a tumblelog

Intuitive Guide to Convolution

Like making engineering students squirm? Have them explain convolution and (if you're barbarous) the convolution theorem. They'll mutter something about sliding windows as they try to escape through one.

Source: Intuitive Guide to Convolution.

Everything curl – Trace Options

There are times when -v is not enough. In particular, when you want to store the complete stream including the actual transferred data.

For situations when curl does encrypted file transfers with protocols such as HTTPS, FTPS or SFTP, other network monitoring tools (like Wireshark or tcpdump) will not be able to do this job as easily for you.

For this, curl offers two other options that you use instead of -v.

Source: Trace options - Everything curl

Configuring Git for Work

You can override your globally configured email inside individual repositories, allowing you to use your work email for work-related repos. Setting this up for each repo—and remembering to do so—is cumbersome. Luckily, there is an easier way to accomplish this for all repos within a certain directory.

Source: Configuring Git for Work, an article by Philipe Fatio.

Life inside a docker container

To understand how Docker works, we need to understand how the outside world interacts with it, and how it looks on the inside.

Source: Life inside a docker container, an article by Omkar Birade.

Introspection in Python

Let’s investigate how you can use built-in Python tools to both:

  • find out exactly what any module can do, and
  • find out exactly how Python will execute your code.

This makes debugging Python code much easier than in other languages I’ve used. You can ask any object what it does and what data it holds - and this is built in to the language!

Source: Python objects speak for themselves.

Interviewing Apple about its Mac silicon revolution

Some time ago, in an Apple campus building, a group of engineers got together. Isolated from others in the company, they took the guts of old MacBook Air laptops and connected them to their own prototype boards with the goal of building the very first machines that would run macOS on Apple's own, custom-designed, ARM-based silicon.

Source: “We are giddy”—interviewing Apple about its Mac silicon revolution, an article by Samuel Axon.

The "ARM™ Powered" mug

Back in the 90's I was able to get one of the official "ARM™ Powered" mugs for free. I hope that in the near future its possible to run Linux on an Apple silicon powered Mac mini so I can upgrade to such a machine. I've liked the ARM architecture ever since I read about it in Byte magazine and have fond memories of using an Acorn Archimedes A310 for many years.

The "ARM™ Powered" mug
The "ARM™ Powered" mug.

Building Your Color Palette

Ever used one of those fancy color palette generators? You know, the ones where you pick a starting color, tweak some options that probably include some musical jargon like "triad" or "major fourth", and are then bestowed the five perfect color swatches you should use to build your website?

This calculated and scientific approach to picking the perfect color scheme is extremely seductive, but not very useful.

Source: Building Your Color Palette.

CSS Reset for better Flexbox and CSS Grid responsive layout

This is a CSS Reset for Flexbox and CSS Grid which helps you to avoid issues in responsive layouts. It is one simple CSS rule which I noticed in a UI framework. There aren’t any odd consequences and I wish it was by default in all browsers.

Source: CSS Reset for better Flexbox and CSS Grid responsive layout, an article by Andrej Gajdos.

How variables are implemented in CPython

Consider a simple assignment statement in Python:

a = b

The meaning of this statement may seem trivial. What we do here is take the value of the name b and assign it to the name a, but do we really? This is an ambiguous explanation that gives rise to a lot of questions:

  • What does it mean for a name to be associated with a value? What is a value?
  • What does CPython do to assign a value to a name? To get the value?
  • Are all variables implemented in the same way?

Today we'll answer these questions and understand how variables, so crucial aspect of a programming language, are implemented in CPython.

Source: Python behind the scenes #5: how variables are implemented in CPython, an article by Victor Skvortsov.

Transitioning from Docker to Podman

Podman is an excellent alternative to Docker containers when you need increased security, unique identifier (UID) separation using namespaces, and integration with systemd. In this article, I use real-world examples to show you how to install Podman, use its basic commands, and transition from the Docker command-line interface (CLI) to Podman. You’ll also see how to run an existing image with Podman and how to set up port forwarding.

Source: Transitioning from Docker to Podman, an article by Cedric Clyburn.

Getting started with Random Matrices: A Step-by-Step Guide

In the Deep Learning (DL) age, more and more people have encountered and used (knowingly or not) random matrices. Most of the time this use is limited to the initialization of the networks weights, that can be accomplished with a single line of code in your favorite DL framework. However, Random Matrices have a rich mathematical theory with far reaching applications in physics, network theory, machine learning, finance, etc. This fascinating range of applications also means that each field often developed its dedicated terminology to describe the same mathematical concept, often with confusing consequences. The aim of this article(s) is to introduce Random Matrix Theory (RMT) from a physicist's perspective while trying to relate different tools and terminology, especially across the math and physics literature. Although you do need to know basic calculus, I will try to introduce new concepts and give references in case you would like to go deeper.

Source: Getting started with Random Matrices: A Step-by-Step Guide, an article by Mirco Milletarì.

Using Arrow Functions in Javascript – The Why and How

Since arrow functions were introduced in ES6, they have become increasingly popular, changing the look and function of regular functions.

I love arrow functions; I use them all the time. In fact, they have grown so popular that you rarely see the function keyword anymore, though I can assure you it is still used. I almost always use arrow functions in place of the function keyword.

This is a short guide about Javascript arrow functions.

Source: Using Arrow Functions in Javascript – The Why and How.

Harry Potter and the Chamber of Secrets (2002)

An ancient prophecy seems to be coming true when a mysterious presence begins stalking the corridors of a school of magic and leaving its victims paralyzed.

In the evening we watched Harry Potter and the Chamber of Secrets (2002). I give this movie a 7.5 out of 10.

An Introduction to ZFS

ZFS has become increasingly popular in recent years. ZFS on Linux (ZoL) has pushed the envelope and exposed many newcomers to the ZFS fold. iXsystems has adopted the newer codebase, now called OpenZFS, into its codebase for TrueNAS CORE. The purpose of this article is to help those of you who have heard about ZFS but have not yet had the opportunity to research it.

Our hope is that we leave you with a better understanding of how and why it works the way it does. Knowledge is key to the decision-making process, and we feel that ZFS is something worth considering for most organizations.

Source: An Introduction to ZFS A Place to Start, an article by Nick Fusco.

Introducing SwiftNIO SSH

I am delighted to introduce a new open source project for the Swift Server ecosystem, SwiftNIO SSH. Distributed as a Swift package, SwiftNIO SSH is designed to enable Swift developers to interact with the SSH network protocol.

Source: Introducing SwiftNIO SSH, an article by Cory Benfield.

Better Python console apps with Rich

Recently I've been working on a few internal tools for my company, Teclado. Things like web scrapers to collect data and store it in a database, or simple tools to make people's jobs easier.

Because these are intended for a very small audience who are doing very specific tasks, I normally make console applications. And console applications can be tricky to use (and look hideous) most of the time.

Rich is a Python library that changes that completely. My new console apps are a joy to use, look great, and it's super easy to create them.

In this post, let me tell you about Rich and how I've been using it. I'm not a Rich expert by any means, but I hope it helps!

Source: Better Python console apps with Rich, an article by Jose Salvatierra.

How to unit-test a private (non-exported) function in JavaScript

When writing unit-tests for JavaScript modules, we often encounter a dilemma wherein the module has some private functions that have not been exported. Testing a function that has been exported is easy since it can be imported in the unit testing framework, and the functionality can be tested. But how to unit-test a private (non-exported) function?

Source: How to unit-test a private (non-exported) function in JavaScript, an article by Saransh Kataria.

Refactoring a Loop That Was Trying Too Hard

The bug was difficult to fix because the code was so complex. I wasn’t really able to fix it until I simplified the code. Once the code was simplified the bug was easy to fix. While doing this I found an anti-pattern that I now call “One loop trying too hard”.

Source: Refactoring a Loop That Was Trying Too Hard, an article by Tom Limoncelli.

Adam's Acanthoscurria geniculata

In the early evening I managed to remove the lid of the enclosure of Adam's Acanthoscurria geniculata without disturbing the spider. The juvenile female tarantula was resting on top of its burrow, so I took several photos. She's very skittish and most of the time when I remove the lid she hides from view immediately.

Acanthoscurria geniculata resting on top of her burrow
Acanthoscurria geniculata resting on top of her burrow.

Firefox 83 introduces HTTPS-Only Mode

Security on the web matters. Whenever you connect to a web page and enter a password, a credit card number, or other sensitive information, you want to be sure that this information is kept secure. Whether you are writing a personal email or reading a page on a medical condition, you don’t want that information leaked to eavesdroppers on the network who have no business prying into your personal communications.

That’s why Mozilla is pleased to introduce HTTPS-Only Mode, a brand-new security feature available in Firefox 83. When you enable HTTPS-Only Mode:

  • Firefox attempts to establish fully secure connections to every website, and
  • Firefox asks for your permission before connecting to a website that doesn’t support secure connections.

Source: Firefox 83 introduces HTTPS-Only Mode, an article by Christoph Kerschbaumer, Julian Gaibler, Arthur Edelstein, and Thyla van der Merwe.

How to Build HTML Forms Right: User Experience

As you build out forms for the web, getting the semantics, accessibility, and styling right is a lot of work. If you can get all those right, you’re doing quite well for yourself. However, there are still some thing we can do to make life better for the folks filling out our forms.

In this article, we’ll look at some of the do’s and don’ts about HTML form user experience (UX)

Source: How to Build HTML Forms Right: User Experience, an article by Austin Gil.

What’s changed in Bootstrap 5?

Bootstrap 5 is currently in its 3rd alpha release. The plan seems to be to release Bootstrap 5 to the public as a final version near the end of the year. In one of our recent projects we already went ahead with using it, anticipating that the underlying logic wouldn’t change that much from now until the release.

So let’s talk about some of the most important changes in Bootstrap 5.

Source: What's changed in Bootstrap 5?, an article by Johan Ronsse.

Batteries included with Emacs

Emacs as shipped does a lot more than meets the eye, and external package functionality often partially replicates built in behavior.

Source: Batteries included with Emacs.

The 2020 Mac Mini Unleashed

Since a few days, we’ve been able to get our hands on one of the first Apple Silicon M1 devices: the new Mac mini 2020 edition. While in our analysis article last week we had based our numbers on the A14, this time around we’ve measured the real performance on the actual new higher-power design. We haven’t had much time, but we’ll be bringing you the key datapoints relevant to the new Apple Silicon M1.

Source: The 2020 Mac Mini Unleashed: Putting Apple Silicon M1 To The Test, an article by Andrei Frumusanu.

Nginx Hardening Guide

Nginx is a lightweight, open-source, robust, high-performance HTTP server and a reverse proxy. It’s the most popular web server, beating Apache and IIS.

Nginx is recognized for its stability, performance, rich feature set, easy configuration, and low resource consumption.

While the default configurations are favoured by most people, they are not secure enough, and extra tweaks are needed to reinforce the web server.

Here, we will look into some actions you can take to strengthen and improve Nginx server security.

Source: Nginx Server Security: Nginx Hardening Guide, an article by Manieendar Mohan.

cut vs. awk

So, what does it mean to do one thing and do it well? Well, awk has been a staple of any UNIX diet since the late 1970s. I think it's a lovely little tool which I use even for rather mundane tasks. It's certainly changed a bit over the years, but the core concept of the language remains the same. Still, it's a complete programming language and can do a lot more than a simple, single-purpose command.

The cut command is slightly newer, but like awk, it's a part of the POSIX standard. It can also hardly be considered to have suffered much feature creep: it's got a rather stringent set of parameters and really does just one thing, which is cutting a smaller piece of text out of a larger piece of text.

The question is of course, does the UNIX philosophy still hold up? Is it always better to have one small program doing one thing well, as opposed to a slightly bigger program doing many things? Let's examine this by performing a simple task with two slightly different twists.

Source: cut vs. awk, an article by Carl Svensson.

Term Rewriting

Continuing on from our series last week, this time we’re going to discuss the topic of term rewriting. Term rewriting is a very general model of computation that consists of programmatic systems for describes transformations (called rules) which transform expressions called terms into other sets of terms.

Source: Exotic Programming Ideas: Part 2 (Term Rewriting), an article by Stephen Diehl.

Serverless APIs: Lessons learned

If you are thinking about or never heard that building completely serverless APIs was possible? This post is for you. I’m going to compile a few lessons I’ve learned in the past 3-4 years while shipping a few production projects and dealing with no servers at all.

Source: Serverless APIs: Lessons learned, an article by Igor Escobar.

Image Processing in Python: Algorithms, Tools, and Methods

Images define the world, each image has its own story, it contains a lot of crucial information that can be useful in many ways. This information can be obtained with the help of the technique known as Image Processing.

It is the core part of computer vision which plays a crucial role in many real-world examples like robotics, self-driving cars, and object detection. Image processing allows us to transform and manipulate thousands of images at a time and extract useful insights from them. It has a wide range of applications in almost every field.

Python is one of the widely used programming languages for this purpose. Its amazing libraries and tools help in achieving the task of image processing very efficiently.

Through this article, you will learn about classical algorithms, techniques, and tools to process the image and get the desired output.

Source: Image Processing in Python: Algorithms, Tools, and Methods You Should Know, an article by Neetika Khandelwal.

An Interactive Introduction to Fourier Transforms

Fourier transforms are a tool used in a whole bunch of different things. This is an explanation of what a Fourier transform does, and some different ways it can be useful.

Source: An Interactive Introduction to Fourier Transforms, an article by Jez Swanson.

Git Rebase: Don’t be Afraid of the Force (Push)

While contributing to a big OSS project it’s quite useful to know how to do a Git rebase. And more importantly: don’t be afraid of the Git force push. In this post I will write a little about the why and the how.

Source: Git Rebase: Don't be Afraid of the Force (Push), an article by Gerald Versluis.

Python Internals Serie : Subprocess.Popen

The purpose of this serie is to review some parts of the CPython’s code.

Why ?

Well there are multiple reasons :

  • Because we can. The project is opensource and the source code is freely available here :
  • I strongly believe that we, as developpers, can learn a lot by studying good and clean code. And I think we can safely assume that CPython’s code, which is used practicaly everywhere, meet this crietria.
  • I also think that studying python internals can make us better python programmers, for example ever wondered why changing sys.stdout seems to have no effect on subprocesses ? Well at the end of this article You will know why.

Source: Python Internals Serie : Subprocess.Popen, an article by Yassir Karroum.

Why I Teach vim

The why of why people use vim has been covered fairly extensively, so I thought I would spend a little time explaining why I teach vim to my high school students, even in 2020.

Source: Why I Teach vim, an article by Adam Michlin.

Chappie (2015)

In the near future, crime is patrolled by a mechanized police force. When one police droid, Chappie, is stolen and given new programming, he becomes the first robot with the ability to think and feel for himself.

In the evening we watched Chappie. I liked the movie and give it a 7.5 out of 10.

Type Hints in Python

Though Python is not a strictly typed language, you can still give a hint of a variable's data type.

Source: Type Hints in Python.

macOS 11.0 Big Sur: The Ars Technica review

For the first time in almost two decades, Apple has decided to bump up the version number of the Mac’s operating system. The change is meant to call attention to both the pending Apple Silicon transition—Big Sur will be the first macOS version to run on Apple’s own chips, even if it’s not the first to require those chips—and to an iPad-flavored redesign that significantly overhauls the look, feel, and sound of the operating system for the first time in a long while. Even the post-iOS-7 Yosemite update took pains to keep most things in the same place as it changed their look.

Source: macOS 11.0 Big Sur: The Ars Technica review, an article by Andrew Cunningham.

Anchor Points for Webbing

In the early evening I commented on a terrarium video posted on Facebook that if I was the owner of the terrarium I would provide more higher anchor points to the Chromatopelma cyaneopubescens shown webbing around. I keep this species in a plastic container with quite some height as I understand that this species can be found several feet above the ground:

Chromatopelma cyaneopubescens live in extreme xeric conditions in sandy thorn tree/cactus forests on the Paraguana Peninsula of Venezuela. This species is an "opportunistic burrower", whereby, they will make their silken retreats in the dried fissures of the ground, in old dried and piled up cacti, at the base of large thorny trees or up in the natural cavities of those thorny acacia tree ... basically, wherever the prey availability forces them to make their retreat. The trees are rarely higher than 12 feet and either cracks in the tree or natural tree cavities are never above 6 feet.

There are MANY theraphosid taxa that live high in trees that are not true arboreals AND there are true arboreals that have been found living in fossorial ground burrows or under fallen logs lying on the ground.

Source: Chromatopelma cyaneopubescens-- Arboreal vs Terrestrial.

Chromatopelma cyaneopubescens webbing using various anchor points
Chromatopelma cyaneopubescens webbing using various anchor points.
Chromatopelma cyaneopubescens webbing using various anchor points
Chromatopelma cyaneopubescens webbing using various anchor points.

So I keep this species without a water dish on dry coco peat with only a small part kept moist. I also place a drop of water on the web near the spider now and then. On the 8th of April, 2020 I could take photos of this specimen taking moisture from the substrate.

M1 Memory and Performance

The M1 Macs are out now, and not only does Apple claim they're absolutely smokin', early benchmarks seem to confirm those claims. I don't find this surprising, Apple has been highly focused on performance ever since Tiger, and as far as I can tell hasn't let up since.

One maybe somewhat surprising aspect of the M1s is the limitation to "only" 16 Gigabytes of memory. As someone who bought a 16 Kilobyte language card to run the Merlin 6502 assembler on his Apple ][+ and expanded his NeXT cube, which isn't that different from a modern Mac, to a whopping 16 Megabytes, this doesn't actually seem that much of a limitation, but it did cause a bit of consternation.

Source: M1 Memory and Performance, an article by Marcel Weiher.

Introduction to Go Modules

I’ve seen many people online talk about liking Go and using it, but being confused by its dependency system, called Go modules. This blog post aims to provide a simple introduction with examples. It focuses mostly on Unix-based systems like Linux and macOS over Windows.

This post does not cover all possible ways of using Go modules. It’s just a simple introduction with the most common use cases.

Source: Introduction to Go Modules.

Charles proxy for web scraping

Charles proxy is an HTTP debugging proxy that can inspect network calls and debug SSL traffic. With Charles, you are able to inspect requests/responses, headers and cookies. Today we will see how to set up Charles, and how we can use Charles proxy for web scraping. We will focus on extracting data from Javascript-heavy web pages and mobile applications.

Source: Charles proxy for web scraping, an article by Kevin Sahin.

Booting a macOS Apple Silicon kernel in QEMU

I booted the arm64e kernel of macOS 11.0.1 beta 1 kernel in QEMU up to launchd. It’s completely useless, but may be interesting if you’re wondering how an Apple Silicon Mac will boot.

Source: Booting a macOS Apple Silicon kernel in QEMU.

Building a Homelab VM Server (2020 Edition)

For the past five years, I’ve done all of my software development in virtual machines (VMs). Each of my projects gets a dedicated VM, sparing me the headache of dependency conflicts and TCP port collisions.

Three years ago, I took things to the next level by building my own homelab server to host all of my VMs. It’s been a fantastic investment, as it sped up numerous dev tasks and improved reliability.

In the past few months, I began hitting the limits of my VM server. My projects have become more resource-hungry, and mistakes I’d made in my first build were coming back to bite me. I decided to build a brand new homelab VM server for 2020.

Source: Building a Homelab VM Server (2020 Edition), an article by Michael Lynch.

Alice handling an Aphonopelma seemanni

In the evening Alice held the female adult Aphonopelma seemanni I keep. Currently, this tarantula is held in a smaller enclosure so her main enclosure can dry out a bit.

Alice holding a female Aphonopelma seemanni
Alice holding a female Aphonopelma seemanni.

Systematically removing code

It's easy to miss things when removing code, leaving behind unused methods, templates, CSS classes or translation keys. (Especially in a dynamic language like Ruby, without a compiler to help you spot dead code.)

I avoid this by removing code systematically, line by line, depth-first.

This is one of those things that seems obvious when you do it, but in my experience, many people do it haphazardly.

Source: Systematically removing code, an article by Henrik Nyh.

How To Write Unit Tests For Logging

Once in a while I get asked the question whether one should write solitary tests for logging functionality. My answer to this question is the typical consultant answer: “It depends”. In essence, logging is an infrastructure concern. The end result is log data that is being written to a resource which is external to an application. Usually the generated data ends up in a file, a database or it might even end up in a cloud service.

Source: How To Write Unit Tests For Logging, an article by Jan Van Ryswyck.

Fixing leaky logs: how to find a bug and ensure it never returns

I lay out a case for moving security enforcement into the hands of developers. I show how I and another developer at r2c successfully identified data leakage in our logs, fixed the issue, and prevented it from happening in the future. We did this in a matter of hours, without assistance from our AppSec team.

Source: Fixing leaky logs: how to find a bug and ensure it never returns, an article by Nathan Brahms.