Weeknotes: sqlite-utils 3.31, download-esm, Python in a sandbox
A couple of speaking appearances last week—one planned, one unplanned. Plus
download-esm and a new TIL.
Prompt injection video, Leaked Google document audio
I participated in the LangChain webinar about prompt injection. The session was recorded, so I extracted my 12 minute introduction to the topic and turned it into a blog post complete with a Whisper transcription, a video and the slides I used in the talk.
Then on Thursday I wrote about the leaked internal Google document that argued that Google and OpenAI have no meaningful moat given the accelerating pace of open source LLM research.
This lead to a last minute invitation to participate in a Latent Space Twitter Space about the document, which is now available as a podcast.
I realized that sqlite-utils had been quietly accumulating small fixes and pull requests since the 3.30 release last October, and spent a day tidying those up and turning them into a release.
Notably, four contributors get credited in the release notes: Chris Amico, Kenny Song, Martin Carpenter and Scott Perry.
Key changes are listed below:
- Automatically locates the SpatiaLite extension on Apple Silicon. Thanks, Chris Amico. (#536)
--raw-linesoption for the
sqlite-utils memorycommands, which outputs just the raw value of the first column of evy row. (#539)
- Fixed a bug where
table.upsert_all()failed if the
not_null=option was passed. (#538)
sqlite-utils convert --no-skip-falseoptions, for avoiding a misfeature where the convert() mechanism skips rows in the database with a falsey value for the specified column. Fixing this by default would be a backwards-incompatible change and is under consideration for a 4.0 release in the future. (#527)
- Tables can now be created with self-referential foreign keys. Thanks, Scott Perry. (#537)
sqlite-utils transformno longer breaks if a table defines default values for columns. Thanks, Kenny Song. (#509)
- Fixed a bug where repeated calls to
table.transform()did not work correctly. Thanks, Martin Carpenter. (#525)
I wrote more about my justification for building that tool in download-esm: a tool for downloading ECMAScript modules.
Running Python in a Deno/Pyodide sandbox
I’m still trying to find the best way to run untrusted Python code in a safe WebAssembly sandbox.
My latest attempt takes advantage of Pyodide and Deno. It was inspired by this comment by Milan Raj, showing how Deno can load Pyodide now. Pyodide was previously only available in web browsers.
I came up with a somewhat convoluted mechanism that starts a Deno process running in a Python
subprocess and then runs Pyodide inside of Deno.
See Running Python code in a Pyodide sandbox via Deno for the code and my thoughts on next steps for that prototype.
Blog entries this week
- Leaked Google document: “We Have No Moat, And Neither Does OpenAI”
- Midjourney 5.1
- Prompt injection explained, with video, slides, and a transcript
- download-esm: a tool for downloading ECMAScript modules
- Let’s be bear or bunny
Releases this week
Python CLI utility and library for manipulating SQLite databases
TIL this week
More recent articles
- Lawyer cites fake cases invented by ChatGPT, judge is not amused - 27th May 2023
- llm, ttok and strip-tags - CLI tools for working with ChatGPT and other LLMs - 18th May 2023
- Delimiters won't save you from prompt injection - 11th May 2023
- Leaked Google document: "We Have No Moat, And Neither Does OpenAI" - 4th May 2023
- Midjourney 5.1 - 4th May 2023
- Prompt injection explained, with video, slides, and a transcript - 2nd May 2023
- download-esm: a tool for downloading ECMAScript modules - 2nd May 2023
- Let's be bear or bunny - 1st May 2023
- Weeknotes: Miscellaneous research into Rye, ChatGPT Code Interpreter and openai-to-sqlite - 1st May 2023