I’ve come to realize that it’s just as hard to sit down and write code as it is to write text. There’s a romantic aura around coding. When you think about it, you picture yourself sitting there, solving problems with ease and style. But when you’re actually doing it, you struggle. Small, simple things like naming variables or deciding how to structure the code become tough calls to make, at least when working on personal projects.

It feels like a hundred years ago that I went to one of my first big conferences. I believe it was QCon in London. After that, I also visited a few others. Dreamforce, Salesforce’s huge yearly conference, really blew my mind. At the same time, I started to play with the idea of actually creating my own session and standing in front of a crowd of people.

A few years later, there was a “call for papers.” I don’t know what I was thinking, but I submitted an idea. I kind of forgot about it and was so surprised when I received the acceptance email some time later. From there, it was a journey. For Dreamforce, I was in contact with the conference organizers a couple of times before the event. We went through time plans, slides, content, and also a “dry run” of the presentation. This was very helpful for me as a rookie speaker.

I’ve heard people say they don’t buy books anymore, claiming that everything they want to learn is available on YouTube or somewhere on the web. I regularly buy books. Sometimes I pick up something in a completely new area to broaden my knowledge, and sometimes to deepen it in an area where I already have experience. Since I work as an educator and create the courses I teach, a book can be a great resource to validate the scope of a course or the way I explain a topic.

Lately, there have been multiple supply chain attacks targeting the npm ecosystem. I know that these types of attacks have happened in the past, but when two occur within a fairly short period of time, you have to start thinking about the viability of this way of handling dependencies.

The first attack — I don’t know if it ever got a name — but in the beginning of September (2025), Kevin Beaumont posted on Mastodon about a supply chain attack currently in the wild. The infected packages had weekly download numbers in the billions. One affected package, color-name, alone had close to 200 million downloads a week. At least 18 packages were infected with a cryptocurrency wallet drainer. npm worked hard and was able to remove the infected packages.

A few days ago I found out about something called the IndieWeb. It is, I would say, a loosely connected internet movement built on a social web. Not a social platform, but a network of websites that are able to communicate with each other.

This is nothing new. It is actually something that has existed for a while. In mid-2014 the W3C started The Social Web Working Group that grew ideas into standards such as ActivityPub, which is used in the Fediverse and Mastodon, and Webmention, to mention a few. The latter being a cornerstone for the IndieWeb’s take on the Social Web. Sometimes I’m just late to the party. You may also have heard about the Pingback protocol that was popular when blogging was hot; webmentions is an improvement on that.