Hi all, This week, We had some interesting low level links about font rendering, IP parse, and a few tools which I’m sure will make you engineer life easier, checkout tools section. If you enjoy this newsletter, make a small contribution to help me to keep working on it.
Can you imagine simply open a TXT file will leak your IP address, make network request to attacker server, send your file out? It’s all because the text editor try to be smart and render HTML. And to have some fun, Jeff Johnson of Lapcatsoftware build a PoC that Distributing unnotarized Mac apps in a text file
Is this yet another guide to OAuth 2.0? No. This document is based on hundreds of conversations and client implementations as well as their experience building FusionAuth, an OAuth server which has been downloaded over a million times. FusionAuth is a great OAuth solution which you can self hosted in this space now given that Okta has acquired Auth0. Give them a try. They’re great product too.
Deep dive into a few limitations of AWS NLB. Ably learned that anything over 200,000 connections per NLB begins to be a challenge. This is unfortunately substantially below the advertised understanding of what the load balancers can currently do.
What happens when you set “font_size”: 32 in your favorite editor? I would’ve told you anyway, but I’m glad that you asked. And do you know that 16 pt text on Windows is ⅓ larger than 16 pt text on macOS. Fun!
0127.0.0.1? The ip actually is
When a worker thread that seems to hang and have no log to indicate, I usually do
strace -p pid on it to see what call it stuck on. In this artcile, Julia Evans shares 9 problems that strace can help us identity/debug.
PostgreSQL uses a cost-based query optimizer that tries to turn your SQL queries into something efficient that executes in as little time as possible. For many people, the workings of the optimizer itself remain a mystery, so we have decided to give users some insight into what is really going on behind the scenes.
Like programming in C or driving a car, contemporary shellscript languages require some knowledge and discipline to use safely, but that’s not to say it can’t be done. This article is a part of the tool shellharden we linked to below the code to read section for Rust.
For language that compile to native code, The output of the compiler is a number of object files. Then a linker assembling all these object files into one big program and create the final executable files. But most of Linux code use dynamic linking, means its object files are absence. At run time, it will borrow the file. Sound magically? Let’s dig in. Make sure to check part 2 as well.
One way to improve shell workflows is finding patterns in the execution order of commands and extracting those into little scripts; this can often be helpful and is part of what makes working in a shell so powerful. Another way is to understand how the parameters are added and try to simplify this; that’s what I will focus mostly on in this blog post.
A single file httpserver in C, no external dependencies. Interesting to see how to parse HTTP request.C
All the missing SQLite functions: regular expressions, common statistical functions, CSV files as virtual tables, Unicode string functionsC
Never use print() to debug againPythonDeep Learning
Fast HTML Parser is a very fast HTML parser. Which will generate a simplified DOM tree, with basic element query support.TypeScript
Fast JSON encoder/decoder compatible with encoding/json for Go. aim of being the fastest library. Use a few technique such as: Buffer reuse, Elimination of reflection, and more. A lot to lean in this code baseGo
This is the heat in Ruby/Rails community right now. The mimemagic is moved to GPL and Rails only wants MIT, so Rails author write this, take the mime map from Apache Tika project. We sometimes take for granted simple things like detect file type. So let’s spend 30 mins to see how that’s doneRuby
An easy, Ruby way to use the HaveIbeenPawn Passwords API.Ruby
It suggests changes to your script and highlight them, also support semi-automate the rewriting of scripts to ShellCheck conformance. Though we put this in Code to read, but it’s a great tool that you can install easily and use to improve your shell script.Rust
perform an exhaustive case analysis using advanced “derp learning” techniques to discover what’s even upperercase than an uppercase A. AND I DON’T STOP THERE. For SIGBOVIK 2021.
the NATS.io persistence engine that will support streaming as well as traditional message and worker queues for At-Least-Once delivery semantics.
the Ultimate Plumber, a tool for writing Linux pipes in a terminal-based UI interactively, with instant live preview of command results.
organize tables in PostgreSQL databases with minimal locks
an extension and service for PostgreSQL that monitors and manages automated failover for a Postgres cluster.
a high performance peer-to-peer mesh VPN over UDP supporting strong encryption, NAT traversal and a simple configuration. It establishes a fully-meshed self-healing VPN network in a peer-to-peer manner with strong end-to-end encryption based on elliptic curve keys and AES-25
Container Signing, Verification and Storage in an OCI registry.
show a map of your active customers to build trust
Better Dev Link