10 min
Base64 Encoding: When and Why to Use It
Learn what Base64 encoding is, how it works, and when to use it. Understand the difference between encoding and encryption, common use cases, and best practices for web development.
Blog
Practical guides for data formatting, encoding, and developer workflows.
All articles
Search by topic, tool, or keyword.
12 min
SQL Injection Prevention: Why Parameterized Queries Beat Escaping Every Time
SQL injection is still the #1 web attack. Learn the real difference between escaping and parameterized queries — with code examples in Python, PHP, and Node.js — and why one method leaves you exposed.
11 min
How to Debug Regular Expressions Step by Step
After years of staring at regex patterns that should work but don't, I developed a systematic debugging approach. Here's my step-by-step method for finding and fixing regex bugs.
10 min
Cron Expression Examples: Copy-Paste Schedules for Linux, AWS & Kubernetes
Ready-to-use cron expressions for every common task: every minute, hourly, daily at midnight, weekly, monthly, weekdays only, and more. Includes Unix crontab, AWS EventBridge, GitHub Actions, and Kubernetes CronJob formats.
12 min
Understanding JWT Claims and Best Practices for Secure Token Authentication
Learn how JWT claims work, explore registered, public, and private claims, and discover security best practices for implementing JSON Web Tokens in your applications.
10 min
Regex Cheat Sheet 2026: Complete Reference for Regular Expressions
This is the regex cheat sheet I keep bookmarked. After years of writing patterns at Šikulovi s.r.o., I have compiled the syntax I actually use daily, plus the gotchas that used to trip me up.
9 min
Email Regex: Why It Is Harder Than You Think
I've written probably 20 different email regex patterns in my career. Most of them were wrong. Here's what I learned after years of getting it wrong, and the patterns that actually work.
11 min
Regex Tester Online: Build, Test, and Debug Regular Expressions
I used to debug regex by trial and error in my code. Compile, test, fail, repeat. Now I test patterns live before writing a single line. Here's how I actually use this thing, plus the patterns I copy-paste constantly.
7 min
CSV to JSON Converter: Complete Guide for Developers
I convert CSV to JSON probably weekly - data imports, API migrations, analytics exports. Here is everything I have learned about doing it right, including the edge cases that used to break my scripts.
8 min
Crontab Validation: Common Mistakes and How to Fix Them
Cron expressions have caused me more 3 AM incidents than I care to admit. Here is my guide to validating them properly, plus every mistake I have made so you do not have to.
7 min
Why I Switched from YAML to TOML (And When I Still Use YAML)
YAML indentation bugs cost me a Friday night once. Now I use TOML for most configs. Here's my practical guide to picking the right format.
8 min
Code Minification: Complete Guide to Reducing File Size
I have slashed bundle sizes by 60% on client projects at Šikulovi s.r.o.. Here is everything I have learned about minifying JavaScript, CSS, and HTML for production.
8 min
How to Create QR Codes: Complete Guide for Developers and Marketers
I generate QR codes for everything - WiFi passwords for visitors, contact cards for business cards, URLs for print materials. Here is what I have learned about making them scan reliably.
12 min
I Tested 10 JSON Formatters So You Don't Have To
After pasting sensitive API responses into random online tools for years, I finally did a proper comparison. Here's what I actually use now and why privacy matters more than features.
15 min
Regex Finally Clicked for Me - Here Is How
I avoided regex for years. They looked like keyboard smashes and made my head hurt. Then something clicked and now I use them daily. Here's the guide I wish existed when I started.
14 min
JSON vs YAML vs XML: Which One Should You Actually Use?
After years of config file debates at Šikulovi s.r.o., here's my honest take on when to use what. Spoiler: I use all three, but for very different reasons.
12 min
How to Generate and Validate UUIDs in Any Programming Language
Learn what UUIDs are, understand the differences between UUID versions (v1-v5), when to use each version, and how to generate UUIDs in JavaScript, Python, Go, and Java.
12 min
Secure Password Hashing - MD5, SHA-256, and Beyond
Learn why password hashing matters, why MD5 is broken for security, how SHA-256 differs, and why bcrypt and Argon2 are the right choice for storing passwords. Understand rainbow tables, salting, and modern best practices.
14 min
JWT Tokens Explained - Authentication for Modern Web Apps
Understand JSON Web Tokens (JWT) from the ground up: how they work, their three-part structure, when to use them, security best practices, refresh token strategies, and common implementation mistakes to avoid.
12 min
Cron Expressions Demystified - Scheduling Tasks Like a Pro
Master cron expressions with this in-depth guide. Learn cron syntax, common scheduling patterns, timezone handling, special strings, testing strategies, and platform differences for Linux, AWS, Kubernetes, and more.
11 min
URL Encoding: The Bug That Wasted My Entire Afternoon
I once spent 4 hours debugging an API call before realizing I'd used encodeURI instead of encodeURIComponent. Here's everything I learned so you don't make the same mistake.
12 min
Code Minification: Best Practices for Production
After years of optimizing builds at Šikulovi s.r.o., I have developed a battle-tested approach to minification. Here is my complete guide to build tool integration, source maps, and avoiding common pitfalls.
10 min
Unix Timestamps: Working with Dates Across Time Zones
Learn what Unix timestamps are, how to convert them in various programming languages, handle timezone challenges, and understand the Y2K38 problem.
12 min
QR Code Generator for Developers: WiFi, vCard, API & Error Correction Guide
Everything developers need to know about QR codes: data types (URL, WiFi, vCard, email), error correction levels, size optimization, and code examples for JavaScript, Python, and PHP. Free online generator included.
14 min
Color Theory for Developers: RGB, HSL, and CSS Colors
Master color models for web development. Learn RGB, HSL, HEX, and CMYK differences, when to use each format, CSS color functions, accessibility contrast ratios, and how to build effective color palettes.
12 min
SQL Formatting Best Practices for Readable Queries
Learn SQL formatting conventions that make your queries easier to read, maintain, and debug. Covers indentation, keyword casing, JOIN formatting, subqueries, and establishing team standards.
14 min
Text Diff Tools - Comparing Code and Documents Efficiently
Learn how diff algorithms work, integrate git diff into your workflow, resolve merge conflicts, and choose the right visual diff tools for comparing code and documents.
15 min
Config Files: My Honest Opinion After Years of YAML Debugging
I've debugged YAML indentation at 2am more times than I want to admit. Here's what I've learned about choosing the right config format for your project.
8 min
Lorem Ipsum and Placeholder Content Best Practices
Master the art of placeholder content. Learn the history of Lorem Ipsum, when to use it, modern alternatives, and best practices for realistic test data in your designs and applications.
12 min
Debugging APIs with Base64 and JWT Decoding
Master API debugging by learning to decode Base64 payloads and inspect JWT tokens. Troubleshoot authentication issues, read encoded error messages, and understand what your APIs are actually sending and receiving.
14 min
Markdown Syntax: The Only Reference You Actually Need
I write Markdown every day - docs, READMEs, notes. After years of looking up the same syntax, I've distilled it down to what you'll actually use. Skip the fluff.
14 min
HTML Entity Encoding - Preventing XSS Attacks
Learn how HTML entity encoding protects your web applications from Cross-Site Scripting (XSS) attacks. Understand character encoding, when to encode user input, framework auto-escaping, and common vulnerabilities developers miss.
15 min
CSV Processing: Everything I Learned After Breaking 3 Data Imports
CSV looks simple until you encounter escaped quotes, BOM characters, and the dreaded formula injection. Here's what I wish I knew before my first production import.
12 min
XML in 2026: When I Still Reach for It Over JSON
Everyone says JSON won. But I still use XML regularly - for document processing, enterprise integrations, and anywhere I need real validation. Here's when and why.
15 min
My Developer Toolkit: The Tools I Actually Use Daily
After 10+ years of web development, I've tried countless tools. Here are the ones that stuck - the utilities I reach for every day to format, debug, and validate.
18 min
My tsconfig.json After Years of TypeScript (Copy This)
I've tweaked my TypeScript config hundreds of times. Here's what I actually use now after years of trial and error on real projects.
16 min
How I Actually Use AI for Code Review (Not Just Hype)
I use AI tools daily and I'm still figuring out what works. Here's my honest take on Copilot, Cursor, Claude, and when to ignore AI suggestions entirely.
14 min
My Git Hooks Setup That Catches 90% of Stupid Mistakes
I used to push broken code constantly. Now my git hooks catch linting errors, run tests, and validate commits before they embarrass me. Here's my exact setup.
15 min
Environment Variables Security: Secrets Management Best Practices
Secure your environment variables and secrets with proven practices. Learn about .env files, secrets managers, encryption, and CI/CD security for modern applications.
17 min
OAuth 2.1 vs OAuth 2.0: What Changed and Migration Guide
Understand the key differences between OAuth 2.0 and 2.1, including PKCE requirements, deprecated flows, and a step-by-step migration guide for secure authentication.
14 min
Rate Limiting My API: What Actually Worked (And What Didn't)
I've implemented rate limiting three times. The first two were disasters. Here's what I learned about token buckets, sliding windows, and why Redis is your friend.
16 min
Zero Trust for APIs: Why I Stopped Trusting My Own Network
I learned the hard way that 'inside the firewall' doesn't mean 'safe.' Here's how I rebuilt our API security from the ground up with zero trust.
18 min
WebAssembly Changed How I Think About Performance (A JS Dev's Journey)
I avoided WASM for years thinking it was only for game devs. Then I tried it for image processing. Here's what I wish I'd known as a JavaScript developer.
8 min
JSON to TypeScript: Stop Writing Types by Hand
I used to manually write TypeScript interfaces for every API response. After the third time I mistyped a property name, I automated it. Here's why you should too.
7 min
JavaScript Beautifier: Making Sense of Minified Code
Ever tried to debug minified production code? I have. It's like reading a novel with no spaces or punctuation. Here's how code beautification saves hours of debugging time.
8 min
cURL to Code: From API Testing to Production
You've tested your API with cURL or copied a request from DevTools. Now you need to write actual code. Here's why manual translation is error-prone and how to automate it.
7 min
Image to Base64: When Embedding Makes Sense (And When It Doesn't)
At Šikulovi s.r.o., we base64-encoded every icon on a client's landing page. Page load time doubled. Here's what that disaster taught me about when embedding actually makes sense.
8 min
Number Base Conversion: Binary and Hex for Everyday Development
I avoided binary and hex for years - until a production server went down because I set wrong permissions. That night I finally learned what chmod 755 actually means. Now I convert between bases constantly at Šikulovi s.r.o..
7 min
JSON to CSV: Exporting API Data for Excel and Spreadsheets
At Šikulovi s.r.o., someone asks me to export API data to Excel almost every week. Marketing wants campaign data, finance wants transactions. Here's how I handle the conversion - including the nested object problem that took me forever to solve properly.
8 min
Password Security: Why Random Beats Clever Every Time
After years of managing passwords for client projects at Šikulovi s.r.o., I've learned the hard way that 'clever' passwords are actually the weakest. A client account breach in 2018 taught me why truly random passwords matter.
7 min
Word Count Matters: A Developer Guide to Content Length
Whether you're writing documentation, blog posts, or commit messages, word count affects readability and SEO. Here's what I've learned about optimal content length for different platforms.
9 min
Naming Conventions: The Complete Guide to Case Styles in Programming
camelCase, snake_case, kebab-case - why do we have so many? Here's what I've learned about naming conventions, when to use each style, and why consistency matters more than the 'right' choice.
8 min
URL Slugs: Best Practices for SEO-Friendly URLs
I used to ignore URL slugs until I saw the click-through rate difference between /post?id=12345 and /how-to-write-better-code. Now I obsess over them. Here is what I have learned about slugs, SEO, and why every character matters.
9 min
String Escaping Guide: JSON, HTML, URL, and More
After debugging my third XSS vulnerability caused by improper escaping, I finally sat down and learned the rules properly. Here is my complete guide to escaping strings for JSON, HTML, URLs, and more - with the gotchas that bit me.
7 min
SHA-256, MD5 & More: How to Hash Strings Online (and When to Use Each)
A practical guide to hashing algorithms for developers — SHA-256, MD5, SHA-1, SHA-512. When to use them, when not to, and how an online hash generator speeds up your workflow.