I recently nerd-sniped myself by asking what pressing Ctrl-D in a terminal really does. This is the result of several weeks of obsession.
Readit NewsIt is super interesting to me that they now have essentially a declarative API in CloudFormation and now this corresponding imperative version with the same format. I'm not quite sure why you would need the imperative version. Anyone have any ideas? Couldn't Pulumi have just compiled their code into CloudFormation and deployed it?
Imperative version can fill more dynamic use cases, like spinning up entire servers in response to something (eg user wants to create a game server at the click of a button).
Not something you can easily do with the declarative version.
rhooke commented on RBoy: A Gameboy Emulator in Rust github.com/mvdnes/rboy... · Posted by u/NiklasBegley
I can’t speak for the author, but personally I hate tools like go fmt, es-prettify and cargo fmt. I’d never use this stuff by choice because they delete the work I do to make my code easier for me to read. For example, I use extra blank lines to separate different parts of a function, or separate groups of functions visually. These sort of tools like to delete vertical white space, which hurts readability. In javascript I’ve seen plenty of very readable ternary operators (possible with the correct layout) replaced with unreadable junk by the prettifier.
It’s soulless to make all code look like bland corporate cardboard. It appeals to our OCD perfectionist tendencies but in my experience provides very little real value. Software is like writing. It can’t help but express how the author thinks about their code. These tools try to iron that personality out - and for what reason? Who cares in javascript if some files use semicolons and some don’t? Who cares if my where clause is on the same line or the next? The compiler doesn’t care, and neither do I.
(I will grant that all files in a project should have consistent white space, but you don’t need cargo fmt for that.)
I enforce formatters wherever possible after working on codebases with 20+ years of people imposing their own unique opinion on where spaces and braces should go. Worse, arguing about what the spacing should be, and making noisy diffs because people change previous peoples styling.
The formatter has no opinion. It follows rules. It doesn't work perfectly everywhere. It works enough. I would argue caring about exact bespoke spacing of all code is the perfectionism you mention.
rhooke commented on Beyond malloc efficiency to fleet efficiency cloud.google.com/blog/top... · Posted by u/LeegleechN
> As an example of the benefits of this approach, one service increased its time in TCMalloc from 2.7% to 3.5%, an apparent regression, but reaped improvements of 3.4% more requests-per-second, a 1.7% latency reduction, and a 6.5% reduction in peak memory usage!
This is the stuff of performance nightmares. Anyone thinking about optimization often will get single-tracked into the performance regression there and maybe not necessarily see the improved overall performance (requests per second).
Agreed. Microbenchmarking can be detrimental if you don't verify with some 'macro' benchmarking with realistic use cases.
And tracking the right metrics!
rhooke commented on Using Rust Macros to exfiltrate secrets github.com/lucky/bad_acto... · Posted by u/superjared
A lot of the work I do recently has been using devcontainers in VSCode [1]. They even have a Rust sample one. I feel like this would provide at least a little bit of protection against this kind of attack if you do not mount any imporant stuff into the container.
I can't see a robust solution to this, though.
rhooke commented on Why Generation X will save the web webdevlaw.uk/2021/01/30/w... · Posted by u/ecliptik
I can't wait for the new generation of lawyers to save us from the old generation of lawyers that set our policies without knowing much about how technology works. Doesn't congress have like 5 people out of 500 with an engineering background? If you want to save us, give us representation.
What makes you think that will happen? A lot of young people I know seem to understand just as little about computers as the older ones, on average.
Younger people use technology a lot, but what is being used tends to require much less understanding of any of the underlying tech. The level of abstraction is a lot higher now.
rhooke commented on A serverless email server on AWS using S3 and SES github.com/0x4447/0x4447_... · Posted by u/st_goliath
Reading it I get that AWS now by default restricts email by
- 200 mails per day max. 1 per second.
- Can only send mail to verified addresses. Not sure how they verify though.
- Can only send mail from the domain you own and verified.
And while we are on the topic, I find IP based mail blacklist services such as BRBL obsolete and possibly harmful. Now that we have domain verification services like DKIM SPF etc. Blacklist the domain. Not ip addresses as most institutions don't own their IPs like in the past. Most of all are hosted, and that IP might get assigned to someone else a few days later.
These restrictions are only for the SES sandbox mode. You fill in a form to get out of sandbox mode and then you can send many more per day (still only 14/second or so).
You only verify addresses you want to send from (for testing you might verify one to try sending to as per the sandbox rules). You wouldn't get customers to verify their addresses here, as that would let you send email on their behalf.
See here: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/reques...
It's not a good example, because bash disables the canonical mode. When you type ^D this happens:
(And then bash ignores the read EOT character.)