Lessons Learned

Contact us: contact@vinta.com.br

django

Avoid using user.is_anonymous in templates. If for some reason the user is not set it will evaluate to False and this could expose sensitive content. Use not is_authenticated instead.

djangooptimization

Avoid the overhead of having the default <select> in Django Admin with all the related instances (ForeignKey or ManyToMany) just listing them in ModelAdmin.raw_id_fields. I've just done it and my admin change pages are being loaded up to 10x faster, avoiding a lot of request timed out error.

javascriptnpm

When working with npm, create the habit of updating your environment with npm update (not npm install) regularly. The latter does not update already installed packages, the former follows semver from package.json.

uxproduct

Always have a quick and friendly feedback feature on your product. Besides all the metrics you can get from it, it helps users to give you a second chance by telling you what didn't work for them.