Programming Leftovers

Submitted by Roy Schestowitz on Wednesday 18th of May 2022 10:15:20 AM
Development

  • How we deploy to production over 100 times a day

    Our success relies on us rapidly shipping new features to customers. This tight feedback loop helps us quickly validate our ideas. We can double down on the ideas that are working, and fail fast if we need to.

    To achieve this rapid release cadence, we’ve optimised our engineering culture, tooling, and architecture to make the path from idea to production as frictionless as possible, all without sacrificing safety. We believe our approach gets us the best of both worlds: less friction encourages smaller changes, and smaller changes are less risky.

  • Semantic HTML and Shiny Applications

    A couple of weeks ago I was looking around for different CSS frameworks to play around with, and came across Semantic HTML (not to be confused with Semantic UI) and I’m hooked! There are several “classless CSS frameworks” that are implemented under the ideology of Semantic HTML: styling of elements (e.g. height and colour) is applied to the HTML tags rather than classes, meaning that the HTML is less of a sea of

    and tags with 6 or 7 classes, and more of a wider range of HTML tags that better explain what is contained in the web page.

  • The Problem of Sharing Code

    Programs today are often a Frankenstein combination of different open-source libraries. I've spent a lot of time thinking about how to manage all of the dependencies (see Reflections on 10,000 Hours of Programming). How code gets used and reused should be important for developer productivity optimizers.

    Some layers I think about when thinking about sharing code.

  • Ideas for Clojure Network Eval API

    Since I am also a tool maintainer AND my tool works with nREPL, I thought I share my ideas here.

  • Codebases as communication

    Conventionally we communicate programming ideas with talks, papers, and blog posts. But we can also communicate ideas with entire codebases. If someone finds a security exploit, she’ll sometimes publish a proof of concept to prove the exploit isn’t just theoretical.

    Now let’s say the exploit PoC comes with a ton of command-line flags: verbose mode, configuration options, output formats, the whole works. Now the writer is communicating something subtly different: not just that the exploit exists, but she wants you to experiment with it. She’s making it as easy as possible for you to play with the exploit yourself and come up with variations and consequences.

    This makes codebases like any other kind of communication medium. There are different styles you can use to say subtly different things. There are also different “genres”, or overt things you use the codebase to say. Some examples: [...]

  • parallel tree running

    We want to walk a tree in parallel. We don’t know how big or deep it is. We will discover new nodes of unknown branchiness as we go. As we progress, we will end up performing two types of work. Sometimes we find a directory and recurse deeper. Sometimes we find a file and have to count the lines.

  • Maximum Path sum in a N-ary Tree

    Given an undirected tree with N nodes numbered from 1 to N and an array A[] where A[i] denotes the value assigned to (i+1)th node. The connections between the nodes are provided in a 2-dimensional array edges[]. The task is to find the maximum path sum between any two nodes. (Both the nodes can be the same also).

  • Grpc, AWS Lambdas and GoLang

    The reason why none of this works, is that although you can make an HTTP/2 connection with AWS’s API Gateway, the API Gateway won’t call the lambda over HTTP/2, it will use HTTP/1.1. It seems like this should be easy to overcome, but my understanding is that GRPC is heavily integrated with HTTP/2.

    What you’d need is a different wire protocol than GRPC if you wanted to work over HTTP/1.1 and this protocol does exists. It’s called GRPC-Web. Unfortunately, the GRPC-Web clients seems to be limited to JavaScript and TypeScript. There is a Golang client but the “IMPLEMENTATION IS LACKING”. So, unless I missed something, its not possible to run a GRPC service on an AWS Lambda. GRPCWeb is a good compromise if you clients are going to written in JavaScript or if more GRPCWeb clients start appearing. Otherwise you’re probably going to end up with REST or not using Lambdas.

  • The optics of pair programming

    If you are not familiar, pair programming (pairing) is the practice of collaborating directly with another person to work on a problem. You’ll often hear it in development contexts, but I've also encountered it with design.

    In the Before Times, we paired by walking over to a coworker's computer, sitting next to them, and talking through the problem as they worked on it. Nowadays, it is (hopefully) remote screen sharing.

  • Golang Diaries: Generics

    Why generics? · Quamina is all about building and running finite automata. To do this you need a table-like data structure that represents states and the transitions between them. Quamina uses both deterministic and non-deterministic finite automata, DFAs and NFAs for short. The only real difference is that a transition from a DFA state is always to one other state; in an NFA you can have transitions to multiple others, in practice to a list of states.

  • Interactive decompilation with rellic-xref

    Rellic is a framework for analyzing and decompiling LLVM modules into C code, implementing the concepts described in the original paper presenting the Dream decompiler and its successor, Dream++. It recently made an appearance on this blog when I presented rellic-headergen, a tool for extracting debug metadata from LLVM modules and turning them into compilable C header files. In this post, I am presenting a tool I developed for exploring the relationship between the original LLVM module and its decompiled C version: rellic-xref.

  • How to evolve a developer's role to address DevSecOps

    As more organizations rely on a cloud-native approach, they need to take the appropriate steps to secure the software delivery lifecycle. DevSecOps creates a culture of security across the entire organization to better address security vulnerabilities – and there’s no better time to adopt this approach than now. In the first quarter of 2022, data breaches increased 14 percent compared to the first quarter of 2021.

  • Python programs as wrappers versus filters of other Unix programs

    One reason I reach for the filter approach is if I have a certain amount of logic that's most easily expressed in a shell script, for example selecting what disks to report SMART data on and then iterating over them. Shell scripts make expanding file name glob patterns very easy; Python requires more work for this. I have to admit that how the idea evolved also plays a role; if I started out thinking I had a simple job of reformatting output that could be done entirely in a shell script, I'm most likely to write the Python as a filter that drops into it, rather than throw the shell script away and write a Python wrapper. Things that start out clearly complex from the start are more likely to be a Python wrapper instead of a filter used by a shell script.

today's leftovers

  • Kubernetes 1.24: Prevent unauthorised volume mode conversion

    Kubernetes v1.24 introduces a new alpha-level feature that prevents unauthorised users from modifying the volume mode of a PersistentVolumeClaim created from an existing VolumeSnapshot in the Kubernetes cluster.

  • curl annual user survey 2022 | daniel.haxx.se

    This is the best and frankly the only way the curl project has to get real feedback from people as to what features that are used and which are not used as well as other details in the project that can help us navigate our future and what to do next. And what not to do next.

  • PikaScript - A lightweight Python implementation that runs on STM32 and other low-end MCUs - CNX Software

    PikaScript is an ultra-lightweight Python engine that can run on microcontrollers with as little as 4KB of RAM and 32KB of Flash, while the more popular MicroPython requires at least 256kB of code space and 16kB of RAM. PikaScript was initially developed to run on STM32G030C8 and STM32F103C8 MCUs, meaning, for example, it works on the BluePill board, but it has also been ported to other platforms like WCH CH582 RISC-V MCU, WinnerMicro W806 C-Sky microcontroller, as well as other like Raspberry Pi RP2040, ESP32-C3, etc… but those are not quite as well supported with some features missing.

  • Continuously measure wind speed and direction with this EMT conduit-mounted station | Arduino Blog

    It seems like DIY weather stations are everywhere, and while most can perform the basic functions of measuring temperature, humidity, and air pressure, the majority are still unable to determine wind speed and direction. In response, Austin Allen from Elation Sports Technologies LLC created his own system that uses an anemometer and weathervane to measure the wind. Both the wind direction sensor and wind speed sensor were secured to sections of EMT conduit with 3D-printed mounts. The speed sensor utilizes a series of internal photo interrupters which get blocked by small plastic tabs whenever the disc spins. By reading the resulting analog voltage output, the connected Arduino Nano can map the value to a speed. The directions sensor uses a single Hall effect sensor combined with a polarized magnet in order to determine the orientation of the resulting magnetic field.

  • NPM, Cargo & PyPi Are Broken By Design - Invidious

    Once again another malicious package is discovered is cargo, and this just goes on the massive and ever growing list of times this has been discovered is repos that don't have 3rd party over sight, like NPM, Cargo, PyPi and more.

    • When Your Smart ID Card Reader Comes With Malware

    Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. But many government employees aren’t issued an approved card reader device that lets them use these cards at home or remotely, and so turn to low-cost readers they find online. What could go wrong? Here’s one example.

  • Hardening in the enterprise: SUSE releases Rancher 2.6.5 and NeuVector 5.0

    SUSE acquisition Rancher is growing up, with a decidedly enterprise-friendly 2.6.5 release and version 5.0 of NeuVector. SUSE appears to be increasingly becoming the container company, and used this year's EU Kubecon event to make its first release of NeuVector since it open-sourced the container security platform earlier this year. Dubbed a "Full Lifecycle Container Security Platform", NeuVector turning up with Rancher is further evidence of an increased folding in of security and scanning into container solutions.

  • How to Fix Playback was terminated abnormallly. Reason: unrecognized format on Celluloid

    If you are getting the error " Playback was terminated abnormally. Reason: unrecognized format" on Celluloid when trying to add an playlist file of a .pls format type, there's a work around this issue without having to reinstall celluloid or doing anything else.

  • How to install WPS Office 2019 on a Chromebook in 2022

    Today we are looking at how to install WPS Office 2019 on a Chromebook and some core fonts like Arial and New Times Roman. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • Linux Administration: Ubuntu Linux Tutorial for Beginners
  • Adam Young: Errors running Keystone pep8

    The command to run the formatting tests for the keystone project is...

  • How to check for updates at login on Debian | FOSS Linux

    Due to increased security risks and ensuring you are running the latest software packages, you might want your system to always check for updates and upgrades on login. This post will guide you on configuring your Debian system to automatically check for updates at login.

  • How To Install Vim Editor on Ubuntu 22.04 LTS - idroot

    In this tutorial, we will show you how to install Vim Editor on Ubuntu 22.04 LTS, as well as some extra required packages by Vim

  • How to install themes on Manjaro Linux

    Manjaro is an eye-catching Linux distro based on Arch Linux. It comes in 3 flavors, including KDE, GNOME, and the lightest XFCE. One of the advantages of being a Manjaro user is that you are not limited to how your desktop appears and functions. This offers you the flexibility to customize your desktop according to your requirements and preferences. This distro also supports an extensive range of desktop and icon themes that you can utilize to boost your system’s look and feel. Into the bargain, these themes are pretty simple to set up on any Linux-based system like Manjaro that we will focus on in this article. This guide will, in detail, demonstrate how to install themes on the Manjaro system. for illustration purposes, we shall use the Mac OS X theme.

  • How to run a shell script on Linux

    One of the most powerful utilities you can use when working with Linux systems is the terminal. Here, you can execute any commands to perform any tasks you might think of – launching an application, installing/ uninstalling applications, creating and deleting files/ directories, etc. However, most users well versed with Linux systems utilize the Terminal to carry out one more task – writing and running shell scripts.

  • 10 things to do after installing Debian

    There are many reasons to select Debian over other Linux distributions out there. First of all, it’s free and open-source, software updates and upgrades can be done smoothly on the terminal, the packages are very secure to download, and it comes with LTS(Long Term Support). In case of glitches, they can be solved by the readily available community of Devs out there. Finally, Debian offers a variety of flavors known as distributions or distros in the geek world for one to choose from; variety gives a user the liberty to choose the distro that one feels most comfortable with. We have Ubuntu, Kali, Arch, etc. For a detailed list, check Debian-based Linux distributions, and for more info on Debian, check out their official website.

  • How to Install Python on Ubuntu 22.04 LTS
  • Umount Command in Linux

    Learn about umount command in Linux to unmount Filesystem. It detaches a filesystem from the file system hierarchy of Linux.

  • PS Command in Linux

