Happy Friday people of Slipmat!
This week marked an important turning point for the v3 refactor; we’ve now started the final migration! The work is about half-done, and by next week the old v2 will be no more.
There’s also been some work done on the public UI. The template work is really slow and dofficult, and as I personally am not a very visually talented person, and unfortunately there has been no volunteers so far to help with this, I’ve mostly outsourced the design to Claude Design. It needs lots of babysitting and is still very slow (and expensive!) but at least it’s better what we had… This work is very much WIP at the moment, hoping to get the first version of the final templates ready by next week when we redirect the domain.
New Features
- The very first Slipmat tool originally published in 2016 is now fully rewritten and live on the new site: Playlist Converter converts your DJ software playlists to text or html for social media / blogs etc. (v2 feature parity)
- Artists have now full access to the legacy events and most of their data on the new artist admin dashboard. Rest of the data (like event chat logs) will be available soon when the migration is finished.
- Artists can now edit some event metadata (like set lists) after the event has been archived. You can now go back and clean up legacy stuff as well! (v2 feature parity)
Security
Slipmat Website and API dependencies are now properly hardened against supply chain attacks that have plagued the Web development world recently. We use Renovate to automatically manage dependency updates and Snyk to verify their safety. These both have been in use for Slipmat for a long time but the process was only partially automated so the middlemonkey has now been cut off from the process.
Note: Slipmat code and infrastructure is very secure by default, and there is very little actually data that can be exfiltrated by any attack to Slipmat services. Things like passwords and credit card details are not stored at all (we only store salted hashes which are essentially useless for any third party). Most valuable data we do store is your PII (Personally Identifiable Information) of which we take very good care of. All PII is securely stored in one database only and the backups are encrypted at rest. Even if someone could get the physical backup file, it would be useless to them without the encryption key.
Security is more than doing these kind of individual things and blogging about them every now and then. It’s a mindset and a way to look at the world always through the security-minded lenses. We design our systems securely by default and keep updating them constantly to keep all Slipmatians safe.