Programming Leftovers
-
The Record ☛ Bug affecting PHP scripts demands ‘immediate action from defenders globally’ | The Record from Recorded Future News
Threat intelligence company GreyNoise said exploitation of the bug, tracked as CVE-2024-4577, “extends far beyond initial reports,” referencing in particular a blog post published Thursday by cybersecurity firm Cisco Talos.
-
Karl Seguin ☛ Zig's dot star syntax (value.*)
Maybe I'm the only one, but it always takes my little brain a split second to understand what's happening whenever I see, or have to write, something like value.* = .{...}.
-
Dirk Eddelbuettel ☛ Dirk Eddelbuettel: RcppSimdJson 0.1.13 on CRAN: Compiler Nag, New Upsteam
A new release 0.1.13 of the RcppSimdJson
This release was tickled by another CRAN request: just like yesterday’s RcppDate release, it responds to the esoteric ‘whitespace in literal operator’ depreceation warning. Turns out that upstream simdjson had this fixed a few months ago as the node bindings package ran into it. Other changes include a bit of earlier polish by Daniel, another CRAN mandated update, CI improvements, and a move of two demos to
examples/to avoid having to add half a dozen packages to Suggests: for no real usage gain in the package. -
Rlang ☛ A Function to Draw Complex Multiplets
Inspired by Roman A. Valiulin’s book NMR Multiplet Interpretation (discussed previously), I decided to write an R function to draw complex multiplets. The function will draw the multiplet, and optionally, can draw a splitting tree and some annotations. Some of you may find this useful for teaching the topic.
The function is called multiplet and it resides in the SpecHelpers package, which was just updated to version 0.3.1. Here are some examples of the function at work, drawn from Valiulin’s book: [...]
-
Rlang ☛ Customize your expedition: Create a unique documentation for your R Package
Ah, pkgdown… That fantastic tool that turns your R package documentation into a website. But sometimes, it lacks a bit of personality. No worries, pkgdown.yml is here to add customization and make your site shine like never before.
-
Sean Goedecke ☛ Great software design looks underwhelming
When I sent it to another reviewer, suggesting that we use this as a reference point for what a 10/10 looked like, I was genuinely shocked to hear from them that they wouldn’t have passed that challenge through to an interview. According to them, it didn’t demonstrate enough understanding of sophisticated language features. It was too simple.
Years later, I’m even more convinced that I was right and that reviewer was wrong. Great software design is supposed to be too simple. I think now I can finally begin to articulate why.
-
James Stanley ☛ James Stanley - Thoughts on Signed Distance Functions for CAD
The property that makes SDFs work really well is what I'm calling "the distance property". That is the property that every point in space evaluates to the true distance from that point to the isosurface.
And boolean operations don't preserve the distance property!
The boolean operations do however preserve a different property which is almost as useful. They give you a function which is a lower bound on the distance from p to the isosurface. That means ray marching still works, because it is always safe to step forward by a distance f(p) without missing any geometry.
-
Michael Lynch ☛ How to Write Useful Commit Messages · Refactoring English
Effective commit messages simplify the code review process and aid long-term code maintenance. Unfortunately, commit messages don’t get much respect, so the world is littered with useless messages like Fix bug or Update UI.
There’s no widespread agreement about what makes a good commit message or why it’s useful, so I’m sharing my thoughts based on my 20 years of experience as a software developer.
-
RxDB ☛ Why Local-First Software Is the Future and its Limitations
In local-first software, the primary copy of your data lives on the client rather than a remote server. Rather than sending each read or write over the network, you store and manipulate data in a local database on the user’s device. Sync then happens in the background, ensuring all devices eventually converge to a consistent state.
This approach is increasingly popular because it leads to instant app responses (no network delay for most operations), genuine offline capability, and more direct data ownership for users. Local-first apps also sidestep outages and if the server or [Internet] goes down, users can keep working with their local data. When connectivity returns, everything syncs. This makes the user experience more resilient and gives them control of their data, which is especially appealing when privacy concerns or limited connectivity are key factors.
-
Terminalwire ☛ Pick the wrong tool for the job
One interesting technical decision I made for Terminalwire was to use Ruby for the Terminalwire thin-client that’s installed on people’s workstations.
Terrible idea, right? I’ve been told by other engineers, “Use Go! Use Rust! Use Crystal!” They’re not wrong; those languages and runtimes have several advantages over Ruby for similar applications, but it’s not right for me at this moment for lots of reasons that aren’t technical. It also turns out my users don’t care about it either.
-
Education
-
James G ☛ People and Blogs Interview
-
-
Python
-
The New Stack ☛ Magic Methods: The Secret to Elegant Python Code
There is a way to make Python objects behave and read more like real-world actions and conversation. You can do this using magic methods. Magic methods give Python classes special behaviors by using easily readable code. Magic methods enabling custom objects to behave like built-in Python types allow you to define how objects interact naturally with built-in Python operations. This enhances both readability and usability of custom classes. For instance, instead of calling an add() method, an engineer can simply use the + operator.
-
Adnan Siddiqi ☛ Detecting the Engulfing Pattern Using pandas-ta
In the previous post, I discussed the Hammer Pattern. So far, we have been writing everything from scratch to detect a certain pattern. However, there’s an amazing library available that has done all the heavy lifting on our behalf and provides easy-to-use interfaces to detect patterns. I will be using the pandas-ta library for this purpose. For certain patterns, it relies on the TA-Lib library, a C++ library for technical analysis.
-
-
Standards/Consortia
-
[Old] David North ☛ Dovecot, Thunderbird and OAuth - a step by step guide
Step 1: You want to set this up because two factor authentication is practically mandatory these days.
Step 2: It’s not (currently) possible.
Step 3: Get sad.
You’re probably quite cross at this point, because my title will have click-baited you into coming here hoping for the answers which I spent a few hours looking for in vain. Let me at least explain myself…
-
University of Toronto ☛ The problem facing MFA-enabled IMAP at the moment (in early 2025)
Suppose that you have an IMAP server and you would like to add MFA (Multi-Factor Authentication) protection to it. I believe that in theory the IMAP protocol supports multi-step 'challenge and response' style authentication, so again in theory you could implement MFA this way, but in practice this is unworkable because people would be constantly facing challenges. Modern IMAP clients (and servers) expect to be able to open and close connections more or less on demand, rather than opening one connection, holding it open, and doing everything over it. To make IMAP MFA practical, you need to do it with some kind of 'Single Sign On' (SSO) system. The current approach for this uses an OIDC identity provider for the SSO part and SASL OAUTHBEARER authentication between the IMAP client and the IMAP server, using information from the OIDC IdP.
-
Julia Evans ☛ Standards for ANSI escape codes
For a long time I was vaguely aware of ANSI escape codes (“that’s how you make text red in the terminal and stuff”) but I had no real understanding of where they were supposed to be defined or whether or not there were standards for them. I just had a kind of vague “there be dragons” feeling around them. While learning about the terminal this year, I’ve learned that: [...]
-