The eli4d Gazette – Issue 066: GitHub’s FREE private repos, Neat 2019 Tech Conferences, and the Amazingly Written “Leviathan Wakes”

GitHub announces unlimited free private repos

GitHub is the standard when it comes to Git based source control management.

Up to now, you could get a free account as long as your code was publicly viewable. While this has been great for public facing open source projects, it was problematic for those that wanted private source repositories (aka ‘repos’). A viable free private repo alternative has been Atlassian’s Bitbucket.

GitHub has recently announced unlimited free private repos. This change is great for anyone who wants to experiment around with some code without exposing their cruft out in public.

Some folks have lamented that now there will be many personal projects that will be locked away in private repos and that takes away valuable code that could be “out there.” While I understand this objection, I think it’s somewhat questionable. Every developer has the right to determine what is crappy code and what isn’t, and whether s/he is comfortable publishing it. After all, once something is public on the internet, it’s there forever.

Before GitHub’s change, Bitbucket was already used for private repos – so what exactly has changed? Am I to understand that Bitbucket’s free private repo feature was so secret that no developer ever used it? Or perhaps developers were too lazy to switch from GitHub to Bitbucket for personal projects?

Some interesting conferences from Delicious Brains

Delicious Brains is a WordPress company that develops high-end plug-ins for WordPress developers. They have a really nice development blog.

In a recent blog entry, they had a comprehensive listing of upcoming JavaScript, WordPress, CSS, UX, Tech and PHP conferences: https://deliciousbrains.com/php-javascript-wordpress-conferences-2019/

Just Finished Reading

I just finished reading Leviathan Wakes which is the first book from The Expanse Series. This was an amazingly well-written book covering the near future. In all honesty, no amount of words can express how well written this book is so I’ll pick three sentences that scratch the surface of this writing:

Here is a description of a space ship…can you see the image?

Three-quarters of a kilometer long, a quarter of a kilometer wide—roughly shaped like a fire hydrant—and mostly empty space inside, the Canterbury was a retooled colony transport.

What about these sentences?

Seven years in Earth’s navy, five years working in space with civilians, and he’d never gotten used to the long, thin, improbable bones of Belters. A childhood spent in gravity shaped the way he saw things forever.


Thoughts? Feedback? Let me know: @eli4d on Twitter


Advertisements

The eli4d Gazette – Issue 065: NPM’s JavaScript Report and Firefox Monitor

NPM’s JavaScript Report

I mentioned the amazing 2018 State of Javascript report in the last issue. Right on the heels of this report, NPM came out with its own survey results.

It’s interesting to compare NPM’s survey results with the 2018 State of Javascript report. It is also important to keep in mind that NPM is a private company whose goal is to enhance and increase the usage of its services (nothing wrong with that but it’s important to know which grains of salt to use).

Some related information:

Firefox Monitor: A way to check if your email address was part of a data breach

A recent episode of Security Now mentioned Firefox Monitor. It is well worth to check your email(s) against sites that have been breached. I checked Monitor with an email address that I’ve used for over a decade and discovered that it was part of 4 data breaches.

Firefox Monitor also gives you some great advice regarding breach related next actions (from the site):

  1. Change your passwords, even for old accounts: If you can’t log in, contact the website to ask how you can recover or shut down the account. See an account you don’t recognize? The site may have changed names or someone may have created an account for you.

  2. If you reuse an exposed password, change it: Hackers may try to reuse your exposed password to get into other accounts. Create a different password for each website, especially for your bank account, email and other websites where you save personal information.

  3. Take extra steps to secure your financial accounts: Most breaches only expose emails and passwords, but some do include sensitive financial information. If your bank account or credit card numbers were included in a breach, alert your bank to possible fraud, and monitor statements for charges you don’t recognize.

  4. Get help creating good passwords and keeping them safe: Password managers like 1Password, LastPass, Dashlane, and Bitwarden generate strong passwords, store them securely, and fill them into websites for you.

Recently Finished Reading

I just finished “Forging Zero”…sigh. I so wanted this independent author to be awesome. The story is similar to taking five extremely different boxes of different jigsaw puzzles and mixing them all in one big jumble. The book had some excellent descriptions of aliens, but the coming-of-age story combined with military grind was exhausting, and the stuttering plot lines kept kicking me out of the story. I ground through the finish but (unfortunately) I won’t be reading any more stories from this author.


Thoughts? Feedback? Let me know: @eli4d on Twitter


The eli4d Gazette – Issue 064: State of JavaScript Report for 2018 and Google’s Flutter

Check out the State of JavaScript Report for 2018

The yearly “State of JavaScript” report has come out. It’s a survey of over twenty thousand developers and this year’s survey is beautiful in terms of visualization and succinctness.

The results of this year’s survey show through amazing periodic table type of charts with conclusions through quadrant charts. Conclusion pages are the best way to quickly get through the survey though it’s certainly worthwhile to savor it by going through all of it.

If you have limited time then check out the wonderful summaries:

Google’s Flutter SDK and the Holy Grail of Mobile Cross-platform Development

In software development, there is this holy grail of write once, run everywhere. The goal is to write one piece of code that runs in an optimized way (code/compile/UI efficiency) on different hardware. Recent emphasis on Mobile-first design has shifted this pursuit to cross-platform mobile development.

Flutter is an open-source mobile application development SDK created by Google. It is used to develop applications for Android and iOS, as well as being the primary method of creating applications for Google Fuchsia.

The long and short of it is that this is a cross-platform development environment/language. Its biggest competitor is React Native.

I’ve come across an excellent article by Marco Bellinaso covering his learning and use of Flutter: “Flutter: the good, the bad and the ugly”. This article is great in that it pulls no punches and it provides resources to anyone that’s interested in learning and using Flutter.


Thoughts? Feedback? Let me know: @eli4d on Twitter


The eli4d Gazette – Issue 063: A Thanksgiving Feast of Developer Flash Cards, Black Friday Deals, and the YNAB Book

Flash Cards for Developers

Spaced repetition via flashcards is a great way to learn new information. I came across flashcardsfordevelopers.com while listening to a recent Syntax.fm podcast (one of my current favorites when it comes to tech podcasts).

There are tons of different flash card collections including:

It’s a neat resource for both learning and review.

Winter is Coming…wait no…Black Friday is coming

I’ve been lax in past years about Black Friday deals. However, this year, I’m going to try to be more proactive about having a list of items for Black Friday shopping. I’ve found the Wirecutter to be a great review site that helps me answer the “what are two best choices for xyz product?”.

The Wirecutter has an excellent article on how to prepare for all the Black Friday and Cyber Monday deals. I especially like the emergency preparation section.

Just Finished Reading

I just finished the “You Need A Budget” book. I had purchased it from Audible during a sale before Audible decided to send deals to only Audible subscribers (makes sense I suppose…but still annoying). This book is excellent. Jesse Mecham has the perfect voice for audio (this is extremely unusual for an author) and he comes across in a frank and personable way. While I haven’t yet tried the YNAB approach to budgeting, I certainly intend to give it a whirl. An important point about this book is it does not push the YNAB service/product. The only place any information shows up is in the appendix. Base on the title it’s easy to assume that the book exists to market the service (since so many other books do exactly that), but Jesse is sincere in conveying his belief that a budget is a way to freedom rather than restriction.

One other thing I need to mention is chapter 9. Chapter 9 describes his approach to giving allowance to his kids. It’s a very concrete action based approach based on the book “The Opposite of Spoiled: Raising Kids Who Are Grounded, Generous, and Smart About Money”. I’m definitely going to explore this approach.

I highly recommend this book in audio format!


Thoughts? Feedback? Let me know: @eli4d on Twitter


The eli4d Gazette – Issue 062: Fun Data Sets and Falling for Fake News

Interesting Data Sets

With the upcoming elections, there are lots of articles spouting lots of data. These are some interesting data sets that can be used with something like Python’s Pandas library and various visualization libraries like Plotly and D3.

Falling for Fake News

I came across a really interesting Washington Post article about fake news. The article talks about our human tendency to fall for fake news. While the article traces the origin of a fake video on Facebook, the larger point is how easily we all can fall for fake news/photos/videos. The problem is that we are not very good at telling fake media from real media, while the technology to produce fake information has significantly increased in sophistication and ease of use. This particular paragraph from the article is quite telling:

Even after decades of Photoshop and CG films, most of us are still not very good about challenging the authenticity of images — or telling the real from the fake. That includes me: In an online test made by software maker Autodesk called Fake or Foto, I correctly identified the authenticity of just 22 percent of their images. (You can test yourself here.)

I took the Autodesk fake photo test, and I also got 22 percent of the images correct. I’m stunned by this – I got one out of every four pictures correctly. How does this apply to read articles and posts on the web (not just Facebook but all other sources of information on the web)?

I’ve been struggling to figure out how to deal with this. With the upcoming U.S. midterm elections on November 6th, I wonder about this even more. The only thing I can come up with is the Russian proverb “Trust but verify”. If I want to trust a particularly new story, then I am obligated to verify its authenticity by checking other news sources such as actual newspaper sites with differing viewpoints (right, left, and middle). The obligation is on me to put the effort and investigate a news item that on first glance seems super-compelling and utterly true. In fact, the truer a news item feels, the more suspicious I need to become and the more verification it requires.

Yellow journalism is nothing new, but the rapid application of technology to make the news seem authentic is the biggest difference from the past.

Currently Reading

“The Second Ship (The Rho Agenda Book 1)”: I got this Richard Phillips recommendation from Steve Gibson’s science fiction reading guide (see the top link on https://www.grc.com/linkfarm.htm). It initially felt a little bit too YA, but then it took off like a rocket. It’s fun well-written scifi. A fun sentence from the book:

Fresh snow was fun and could sometimes get you an extra day off. Old snow made you feel as gray and dirty as it was.


Thoughts? Feedback? Let me know: @eli4d on Twitter


The eli4d Gazette – Issue 061: The Best Password Generators in the Galaxy and Text Web Pages

Password Generators

For the weekly Zoom check-ins for my online Python class I’ve had to put passwords on the videos, and I found the best password generator in the universe (ok so I’m exaggerating):

https://www.dinopass.com/

Obviously, this is for lower security passwords, but they’re really fun. How can you go wrong with bluehen44, firstfork77, or sadland33? If you have kids, you might as well train them on some good password hygiene using this site.

The same site has stronger passwords if you click the “Another Strong password, please” button. But if you want a super strong random password, then you need to use GRC’s Perfect Passwords generator. Needless to say, you will need to use a password manager to remember these (1Password is my current favorite though DashLane is a close second).

Text Web Pages for People with Limited Bandwidth and Power

I came across an interesting article about how some news organization are providing text versions of their sites for people with limited bandwidth and power (like those folks in hurricanes). Removing JavaScript for this sort of use makes complete sense, and it also provides a good reminder about stepping back and thinking about the audience that is using your site.

Note: I think that NPR’s URL is great because it is easy to remember. It is another way that NPR makes it easy to not rely on other services to go to NPR’s text version of their site.


Thoughts? Feedback? Let me know: @eli4d on Twitter


The eli4d Gazette – Issue 060: LinkedIn’s Site Reliability Engineering Group’s approach to Python CLI based Utilities through PEX and Shiv

I recently came across a neat article in LinkedIn’s blog. It was written by their Site Reliability Engineering group (SRE) which covered some interesting Command Line Interface (i.e., CLI) utility libraries related to Python.

I can see how the power of Python would be fantastic for CLI utilities. The problem is Python’s dependency management. The dependency issue is even more compounded for CLI utilities since a devops engineer would need to be able to bring over a utility to any server (assuming a consistent version of the operating system) without worrying about the utility’s dependencies. Such an issue would prevent a system admin from doing the needed work (whether emergency or planned). In SRE’s article they explain this eloquently:

At LinkedIn, we ship hundreds of command-line utilities to every machine in our data centers and to all of our employees’ workstations. The vast majority of these utilities are written in Python.

In addition to developing these command-line utilities, we have hundreds of supporting libraries that are constantly being iterated on, with new versions published daily. Because of the inherent problems present when dealing with such a huge and ever-changing dependency graph, we need to package the executables individually to avoid dependency conflicts. Initially, we took advantage of the great open source tool PEX. PEX elegantly solved the isolated packaging requirement we had by including all of a tool’s dependencies inside a single binary file that we could then distribute.

PEX was not sufficient for SRE’s usage, so they created their own dependency packager called shiv. It’s an interesting name choice. I initially thought it was a prison-made knife, but apparently the name was based on the word “shiver” although the documentation has a knife emoji. In their words:

Why shiv?

>The tool freezes a Python environment, so you can think of shiv as a shorter way of saying “shiver.”

PEX and Shiv are interesting utilities that bring the power of Python to the command line through one executable utility.


Thoughts? Feedback? Let me know: @eli4d on Twitter