Weeknotes: sqlite-utils 3.31, download-esm, Python in a sandbox
10th May 2023
A couple of speaking appearances last week—one planned, one unplanned. Plus
download-esm and a new TIL.
Prompt injection video, Leaked Google document audio
I participated in the LangChain webinar about prompt injection. The session was recorded, so I extracted my 12 minute introduction to the topic and turned it into a blog post complete with a Whisper transcription, a video and the slides I used in the talk.
Then on Thursday I wrote about the leaked internal Google document that argued that Google and OpenAI have no meaningful moat given the accelerating pace of open source LLM research.
This lead to a last minute invitation to participate in a Latent Space Twitter Space about the document, which is now available as a podcast.
I realized that sqlite-utils had been quietly accumulating small fixes and pull requests since the 3.30 release last October, and spent a day tidying those up and turning them into a release.
Notably, four contributors get credited in the release notes: Chris Amico, Kenny Song, Martin Carpenter and Scott Perry.
Key changes are listed below:
- Automatically locates the SpatiaLite extension on Apple Silicon. Thanks, Chris Amico. (#536)
--raw-linesoption for the
sqlite-utils memorycommands, which outputs just the raw value of the first column of evy row. (#539)
- Fixed a bug where
table.upsert_all()failed if the
not_null=option was passed. (#538)
sqlite-utils convert --no-skip-falseoptions, for avoiding a misfeature where the convert() mechanism skips rows in the database with a falsey value for the specified column. Fixing this by default would be a backwards-incompatible change and is under consideration for a 4.0 release in the future. (#527)
- Tables can now be created with self-referential foreign keys. Thanks, Scott Perry. (#537)
sqlite-utils transformno longer breaks if a table defines default values for columns. Thanks, Kenny Song. (#509)
- Fixed a bug where repeated calls to
table.transform()did not work correctly. Thanks, Martin Carpenter. (#525)
I wrote more about my justification for building that tool in download-esm: a tool for downloading ECMAScript modules.
Running Python in a Deno/Pyodide sandbox
I’m still trying to find the best way to run untrusted Python code in a safe WebAssembly sandbox.
My latest attempt takes advantage of Pyodide and Deno. It was inspired by this comment by Milan Raj, showing how Deno can load Pyodide now. Pyodide was previously only available in web browsers.
I came up with a somewhat convoluted mechanism that starts a Deno process running in a Python
subprocess and then runs Pyodide inside of Deno.
See Running Python code in a Pyodide sandbox via Deno for the code and my thoughts on next steps for that prototype.
Blog entries this week
- Leaked Google document: “We Have No Moat, And Neither Does OpenAI”
- Midjourney 5.1
- Prompt injection explained, with video, slides, and a transcript
- download-esm: a tool for downloading ECMAScript modules
- Let’s be bear or bunny
Releases this week
Python CLI utility and library for manipulating SQLite databases
TIL this week
More recent articles
- llamafile is the new best way to run a LLM on your own computer - 29th November 2023
- Prompt injection explained, November 2023 edition - 27th November 2023
- I'm on the Newsroom Robots podcast, with thoughts on the OpenAI board - 25th November 2023
- Weeknotes: DevDay, GitHub Universe, OpenAI chaos - 22nd November 2023
- Deciphering clues in a news article to understand how it was reported - 22nd November 2023
- Exploring GPTs: ChatGPT in a trench coat? - 15th November 2023
- Financial sustainability for open source projects at GitHub Universe - 10th November 2023
- ospeak: a CLI tool for speaking text in the terminal via OpenAI - 7th November 2023
- DALL-E 3, GPT4All, PMTiles, sqlite-migrate, datasette-edit-schema - 30th October 2023
- Now add a walrus: Prompt engineering in DALL-E 3 - 26th October 2023