Published

- Fantastic interview with Uncle Bob, really it was more of a 2 way conversation. So many of Uncle Bob’s takes have been taken out of context, its cool to hear some of the well actuallys, and the experience behind some of the reasoning. Note This post is a thought [1]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: /thoughts/

How an empty S3 bucket can make your AWS bill explode Imagine you create an empty, private AWS S3 bucket in a region of your preference. What will your AWS bill be the next morning? Medium · medium.com [1] Imagine waking up to a $1,300 for running an example project! That sounds like peanuts for a cloud bill but for an individual trying to learn that hits my monthly budget real hard. That’s what happened to Marciej, make sure you check out the full article and give them a 👏 on Medium if you have an account. The more I see things come out about aws, the more it makes me sick, and confirm my feelings that I cannot possibly use them for a side project without some real $$ planning to come out of it. Yes, S3 charges for unauthorized requests (4xx) as well[1]. That’s expected behavior. They offer no DDOS protection against 4xx or 5xx requests against your bucket. Absolutely bonkers that you have ZERO control over this. --- This response just feels absolutely gross. I notified the AWS security team. I suggested that they restrict the unfortunate S3 bucket name to protect their customers from unexpected charges, and to protect the impacted companies from data leaks. But they ...

Media Types iana.org [1] A full list of standard Accept types. This is a handy reference. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://www.iana.org/assignments/media-types/media-types.xhtml#text [2]: /thoughts/

![https://docs.pydantic.dev/2.7/api/networks/#pydantic [1].networks.EmailStr](/static/https://docs.pydantic.dev/2.7/api/networks/#pydantic [1].networks.EmailStr) pydantic has a nice built in email validator EmailStr It requires an optional pydantic dependency pip install email-validator Then you can validate email addresses. from pydantic import BaseModel, EmailStr class Model(BaseModel): email: EmailStr print(Model(email='[email protected]')) #> email='[email protected]' Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: /tags/pydantic/ [2]: /thoughts/

[1] This is my go to rich response container for clis written in python. It creates a nice box around the content on the screen and provides some nice separation in the output. It can be overdone, but comes in clutch when looking for that print statement in a long output. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: /static/https://rich.readthedocs.io/en/stable/reference/panel.html [2]: /thoughts/

Handling Errors - FastAPI FastAPI framework, high performance, easy to learn, fast to code, ready for production fastapi.tiangolo.com [1] This page shows how to customize your fastapi [2] errors. I found this very useful to setup common templates so that I can return the same 404’s both programatically and by default, so it all looks the same to the end user. from fastapi import FastAPI, Request from fastapi.responses import JSONResponse class UnicornException(Exception): def __init__(self, name: str): self.name = name app = FastAPI() @app.exception_handler(UnicornException) async def unicorn_exception_handler(request: Request, exc: UnicornException): return JSONResponse( status_code=418, content={"message": f"Oops! {exc.name} did something. There goes a rainbow..."}, ) @app.get("/unicorns/{name}") async def read_unicorn(name: str): if name == "yolo": raise UnicornException(name=name) return {"unicorn_name": name} --- This post sat in draft for months. I stumbled upon it again and found great success returning good error messages based on user preferences. the default remains json, but if a user requests text/html it will be an html [3] response, and text for ...

Creating SSH Apps with Charm Wish and Laravel Prompts Building PHP CLI apps with Laravel Prompts is easy, but how can we share them? Charm to the rescue! Charm Wish is an easy-to-use SSH server that allows users to securely log into your server and us... Joe Tannenbaum · blog.joe.codes [1] Joe has a sick cli.labs site for deploying tui applications. ssh cli.lab.joe.codes Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://blog.joe.codes/creating-ssh-apps-with-charm-wish-and-laravel-prompts [2]: /thoughts/

white-space CSS property - CSS | MDN The white-space CSS property sets how white space inside an element is handled. MDN Web Docs · developer.mozilla.org [1] html [2] can preserve newline \n characters by styling an element with white-space: pre-wrap; pre-wrap Sequences of white space are preserved. Lines are broken at newline characters, at , and as necessary to fill line boxes. Note This post is a thought [3]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://developer.mozilla.org/en-US/docs/Web/CSS/white-space [2]: /html/ [3]: /thoughts/

htmx ~ The htmx Response Targets Extension Extension htmx gives you access to AJAX, CSS Transitions, WebSockets and Server Sent Events directly in HTML, using attributes, so you can build modern user interfaces with the simplicity and power of hypert... htmx.org [1] The htmx [2] response-targets extension allows me to respond to errors from the backend and do normal htmx swaps. Note by default htmx will only swap on 200 and 300 responses Load the extension in head <script src="https://unpkg.com/[email protected]/dist/ext/response-targets.js"></script> Use the extension on an endpoint that might return a 400. <div hx-ext="response-targets"> <div id="response-div"></div> <button hx-post="/register" hx-target="#response-div" hx-target-5*="#serious-errors" hx-target-404="#not-found"> Register! </button> <div id="serious-errors"></div> <div id="not-found"></div> </div> Note This post is a thought [3]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://htmx.org/extensions/response-targets/ [2]: /htmx/ [3]: /thoughts/

https://boot.dev/blog/devops/how-to-restart-all-pods-in-a-kubernetes-namespace/ blog.boot.dev [1] As of kubernetes 1.15 there is an easy way to restart all pods in a deployment. kubectl -n {NAMESPACE} rollout restart deploy Thanks Lane give him a follow @wagslane [2] Note This post is a thought [3]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://blog.boot.dev/open-source/how-to-restart-all-pods-in-a-kubernetes-namespace/ [2]: https://twitter.com/wagslane [3]: /thoughts/

TIL how to display the list of nfs mounts on your network. showmount -e You can even look for mounts of other machines on your network. showmount -e <hostname>

To allow access only to the , you can pass add the Resource field to the User Policy when you create a new token. { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "admin:*" ] }, { "Effect": "Allow", "Action": [ "kms:*" ] }, { "Effect": "Allow", "Action": [ "s3:*" ], "Resource": [ "arn:aws:s3:::<bucket>", "arn:aws:s3:::<bucket>/*" ] } ] }

You can inspect sqlite tables with the sqlite shell. note that you get into the shell with sqlite3 database.db .tables I also learned that .tables, .index and .schema are helper functions that query the sqlite_master table on the main database. Here is an output from my redka database. The sqlite_master table contains all the sqlite objects type, name, tbl_name, rootpage, and sql to create them. ❯ sqlite3 database.db "SELECT * from sqlite_master;" table|rkey|rkey|2|CREATE TABLE rkey ( id integer primary key, key text not null, type integer not null, version integer not null, etime integer, mtime integer not null ) index|rkey_key_idx|rkey|3|CREATE UNIQUE INDEX rkey_key_idx on rkey (key) index|rkey_etime_idx|rkey|4|CREATE INDEX rkey_etime_idx on rkey (etime) where etime is not null trigger|rkey_on_type_update|rkey|0|CREATE TRIGGER rkey_on_type_update before update of type on rkey for each row when old.type is not new.type begin select raise(abort, 'key type mismatch'); end table|rstring|rstring|5|CREATE TABLE rstring ( key_id integer not null, value blob not null, foreign key (key_id) references rkey (id) on delete cascade ) index|rstring_pk_idx|rstring|6|CREATE UN...

With the liscense changes to redis there are several new forks out there. One that I am particularly interested in is redka [1]. curl https://i.jpillora.com/nalgeon/redka | bash chmod +x redka ./redka database.db We now have redis running on port 6379 that we can connect to with a redis client. And we have a sqlite database that we can inspect. ❯ sqlite3 database.db "SELECT name FROM sqlite_master;" rkey rkey_key_idx rkey_etime_idx rkey_on_type_update rstring rstring_pk_idx vstring rhash rhash_pk_idx rhash_key_id_idx vhash We can look at the values in the vstring table. sqlite3 database.db "SELECT * from vstring;" 1|hi|hello there you||2024-04-17 01:46:26 References: [1]: https://github.com/nalgeon/redka

The main system that I am concerned about is my arch BTW machine. I found a great article [1] from the official archlinux site covering it. For my machine I am concerned with this line. The xz packages prior to version 5.6.1-2 (specifically 5.6.0-1 and 5.6.1-1) contain this backdoor. I checked my xz package with AUR [2].">paru, and I am good. paru -Qii zx References: [1]: https://archlinux.org/news/the-xz-package-has-been-backdoored/ [2]: /aur/

AUR [1].">paru has some nice features that I rarely use, and hav to look up when I need them. Here are two commands to help with dependency management. ❯ paru -Qii nodejs Name : nodejs Version : 21.7.2-1 Description : Evented I/O for V8 javascript Architecture : x86_64 URL : https://nodejs.org/ Licenses : MIT Groups : None Provides : None Depends On : icu libuv libnghttp2 libnghttp3 libngtcp2 openssl zlib brotli c-ares Optional Deps : npm: nodejs package manager [installed] Required By : node-gyp nodejs-nopt npm semver Optional For : None Conflicts With : None Replaces : None Installed Size : 46.86 MiB Packager : Felix Yan <[email protected]> Build Date : Thu 04 Apr 2024 05:11:09 AM CDT Install Date : Mon 15 Apr 2024 07:27:02 AM CDT Install Reason : Installed as a dependency for another package Install Script : No Validated By : Signature Backup Files : None Extended Data : pkgtype=pkg You can check all the packages depended on by nodejs by running the following. This is everything from all of the repos you have configured, not what you have installed. ❯ pactree --reverse --sync --depth 1 nodejs nodejs ├─acorn ├─ansible-language-server ├─asar ├─babel-cli ├─babel-core ...

Changelog Master Feed Your one-stop shop for all Changelog podcasts. Changelog · changelog.com [1] Jerod (It’s ya boi) and Adam are my favorite tech news nerds, and have the sickest podcasts in tech. Yes plural podcasts they run seven podcasts maybe more. If you want it short and sweet they got the best 15 minutes of tech news each week this is it. My favorite is Ship it, sad to see Gerhard go, but Justin and Autumn are crushing it. Every episode is highly polished and surrounded by the sickest beats in podcasting. Subscribe to one pod if you want, but I recommend collecting them all with the master feed. ⭐⭐⭐⭐⭐ Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://changelog.com/master [2]: /thoughts/

MarkdownDown Convert any webpage to a clean markdown w/ images downloaded. MarkdownDown · markdowndown.vercel.app [1] Small web app to convert html [2] into markdown. Pretty cool idea. I actually want to look into this for reader and see how well it would work. Right now I am just pulling descriptions, but maybe I can pull full web pages, and keep the full intent of the first 200 words or so in the cards. Note This post is a thought [3]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://markdowndown.vercel.app/ [2]: /html/ [3]: /thoughts/

Boston Dynamics’ new humanoid moves like no robot you’ve ever seen All-electric, 360° joints give the new Atlas plenty of inhuman movements. Ars Technica · arstechnica.com [1] Award for the creepiest way to stand up a robot from lying flat. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://arstechnica.com/gadgets/2024/04/boston-dynamics-debuts-humanoid-robot-destined-for-commercialization/ [2]: /thoughts/

Rug pull, not cool! (Changelog & Friends #40) If Changelog News had an extended edition, this might be it! Jerod & Adam discuss Hashicorp's Cease and Desist letter, Redis getting forked, Boston Dymanics' scary cool new robot, Justin Searls' ex... Changelog · changelog.com [1] Five star episode with Jarod and Adam shootin the crap. The massive Cease and Desist [2] Sucks that the guest had to back out, what a wild world 2024 is. Filled with license and pricing changes. From Vim to Zed [3] Interesting to hear the journey into zed, way to go Thorston diving all the way into working at zed. Boston Dynamics’ new Atlas [4] I later saw this through a YT short, and man does it hold up to the creepy level that they described. MarkdownDown [5] This is a legit cool service, that converts html [6] into markdown Note This post is a thought [7]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://changelog.com/friends/40 [2]: https://opentofu.org/blog/our-response-to-hashicorps-cease-and-desist/ [3]: https://registerspill.thorstenball.com/p/from-vim-to-zed [4]: https://arstechnica.com/gadgets/2024/04/boston-dynamics-debuts-humanoid...