news
Programming Leftovers
-
Anton Zaides ☛ 7 lessons engineers learn only after breaking production
Last April, I wrote a well-received article about the 13 software engineering laws - Hyrum’s, Conway’s, Zawinski’s, and 10 famous others. The common patterns people noticed in software projects and decided to name.
But beyond the named laws, there are many unwritten rules every engineer who’s been around for a while just knows. You learn them by breaking things and swearing you’ll never do it again.
-
[Old] Vlad-Stefan Harbuz ☛ Binary Dependencies: Identifying the Hidden Packages We All Depend On
When you create a software package, your work might depend on other packages. Usually, you will depend on the source code of these other packages. However, sometimes, you will depend on precompiled binaries of your dependencies. This frequently happens when calling compiled code, like C code, from other programming languages, such as Python.
In almost all ecosystems, it is difficult to keep track of binary dependencies. When you depend on a package’s source code, this is normally recorded in your manifest file — pyproject.toml, package.json and so on. However, when you depend on a package’s precompiled binaries, this information is usually not recorded anywhere. This means that the binary dependency relationship between your project and whatever you’re depending on is hidden — so we can say that you have a phantom binary dependency.
-
Rlang ☛ revss – CRAN is updated!
Just a quick note that CRAN now has the updated version 3.1.0 of the revss package. As always, I want to thank the CRAN team, and specifically Dr. Uwe Ligges, for their tireless work!
-
Java/Golang
-
Redowan Delowar ☛ Repositories, transactions, and unit of work in Go
This post started as a pair of quick answers to questions on r/golang. The first was about whether a repository layer on top of sqlc is worth it. The second was about how to handle transactions when the interface hides storage details. Both turned into short shards on this site. This post ties them together and covers what to do when transactions need to span multiple repositories.
-
Redowan Delowar ☛ How do you handle transactions with the repository pattern? | redowan's reflections
Previously, I showed how to put a small interface between your service logic and your storage layer so the service doesn’t know whether it’s talking to sqlc, raw SQL, or anything else. The interface looked like this: [...]
-
Anton Zhiyanov ☛ Solod: Go can be a better C
I'm working on a new programming language named Solod (So). It's a strict subset of Go that translates to C, without hidden memory allocations and with source-level interop.
-
-
Rust
-
Niko Matsakis: Maximally minimal view types
This blog post describes a maximally minimal proposal for view types. It comes out of a converastion at RustNation I had with lcnr and Jack Huey, where we talking about various improvements to the language that are “in the ether”, that basically everybody wants to do, and what it would take to get them over the line.
-
Rust Blog ☛ The Rust Programming Language Blog: Security advisory for Cargo
The Rust Security Response Team was notified of a vulnerability in the third-party crate
tar, used by Cargo to extract packages during a build. The vulnerability, tracked as CVE-2026-33056, allows a malicious crate to change the permissions on arbitrary directories on the filesystem when Cargo extracts it during a build.
-