These synthesizers are really cool.
I don’t make music. Controlling Adobe Lightroom from a MIDI controller is apparently a thing and some of them made their controllers. But I don’t take photos in RAW.
I have no excuses to buy synthesizers or even MIDI controllers, but they look cool.
While I haven’t used OpenBSD, I frequently refer OpenBSD’s manpages regarding security pitfalls around ANSI C and POSIX. They have “Caveats” section that explain the pitfalls.
For example, sprintf(3):
Because sprintf() and vsprintf() assume an infinitely long string, callers must be careful not to overflow the actual space; this is often impossible to assure. For safety, programmers should use the snprintf() and asprintf() family of interfaces instead. Unfortunately, the asprintf() interface is not available on all systems as it is not part of ISO/IEC 9899:1999 (“ISO C99”).
Or system(3):
Never supply the system() function with a command containing any part of an unsanitized user-supplied string. Shell meta-characters present will be honored by the sh(1) command interpreter.
It is often simpler to bypass the shell and run an external command using fork(2), execlp(3), and waitpid(2) directly instead of having to sanitize a string for shell consumption.
Both ANSI C and POSIX have some crazy functions which shouldn’t be existed. OpenBSD simply doesn’t have them. For example, OpenBSD has neither gets(3) nor wordexp(3).
There was a patch which implements wordexp(3) in OpenBSD’s libc. Theo de Raadt has rejected the patch of course.
I think we should stand up to crap and not ever impliment it.
Handle long log messages correctly on SizedLogger
This is my first “as AWS” commit on moby.
The SizedLogger interface tells logger.Copier that CloudWatch’s upper limit is 262118 bytes. However, moby’s logger package has a few logger wrappers that wrap actual loggers. The wrapper structs didn’t implement SizedLogger. So logger.Copier was chopping long lines by its default upper limit, which is 16KB.
The good news is that awslogs is the only affected logger. The bad news is that SizedLogger was introduced in 2017 for awslogs and hasn’t been used by anybody else since then.
I’ve just joined the containerd project as a reviewer! The pull request that adds my GitHub alias has been merged today.
In containerd, reviewers can, well, review pull requests. That’s pretty much self-explanatory. Here is the official definition from containerd’s Project Governance document.
A reviewer is a core role within the project. They share in reviewing issues and pull requests and their LGTM counts towards the required LGTM count to merge a code change into the project.
Reviewers are part of the organization but do not have write access. Becoming a reviewer is a core aspect in the journey to becoming a maintainer.
Technically speaking, anyone can review pull requests and I’ve been reviewing them. But now my approval actually counts towards the required LGTM count.
Both Nelson Elhage and Hillel Wayne run their newsletters on Buttondown. I recently knew that the company behind the service, Buttondown, LLC is refreshingly different.
Buttondown, LLC is Justin Duke’s one-man company. He works at Stripe runs Buttondown and Spoonbill are his side gigs.
Buttondown is a passion project. I didn’t start it to “revolutionize” or “disrupt” the landscape – I wanted a better tool for my own newsletter, and then I wanted to share it with you.
There’s no customer success team or board of directors: just me, working on a project I love. Email asking for help onboarding? You’ll get a response from me. Have a bug report or a feature request? You’ll get a response from me.
Running this tool is probably the most fun I’ve had in my ten years of being a developer, and it’s something I want to take care of not just for the next ten years but the next fifty.
He discloses Buttondown’s roadmap and its running costs publicly and donating at least 10% of its profits to various open source projects from Django, Vue to Homebrew.
I wouldn’t have my newsletter. I’m the one who always finds typos after hitting “Submit” button and I’m glad a lot of communications tools around me (GitHub, Slack, …) allow me to edit things later. So blogging works better for me.
But I do think that Buttondown is pretty cool.