Plurrrr

a tumblelog
week 18, 2021

Green Threads Explained in 200 Lines of Rust

Green threads, userland threads, goroutines or fibers, they have many names but for simplicity's sake I'll refer to them all as green threads from now on.

In this article I want to explore how they work by implementing a very simple example where we create our own green threads in 200 lines of Rust code. We'll be explaining everything along the way so our main focus here is to understand them and learn how they work by using simple, but working example.

Source: Green Threads Explained in 200 Lines of Rust.

How to setup secure file servers (SSH/SFTP)

Sharing files is one of the oldest but also most delicate tasks on servers. If you would like to share your files in a simple but also pretty secure way, here is how to do it with SSH / SFTP.

Source: How to setup secure file servers (SSH/SFTP), an article by Andreas Fuhrich.

Tox: standardise testing in Python

tox is a generic virtualenv management and test command line tool you can use for:

  • checking that your package installs correctly with different Python versions and interpreters
  • running your tests in each of the environments, configuring your test tool of choice
  • acting as a frontend to Continuous Integration servers, greatly reducing boilerplate and merging CI and shell-based testing.

Source: Welcome to the tox automation project.

What I Learned by Relearning HTML

I’ve worked on websites for several years, both professionally and for side projects. One day, I reflected on the fact that all of my web development education had come from actually making websites. In most cases, I’d have a specific problem, Google how to solve it, and learn something new in the process.

I wondered what I was missing by never learning HTML in a comprehensive way. Forget CSS and JavaScript. I’m just talking about raw HTML. It might seem silly to go back to such a basic aspect of web development after a decent amount of experience, but it’s easy to become overconfident with a skill just because you know enough to do a few useful things.

So I decided to relearn HTML and discover my unknown unknowns.

Source: What I Learned by Relearning HTML, an article by Danny Guo.

SQLite Pragma Cheatsheet for Performance and Consistency

SQL pragma are statements (like SELECT … or CREATE TABLE …) that change the database behaviors or call a special functions. This post is a short list of SQLite pragma I use in my projects built on SQLite, to get better performance and more consistency.

Source: SQLite Pragma Cheatsheet for Performance and Consistency, an article by Clément Joly.

Styling Ordered Lists with CSS Counters

Here's a scenario I find myself in now and then: I want an ordered list, and I want it to be pretty.

Source: How to style "ol" tags with CSS, an article by Joshua Comeau.

How to optimize ORDER BY RANDOM()

Tom Witowsky (@devgummibeer) shared on Twitter a scaling issue with his service opendor.me, which helps any developer share and highlight their open source work. As the service grows, more and more data is stored in the database and needs to be browsed. One particularly slow query that he needed help optimizing is fetching random users, organizations, and repositories that are already part of the service.

Source: How to optimize ORDER BY RANDOM(), an article by Tobias Petry.

Cryptographic shuffle

What if I needed to shuffle a list but couldn't hold the whole thing in memory? Or what if I didn't want to shuffle a list, but just traverse it in a shuffled manner? (That is, visit each element once and only once, in a randomized way.) What if I wanted to traverse it, but didn't want to precompute or store the traversal for some reason?

This would allow me to publish items from a list in an order that was unpredictable from the outside, but in fact deterministic and based on a secret key, and without precomputing anything (or worrying about collisions). Or I could use it to assign small non-sequential IDs that would eventually saturate the space of n-character strings in a pseudorandom order, obscuring the true size of the set for anyone who could just view some subset of the assigned IDs. They wouldn't even be able to tell if there were gaps in the list of IDs they could observe.

Source: Cryptographic shuffle, an article by Tim McCormack.

The Rustonomicon

The Rustonomicon digs into all the awful details that you need to understand when writing Unsafe Rust programs.

Should you wish a long and happy career of writing Rust programs, you should turn back now and forget you ever saw this book. It is not necessary. However if you intend to write unsafe code — or just want to dig into the guts of the language — this book contains lots of useful information.

Source: The Rustonomicon.

The quest for faster Python

Facebook has released Cinder, used internally in Instagram to improve Python performance, while another faster Python, called Pyston, has released version 2.2 and made the project open source (again).

Python is the world's second most popular programming language (after JavaScript) according to some surveys; but it is by no means the fastest. A glance at benchmarks tells us that Python 3 computation is often many times slower than compiled languages like C and Go, or JIT (Just-in-Time) compiled languages like Java and JavaScript.

One reason is that the official implementation of Python, called CPython, is an interpreted, dynamic language, and its creator Guido Van Rossum has resisted optimising it for performance, saying in 2014 that "Python is about having the simplest, dumbest compiler imaginable, and the official runtime semantics actively discourage cleverness in the compiler like parallelizing loops or turning recursion into loops."

Source: The quest for faster Python: Pyston returns to open source, Facebook releases Cinder, or should devs just use PyPy?, an article by Tim Anderson.

Making the Internet more secure one signed container at a time

With over 16 million pulls per month, Google’s distroless base images are widely used and depended on by large projects like Kubernetes and Istio. These minimal images don’t include common tools like shells or package managers, making their attack surface (and download size!) smaller than traditional base images such as ubuntu or alpine. Even with this additional protection, users could still fall prey to typosquatting attacks, or receive a malicious image if the distroless build process was compromised – making users vulnerable to accidentally using a malicious image instead of the actual distroless image. This problem isn’t unique to distroless images – until now, there just hasn’t been an easy way to verify that images are what they claim to be.

Source: Making the Internet more secure one signed container at a time, an article by Priya Wadhwa and Jake Sanders.

Ecdysis of Acanthoscurria geniculata

In the afternoon I noticed that Adam's Acanthoscurria geniculata was upside down. It was about to molt soon. It had webbed a mat on top of its burrow and a plastic leaf the previous night.

Acanthoscurria geniculata upside down on its silk mat
Acanthoscurria geniculata upside down on its silk mat.

The spider had been lethargic for weeks, a possible sign of an upcoming molt (ecdysis).

Acanthoscurria geniculata, right, and its exuviae, left
Acanthoscurria geniculata, right, and its exuviae, left.

When I checked again on the tarantula, slightly over 4 hours later, it was resting upside down next to its molt (exuviae). It's best to leave the spider in peace as much as possible during this delicate process.

Acanthoscurria geniculata freshly molted
Acanthoscurria geniculata freshly molted.

In the evening I carefully removed the exuviae. This can be used to determine the sex of the tarantula. The tarantula was bought as a female and now I could confirm this by examining the inside of the abdomen between the first pair of book lungs.

Spermathecae of a juvenile Acanthoscurria geniculata
Spermathecae of a juvenile Acanthoscurria geniculata.

In the above photo, taken with an iPhone 6S and macro lens the spermathecae are barely visible. But good enough to confirm that this is indeed a female.

Now the spider has to harden out before it can get its first meal. Best is to wait about 2 weeks.

awk is the coolest tool you don't know

awk, named for its authors Aho, Weinberger, and Kernighan, is a very cool little tool that you know exists and is installed on your system, but you have never bothered to learn how to use. I’m here to tell you that you really ought to!

If I stop for a moment to ponder the question, “what is the coolest tool in Unix?”, the immediate answer is awk. If I insist on pondering it for longer, giving each tool a moment for fair evaluation, the answer is still awk. There are few tools as perfectly suited to their problem as awk is.

Source: awk is the coolest tool you don't know, an article by Drew DeVault.

Server-sent events in Flask without extra dependencies

Server-sent events (SSE) is a mechanism for sending updates from a server to a client. The fundamental difference with WebSockets is that the communication only goes in one direction. In other words, the client cannot send information to the server. For many usecases this is all you might need. Indeed, if you just want to receive notifications/updates/messages, then using a WebSocket is overkill. Once you’ve implemented the SSE functionality on your server, then all you need on a JavaScript client is an EventSource. Trust me, it’s very straightforward.

Source: Server-sent events in Flask without extra dependencies, an article by Max Halford.

The Simple Tricks to Make Your Website Blazing Fast

Web application load speed is the most basic part of UX. Neglecting performance (load time) of your website can drive away users, because most people tend to leave the page after about 3 seconds if it doesn't load, therefore it's very important to make sure that your application loads as fast as possible. But how can you achieve that? There are many tricks and techniques for speeding up load time of an application and most of them don't involve any actual code change. In some cases, just a single line of config can give you a huge performance improvement. So, in this article we will explore the simplest and most effective tricks that will help you make your web application load as fast as possibly can!

Source: The Simple Tricks to Make Your Website Blazing Fast, an article by Martin Heinz.

My Favorite One Liners

In this post, I will be sharing my favorite commandline one liners that have made my workflow productive and more efficient. As a regular Linux user, I have been using commandline extensively to perform daily tasks such as creating files, navigating through directories , moving files and editing files using vim.

Source: My Favorite One Liners, an article by Muhammad Raza.

The art of solving problems with Monte Carlo simulations

This article will explore some examples and applications of Monte Carlo simulations using the Go programming language. To keep this article fun and interactive, after each Go code provided, you will find a link to the Go Playground, where you can run it without installing Go on your machine.

Source: The art of solving problems with Monte Carlo simulations, an article by Gabriel Carvalho.

CSS Generators

You can use CSS generators to avoid some time-consuming tasks. I made a collection of the best CSS generators for you.

Source: CSS Generators, an article by Marko Denic.