Open Source package managers are one of the most maligned pieces of
software in common use today. I’m here to correct that criticism and
tell developers that it’s not the package managers you hate — it’s
what they’ve made you become. This contains a bit of a history
lesson to explain how we got here today, as well as what I think the
package management world will look like in the future.
Macros are one of the ways to extend Rust syntax. As The
Book calls it,
“a way of writing code that writes other code”. Here, I will talk
about declarative macros, or as it is also called, macros by
example. Examples of declarative macros are vec!, println! and
We recently integrated new functionality into our CrowdStrike Falcon
sensor that was implemented in
Rust. Rust is a relatively young
language with several features focused on safety and
security. Calling Rust from C++ was relatively straightforward, but
one stumbling block we’ve run into is how Rust deals with
out-of-memory (OOM) conditions.
Lately, I’ve been doing a lot more things at the command line. I’m
not a hard-core terminal guy – I use VSCode more than Vim – but I’m
always surprised at the number of complex tasks that can be done
using just the POSIX standard command-line tools like grep, cat
Tools are powerful. A good tool makes work easier and faster, and a
great tool unlocks new abilities: Previously impossible things
become possible and sometimes easy.
As I’ve learned more, I’ve been adding some new tools to my
command-line toolbox, and in this article, I’d like to share some
I’ve found valuable.
Extensions in Swift are great. We can extend structs, classes,
enums, etc., whether we own the code or not, in almost any way we
need. This enables us to do easier initializations, mapping,
convenience functions, protocol implementation (one of my favorites)
and more. There is only one problem.
In Basics of ZFS Snapshot
we demonstrated how snapshots and clones can be used to access data
from a given point in time. In this article, we’ll learn how ZFS
boot environments (BEs) are used to boot the operating system itself
into a previous point in time.
Swift 5.5 introduces a new concept called “effectful read-only
which essentially means that computed properties can now utilize
control flow mechanisms like errors and async operations when
computing their values.
A clean git commit history is often underrated and can be immensely
useful to ease code reviews and understand changes in the future
(potentially in the midst of an outage).
Of course we are talking about the final history here as committed
to the shared repository, not the intermediate history while we are
working on the code. Sometimes the intermediate history is good
enough to be pushed directly, but this is actually fairly rare.
Cleaning up the history might seem tedious at first for marginal
cosmetic benefits, but it gets much easier and faster with
practice. Here I am collecting some tips for cleaning up a git
commit history before publishing it to others, for example in the
form of a pull request.
I have been programming for almost six years now and have used
containers for nearly the entirety of that time. For what comes with
being a programmer, curiosity got the better of me and I started
asking around the question, that what is a container?
module provides a rich set of specialized container data types
carefully designed to approach specific programming problems in a
Pythonic and efficient way. The module also provides wrapper classes
that make it safer to create custom classes that behave similar to
the built-in types dict, list, and str.
Learning about the data types and classes in collections will allow
you to grow your programming tool kit with a valuable set of
reliable and efficient tools.
A calendar system is an attempt to make sense of the passing of time
with respect to astronomical phenomena — the positioning of the Sun,
the Moon and the stars with respect to our unfixed and moveable
Earth. It is perhaps ironic, then, that the widely used Gregorian
calendar system is a cobbled-together mishmash that better reflects
the arbitrariness of history than it does either celestial order or
So when we say
the "batteries included
this is just one reason why. With Postgres, you don't need to
immediately look farther than your own database management system
for a full-text search solution. If you haven't yet given Postgres'
built-in full-text search a try, read on for a simple intro.
Netcat is a tool that reads and writes data across network
connections, using TCP or UDP protocol. Netcat has been referred to
as the TCP/IP / networking swiss army knife. In this article we’ll
look at different applications of netcat and how it can be useful in
day to day activities of a pentester, security professional,
Guile is the Prism. He is high priest and emperor, a man whose
power, wit, and charm are all that preserves a tenuous peace. Yet
Prisms never last, and Guile knows exactly how long he has left to
When Guile discovers he has a son, born in a far kingdom after the
war that put him in power, he must decide how much he's willing to
pay to protect a secret that could tear his world apart.
In the evening I started in The Black
Lightbringer book 1 by Brent Weeks. I've already read the Night Angel
trilogy by the same author and liked this trilogy a lot so I have
high expectations of this series.
CSS can be hard to grasp when you're starting out. It can seem like
magic wizardry and you can very easily find yourself playing
whack-a-mole adjusting one property only to have something else
break. It is frustrating, and that was my experience for quite a
long time before things suddenly seemed to "click".
Reflecting back on this time, I think there are a few key concepts
that were vital to things finally all making sense and fitting
together. These were:
The Box Model (e.g. box-sizing, height, width, margin, padding)
Layout (e.g. display)
Document Flow and Positioning (e.g. position, top, left, etc.)
There are also some useful concepts to keep in mind when building
reusable and composable components.
This booklet is intended to be a catalog of tricks and techniques
you may want to use if you're doing some sort of complex
scripting. Some are just useful, some are more playful, and might
not have such direct impact in your day-to-day life. Some are pure
entertainment. You'll have to judge by yourself which things belong
to which category. I'll try to keep the rhetoric to the minimum to
Have you ever looked at a word or phrase you’re typesetting and
something just looked off about it? It might just be a kerning
problem. Kerning refers to the amount of space between two letters
(or other characters: Numbers, punctuation, etc.) and the process of
adjusting that space to avoid awkward-looking gaps between your
letters and improve legibility. In this article, we will outline how
to kern like a professional designer.
Linux distributions are great to use and they have some tricks under
their sleeves which users may not be aware of. Let’s have a look at
some command line utilities which really come in handy when you’re
the guy that likes to stick with the terminal rather than using a
Dark Patterns are deceptive UX/UI interactions, designed to mislead
or trick users to make them do something they don’t want to do. This
term was coined in 2010 after the boom of ecommerce industries on
the web. In order to generate more sales, get subscriptions, and hit
target numbers in transactions etc., designers and business
associates started creating deceiving user interfaces to manipulate
I view at least half the written content I consume via my mobile
phone, which belongs to the class of phones with a slightly smaller
than average screen. In fact, it’s width as reported by the Firefox
and Chrome viewport simulators is 375 pixels wide, small but not
tiny. And yet many websites I visit hinder my mobile viewing
experience because of a rather simple issue: horizontal scrolling.
If you’re building a new app today, it might be worth taking a
closer look at making it cloud-native and using Kubernetes from the
jump. The effort to set up Kubernetes is less than you
think. Certainly, it’s less than the effort it would take to
refactor your app later on to support containerization.
Dependency Injection is a software design pattern in which an object
receives other instances that it depends on. It’s a commonly used
technique that allows reusing code, insert mocked data, and simplify
testing. An example could be initializing a view with the network
provider as a dependency.
The Zip file format is now 32 years old. You'd think being 32 years
old the format would be well documented. Unfortunately it's not.
I have a feeling this is like many file formats. They aren't
designed, rather the developer just makes it up as they go. If it
gets popular other people want to read and/or write them. They
either try to reverse engineer the format OR they ask for
specs. Even if the developer writes specs they often forget all the
assumptions their original program makes. Those are not written down
and hence the spec is incomplete. Zip is such a format.
Putting images on websites is incredibly simple, yes? Actually, yes,
it is. You use and link it to a valid source in the src
attribute and you’re done. Except that there are (counts fingers)
927 things you could (and some you really should) do that often go
In this post, I’ll summarize what I’ve learned from an attempt to
gain a deeper understanding of two important concepts in
continuation. The aim
is not to teach Python or Scheme programming. Rather, what I want to
do is to demonstrate that generators are special cases of a much
more powerful construct - continuations. Continuations allow
programmers to invent new control structures, and it is the
foundation upon which iterators, generators, coroutines, and many
other useful constructs can be built. I have found it very useful to
understand how generators work from the deeper and broader
perspective of continuations.
This weekend I was talking with a friend about how I'd planned and
estimated a huge software project in one of my previous jobs. By
that I mean not something which can be done by a single team in a
sprint or two, but something which requires several teams, across
several quarters of effort, involving many other departments of
non-engineering team members.
A couple of weeks ago I wrote a short thread on
about the undying argument Is this really bad UI, or is it just you
who are averse to change? — I’m publishing these observations here
simply because it will be easier to find them and reference them in
Docker is one of the tools that has simplified and eased the
development of applications amongst teams. The application is being
packaged in a container shipped and run giving the developers a
better experience during development, testing, and deployment. This
container is being created using a Docker image where all the
application’s dependencies and runtime information are required to
In recent years, developers have embraced this approach because they
do not need to worry about installing all dependencies on their
system. What is needed is just Docker on their computer.
This article will detail the steps to follow whenever we want to
Dockerize our application with Node.js. With that, we mean to
achieve the smooth development experience Docker provides. This
article will not focus on explaining what Docker is but we will look
at a few reasons why we would want to Dockerize our application.
Don’t. Worker pools are not a great fit for Rust due to its ownership
model. Instead, embrace functional programming and immutable
data. Rust provides simpler to use and more elegant tools: parallel
Iterators and Streams.
After the disappointment of my X1
Nano and learning that all
future Intel “Evo”-branded laptops would lack S3 suspend, I started
thinking about returning to my M1 MacBook full-time or building an
OpenBSD desktop. I chose the latter, building my first desktop
machine in many years.
I publish Perl stories on this
blog once a week, and it seems every time there’s at least one
response on social media that amounts to, “I hate Perl because of
its weird syntax.” Or, “It looks like line noise.” (Perl seems to
have outlasted that one — when’s the last time you used an acoustic
modem?) Or the quote attributed to Keith
Bostic: “The only language that looks the same
before and after RSA encryption.”
So let’s address, confront, and demystify this hate. What are these
objectionable syntactical, noisy, possibly encrypted bits? And why
does Perl have them?
The best case depth for a search tree is O(logbn),
if b is the arity (or branching) of the tree. Intuitively, we know
that if we increase b, the depth goes down, but is that all there
is to it? And if not, how do we chose the optimal branching b?
Many git tutorials focus on a set of commands and instructions to
“get you up to speed” in git, without addressing the underlying
concept of “how git works”. While the commands are important, I
feel it’s more important for you to understand what’s going on
behind the scenes.
My last post on this topic
caught some attention, so I’m going to continue exploring some of
the systemd features that may be useful to people writing network
services. Here are some more things about socket activation I didn’t
cover in the previous post.
Firstly, it’s not something that needs a binding to a specific
library to work (although systemd does make one available for this
task). It uses conventions that already exist in Unix, and have done
for a long time. The network sockets are presented as file
descriptors, and some information about them as environment
On many Linux systems, systemd-journald runs as a daemon at boot and
collects your logs. You can access them through journalctl but it
turns out journald is a lot more complicated then just sending
something to a text file. I’ll look at two main things here: What
kind of information is included in a journald entry and how these
entries get from programs to journald.
It's often said that the internet has democratized education: the
sum of human knowledge is only a Google search away! And yet, having
access to information is only half of the story; you also need to be
able to convert raw information into usable skills.
Many people have contributed to developing and promoting the use of
regular expressions since they were invented about half a century
ago. Here's a short list of some of the most influential people
behind the technology. I've written this up for two reasons:
For people who've only gotten into the technology recently but
are interested in some of the history and pioneers behind it.
Since I fit the above description, I'm hoping readers will help
fill me in on other people I've forgotten about or otherwise left
Most of the time you can get away with a fairly simple security
posture on NixOS. Don't run services as root, separate each service
into its own systemd units, don't run packages you don't trust the
heritage of and most importantly don't give random people shell
access with passwordless sudo.
Sometimes however, you have good reasons to want to lock everything
down as much as humanly possible. This could happen when you want to
create production servers for something security-critical such as a
bastion host. In this post I'm going to show you a defense-in-depth
model for making a NixOS server that is a bit more paranoid than
usual, as well as explanations of all the moving parts.
I’ve sometimes seen people asking about dependency management,
hooks, tracking bugs and other sort of higher level (to me) things
than git provides. You can see this if you look at stackoverflow
questions about submodules. What’s wrong with submodules? Well,
compared to what exactly? When I do a clone of a project and run
yarn install, it gives me a list of CVEs that match. When I do a
bundle exec it loads my project and has an opportunity (with a very
high level of context) to tell me that I’ve forgotten to run
migrations or run yarn update in a while. You don’t get this with
git. Maybe these examples are too web-tech specific. But I’d like to
suggest that this pattern will probably apply to Go, Rust and
whatever else. Git is below your project and your project is trying
to get better stuff done. So stop trying to solve your problem with
Git and listen to how a few other communities do their thing.
Recently, I ran into a situation where I needed a test database with
lots of rows and needed it fast. So I did what any programmer would
do: wrote a Python script to generate the DB. Unfortunately, it was
slow. Really slow. So I did what any programmer would do: went down
the rabbit hole of learning more about SQLite, Python, and
eventually Rust… in my quest to get a 1B row database under a
minute. This blog post is a summary of this fun and educational
XML had a goal: terseness is of minimal importance. JSON seems to
prove otherwise, some people think. But does JSON really demonstrate
that terseness of markup is important, or does it even moreso
demonstrate the terseness of declaration is important. I suggest one
change that would give XML a lot more bang per buck.
This post discusses some options for accessing PostgreSQL databases
from Go. I'll only be covering low-level packages that provide
access to the underlying database; this post is not about ORMs,
which were covered earlier in this
In the next few days those using M1 Macs will be updating to Big Sur
11.5, blissfully ignorant of how, as an admin user, their Mac could
refuse to update. Because now, in addition to regular users, admin
users and root, there’s another class of admin user: the Owner. Let