I see people making the same mistake with tools like Kubernetes. Many, if not most stacks, simply don’t need it… and those that do pay the price for all the overhead and brittleness.
conc is your toolbelt for structured concurrency in go, making common tasks easier and safer.
Nice package from Sourcegraph.
- -> and ->> operators on JSON
- RIGHT and FULL OUTER JOIN
- Compiling to WASM
- The sqlite3_error_offset() C-language interface for better error reporting
- The recovery extension
- IS DISTINCT FROM and IS NOT DISTINCT FROM operators.
- unixepoch() and format() SQL functions
Nice introduction into CSS color formats by Joshua Comeau. I learned about the upcoming
LCH is a color format that aims to be perceptually uniform to humans. Two colors with an equivalent “lightness” value should feel equally light!
Also, TIL about that
rgb(r g b / a) thing I’ve seen a few times:
For most of CSS’ existence, we specified RGB colors using a slightly different syntax.
This changed in CSS Colors level 4, which introduces a standardized notation used across newer color formats. rgba() isn’t explicitly deprecated, but it’s recommended to use the newer format (fortunately, browser support is excellent).
TL;DR: ReDoS “vulnerabilities” are, overwhelmingly, indistinguishable from malicious noise:
1. They exist primarily because of misaligned incentives in the security reporting and vulnerability reporting ecosystems (and industries);
2. The risk they pose is extremely context sensitive and does not align with their ridiculous “severity” scores;
3. They produce security fatigue in the very engineers they’re meant to help, and effectively represent their own denial of service against timely resolution of actual vulnerabilities.
I agree with this.
While it would be nice to switch everything to non-backtracking regular expressions, most cases of ReDOS don’t cause major security issues.
This is also a problem with the industry in general, as various vulnerability scanners are full of useless noise.
Linux as a primary operating system had been steadily climbing for the past 5 years. 2018 through 2021 saw steady growth with 23.2%, 25.6%, 26.6%, 25.3%, and finally in 2022 the usage was 40.23%. Linux usage was more than macOS in 2021, but only by a small margin. 2022 it is now 9% more than macOS.
Based on 2022 StackOverflow developer survey, of course.
When Adobe killed Flash Player in 2020, I didn’t want my Flash games to disappear forever.
The way forward was obvious; I’d have to make my own Flash player.
A fairly detailed description of how a game developer converted Flash games to run natively.
Love this bit:
Although I developed the game mostly on my Mac, during development Apple invented this thing called “Notarization” where if you run any app on a new version of MacOS, it’ll make a network request to Apple to ask if the app’s developer pays Apple a yearly fee.
I have [al]ways liked the look of images processed with Atkinson Dithering, the algorithm used in the original Apple Macintosh.
Looks very nice, indeed. The author provides a custom HTML element implementing it.
Next, this branch introduces TLS 1.3 support to the Zig standard library. So far, this implementation does not heap allocate under any conditions and it is my goal to keep it that way.