Kind bookmarks

Read the complete incident report from CircleCI’s January 4, 2023 security alert.

https://snarfed.org/matrix.webp https://snarfed.org/matrix.webp A long time ago, I decided to show Bridgy‘s end users its raw logs. Like, raw logs. HTTP requests, database reads and writes, JSON …

In the two years since I've posted I want off Mr Golang's Wild Ride , it's made the rounds time and time again, on Reddit, on Lobste.rs, on HackerNews, and elsewhere. And every...

Ash Huang & Ryan Putnam on a microsite: For the month of January, we’ll make a pact to blog a few times to get into the habit, and create a directory of all the creators who participate. Readers can then find new makers to follow before we all scatter to the winds. Win-win! I’m all […]

Musk will likely ruin Twitter for one specific user: himself.

Owning Twitter means owning a host of impossible political problems. Is Elon ready?

A post by Stuart Langridge (sil)

I’ve been doing this “reliability” stuff for a little while now (~5 years), at companies ranging from about 20 developers to over 2,000. I’ve always cared primarily about the software elements I describe as living “outside” the application – like, how does it get its configuration? What kinds of instances does it run on, and are those the best kinds to use? What steps does it take on its path from “code in a repository” to “running in production”? And I’ve always kept track of what I liked – which mechanisms allowed fast iteration and which caused frustration, which led to outages and which prevented them.

https://snarfed.org/sinking_rowboat.webp https://snarfed.org/sinking_rowboat.webp Matthew Childs / Reuters We live in a golden age of software reuse. We’ve never before had such a wealth of freely …

In November 2021, we decided to trial a four-day week across our bank. Was it a success? Yes. Read our blog post to find out how.

For varying levels of seniority, from senior, to staff, and beyond.

There have been discussions in the aftermath of the log4j vulnerability about whether or not open source is broken or sustainable, what we can do to improve the sustainability of the open source ecosystem moving forwards, and the entitlement of users and companies in expecting maintainers to fix their problems.

The website of Robin Rendle, a designer and writer from the UK.

Remains of your attention span. Photo by Pablo Martinez on Unsplash This is exactly why you can’t focus on reading anything longer than a mobile page length these days. Not even a blog post, let alone …

Life without a REPL, and how to still be able to manipulate production which even has quite a few benefits over more one-off REPL-driven operations..

As the world changes, so too must Tech Nottingham. We explore the future of Tech Nottingham events.

For many open source consumers the "logical units" being depended on are libraries. However, the libraries themselves are only a product of what consumers are actually depending on: people. Y...

The pandemic made evident how much work can, and should, be different. The forced change to accommodate remote workflows also brought to light what I like to call “virtual offices”. Unlike truly remote friendly workplaces optimized for asynchronous communication, these aim to merely transport the office into a virtual space keeping the same unnecessary constraints of synchronous work intact, only replacing shoulder taps with Zoom calls. I’d love if we collectively agreed to start using a more appropriate name for these. They are office-less companies but they are not remote-friendly.

Map your (least) favorite programming language to your favorite Planet Express crew member based on its characteristics.

Documenting my experiences and learnings, with the goal of helping other software engineers on their journey

Ruby made its YAML interpreter more secure by default at the cost of backward compatibility. Developers weren’t given heads up warning about the changes.

A report of my positive and negative experiences with Go after using it for 6 months at work.

Small and independent blogs are always full of surprises. The more blogs I stumble upon, the more genuinely surprised I am by the things people do with their blogs. It seemed like a good idea to …

    What? you can do that in Linux? It turns out you can! First, let’s see it in action. Here I retrieve a binary from my Raspberry Pi which is an ARM binary and execute it in my x86_64 machine …

Over the course of 2021, the IndieWeb community had several popup sessions to continue the refining of the spec. This culminated in a release of the latest iteration on February 22, 2022. I really …

The long-running BBC sci-fi show Doctor Who has a recurring plot device where the Doctor manages to get out of trouble by showing an identity card which is actually completely blank. Of course, this …

Key principles using modern CSS, fluid type, fluid space, flexible layout and progressive enhancement will help you to build better front-ends that work for everyone.

Before we begin: The content in this article assumes knowledge of table-driven tests in Go.

So, GitHub just got bought by Microsoft and this got me and a bunch of people thinking about the dependence of Go on GitHub as a piece of…

Introduction If you have been working with Go programming language for a while, you would have noticed that a lot of open source packages that you import start with github.com/…. You would then use go get command to download the package and add it to your go.mod file. For instance: $ go get -u github.com/abvarun226/goiplookup What if you did not want this dependency on Github and rather wanted to host your own git server?

Lightspin obtains credentials to an internal AWS service by exploiting a local file read vulnerability on the RDS EC2 instance using the log_fdw extension.

Do you need a staging environment? We've written this short blog post to share how an alternative approach is saving us time, and helping us ship better code.

With all the fuss about Twitter’s promised edit button, and how they might design it, we’re missing a disturbing development — Twitter is using its embedded javascript to edit other people’s sites.

This post is written by Mark Sailes, Senior Specialist Solutions Architect. This blog post shows how to optimize the performance of AWS Lambda functions written in Java, without altering any of the function code. It shows how Java virtual machine (JVM) settings affect the startup time and performance. You also learn how you can benchmark […]