracks primarily concerned with the Window Manager), then Flatpaks are layered on top for “native” applications. This is supplemented with “containers”, where different distributions (e.g. Ubuntu) can be run inside containers. There is also a container that can run Android apps using WayDroid.
GlazeVM / Tiling window managers
Also inspired by DHH, I gave tiling Window Managers a look. Since i run mostly Windows, I ended up trying out GlazeVM. I can certainly see the appeal, but I quickly realized that I do not currently have the mental capacity for such a monumental shift in my daily driver setup. If I get some free time, I will give GlazeWM (or Hyprland) another look though, it seems solid.
Practical vs. Strict Semantic Versioning
An older article I saw referenced. Should you follow SemVer strictly, and bump major version for any public change? And does that give you a “golden ticket” for breaking stuff all the time? Or should you only bump major when something significant and necessary (for new features etc.) change, then document a migration path? It is a hard call, because on the consumer end, I absolutely do not want to deal with a lot of breakage when bumping non-major versions on a range of components all the time. Then again, my experience tells me he is absolutely right in that if you increment major all the time, people will stay on the old versions…
Practical vs. Strict Semantic Versioning
Rebus Sagas
I was implementing a Rebus Saga at work for reconciling event replicas, and this article was very helpful.