Lucca Wang

01/21/2025 💡 MLK Day 2025

Our Shared Humanity on Earth and Replenishing the Spirit

Over the weekend, I enjoyed a refreshing hike with friends in Southern New Mexico. Trekking 3 miles up 615 feet into the canyon and back reminded me of our shared humanity on Earth, and the activity replenished my spirit.

Today, as we witness the presidential inauguration, I'm reflecting on the wise words of Martin Luther King Jr.: 'Don't let them get you to hate them.' In a time when political views often divide us, these words serve as a powerful reminder of the importance of empathy and understanding. (I think of this as politically neutral while honoring the day's event and national holiday.)

Shout out to Paul the Ripples Guy, Paul Wesselmann, for the quote via email - I subscribed to his emails after he spoke at my alma mater, Drake University, around 2010. His thoughtful emails contain three quotes each and never disappoint.

Thanks to Strava and AllTrails for the metrics and guiding us along the Bureau of Land Management trails.

Learn more about me:

11/20/2024 💡 My Recent Work on Application Security in Enterprise

Benefits of Centralized Configuration Management You Can Utilize

Recently, I had the privilege of working on application security. I made any variables that contain secrets, keys, or information that could be exploited for malicious attacks or configuration hacking into an environment variable. And, streamlining the workflow of accessing data stored in the environment variables is important, too.

Loading environment variables in a single file and importing them where needed is a key best practice that's called Centralized Configuration Management. It ensures consistency, simplifies maintenance, and provides better control over environment variables across the application.

Benefits of Centralized Configuration Management:

1. Single Source of Truth: Loading and centralizing environment variables in one place, like a dedicated configuration file, or settings file, ensures all parts of the application are using the same values. This minimizes the risk of inconsistencies or errors.
2. Easier Maintenance: A clear, consistent structure for managing environment variables simplifies the workflow for developers and makes it easier to update, add, or remove variables. This structure enhances security and protects keys while improving the overall maintainability of the app.
3. Consistency: Centralizing loading of the environment variables ensures that changes to them (e.g. from development to production environments) are handled consistently. It can also help with the organization of switching keys. A well-defined process for managing and protecting the keys also sets a standard for how developers should access environment variables, promoting cohesion across the application.

As cyber threats and a deeper understanding of cyber attack strategies increase, I believe security will become more ingrained in the development process. Protecting sensitive information through environment variables and implementing Centralized Configuration Management helps combat against these threats and attacks, leading to enhanced security, scalability, maintainability, and efficiency.

The truth is that isn't not a one-and-done process - it's about maintenance that brings value to the product.

This past month, I attended Okta's dev_day(24) (Developer Day 2024), which is a global event about Okta's current initiatives within the cybersecurity space. Check out my blog post on a couple of my takeways:

11/4/2024 💡 Website Updates 0

Introducing New Changes I've Recently Implemented!

• Transparent navigation bar upon scroll with JavaScript.
• Newly implemented grid CSS - oo la lah, so accurate!
• A demo project walkthrough in audio file format plus a new project GIF of one of my personal full-stack projects (PetPlanner)!
• Documentation on how I build this website.
• New blog posts:
• GenAI in Enterprise
• Developer Advocate Semona Igama and Okta's Identity Standards.
• My 2-hour Global O'Reilly's Course Completion on GenAI for Everyone.
• Inline Styling verses Styling through Cascading Style Sheets (CSS).

Find out how I created this website:

10/28/2024 💡 Identity Standards and Okta's dev_day(24) Part 1

Shout out to my friend, mentor, fellow Hackbright Academy graduate, and Okta's Developer Advocate Semona Igama!

I hadn't encountered the term, or job title, "developer advocate" until my now-friend Semona Igama generously volunteered her time to speak to my software engineering bootcamp cohort at Hackbright Academy about her current developer advocate role at Okta. I'm grateful to Semona for giving back to a community that helped her start her own career in the tech industry, especially since she's been a friend and mentor to me ever since.

As an Okta developer advocate in Okta's Identity Standards department, she recently interviewed Okta Director of Identity Standards Aaron Parecki about OAuth Global Token Revocation specification that's part of the OAuth 2.0 framework at Okta's dev_day(24). It outlines a standard way to revoke access tokens globally across different services or applications, and she did a fantastic job of guiding the conversation with her strategically outlined questions.

They talked about the new protocol and explained how it can effectively solve key enterprise security breach scenarios, which I found to be interesting. As a software developer, I think it's important to be open to new information and all things surrounding software development since security is inevitably part of developing software. So I appreciated Semona sharing with me about the event prior to the event, so I could sit in on that conversation.

Shout out to my friend and mentor, Okta's Identity Standards Developer Advocate, Semona Igama! See the link below to check out the recorded sessions at Okta's Developer Day 2024:

10/17/2024 📚 Unlocking the Future of Generative AI in Business

Insights from Altaf Rehmani's Global Course on Ethical AI Practices

Did you know that by 2025, 70% of enterprises will identify the sustainable and ethical use of AI among their top concerns? (Source: Gartner)

🌌 It was a late night in a global class for me (Hong Kong morning🌅), but I really enjoyed Altaf Rehmani's presentation through O'Reilly titled Generative AI for Everyone.

For two hours, we learned about Generative AI, applications and impact on businesses, prompt engineering, real world use cases, risks and limitations, companies and tool, and trends - and the future.

More specifically, we discussed about:
• popular large language models (LLMs) and how using them is a good step to building and implementing them in business;
• the different types of AI and where Gen AI fits into that;
• the collection of techniques;
• the difference between generative and predictive AI;
• where Gen AI falls in the historical landscape;
• what it is;
• guard rails and reinforcement learning from human feedback (RLHF);
• use cases over the Gen AI application landscape;
• prompt engineering and the C.R.E.A.T.E. framework;
• the economic impact of Gen AI;
• and so much more.

I am interested in GenAI, AI, and ML, so if you have an open position, or partnership you'd like to collaboration on, please reach out to me.

10/11/2024 💡 October PSQL Szn

With the season change, comes my database (candy)corn-y joke

PSL, or PSQL?

Or, if you're in New Mexico, you can have a pumpkin horchata AND maintain your Postgres databases at the same time. 👻

Did you catch my SQL reference? If you did and can tell me which clause this operator is in, message me the answer on LinkedIn and you'll get a (virtual, digital) gold star. (this is not a commercial contest))

Curious about how I work with Postgres? Check out the data model I built for my Postgres relational database of one of my full-stack web apps in the project's README (documentation).

If you need help with your backend development or database, please don't hesitate to reach out to me.

9/27/2024 💡 A Use Case Example

Inline v. CSS

Before my transition to Software Engineering last year, I was an email developer, using Hypertext Markup Language (HTML) to code nonprofit and political fundraising emails for clients across the nation. (Being an email developer was part of my job, which was centered on communications and digital media.) Technologies: I used Notepad++, HTML, AWS S3, an SQL database and email client ActionKit, and also MailChimp, and before that, ConstantContact. The inline styling is not the templates used for the emails - but rather the inline styling was used for the body of the emails.

What does this mean? Well, I coded the emails mostly with inline styling, as opposed to what I use now as an engineer: I now mostly use CSS (95% of the time).

Why is that? It's because the emails were one-off (even if we might send 4 emails for one client in 1 day). By doing inline styling, you're able to customize each email according to the design and style, which reflects the content and needs/purpose of sending the (individual) email.

Why is this different from API, application, websites, etc.? (AKA: Why do I use CSS 95% of the time - as opposed to inline HTML styling - in my projects now as a software engineer?) It's different, because when you have a whole project, you want it to be consistent - in design style, writing style, coding style, and more. So, when you have a stylesheet that indicates how everything on your website should look, you have a centralized place of the styles, and it tells all the same elements on the website to do that same thing. (For instance, I have a certain size and color + CSS animation for my h2 headers on my portfolio website. Because of CSS' centralized stylesheet, all the h2 headers on my portfolio website are the same font size, the same color, and have the same animation on them. This way, the viewer/user of the website knows when they see it that that's a subheader, like the one they saw that looked like it before. This consistency increases readability and usability.)

Learn more about me and my experience and skills on my website that I hand built at https://luccawang.dev.

If you need help with frontend development (styling, or your CSS), please don't hesitate to reach out to me.

9/16/2024 💡🍲 Cooking Blogs in the Wild

How ads are weighing down your small business

My cooking hobby and developer skills collided in the wild the other Friday night when I was searching Google for a chicken cacciatore recipe... The chosen recipe's website was so slowed by ads and bugs, it was unable to load.

As a software developer, I know the obvious place to look for bugs. And there were tons of grubs under that log - as seen in the screenshot attached, which only shows 1/20 (one twentieth) of the total bugs showing in the inspector.

My cooking solution: I found a different recipe on another, working website. It's awesome to monetize, but be careful how you do it.

I love solving problems - that's why I'm an engineer. So if this is you, if you have a website that's slow to load and negatively - or potentially negatively - impacting your site traffic, I am happy to help you resolve the site issues so people can see your amazing work!