Programming Leftovers

posted by Roy Schestowitz on May 26, 2024

• University of Toronto ☛ Reasons to not expose Go's choice of default TLS ciphers

  Today, Go can't expose a useful API for 'the default TLS 1.3 cipher suites' because there is no such straightforward thing; the actual default cipher suites used depend on multiple factors, some of which can't be used by even a top level function like CipherSuites(). If Go had exported such a variable or API in the past, Go's general attitude on backward compatibility might have forced it to freeze the logic of TLS 1.3 cipher suite choice so that it did respect this default list no matter what, much like the random number generation algorithm became frozen because people depended on it.

• Rlang ☛ Identify positions in R

  Identify positions in R, we will explore how to use the str_subset and str_which functions in R to filter and find patterns in character strings.

  These functions are part of the stringr package, which provides a variety of functions for working with strings.

• Rlang ☛ Plotting weather data with ggplot()

  Very often, we agronomists have to deal with weather data, e.g., to evaluate and explain the behaviour of genotypes in different environments. We are very much used to representing temperature and rainfall data in one single graph with two y-axis, which gives a good immediate insight on the weather pattern at a certain location. Unfortunately, I had to discover that doing such graphs with ggplot() is not a straightforward task.

• University of Toronto ☛ The long-overdue problem coming for some people in Go 1.23

  Experienced Go developers may now be scratching their heads about how quic-go/internal/qtls is referring to crypto/tls.defaultCipherSuitesTLS13, since the latter isn't an exported identifier (in Go, all exported identifiers start with a capital letter). The simple answer is that the qtls package is cheating (in cipher_suite.go).

• Python

  • SANS ☛ csvkit, (Sat, May 25th)

    After reading my diary entry "Checking CSV Files", a reader informed me that CSV toolkit csvkit also contains a command to check CSV files: csvstat.py.

• Kernel/Linux

  • Screenplay Studios Inc dba Graphite ☛ BitKeeper, Linux, and licensing disputes: How Linus wrote Git in 14 days

    For the first ten years of development, prior to its usage of BitKeeper, the Linux Kernel version control tool of choice had just been Linus himself. The system worked like this: developers would submit tarballs and patches to a handful of Linsus’s trusted lieutenants. After vetting, the patches that passed review would then be sent up to Linus. Finally, Linus himself would incorporate them manually into his own source tree, and then cut the release.

    Of course, Linus-as-a-version-control-service was far from a perfect product. In 1998, when Larry McVoy first sketched out the idea behind BitKeeper on the Linux Kernel Mailing List, he wrote "It's clear that our fearless leader [Linus] is, at the moment, a bit overloaded so patches may be getting lost”

    While this manual workflow seems barbaric to us today, at the time, Linus viewed this workflow as superior to the alternatives — namely CVS. Much later, when Linus gave a talk at Google in 2007 about Git, he mentioned one of his core design principles: “WWCVSND” or “What Would CVS Not Do?” Of course this hatred naturally extended to SVN as well; in the same talk, he’d go on to say with a smile “If there are any Subversion users in the audience, you might want to leave. My hatred of CVS has meant that I see Subversion as being the most pointless project ever started. The whole slogan for Subversion for a while was CVS done right or something like that. And if you start with that slogan, there’s no where you can go. It’s like, there’s no way to do CVS right.”

    The heart of Linus’s criticism against CVS was its centralized nature. Given the hundreds of Linux developers out there, Linus felt it was critical that each of them have their own discrete copy of the repository that they could develop their own branches on. This both eased offline work and helped with internal politics; each developer was free to commit whatever they’d like to their own repository, and then would have the opportunity to convince the community that their changes were valuable. This prevented a single set of contributors with commit access from gatekeeping the sole repository.

• Education

  • Victor Kropp ☛ KotlinConf 2024 Trip Report

    I’m writing this from the Copenhagen airport on my way back home from KotlinConf 2024. For the second year in a row, I’ve had a privilege to attend my favorite event of the year.