Ylan Segal

The REPL: Issue 22 - May 2016

On Shells and Static Paths

It turns out that at the top our bash scripts we should be using #!/usr/bin/env bash instead of #!/bin/bash. Jump the link for a good explanation on the UNIX specifications involved.

Elixir — Supervisors: A Conceptual Understanding

Steven Leiva writes a supervisor from scratch. I find these king of pieces very useful. They de-mystify some of the technologies, explore what is under the hood and end up enhancing my understanding, making future use much easier.

The Straight Dope on Deprecations

Last month, I mentioned another article by Richard Schneeman. Now, he is back with another in-depth, nuanced post about how to handle deprecations in libraries. Especially useful for library authors and mantainers, but good knowledge in general. The whole community gains when there are clear conventions around versioning, deprecation, support, etc. @schneems is doing a great service with his recent articles.

The REPL: Issue 21 - April 2016

The Optimist’s Guide to Pessimistic Library Versioning

Richard Schneeman, writes a well though out post on library versioning. He previously wrote about Semver and now continues on that vein with how it applies in practice for library authors and users. The key take-away is that adhering to Semver and the widespread use of optimistic locking can alleviate a great deal of the pain of maintaining and upgrading dependencies for projects.

Detecting the use of “curl | bash” server side

Internet security is fascinating. I have read advise that before using curl to download a file and piping directly to bash, you must ensure that you know what you are downloading. However, as this post proves, looking at the URL in your browser is not enough. By using a clever trick to detect how data is being pulled from a server, an attacker can present different content when URL is being downloaded and piped to bash. Security is hard. Really Hard.

Git history is underrated

Author’s thoughts on what a project’s log of commit messages are: A history of why the code in the repository is the way it is. For the reasons outlined, I prefer never to squash commits when merging.

The REPL: Issue 20 - March 2016

How To Deploy Software

Zach Holman writes and in-depth post about software deployment, based on his experience at Github - well known for their automated and frequent deployments to their production environment. Most of what is covered is applicable for web applications, but some of the concepts carry over to device applications.

Rebuilding Git in Ruby

In this post, Joël Quenneville distills the basics of how the core git internals work. In order to illustrate, he reimplements in Ruby the basics of git: Initializing a repository, staging files and committing. This is a case of where powerful abstractions can compose to create a software system with capabilities seemingly far greater than the building blocks it relies on.

The REPL: Issue 19 - February 2016

Is Your Postgres Query Starved for Memory?

In his usual thorough way, Pat Shoughnessy once again explores the internals of PostgreSQL. In this post, he explores how tweaking the configuration has dramatic effects on specific query performance, but doesn’t come for free.

I am a puts debuggerer

Aaron Patterson, aka tenderlove, knows ruby. He is both a ruby-core and a rails-core member and works on multiple other gems, like Nokogiri. In this post, he explores in depth several techniques he uses for debugging. Getting insight into a running program is a great skill to have. This article will surely teach you more than one trick.

The Zen Of Erlang

A great introduction to the Erlang (and by extension Elixir) philosophy on how to construct fault-tolerant, highly available systems. If you have never seen a line of Erlang, fear not: After reading this comprehensive article, you still won’t have.

This Blog Is Now Delivered Over TLS

For many months, I’ve been wanting to add TLS support for this blog, mainly because I believe that the web needs better security. As a content publisher and website owner it is in my best interest to make my content available over a secure connection.

I recently read a post from the Electronic Frontier Foundation, on how site-wide encryption helps fight censorship in other countries. The article is about Medium, a popular blogging platform, and how the use of TLS prevented the Malaysian government from completely blocking the site, in an attempt to suppress speech.

I decided that it was worth my time to finally use TLS.