Eric Hellman's tilde.zone post reveals a long-term project update: using the Mastodon web application requires enabling JavaScript, or alternatively, using a native Mastodon app. This suggests work on improving the web client or user experience for Mastodon.
Notion is an all-in-one workspace that combines notes, task management, wikis, and databases into a single platform. It offers flexible and powerful tools to help you organize information, manage projects, collaborate with teams, and build custom workflows. Whether for personal use or team collaboration, Notion adapts to your needs, boosting your productivity.
Keeper, a Y Combinator-backed company building software for bookkeepers, is hiring a Senior Fullstack Engineer. The role requires 3+ years of experience building web applications with React and Node.js, proficiency in TypeScript, REST APIs, and databases. Keeper offers competitive salary and equity, and is on a mission to empower bookkeepers with efficient tools.
ShredOS is a lightweight, bootable Linux distribution built with Buildroot, designed for secure disk erasure. It features nwipe, a powerful tool offering various wiping methods including DoD 5220.22-M compliance, and supports both 32-bit and 64-bit processors. Bootable from USB or CD, ShredOS requires no installation and provides a user-friendly interface. It also includes utilities like smartmontools and hdparm for disk diagnostics and maintenance.
This article introduces the 'Clockwise/Spiral Rule,' a clever technique for parsing complex C declarations. By spiraling clockwise through the declaration, replacing elements like arrays, pointers, and functions with their English equivalents, even the most intricate declarations become understandable. The author demonstrates the technique with several examples, from simple pointer arrays to nested function pointers, and shows how to handle `const` and `volatile` keywords. This method offers a practical and intuitive way to decipher confusing C code.
The author shares their experience of being promoted to Staff Software Engineer twice in two years. The key to promotion wasn't technical prowess, but delivering value to the company by successfully completing high-priority projects aligned with company goals. The author emphasizes the importance of understanding company priorities, working on impactful projects, and building strong relationships with management and team members. A supportive manager is crucial. Key takeaways include focusing on high-impact projects the company prioritizes, not overemphasizing mentoring, and having a manager willing and able to champion the promotion process.
Lucy is a concise language for describing Finite State Machines (FSMs). It allows complex events, guards, actions, and destination states to be expressed in a single line. Nesting machines enables hierarchical FSMs. Lucy compiles to XState, a leading JavaScript FSM library, supporting all its core features. Written in C and compiled to WebAssembly, Lucy boasts a significant speed advantage (15x faster than its previous JavaScript-based compiler), making it ideal for JavaScript projects.
A new terminal emulator, Ghostty, recently released version 1.0. Security researcher David Leadbeater discovered a vulnerability (CVE-2024-56803) similar to a 2003 CVE, allowing attackers to execute arbitrary code by exploiting the terminal's title querying functionality. The vulnerability leverages the in-band signaling nature of terminals and Zsh's behavior in vi mode. Attackers can use crafted escape sequences to execute malicious commands without the user's knowledge, even over SSH. Ghostty 1.0.1 fixes this, users are advised to upgrade or apply mitigations provided in the advisory.
This blog post details the implementation and optimization of a static search tree (S+ tree) for high-throughput searching of sorted data, achieving a 40x speedup over binary search. Starting with code from Algorithmica, the author meticulously optimizes the search algorithm through vectorization, SIMD instructions, and batching. Deep dives into assembly code reveal opportunities for further performance gains. Various tree layouts and memory strategies are explored, ultimately resulting in a highly efficient solution that reduces query time from 1150ns to 24ns on a 1GB dataset.
Tirreno is open-source user analytics software designed to monitor various online platforms, including websites, applications, SaaS, communities, and IoT devices. It detects and defends against account takeovers, malicious bots, and common vulnerabilities stemming from user behavior. Built with PHP and PostgreSQL, Tirreno is easy to install and use, providing real-time analytics. A paid subscription enhances its anti-fraud capabilities by offering additional verification of IP addresses, emails, and phone numbers. Developed by Tirreno Technologies Sàrl, Tirreno prioritizes privacy and data security; its code is open-source, but the trademark is not.
This blog post revisits NetBSD's build system, a powerful yet somewhat arcane system based on a combination of BSD make and shell scripts. It allows building a complete NetBSD system from scratch on virtually any POSIX platform, without root privileges, and supports cross-compilation to various architectures. The author details the build process, including toolchain generation, build structure, the destdir mechanism, unprivileged builds, and distribution media creation. While acknowledging shortcomings like inefficient incremental builds and imperfect dependency management, the author highlights the system's strengths and design philosophy. The author concludes by mentioning a current embedded project utilizing NetBSD and explores the possibility of migrating the build system to Bazel for enhanced efficiency.
Y Combinator-backed startup just words is seeking a Senior Software Engineer (Frontend) to build and scale their backend and recommendation systems. The company uses AI for hyper-personalized messaging and employs dynamic testing to optimize marketing results. The ideal candidate will have 4+ years of frontend experience, proficiency in JavaScript/TypeScript and modern frameworks like React, and thrive in a fast-paced environment. This is a ground-floor opportunity to work with founders, make critical decisions, and solve complex problems using cutting-edge AI technology.
This is part four of a series on optimizing the Ruby Virtual Machine (VM). The author delves into adding an `opt_respond_to` instruction to CRuby to optimize `respond_to?` method calls. The article details using a debugger to trace code execution, locate the peephole optimizer `iseq_peephole_optimize`, and by analyzing an existing frozen array optimization, attempts to match the pattern of `respond_to?` method calls, laying the groundwork for adding a new optimization instruction. The author uses concise code examples and debugging steps to clearly illustrate the peephole optimization mechanism and how to debug within the CRuby source code.
A recent study revealed over 3.1 million fake "stars" on GitHub, used to artificially inflate the popularity of scam and malware repositories. Researchers used a tool called StarScout to analyze massive datasets, identifying 278,000 accounts responsible for these fake stars across 15,835 repositories. This deceptive practice, particularly rampant in 2024, allows malicious projects to appear legitimate and reach unsuspecting users. While GitHub has removed many of the implicated accounts and repositories, the problem persists. Users are urged to carefully evaluate project quality and exercise caution when downloading software from GitHub.
Steven Sinofsky's article debunks several seemingly sound software engineering concepts. He argues that ideas like 'let's just make it pluggable,' 'let's just add an API,' and 'let's abstract that one more time' often fail in practice due to the inherent complexities of software engineering. Issues such as API maintainability, asynchronous operation bugs, access control complexities, and cross-platform development difficulties are highlighted. Sinofsky emphasizes that successful software engineering relies on first principles, not blindly applying patterns.
After two years of development, a programmer has successfully compiled the classic game DOOM using a self-bootstrapping compiler called Onramp. Starting from a simple virtual machine written in x86_64 assembly, Onramp gradually built an assembler, C compiler, and other tools, ultimately compiling and running DOOM. While performance is currently limited, Onramp demonstrates impressive self-hosting capabilities and cross-platform potential. Its long-term goal is to enable compilation and execution of code on any architecture, even those of alien civilizations, preserving our cultural and computing heritage for the distant future.
RSS.Beauty is an open-source tool designed to enhance the RSS reading experience. It transforms plain RSS feeds into beautifully formatted reading experiences. Simply download the style file (RSS or Atom), place it in your static resource directory, and add a line of code after `` in your RSS. RSS.Beauty boasts excellent compatibility and utilizes time-tested technology, giving new life to RSS.
This article demonstrates how to quickly create a personalized weather forecast dashboard using Grafana Cloud and the free public API from the U.S. National Weather Service. With a few simple steps, raw JSON weather data is transformed into easily understandable charts, allowing users to check their local weather information at any time. Grafana Cloud supports a variety of data sources and offers rich visualization options, making data analysis simple and efficient.
This article introduces a novel approach to hardware modeling using Python – symbolic models. Traditional hardware design workflows involve multiple models (behavioral, architectural, RTL, etc.) for verification, but debugging can be challenging for complex algorithms and data management. The author proposes using Python symbolic models, tracking data origins instead of the data itself, to simplify the debugging process. Using an image downscaler as an example, the article details the construction and comparison of reference and hardware symbolic models, showcasing the advantages of symbolic models in improving design efficiency and confidence, especially when dealing with complex data management and specification changes.
The popular open-source photo editing software darktable has released version 5.0.0, boasting significant UI/UX improvements, performance enhancements, and expanded camera/file format support. New features include camera-specific styles, a startup progress screen, feedback during bulk operations, and more precise mask controls. Performance gains are evident in the optimized color equalizer and faster PFM file loading. Numerous bugs have been squashed, and support for a wider range of cameras and file formats has been added. While edits are preserved during the upgrade from 4.8, backing up your data is strongly recommended.
This text is the footer of the Unity Technologies website. It includes copyright information, privacy policy, cookie policy, and links to various resources such as Unity Ads, Asset Store, learning materials, community forums, and documentation. It's not an article itself, but a navigational element pointing users to further information and resources related to Unity.
The smartphone boom made native apps ubiquitous, but now they're becoming a burden. Modern browsers are powerful enough to offer features like notifications and offline access, once exclusive to native apps. The article argues that many businesses still cling to native apps, leading to app overload for users. In contrast, web apps are more cost-effective, flexible, and work seamlessly across devices. The gaming industry exemplifies this, with technologies like HTML5, WebGL, and WebAssembly enabling browser games to rival native ones. The article calls for developers to embrace the future of web apps, utilizing tools like Rogue Engine to create more accessible and universally usable experiences.
Linux's "Fixes" tag traditionally uses a 12-character commit SHA prefix, but with increasing commit numbers, the risk of collisions is growing. Security researcher Kees Cook has successfully created a 12-character prefix collision, breaking tools that parse the "Fixes" tag. This collision uses the initial commit ID of Linux 2.6.12-rc2, impacting tools such as linux-next's "Fixes tag checker" and the Linux CNA's commit parser. To prevent future collisions, Cook suggests increasing the minimum short ID to 16 characters and has released a test commit to help developers fix their tools.
Facing economic pressure, some companies are relicensing their popular open source projects to more restrictive licenses to generate more revenue, leading to project forks. CHAOSS studied Elasticsearch, Redis, and Terraform, finding that forks often exhibit greater organizational diversity than the originals, especially under neutral foundations like the Linux Foundation. While relicensing had minimal impact on contributors to the original projects, it significantly affected users. This research is the first step in a larger ongoing project; future analysis will incorporate more data and projects for a deeper understanding.
DocumentCloud is an online platform that allows users to upload, collaboratively edit, and share various types of documents. It offers powerful search and organizational features, making it easy to manage large volumes of files. For journalists, researchers, and organizations needing team collaboration, DocumentCloud is a valuable tool that increases efficiency and facilitates information sharing.
Ruby Refrigerator is a tool that freezes all Ruby core classes and modules, preventing unexpected modifications to core classes at runtime. It provides a `freeze_core` method to freeze core classes and a `check_require` method to check libraries for modifications to core classes. `check_require` supports options for predefining modules and classes, excluding specific classes, and specifying dependencies. A command-line tool, `bin/check_require`, is also provided for easy use. This tool is incredibly useful for ensuring code stability in production and testing environments.
A developer is building an open-source command-line interface (CLI) tool called t2x (short for "text to whatever"). t2x leverages local or cloud-based language models to perform various text operations. While not yet fully complete, the tool is expected to be released on GitHub sometime over the holidays.
The Guix system has successfully built a fully bootstrapped Mono environment, overcoming numerous challenges in the process. The author details their journey to support C# 12.0 features, encountering issues with older Mono versions relying on pre-built binaries. Through a series of patches, a fully bootstrapped chain from Mono 1.2.6 to 6.12.0 was created. Along the way, bugs in Mono and xbuild were fixed, and runpath support in Mono was enhanced. This not only solved the author's C# compatibility problem but also highlighted the importance of fully bootstrapped, reproducible builds and their impact on software security.
Monokai Pro is a theme plugin available for JetBrains IDEs (like IntelliJ IDEA, WebStorm, etc.), Sublime Text, and VS Code. It boasts over 70 custom icons and offers adjustable settings for personalized tweaking. A free trial is available, but a €1 monthly subscription removes pop-ups. Compatible with numerous programming languages and IDEs, it's a popular choice among software engineers.
Mozilla has released Orbit, a Firefox extension leveraging AI to summarize web content such as emails, documents, articles, and videos, while prioritizing user privacy. Orbit requires no account creation, doesn't store session data or personal information, and utilizes a Mistral 7B LLM model hosted by Mozilla. Users can easily summarize long documents and videos, quickly grasp the gist of emails and articles, and get specific information through questions.