| https://simonwillison.net/b/7746 |
https://alexgarcia.xyz/blog/2024/building-new-vector-search-sqlite/index.html |
I'm writing a new vector search SQLite Extension |
Alex Garcia is working on `sqlite-vec`, a spiritual successor to his `sqlite-vss` project. The new SQLite C extension will have zero other dependencies (`sqlite-vss` used some tricky C++ libraries) and will work using virtual tables, storing chunks of vectors in shadow tables to avoid needing to load everything into memory at once. |
- null - |
- null - |
2024-05-03 03:16:39+00:00 |
- null - |
True |
| https://simonwillison.net/b/7745 |
https://cruncher.ch/blog/printing-music-with-css-grid/ |
Printing music with CSS Grid |
Stephen Bond demonstrates some ingenious tricks for creating surprisingly usable sheet music notation using clever application of CSS grids.
It uses rules like `.stave > [data-duration="0.75"] { grid-column-end: span 18; }` to turn `data-` attributes for musical properties into positions on the rendered stave. |
https://news.ycombinator.com/item?id=40216057 |
Hacker News |
2024-05-02 14:28:33+00:00 |
- null - |
True |
| https://simonwillison.net/b/7741 |
https://sheep.horse/2024/4/save_the_web_by_being_nice.html |
Save the Web by Being Nice |
This is a neat little article by Andrew Stephens who calls for more people to participate in building and supporting nice things on the web.
> The very best thing to keep the web partly alive is to maintain some content yourself - start a blog, join a forum and contribute to the conversation, even podcast if that is your thing. But that takes a lot of time and not everyone has the energy or the knowhow to create like this.
>
> The second best thing to do is to show your support for pages you enjoy by being nice and making a slight effort.
Like, comment-on, share and encourage people who make things you like. If you have the time or energy, make your own things and put them online. |
- null - |
- null - |
2024-05-01 02:34:52+00:00 |
- null - |
True |
| https://simonwillison.net/b/7740 |
https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1 |
How an empty S3 bucket can make your AWS bill explode |
Maciej Pocwierz accidentally created an S3 bucket with a name that was already used as a placeholder value in a widely used piece of software. They saw 100 million PUT requests to their new bucket in a single day, racking up a big bill since AWS charges $5/million PUTs.
It turns out AWS charge that same amount for PUTs that result in a 403 authentication error, a policy [that extends](https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html#ChargeDetails) even to "requester pays" buckets!
So, if you know someone's S3 bucket name you can DDoS their AWS bill just by flooding them with meaningless unauthenticated PUT requests.
AWS support refunded Maciej's bill as an exception here, but I'd like to see them reconsider this broken policy entirely.
**Update** from <a href="https://twitter.com/jeffbarr/status/1785386554372042890">Jeff Barr</a>:
> We agree that customers should not have to pay for unauthorized requests that they did not initiate. We’ll have more to share on exactly how we’ll help prevent these charges shortly. |
https://lobste.rs/s/cy9i87/how_empty_s3_bucket_can_make_your_aws_bill |
Lobste.rs |
2024-04-30 11:19:21+00:00 |
- null - |
True |
| https://simonwillison.net/b/7739 |
https://adactio.com/journal/21078 |
My approach to HTML web components |
Some neat patterns here from Jeremy Keith, who is using Web Components extensively for progressive enhancement of existing markup.
> The reactivity you get with full-on frameworks [like React and Vue] isn’t something that web components offer. But I do think web components can replace jQuery and other approaches to scripting the DOM.
Jeremy likes naming components with their element as a prefix (since all element names must contain at least one hyphen), and suggests building components under the single responsibility principle - so you can do things like `<button-confirm><button-clipboard><button>...`.
Jeremy configure buttons with `data-` attributes and has them communicate with each other using custom events.
Something I hadn't realized is that since the `connectedCallback` function on a custom element is fired any time that element is attached to a page you can `fetch()` and then `insertHTML` content that includes elements and know that they will initialize themselves without needing any extra logic - great for the kind of pattern encourages by systems such as [HTMX](https://htmx.org/). |
- null - |
- null - |
2024-04-30 11:02:48+00:00 |
- null - |
True |
| https://simonwillison.net/b/7737 |
https://twitter.com/simonw/status/1784996728552427726 |
My notes on gpt2-chatbot |
There's a new, unlabeled and undocumented model on the LMSYS [Chatbot Arena](https://chat.lmsys.org/) today called `gpt2-chatbot`. It's been giving some impressive responses - you can prompt it directly in the Direct Chat tab by selecting it from the big model dropdown menu.
It looks like a stealth new model preview. It's giving answers that are comparable to GPT-4 Turbo and in some cases better - my own experiments lead me to think it may have more "knowledge" baked into it, as ego prompts ("Who is Simon Willison?") and questions about things like lists of speakers at DjangoCon over the years seem to hallucinate less and return more specific details than before.
The lack of transparency here is both entertaining and infuriating. Lots of people are performing a parallel distributed "vibe check" and sharing results with each other, but it's annoying that even the most basic questions (What even IS this thing? Can it do RAG? What's its context length?) remain unanswered so far.
The system prompt appears to be the following - but system prompts just influence how the model behaves, they aren't guaranteed to contain truthful information:
You are ChatGPT, a large language model trained
by OpenAI, based on the GPT-4 architecture.
Knowledge cutoff: 2023-11
Current date: 2024-04-29
Image input capabilities: Enabled
Personality: v2
My best guess is that this is a preview of some kind of OpenAI "GPT 4.5" release. I don't think it's a big enough jump in quality to be a GPT-5.
**Update**: LMSYS [do document their policy](https://simonwillison.net/2024/Apr/30/lmsys/) on using anonymized model names for tests of unreleased models. |
- null - |
- null - |
2024-04-29 20:45:18+00:00 |
- null - |
True |
| https://simonwillison.net/b/7736 |
https://uxdesign.cc/how-do-you-accidentally-run-for-president-of-iceland-0d71a4785a1e |
How do you accidentally run for President of Iceland? |
Anna Andersen writes about a spectacular user interface design case-study from this year's Icelandic presidential election.
Running for President requires 1,500 endorsements. This year, those endorsements can be filed online through a government website.
The [page for collecting endorsements](https://island.is/forsetaframbod) originally had two sections - one for registering to collect endorsements, and another to submit your endorsement. The login link for the first came higher on the page, and at least 11 people ended up accidentally running for President! |
https://toot.cafe/@baldur/112355190615093453 |
Baldur Bjarnason |
2024-04-29 15:31:13+00:00 |
- null - |
True |
| https://simonwillison.net/b/7735 |
https://zed.dev/blog/zed-decoded-rope-sumtree |
Zed Decoded: Rope & SumTree |
Text editors like [Zed](https://zed.dev/) need in-memory data structures that are optimized for handling large strings where text can be inserted or deleted at any point without needing to copy the whole string.
[Ropes](https://en.m.wikipedia.org/wiki/Rope_(data_structure)) are a classic, widely used data structure for this.
Zed have their own implementation of ropes in Rust, but it's backed by something even more interesting: a SumTree, described here as a thread-safe, snapshot-friendly, copy-on-write B+ tree where each leaf node contains multiple items and a Summary for each Item, and internal tree nodes contain a Summary of the items in its subtree.
These summaries allow for some very fast traversal tree operations, such as turning an offset in the file into a line and row coordinate and vice-versa. The summary itself can be anything, so each application of SumTree in Zed collects different summary information.
Uses in Zed include tracking highlight regions, code folding state, git blame information, project file trees and more - over 20 different classes and counting.
Zed co-founder Nathan Sobo calls SumTree "the soul of Zed".
Also notable: this detailed article is accompanied by an [hour long video](https://youtu.be/uUu9eFNNbjg) with a four-way conversation between Zed maintainers providing a tour of these data structures in the Zed codebase. |
https://twitter.com/eatonphil/status/1784576184937799885 |
@eatonphil |
2024-04-28 15:25:58+00:00 |
- null - |
True |
| https://simonwillison.net/b/7734 |
https://news.ycombinator.com/item?id=40176338 |
Everything Google's Python team were responsible for |
In a questionable strategic move, Google laid off the majority of their internal Python team [a few days ago](https://social.coop/@Yhg1s/112332127058328855). Someone on Hacker News asked what the team had been responsible for, and team member zem relied with this fascinating comment providing detailed insight into how the team worked and indirectly how Python is used within Google. |
- null - |
- null - |
2024-04-27 18:52:32+00:00 |
- null - |
True |
| https://simonwillison.net/b/7732 |
https://simonwillison.net/dashboard/blogmarks-that-use-markdown/ |
Blogmarks that use markdown |
I needed to attach a correction to an older blogmark (my 20-year old name for short-form links with commentary on my blog) today - but the commentary field has always been text, not HTML, so I didn't have a way to add the necessary link.
This motivated me to finally add optional **Markdown** support for blogmarks to my blog's custom Django CMS. I then went through and added inline code markup to a bunch of different older posts, and built this Django SQL Dashboard to keep track of which posts I had updated. |
- null - |
- null - |
2024-04-25 04:34:18+00:00 |
- null - |
True |
| https://simonwillison.net/b/7731 |
https://countercraft.substack.com/p/no-most-books-dont-sell-only-a-dozen |
No, Most Books Don't Sell Only a Dozen Copies |
I linked to a story [the other day](https://simonwillison.net/2024/Apr/22/no-one-buys-books/) about book sales claiming "90 percent of them sold fewer than 2,000 copies and 50 percent sold less than a dozen copies", based on numbers released in the Penguin antitrust lawsuit. It turns out those numbers were interpreted incorrectly.
In this piece from September 2022 Lincoln Michel addresses this and other common misconceptions about book statistics.
Understanding these numbers requires understanding a whole lot of intricacies about how publishing actually works. Here's one illustrative snippet:
"Take the statistic that most published books only sell 99 copies. This seems shocking on its face. But if you dig into it, you’ll notice it was counting one year’s sales of all books that were in BookScan’s system. That’s quite different statistic than saying most books don’t sell 100 copies in total! A book could easily be a bestseller in, say, 1960 and sell only a trickle of copies today."
The [top comment](https://countercraft.substack.com/p/no-most-books-dont-sell-only-a-dozen/comment/8883524) on the post comes from Kristen McLean of NPD BookScan, the organization who's numbers were misrepresented is the trial. She wasn't certain how the numbers had been sliced to get that 90% result, but in her own analysis of "frontlist sales for the top 10 publishers by unit volume in the U.S. Trade market" she found that 14.7% sold less than 12 copies and the 51.4% spot was for books selling less than a thousand. |
- null - |
- null - |
2024-04-25 03:41:12+00:00 |
- null - |
True |
| https://simonwillison.net/b/7730 |
https://www.snowflake.com/en/data-cloud/arctic/cookbook/ |
Snowflake Arctic Cookbook |
Today's big model release was Snowflake Arctic, an enormous 480B model with a 128×3.66B MoE (Mixture of Experts) architecture. It's Apache 2 licensed and Snowflake state that "in addition, we are also open sourcing all of our data recipes and research insights."
The research insights will be shared on this Arctic Cookbook blog - which currently has two articles covering [their MoE architecture](https://medium.com/snowflake/snowflake-arctic-cookbook-series-exploring-mixture-of-experts-moe-c7d6b8f14d16) and describing [how they optimized their training run](https://medium.com/snowflake/snowflake-arctic-cookbook-series-building-an-efficient-training-system-for-arctic-6658b9bdfcae) in great detail.
They also list dozens of "coming soon" posts, which should be pretty interesting given how much depth they've provided in their writing so far. |
- null - |
- null - |
2024-04-25 02:47:50+00:00 |
- null - |
True |
| https://simonwillison.net/b/7725 |
https://www.elysian.press/p/no-one-buys-books |
No one buys books |
Fascinating insights into the book publishing industry gathered by Elle Griffin from details that came out during the Penguin vs. DOJ antitrust lawsuit.
Publishing turns out to be similar to VC investing: a tiny percentage of books are hits that cover the costs for the vast majority that didn't sell well. The DOJ found that, of 58,000 books published in a year, "90 percent of them sold fewer than 2,000 copies and 50 percent sold less than a dozen copies."
**UPDATE**: This story is inaccurate: those statistics were grossly misinterpreted during the trial. See [this post](https://simonwillison.net/2024/Apr/25/no-most-books-dont-sell-only-a-dozen-copies/) for updated information.
Here's an even better debunking: [Yes, People Do Buy Books](https://countercraft.substack.com/p/yes-people-do-buy-books) (subtitle: "Despite viral claims, Americans buy over a billion books a year"). |
https://news.ycombinator.com/item?id=40119958 |
Hacker News |
2024-04-22 21:55:04+00:00 |
- null - |
True |
| https://simonwillison.net/b/7721 |
https://blog.kellybrazil.com/2021/12/03/tips-on-adding-json-output-to-your-cli-app/ |
Tips on Adding JSON Output to Your CLI App |
Kelly Brazil - also the author of `jc`, the neat CLI tool that converts the output of common Unix utilities such as dig into JSON - provides some useful do's and don'ts for adding JSON output as an option to a command-line tool.
Kelly recommends defaulting to arrays of flat objects - or newline-delimited objects - and suggests including an "unbuffer" option for streaming tools that discourages the OS from buffering output that is being sent through a pipe. |
https://news.ycombinator.com/item?id=40098606 |
Hacker News |
2024-04-20 21:43:58+00:00 |
- null - |
True |
| https://simonwillison.net/b/7720 |
https://github.com/simonw/llm-gpt4all/releases/tag/0.4 |
llm-gpt4all |
New release of my LLM plugin which builds on Nomic's excellent gpt4all Python library. I've upgraded to their latest version which adds support for Llama 3 8B Instruct, so after a 4.4GB model download this works:
`llm -m Meta-Llama-3-8B-Instruct "say hi in Spanish"` |
- null - |
- null - |
2024-04-20 17:58:25+00:00 |
- null - |
True |
| https://simonwillison.net/b/7718 |
https://www.dbreunig.com/2024/04/18/a-poi-database-in-one-line.html |
A POI Database in One Line |
Overture maps offer an extraordinarily useful freely licensed databases of POI (point of interest) listings, principally derived from partners such as Facebook and including restaurants, shops, museums and other locations from all around the world.
Their new "overturemaps" Python CLI utility makes it easy to quickly pull subsets of their data... but requires you to provide a bounding box to do so.
Drew Breunig came up with this delightful recipe for fetching data using LLM and gpt-3.5-turbo to fill in those bounding boxes:
`overturemaps download --bbox=$(llm 'Give me a bounding box for Alameda, California expressed as only four numbers delineated by commas, with no spaces, longitude preceding latitude.') -f geojsonseq --type=place | geojson-to-sqlite alameda.db places - --nl --pk=id` |
https://twitter.com/dbreunig/status/1781133877320523792 |
@dbreunig |
2024-04-19 02:44:58+00:00 |
- null - |
True |
| https://simonwillison.net/b/7715 |
https://github.com/simonw/llm-reka |
llm-reka |
My new plugin for running LLM prompts against the Reka family of API hosted LLM models: `reka-core` ($10 per million input), `reka-flash` (80c per million) and `reka-edge` (40c per million).
All three of those models are trained from scratch by a team that includes several Google Brain alumni.
Reka Core is their most powerful model, released on Monday 15th April and claiming benchmark scores competitive with GPT-4 and Claude 3 Opus. |
- null - |
- null - |
2024-04-18 03:17:03+00:00 |
- null - |
True |
| https://simonwillison.net/b/7714 |
https://github.com/mistralai/mistral-common |
mistralai/mistral-common |
New from Mistral: mistral-common, an open source Python library providing "a set of tools to help you work with Mistral models".
So far that means a tokenizer! This is similar to OpenAI's tiktoken library in that it lets you run tokenization in your own code, which crucially means you can count the number of tokens that you are about to use - useful for cost estimates but also for cramming the maximum allowed tokens in the context window for things like RAG.
Mistral's library is better than tiktoken though, in that it also includes logic for correctly calculating the tokens needed for conversation construction and tool definition. With OpenAI's APIs you're currently left guessing how many tokens are taken up by these advanced features.
Anthropic haven't published any form of tokenizer at all - it's the feature I'd most like to see from them next.
Here's how to explore the vocabulary of the tokenizer:
MistralTokenizer.from_model(
"open-mixtral-8x22b"
).instruct_tokenizer.tokenizer.vocab()[:12]
`['<unk>', '<s>', '</s>', '[INST]', '[/INST]', '[TOOL_CALLS]', '[AVAILABLE_TOOLS]', '[/AVAILABLE_TOOLS]', '[TOOL_RESULTS]', '[/TOOL_RESULTS]']` |
- null - |
- null - |
2024-04-18 00:39:54+00:00 |
- null - |
True |
| https://simonwillison.net/b/7711 |
https://15r10nk.github.io/inline-snapshot/ |
inline-snapshot |
I'm a big fan of snapshot testing, where expected values are captured the first time a test suite runs and then asserted against in future runs. It's a very productive way to build a robust test suite.
inline-snapshot by Frank Hoffmann is a particularly neat implementation of the pattern. It defines a `snapshot()` function which you can use in your tests:
`assert 1548 * 18489 == snapshot()`
When you run that test using `pytest --inline-snapshot=create` the `snapshot()` function will be replaced in your code (using AST manipulation) with itself wrapping the `repr()` of the expected result:
`assert 1548 * 18489 == snapshot(28620972)`
If you modify the code and need to update the tests you can run `pytest --inline-snapshot=fix` to regenerate the recorded snapshot values. |
- null - |
- null - |
2024-04-16 16:04:25+00:00 |
- null - |
True |
| https://simonwillison.net/b/7710 |
https://platform.openai.com/docs/api-reference/batch |
OpenAI Batch API |
OpenAI are now offering a 50% discount on batch chat completion API calls if you submit them in bulk and allow for up to 24 hours for them to be run.
Requests are sent as a newline-delimited JSON file, with each line looking something like this:
`{"custom_id": "request-1", "method": "POST", "url": "/v1/chat/completions", "body": {"model": "gpt-3.5-turbo", "messages": [{"role": "system", "content": "You are a helpful assistant."}, {"role": "user", "content": "What is 2+2?"}]}}`
You upload a file for the batch, kick off a batch request and then poll for completion.
This makes GPT-3.5 Turbo cheaper than Claude 3 Haiku - provided you're willing to wait a few hours for your responses. |
https://twitter.com/jeffintime/status/1779924149755924707 |
Jeff Harris |
2024-04-15 17:58:44+00:00 |
- null - |
True |
| https://simonwillison.net/b/7659 |
https://github.com/simonw/s3-credentials/releases/tag/0.16 |
s3-credentials 0.16 |
I spent entirely too long this evening trying to figure out why files in my new supposedly public S3 bucket were unavailable to view. It turns out these days you need to set a `PublicAccessBlockConfiguration` of `{"BlockPublicAcls": false, "IgnorePublicAcls": false, "BlockPublicPolicy": false, "RestrictPublicBuckets": false}`.
The `s3-credentials --create-bucket --public` option now does that for you. I also added a `s3-credentials debug-bucket name-of-bucket` command to help figure out why a bucket isn't working as expected. |
- null - |
- null - |
2024-04-05 05:35:57+00:00 |
- null - |
True |
| https://simonwillison.net/b/7632 |
https://shelmet.readthedocs.io/en/latest/ |
shelmet |
This looks like a pleasant ergonomic alternative to Python's subprocess module, plus a whole bunch of other useful utilities. Lets you do things like this:
`sh.cmd("ps", "aux").pipe("grep", "-i", check=False).run("search term")`
I like the way it uses context managers as well: `with sh.environ({"KEY1": "val1"})` sets new environment variables for the duration of the block, `with sh.cd("path/to/dir")` temporarily changes the working directory and `with sh.atomicfile("file.txt") as fp` lets you write to a temporary file that will be atomically renamed when the block finishes. |
https://micro.webology.dev/2024/03/23/on-scratching-itches.html |
Jeff Triplett |
2024-03-24 04:37:52+00:00 |
- null - |
True |
| https://simonwillison.net/b/7626 |
https://www.pgrs.net/2024/03/21/duckdb-as-the-new-jq/ |
DuckDB as the New jq |
The DuckDB CLI tool can query JSON files directly, making it a surprisingly effective replacement for jq. Paul Gross demonstrates the following query:
`select license->>'key' as license, count(*) from 'repos.json' group by 1`
`repos.json` contains an array of `{"license": {"key": "apache-2.0"}..}` objects. This example query shows counts for each of those licenses. |
https://lobste.rs/s/x5immj/duckdb_as_new_jq |
lobste.rs |
2024-03-21 20:36:20+00:00 |
- null - |
True |
| https://simonwillison.net/b/7607 |
https://www.figma.com/blog/how-figmas-databases-team-lived-to-tell-the-scale/ |
How Figma’s databases team lived to tell the scale |
The best kind of scaling war story:
"Figma’s database stack has grown almost 100x since 2020. [...] In 2020, we were running a single Postgres database hosted on AWS’s largest physical instance, and by the end of 2022, we had built out a distributed architecture with caching, read replicas, and a dozen vertically partitioned databases."
I like the concept of "colos", their internal name for sharded groups of related tables arranged such that those tables can be queried using joins.
Also smart: separating the migration into "logical sharding" - where queries all still run against a single database, even though they are logically routed as if the database was already sharded - followed by "physical sharding" where the data is actually copied to and served from the new database servers.
Logical sharding was implemented using PostgreSQL views, which can accept both reads and writes:
`CREATE VIEW table_shard1 AS SELECT * FROM table
WHERE hash(shard_key) >= min_shard_range AND hash(shard_key) < max_shard_range)`
The final piece of the puzzle was DBProxy, a custom PostgreSQL query proxy written in Go that can parse the query to an AST and use that to decide which shard the query should be sent to. Impressively it also has a scatter-gather mechanism, so `select * from table` can be sent to all shards at once and the results combined back together again. |
https://news.ycombinator.com/item?id=39706968 |
Hacker News |
2024-03-14 21:23:37+00:00 |
- null - |
True |
| https://simonwillison.net/b/7545 |
https://lamplightdev.com/blog/2024/01/10/streaming-html-out-of-order-without-javascript/ |
Streaming HTML out of order without JavaScript |
A really interesting new browser capability. If you serve the following HTML:
<template shadowrootmode="open">
<slot name="item-1">Loading...</slot>
</template>
Then later in the same page stream an element specifying that slot:
<span slot="item-1">Item number 1</span>
The previous slot will be replaced while the page continues to load.
I tried the demo in the most recent Chrome, Safari and Firefox (and Mobile Safari) and it worked in all of them.
The key feature is `shadowrootmode=open`, which looks like it was added to Firefox 123 on February 19th 2024 - the other two browsers are listed on caniuse.com as gaining it around March last year. |
https://news.ycombinator.com/item?id=39560180 |
Hacker News |
2024-03-01 16:59:54+00:00 |
- null - |
True |
| https://simonwillison.net/b/7526 |
https://leanrada.com/htmz/ |
htmz |
Astonishingly clever browser platform hack by Lean Rada.
Add this to a page:
`<iframe hidden name=htmz onload="setTimeout(() => document.querySelector( this.contentWindow.location.hash || null)?.replaceWith( ...this.contentDocument.body.childNodes ))"></iframe>`
Then elsewhere add a link like this:
`<a href="/flower.html#my-element" target=htmz>Flower</a>`
Clicking that link will fetch content from `/flower.html` and replace the element with ID of `my-element` with that content. |
https://news.ycombinator.com/item?id=39429370 |
Hacker News |
2024-02-20 01:21:24+00:00 |
- null - |
True |
| https://simonwillison.net/b/7348 |
https://blog.jim-nielsen.com/2023/html-web-components-an-example/ |
HTML Web Components: An Example |
Jim Nielsen provides a clear example illustrating the idea of the recently coined "HTML Web Components" pattern. It's Web Components as progressive enhancement: in this example a `<user-avatar>` custom element wraps a regular image, then JavaScript defines a Web Component that enhances that image. If the JavaScript fails to load the image still displays. |
https://news.ycombinator.com/item?id=38298694 |
Hacker News |
2023-11-17 16:33:24+00:00 |
- null - |
True |
| https://simonwillison.net/b/7328 |
https://www.citusdata.com/blog/2023/10/26/making-postgres-tick-new-features-in-pg-cron/ |
Making PostgreSQL tick: New features in pg_cron |
pg_cron adds cron-style scheduling directly to PostgreSQL. It's a pretty mature extension at this point, and recently gained the ability to schedule repeating tasks at intervals as low as every 1s.
The examples in this post are really informative. I like this example, which cleans up the ever-growing cron.job_run_details table by using pg_cron itself to run the cleanup:
`SELECT cron.schedule('delete-job-run-details', '0 12 * * *', $$DELETE FROM cron.job_run_details WHERE end_time < now() - interval '3 days'$$);`
pg_cron can be used to schedule functions written in PL/pgSQL, which is a great example of the kind of DSL that I used to avoid but I'm now much happier to work with because I know GPT-4 can write basic examples for me and help me understand exactly what unfamiliar code is doing. |
https://news.ycombinator.com/item?id=38029671 |
Hacker News |
2023-10-27 02:57:44+00:00 |
- null - |
True |
| https://simonwillison.net/b/7168 |
https://deno.com/blog/v1.34 |
Deno 1.34: deno compile supports npm packages |
This feels like it could be extremely useful: Deno can load code from npm these days (`import { say } from "npm:cowsay@1.5.0"`) and now the `deno compile` command can resolve those imports, fetch all of the dependencies and bundle them together with Deno itself into a single executable binary. This means pretty much anything that's been built as an npm package can now be easily converted into a standalone binary, including cross-compilation to Windows x64, macOS x64, macOS ARM and Linux x64. |
- null - |
- null - |
2023-05-25 17:01:08+00:00 |
- null - |
True |
| https://simonwillison.net/b/7165 |
https://shaneosullivan.wordpress.com/2023/05/23/instant-colour-fill-with-html-canvas/ |
Instant colour fill with HTML Canvas |
Shane O'Sullivan describes how to implement instant colour fill using HTML Canvas and some really clever tricks with Web Workers. A new technique to me is passing a `canvas.getImageData()` object to a Web Worker via `worker.postMessage({action: "process", buffer: imageData.data.buffer}, [imageData.data.buffer])` where that second argument is a list of objects to "transfer ownership of" - then the worker can create a new `ImageData()`, populate it and transfer ownership of that back to the parent window. |
https://news.ycombinator.com/item?id=36049386 |
Hacker News |
2023-05-24 01:27:00+00:00 |
- null - |
True |
| https://simonwillison.net/b/6865 |
https://iscinumpy.dev/post/bound-version-constraints/ |
Should You Use Upper Bound Version Constraints? |
Should you pin your library's dependencies using `"click>=7,<8"` or `"click~=7.0"`? Henry Schreiner's short answer is no, and his long answer is an exhaustive essay covering every conceivable aspect of this thorny Python packaging problem. |
https://twitter.com/AdamChainz/status/1566729766388092929 |
@AdamChainz |
2022-09-05 17:42:02+00:00 |
- null - |
True |
| https://simonwillison.net/b/6846 |
https://deps.dev/pypi/datasette |
datasette on Open Source Insights |
Open Source Insights is "an experimental service developed and hosted by Google to help developers better understand the structure, security, and construction of open source software packages". It calculates scores for packages using various automated heuristics. A JSON version of the resulting score card can be accessed using `https://deps.dev/_/s/pypi/p/{package_name}/v/` |
https://github.com/sethmlarson/pypi-data/blob/991afb2a4e17999a4501569f34a6990f5e05578f/main.py#L271 |
sethmlarson/pypi-data |
2022-08-11 01:06:26+00:00 |
- null - |
True |
| https://simonwillison.net/b/6749 |
https://datastation.multiprocess.io/blog/2022-04-26-event-handler-attributes.html |
HTML event handler attributes: down the rabbit hole |
`onclick="myfunction(event)"` is an idiom for passing the click event to a function - but how does it work? It turns out the answer is buried deep in the HTML spec - the browser wraps that string of code in a `function(event) { ... that string ... }` function and makes the event available to its local scope that way. |
https://twitter.com/phil_eaton/status/1519048613464268804 |
@phil_eaton |
2022-04-26 20:35:08+00:00 |
- null - |
True |
| https://simonwillison.net/b/6652 |
https://www.docker.com/blog/introduction-to-heredocs-in-dockerfiles/ |
Introduction to heredocs in Dockerfiles |
This is a fantastic upgrade to Dockerfile syntax, enabled by BuildKit and a new frontend for executing the Dockerfile that can be specified with a `#syntax=` directive. I often like to create a standalone Dockerfile that works without needing other files from a directory, so being able to use `<<EOF` syntax to populate configure files from inline blocks of code is really handy. |
https://twitter.com/mwarkentin/status/1462825512263467012 |
@mwarkentin |
2021-11-22 17:01:18+00:00 |
- null - |
True |
| https://simonwillison.net/b/6572 |
https://blog.azuki.vip/csrf/ |
OkCupid had a CSRF vulnerability |
Good write-up of a (now fixed) CSRF vulnerability on OkCupid. Their site worked by POSTing JSON objects to an API. JSON POSTs are usually protected against CSRF because they can only be sent using `fetch()` or `XMLHttpRequest`, which are protected by the same-origin policy. Yan Zhu notes that you can use the `enctype="text/plain"` attribute on a form (introduced in HTML5) and a crafty hidden input element with `name='{"foo":"' value='bar"}'` to construct JSON in an off-site form, which enabled CSRF attacks. |
https://news.ycombinator.com/item?id=28039631 |
How to boost your popularity on OkCupid using CSRF and a JSON type confusion on Hacker News |
2021-08-02 22:12:36+00:00 |
- null - |
True |
| https://simonwillison.net/b/6419 |
https://css-tricks.com/custom-properties-as-state/ |
Custom Properties as State |
Fascinating thought experiment by Chris Coyier: since CSS custom properties can be defined in an external stylesheet, we can APIs that return stylesheets defining dynamically server-side generated CSS values for things like time-of-day colour schemes or even strings that can be inserted using `::after { content: var(--my-property)`.
This gave me a very eccentric idea for [a Datasette plugin](https://datasette.io/plugins/datasette-css-properties)... |
- null - |
- null - |
2021-01-07 19:39:49+00:00 |
- null - |
True |
| https://simonwillison.net/b/5917 |
https://www.rosettacode.org/wiki/String_length |
String length - Rosetta Code |
Calculating the length of a string is surprisingly difficult once Unicode is involved. Here's a fascinating illustration of how that problem can be attached dozens of different programming languages. From that page: the string `"J̲o̲s̲é̲"` (`"J\x{332}o\x{332}s\x{332}e\x{301}\x{332}"`) has 4 user-visible graphemes, 9 characters (code points), and 14 bytes when encoded in UTF-8. |
https://twitter.com/jeffsonstein/status/1098927304124841984 |
@jeffsonstein |
2019-02-22 15:27:31+00:00 |
- null - |
True |
| https://simonwillison.net/b/5826 |
http://nip.io/ |
nip.io |
"NIP.IO maps `<anything>.<IP Address>.nip.io` to the corresponding `<IP Address>`, even `127.0.0.1.nip.io` maps to `127.0.0.1`" - looks useful. `xip.io` is a different service that does the same thing. Being able to put anything at the start looks handy for testing systems that handle different subdomains. |
- null - |
- null - |
2018-12-12 18:18:09+00:00 |
- null - |
True |
| https://simonwillison.net/b/5522 |
https://calendar.perfplanet.com/2017/animated-gif-without-the-gif/ |
Evolution of <img>: Gif without the GIF |
Safari Technology Preview lets you use `<img src="movie.mp4">`, for high quality animated gifs in 1/14th of the file size. |
https://twitter.com/cramforce/status/937746796951957504 |
Malte Ubl |
2017-12-04 19:28:03+00:00 |
- null - |
True |
| https://simonwillison.net/b/5516 |
https://caniuse.com/#search=input-color |
Can I use... input type=color |
TIL `<input type="color">` has reached 78.83% support globally already - biggest gap right now is Mobile Safari. |
- null - |
- null - |
2017-11-29 21:56:39+00:00 |
- null - |
True |
| https://simonwillison.net/b/5414 |
https://twitter.com/brandur/status/923982980674043904 |
Benefit of TEXT with CHECK over VARCHAR(X) in PostgreSQL |
Brandur suggests using `email TEXT CHECK (char_length(email) <= 255)` to define a column with a length limit in PostgreSQL over `VARCHAR(255)` because `TEXT` and `VARCHAR` are equally performant but a `CHECK` length can be changed later on without locking the table, whereas a `VARCHAR` requires an `ALTER TABLE` with an exclusive lock. |
- null - |
- null - |
2017-10-28 00:59:34+00:00 |
- null - |
True |
| https://simonwillison.net/b/4870 |
http://code.djangoproject.com/wiki/Version1.2Features |
Django 1.2 planned features |
The votes are in and the plan for Django 1.2 has taken shape - features are split in to high, medium and low priority. There's some really exciting stuff in there - outside of the things I've already talked about, I'm particularly excited about multidb, `Model.objects.raw(SQL)`, the smarter `{% if %}` tag and class-based generic views. |
- null - |
- null - |
2009-10-26 10:38:06+00:00 |
- null - |
True |
| https://simonwillison.net/b/4480 |
http://www.djangosnippets.org/snippets/1350/ |
Django snippets: Smart {% if %} template tag |
Chris Beaven's drop-in replacement for Django's `{% if %}` tag that adds comparison operators (less than, greater than, not equal etc) while staying backwards compatible with the less able original. I love it. This is one place where I no longer favour Django's stated philosophy: I think it's perfectly reasonable to use comparisons in presentation logic, and I've found that in my own code the lack of an advanced if tag frequently leads to pure presentation logic sneaking in to my view functions. |
- null - |
- null - |
2009-03-03 15:03:21+00:00 |
- null - |
True |
| https://simonwillison.net/b/4349 |
http://www.mikeash.com/?page=pyblog/friday-qa-2008-12-26.html |
Blocks in Objective-C |
Closures are coming soon to Objective-C - interesting syntax, a regular curly brace block preceded by a caret `^{ ... }`. |
- null - |
- null - |
2008-12-29 19:38:08+00:00 |
- null - |
True |
| https://simonwillison.net/b/4344 |
http://www.netzgesta.de/dev/quickchoice.html |
Quickchoice - a Speed Dial clone |
Lovely demonstration of the CSS transform property, as supported by modern browsers. The magic is all in the `iframe { transform: scale(0.25, 0.25) translate(-1200px, -900px) }` |
http://ajaxian.com/ |
Ajaxian |
2008-12-23 12:49:24+00:00 |
- null - |
True |
| https://simonwillison.net/b/4054 |
http://blog.whatwg.org/this-week-in-html5-episode-1 |
This Week in HTML 5 - Episode 1 |
It looks like the most controversial aspect of the HTML 5 spec has been addressed - now, instead of omitting the alt attribute for user generated content that has no relevant information available, sites are advised to provide an indication of the kind of image expected surrounded by braces, for example `alt="{uploaded photo}"`. |
- null - |
- null - |
2008-08-07 07:57:11+00:00 |
- null - |
True |
| https://simonwillison.net/b/2848 |
http://www.djangoproject.com/documentation/url_dispatch/#naming-url-patterns |
Naming URL patterns |
You can now apply a name to a URL pattern in Django development version, which makes the `{% url %}` template tag far more useful. |
http://www.djangoproject.com/weblog/2007/apr/08/weekinreview/ |
Django Weblog - Week in review: April 8 |
2007-04-10 00:19:55+00:00 |
- null - |
True |
| https://simonwillison.net/b/2803 |
http://www.mozilla.org/projects/firefox/3.0a3/releasenotes/ |
Mozilla Gran Paradiso Alpha 3 Release Notes |
New features include animated PNGs, `<link rel="offline-resource">` and the `HttpOnly` cookie flag which indicates that a cookie should not be accessible to script (borrowed from IE). |
- null - |
- null - |
2007-03-25 21:37:44+00:00 |
- null - |
True |
| https://simonwillison.net/b/653 |
http://mpt.net.nz/archive/2004/05/02/b-and-i |
When semantic markup goes bad |
Matthew Thomas argues for `<b>` and `<i>` |
- null - |
- null - |
2004-05-04 17:38:37+00:00 |
- null - |
True |
| https://simonwillison.net/b/106 |
http://www.meyerweb.com/eric/thoughts/200312.html#t20031208 |
Congratulations to Eric and Kat |
`kat+eric:first-child {name:carolyn;}` (pinched from Web Graphics) |
http://web-graphics.com/mtarchive/001104.php |
wg:Baby |
2003-12-09 22:16:19+00:00 |
- null - |
True |