SShortSingh.
Back to feed

NepalPay v1.2.1 Fixes File Descriptor Leak and Consolidates Duplicate Bug Across Six Files

0
·1 views

Developer Saurav released NepalPay v1.2.1 after discovering a file descriptor leak in the library's ConnectIPS certificate-loading code, where an unclosed FileInputStream caused a 'Too many open files' error on Kubernetes during rolling deployments. The same buggy implementation was found duplicated across six separate auto-configuration files, prompting a broader architectural fix rather than a simple patch. A new utility class, PfxLoader, was introduced in the dependency-free nepal-pay-core module to centralize certificate loading, replacing all six redundant implementations with a single delegation call. The release also resolves a long-standing issue where ConnectIPS lacked a configurable HTTP timeout, unlike other supported gateways; its default remains 30 seconds due to the additional network hops through Nepal Clearing House Ltd., but developers can now override it via configuration. Both fixes highlight how a minor bug can expose deeper maintainability problems when logic is scattered across multiple files without abstraction.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Developer Builds Dynamic Menu Filter Component on Day 155 of MERN Stack Journey

A software engineering learner reached day 155 of their MERN stack training by building an interactive menu filtering feature for a food delivery app called Tomato. The component, named ExploreMenu.jsx, allows users to browse and filter food categories with responsive visual feedback. The developer implemented a state-lifting pattern, passing category state and its setter function down from a parent component rather than managing it locally within the child. Clicking a menu item toggles the selected category, reverting to 'All' if the same item is clicked again. The approach was shared on DEV Community as part of an ongoing public learning series.

0
ProgrammingDEV Community ·

TypeScript Has Limits: Why Runtime Validation Is Now Essential for Modern Apps

TypeScript introduced static type checking to JavaScript, helping developers catch type errors at compile time before code reaches users. However, its types are erased at runtime, meaning external data from APIs, forms, or localStorage is never actually verified against declared types. This gap allows runtime crashes even when a TypeScript build completes without errors, a risk senior engineers are increasingly flagging. Modern schema validation libraries such as Zod, Valibot, and ArkType address this by validating real data at runtime while automatically inferring TypeScript types from a single schema definition. Experts now recommend combining TypeScript's compile-time checks with runtime schema validation at every external data boundary for genuinely robust type safety.

0
ProgrammingDEV Community ·

Developer Analyzes 70 DEV Challenges and 542 Submissions to Build Bug Smash Playbook

A developer spent several days reviewing every past challenge on DEV.to, examining 70 winner announcements and 542 individual winning submissions across categories including hackathons, game jams, and AI challenges. The analysis was aimed at identifying repeatable patterns that judges reward in DEV's Summer Bug Smash competition, which offers 23 winning slots and prizes exceeding $1,200 per participant. Key findings show that writing quality, a focused original concept, and meaningful use of sponsor technology are the top factors judges cite when selecting winners. The author also identified common failure patterns, such as generic project ideas with no distinguishing angle. The resulting guide includes a track-by-track playbook, submission templates, and a week-by-week execution calendar for prospective entrants.

0
ProgrammingDEV Community ·

Auto-Disable Pipeline Reclaims Claude Context by Removing Dormant MCP Plugins

Unused MCP plugins in Claude Code silently consume context window space because their tool schemas are injected at every session startup, even if never called. Over months of casual experimentation, a user can accumulate more than 30 dormant plugins — enabled but uninvoked for 30 or more days — steadily shrinking the token budget available for actual work. A developer has built a three-script pipeline that detects dormant plugins, auto-disables them, and archives their caches on a weekly schedule via a single launchd entry point. The detection script parses session JSONL logs using jq to count only genuine tool_use invocations, correcting an earlier grep-based approach that miscounted tool availability listings as actual calls. In a sample environment with 62 enabled plugins, the pipeline identified 33 as dormant, flagging them as candidates for disabling to reduce what the author calls the 'context tax.'