Staying Safe with Open Source
A couple of months ago, a successful attack against the Node ecosystem resulted in stealing an undisclosed amount of bitcoins from CoPay wallets.
The technical flow of the attack is well-summarized by the NPM blog post. Quick summary:
- nodemon, a popular way to run Node applications, depends on event-stream.
- The …
Checking in JSON
JSON is a useful format. It might not be ideal for hand-editing, but it does have the benefit that it can be hand-edited, and it is easy enough to manipulate programmatically.
For this reason, it is likely that at some point or another, checking in a JSON file into your …read more
If you want to speak to me, 1-on-1, about anything, I want to be able to help. I am a busy person. I have commitments. But I will make the time to talk to you.
- I want to help.
- I think I'll enjoy it. I like talking to people …
Common Mistakes about Generational Garbage Collection
(Thanks to Nelson Elhage and Saivickna Raveendran for their feedback on earlier drafts. All mistakes that remain are mine.)
When talking about garbage collection, the notion of "generational collection" comes up. The usual motivation given for generational garbage collection is that "most objects die young". Therefore, we put the objects …read more
The Conference That Was Almost Called "Pythaluma"
It is with mixed feelings, therefore, that my pun-loving heart reacted to Chris's disclosure that the most common suggestion was to call …read more
Why No Dry Run?
(Thanks to Brian for his feedback. All mistakes and omissions that remain are mine.)
Some commands have a
which simulates running the command but without taking effect.
Sometimes the option exists for speed reasons:
just pretending to do something is faster than doing it.
more often this …
(Thanks to Mark Rice for his helpful suggestions. Any mistakes or omissions that remain are my responsibility.)
Some Python projects are designed to be libraries, consumed by other projects. These are most of the things people consider "Python projects": for example, Twisted, Flask, and most other open source tools. However …read more
Tests Should Fail
"eyes have they, but they see not" -- Psalms, 135:16
Eyes are expensive to maintain. They require protection from the elements, constant lubrication, behavioral adaptations to protect them and more. However …read more
Thank you, Guido
When I was in my early 20s, I was OK at programming, but I definitely didn't like it. Then, one evening, I read the Python tutorial. That evening changed my mind. I woke up the next morning, like Neo in the matrix, and knew Python.
I was doing statistics at …read more