Changelog.com - The Builder Pattern (for your career)

Open source software shows its resiliency once again:

youtube-dlc is a fork of youtube-dl with the intention of getting features tested by the community merged in the tool faster, since youtube-dl’s development seems to be slowing down.

If you’re unaware of youtube-dl, it’s like a Swiss Army Knife for downloading videos from the web. It’s a great tool and I’m happy to see the community rally around its maintenance.

This is a dizzyingly thorough road map to learning all things Data Science. I like how the repo owner includes checkboxes alongside each linked entry to track their progress. That means you can easily fork the repo and track your own progress as you go. 👌

In a recent episode of JS Party we were told that you can program in CSS. But you can do some less complicated things with bigger payoffs. You can use CSS to track users that have JS disabled. Not sure how to feel about that. This post covers the rough idea of it and wants your thoughts on the practice.

Sometimes you just need a throwaway email and you can’t be bothered to leave the terminal, I get it.

tmpmail tmpmail is a command line utility that allows you to create a temporary email address and receive emails to the temporary email address. It uses 1secmail’s API to receive the emails.

Here’s a fun rabbit hole to go down if you have some free time to spend.

After a fellow named Zikubi beat the speedrun record for Super Mario Bros 3 by about 8 minutes with a time of just over three minutes, speedrun analyst Bismuth made the video above to explain how he did it…by changing the game with the gameplay itself.

The first couple minutes go exactly as you’d expect, but the speedrun takes a weird turn when, instead of using the second warp whistle to go to level 8, he uses it to go to level 7. And once in level 7, Mario races around randomly, letting opportunity slip away like a blindfolded birthday boy unwittingly steering himself away from the piñata. It’s only later, during the explanation of how he got from level 7 to the final screen so quickly, that you realize Mario’s panicky idiot behavior is actually the player actively reprogramming the game to open up a wormhole to the ending.

The idea here is you put your real SSH server on a different port and let Endlessh lock up the script kiddies for hours and even days.

Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn’t depend on any cryptographic libraries. It’s a simple, single-threaded, standalone C program. It uses poll() to trap multiple clients at a time.

I’m not sure if this is actually a good idea or just fun to put into practice like those people who dedicate their precious free time scambaiting.

Utku Sen:

In the information security field, we have developed lots of thoughts that can’t be discussed (or rarely discussed):

• Never roll your own crypto
• Always use TLS
• Security by obscurity is bad

I certainly learned these in my Infosec classes in college. Back then I didn’t really question it much, because what did I know? But I definitely remember thinking, “Okay security by obscurity is bad, but maybe why not do it anyway? Defense in depth, right?” Back to Utku:

Most of them are very generally correct. However, I started to think that people are telling those because everyone is telling them. And, most of the people are actually not thinking about exceptional cases. In this post, I will raise my objection against the idea of “Security by obscurity is bad”.

This is a neat little trick from Vitor Paladini:

clamp() is a CSS feature that helps you write less of it. It is a rather new feature in CSS so a lot of developers might not be aware of how useful it is.

Mat Ryer makes the case for passive user preferences, which is where you store their last used setting for them without asking and then set it as the default the next time they interact with that part of your app. He then goes on to describe how they accomplish this with Svelte. Good stuff!

If you want to hear more about how they’re using Svelte and Go to build Pace, we did a pair of podcasts on the topic earlier this year.

If you haven’t given the new gh a look since they announced the beta earlier this year, a lot has changed:

Since we released the beta, users have created over 250,000 pull requests, performed over 350,000 merges, and created over 20,000 issues with GitHub CLI.

It’s available for all major operating systems and if your development workflow goes through GitHub you will undoubtedly save some time and typing by adopting it.

Steven Fuchs loves his Sonos, but…

While it is the radio of the future, our most common usage is as the radio of the past. We tend to tune it to one station and leave it there. By far, our most common interactions with the system are changing the volume and pausing/playing the music, often creating scrambles to find a phone to turn down the volume in order to answer a different phone. What we needed was an analog interface to this digital system that was always at arms reach.

Hackers gonna hack. Steven reached for Elixir and scratched his own itch with this very cool little hardware project. Here’s a demo video of it in action.

Daniel Moch shared his thoughts on semantic versioning and how he treats external libraries that violate its inherent contract with developers.

So as not to bury the lede, I’ll get to my point: Semantic Versioning is a meta-API, and maintainers who are cavalier about violating it can’t be trusted to created stable contracts. I’ve lost patience for breaking changes making their way to my code bases without the maintainers incrementing the major version of their projects, especially in language ecosystems where Semantic Versioning is expected, and in such cases I’m going to begin exploring alternative options so I can ban such libraries from my projects—personal and professional—altogether.
…
If you work in a language ecosystem where Semantic Versioning is the de facto norm, where violating it can wreak havoc downstream, then please play nice and follow its dictates. Instead of viewing it as a straight jacket, try to see it as an algorithm to determine what your next release number should be. We should all like algorithms!

Add classes like blur-2, invert-3, or sepia-10 to your <img> and let this tiny library handle the rest.

There is the classic saying that “Practice makes Perfect”. This is partly true because it’s also that “Practice also makes you Permanent”.

Now usually comes the part saying that we need to do Deliberate Practice consistently for many years. The thing is that there is a multitude of ways to practice deliberately. There is no one size fits all formula applicable to all domains. And of course - people are different.

I’d like this article to focus on a single deliberate practice side - I call it the “Train Your Own Neural Technique” technique.

Written in Go. The code that implements the game logic can be found right here.