Plurrrr

a tumblelog
week 20, 2019

The Fifth Season: highly recommended

In the afternoon I finished The Fifth Season by N.K. Jemisin. What a great read; I loved it.

The book reminded me a little of some of the works of the late Tanith Lee. I don't mean that the story is similar to any of her books, but that it gave me the same feeling of wonder.

So, if you like The Fifth Season I recommend you to check out The Birthgrave Trilogy, consisting of

Or, the Wars of Vis trilogy consisting of

Pylint and Flake8 online

In the afternoon I fixed a few issues as reported by Pylint online for the tumblelog.py program. The slightly updated version, 1.0.3, is available on GitHub.

The Obelisk Gate

In the evening I started in The Obelisk Gate by N.K. Jemisin, the sequel to The Fifth Season. I am looking forward to reading it because the first book in the Broken Earth trilogy was fantastic.

In the afternoon my mother and I walked into the town centre to have a coffee. On the way back I took photos of some plants for sale, including succulents planted in a metal bowl.

Succulents in a metal bowl Succulents planted in a metal bowl.

Indentation in Emacs

In the evening I read The Ultimate Guide To Indentation in Emacs (Tabs and Spaces). I am interested in this because I am working on a project that uses hard tabs in JavaScript but spaces in Perl source. And since the default tab width is 8 in my Emacs set up this makes for very wide lines in the former case.

What I currently use is changing Emacs's idea of the character's length by evaluating the following Emacs Lisp code:

(setq-default tab-width 4)

But I am going to study the suggested configuration in the article mentioned above and most likely add it to my Emacs configuration.

Scotch rose flowering

On the way back from physiotherapy I took a few photos of a Scotch rose flowering. I am getting physiotherapy for my knee because I broke my knee cap during a bad fall back in November 2018.

Scotch rose, Rosa spinosissima, flowering Scotch Rose, Rosa spinosissima, flowering.

Minor update to tumblelog

In the evening I made a minor adjustment to both the Perl and Python version of tumblelog, the program that creates this website. I had noticed that when hovering over a week number in the archive section of this blog that the week number and year where shown, separated by a -; which is the title of the link.

Since there is a --label-format option which is already used to create a label showing the week and year in a user configurable way, I used this format to render a better title. For example for the 20th week of 2019 instead of '20-2019' it now displays 'week 20, 2019' on hovering for the default value of --label-format.

You can get the latest version of tumblelog via my GitHub repository.

Things you’re probably not using in Python 3 – but should

Many people started switching their Python versions from 2 to 3 as a result of Python EOL. Unfortunately, most Python 3 I find still looks like Python 2, but with parentheses (even I am guilty of that in my code examples in previous posts – Introduction to web scraping with Python). Below, I show some examples of exciting features you can only use in Python 3 in the hopes that it will make solving your problems with Python easier.

This article, Things you’re probably not using in Python 3 – but should, just reminded me that I probably should look into adding type hinting to the Python version of tumblelog.

SHA1 should no longer be used anymore

Everyone should switch to (in order of preference):

  • BLAKE2b / BLAKE2s
  • SHA-512/256
  • SHA3-256
  • SHA-384
  • Any other SHA2-family hash function as a last resort

...unless they're storing passwords! In which case, they should switch to (in order of preference):

  • Argon2id with memory >= 32MiB, >= 2 rounds, and >= 2 parallelism
  • scrypt / yescrypt with memory >= 32 MiB, >= 4 rounds, and >= 1 parellelism
  • bcrypt (for PHP devs, password_hash() and password_verify() does the trick)
  • PBKDF2-SHA512 with 85,000 iterations as a last resort

But SHA1 should no longer be used anymore. No excuses.

― Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprises.

Source: SHA-1 collision attacks are now actually practical and a looming danger.

How does Docker work?

How does Docker actually work? It’s a simple question that has a surprisingly complex answer. You’ve probably heard the terms “daemon” and “runtime” thrown around, but never really understood what they meant and how they fit together.

In the evening I read How does Docker work? by Cameron Lonsdale, a (very) technical walk-through of how Docker works.

Blocking domains with Postfix

My experience is that top level domains like .icu, .win, .trade, etc. are a source of spam. Because I don't expect actual email from those domains I decided to blacklist those domains as well as several countries in Postfix.

Read my latest blog post: Blacklisting domains with Postfix.

Archive