news
Programming Leftovers
-
UNIXdigest ☛ Stop telling people to sanitize user input
Even though we don't want user input to contain harmful content, we do not normally sanitize user input, rather we validate user input, and there is a big difference.
All applications that take user input has data input requirements. Validation means that you ensure that the data being inputted matches the requirements you have.
-
Rob Knight ☛ Ash Fetchum
I currently have code in three code forges: GitHub, Source Tube (which is Forgejo), and my Forgejo instance. My first instinct was to make a script that goes into every folder in my developer directory on my computer and fetches the changes but that wouldn't work if I made a new repository on one of the services. The ideal solution is to go through every repository on each of those services and fetch the latest changes to my machine. So I built Ash Fetchum and this logo that I'm very proud of (along with the name).
-
Dan Q ☛ Things I do when I’m writing code that don’t look like writing code
My typing speed is not the bottleneck.
-
Salma Alam-Naylor ☛ How to make your first contribution to an open source project
Getting involved in open source doesn't have to be scary! Understand how to find a great project and make your first contribution in this guide.
-
Andrew Nesbitt ☛ .gitlocal
Today, the best a tool author can do is append a line to .gitignore, which means modifying someone else’s repository, or hope the user adds the right pattern themselves. GitHub has revoked millions of leaked tokens found by scanning public repositories, and tools like git-secrets and detect-secrets try to catch credentials before each commit. These all work after the fact. The person best positioned to prevent the leak is the tool author, and they have no mechanism to do it.
-
Vittorio Romeo ☛ vittorio romeo's website
I am very excited about C++26 reflection.
I am also obsessed by having my code compile as quickly as possible. Fast compilation times are extremely valuable to keep iteration times low, productivity and motivation high, and to quickly see the impact of your changes.
With time and experience, I’ve realized that C++ can be an extremely fast-to-compile language. Language features like templates are not the issue – the Standard Library is.
-
Andreas Fertig ☛ Best performance of a C++ singleton
In my January post, I focused on implementing a singleton correctly. This time I want to add performance into the mix and show you the best way to implement your singleton... or give you guidance to pick your best way.
-
Rlang ☛ Data Visualization, Second Edition
I’ve written a second edition of Data Visualization: A Practical Introduction, which ideally should come out with Princeton University Press later this year.
-
Rlang ☛ eSports Analytics in R: Predicting Dota 2 Matches
eSports analytics is still an underexplored area in the R ecosystem, which makes it a great niche for practical, original work. While football, basketball, and betting models already have strong communities, competitive games such as Dota 2 and Counter-Strike offer rich event data, fast feedback loops, and interesting prediction problems.
-
The New Stack ☛ IT-Tools brings many useful developer tools into one convenient location
How many tools do you use as a developer? I’m guessing that the answer is “many.”
-
Qt ☛ [Proprietary] Commercial LTS Qt 6.5.12 Released
We have released Qt 6.5.12 LTS for commercial license holders today. As a patch release, Qt 6.5.12 does not add any new functionality but provides bug fixes and other improvements.
-
Shell/Bash/Zsh/Ksh
-
University of Toronto ☛ Your terminal program has to be where xterm's ziconbeep feature is handled
I recently wrote about things that make me so attached to xterm. One of those things is xterm's ziconbeep feature, which causes xterm to visibly and perhaps audibly react when it's iconified or minimized and gets output. A commentator suggested that this feature should ideally be done in the window manager, where it could be more general. Unfortunately we can't do the equivalent of ziconbeep in the window manager, or at least we can't do all of it.
-
-
Java/Golang
-
Niket Patel ☛ Why Go Can't Try | Niket Patel
One line. Clean. Honest. So why doesn't Go just do this? The common answer is "the Go team likes explicitness." That's true, but it's not the whole story. The real answer runs much deeper.
-
-
Education
-
Data Visualization ☛ Data Visualization
My main goal is to introduce you to both the ideas and the methods of data visualization in a sensible, comprehensible, reproducible way. Some classic works on visualizing data, such as The Visual Display of Quantitative Information (Tufte 1983), present numerous examples of good and bad work together with some general taste-based rules of thumb for constructing and assessing graphs. In what has now become a large and thriving field of research, more recent work provides excellent discussions of the cognitive underpinnings of successful and unsuccessful graphics, again providing many compelling and illuminating examples (Ware 2008). Other books provide good advice about how to graph data under different circumstances (Wilke 2019; Few 2009; Munzner 2014; Cairo 2013), but choose not to teach the reader about the tools used to produce the graphics they show. This may be because the software used is some (proprietary, costly) point-and-click application that requires a fully visual introduction of its own, such as Tableau, Microsoft Excel, or SPSS. Or perhaps the necessary software is freely available, but showing how to use it is not what the book is about (Cleveland 1994). Conversely, there are excellent cookbooks that provide code “recipes” for many kinds of plot (Chang 2013). But for that reason they do not take the time to introduce the beginner to the principles behind the output they produce. Finally, we also have thorough introductions to particular software tools and packages, including the one we will use in this book (Wickham, Çetinkaya-Rundel, and Grolemund 2023). These can sometimes be hard for beginners to digest, as they may presuppose a background that the reader does not have.
-
Kieran Healy ☛ Data Visualization, Second Edition
I’ve written a second edition of Data Visualization: A Practical Introduction, which ideally should come out with Princeton University Press later this year. As with the first edition, a full draft of the book is available at https://socviz.co. The production process is just getting started so there’s no new cover yet, and there isn’t a link to pre-order. But (also like last time) I’ve put up a link to a form that lets you add your email if you’d like to be notified when it’s available to buy. You’ll only get one email (from me personally, not a marketing department) if you do; no spam or anything.
-
Undeadly ☛ The Book of PF, 4th Edition Spotted in the Wild
It is now shipping, and when author and undeadly.org co-editor Peter Hansteen finally got his author copies, he wrote a blog post titled The Book of PF, 4th Edition: It's Here, It's Real.
-
BSDly ☛ That grumpy BSD guy: The Book of PF, 4th Edition: It's Here, It's Real
And finally, the shipment had a total weight of 10.4 kg, which sounded about right for the stack of The Book of PF, 4th Edition author copies I was expecting to receive soon after the print run was ready to ship.
Now, a few days later, I have just taken delivery of package, this time delivered to my door by a delivery man who was very excited to be delivering a box of books to their author. The box was slightly heavier than my regular backpack: [...]
-
Peter N M Hansteen ☛ The Book of PF, 4th Edition: It's Here, It's Real
The long wait is over. Fresh copies of The Book of PF, 4th Edition arrived here today. Which means: I'll bring some to upcoming conferences!
-