Simon Willison’s Weblog

Blogmarks in Nov

Filters: Type: blogmark × Month: Nov ×

VoxelSpace (via) Lovely clear explanation of the voxel space landscape rendering technique used by NovaLogic for Comanche back in 1992, including a working JavaScript demo plus pseudo-code in Python. # 24th November 2017, 7:30 pm

TLDR pages. This is an absurdly good idea: a community maintained set of alternative man pages for common commands with a focus on usage examples, plus a “tldr netstat” command to see them. The man pages themselves are maintained on GitHub. # 24th November 2017, 5:38 am

Return of the Obra Dinn: Dithering Process (via) Lucas Pope (creator of “Papers, Please”) has a new game under development: “Return of the Obra Dinn”, a first-person adventure mystery game set in 1807 that is spectacularly rendered in a 1-bit art style. He has a development diary on, and in this entry he describes the extreme lengths he has gone to in order to develop the best possible dithering implementation for rendering his 3D world in 1-bit colour. “It feels a little weird to put 100 hours into something that won’t be noticed by its absence.” # 23rd November 2017, 9:21 pm

How a single PostgreSQL config change improved slow query performance by 50x. “If you are using SSDs and running PostgreSQL with default configuration, I encourage you to try tuning random_page_cost & seq_page_cost. You might be surprised by some huge performance improvements.” # 23rd November 2017, 8:11 pm

From Markdown to RCE in Atom (via) Lukas Reschke found a remote code execution vulnerability in the Atom editor by taking advantage of a combination of Markdown’s ability to embed HTML, Atom’s Content-Security-Policy allowing JavaScript from the local filesystem to be executed, and a test suite HTML file hidden away in the Atom application package that executes code passed to it via query string. # 23rd November 2017, 4:13 pm

Run the First Edition of Unix (1972) with Docker (via) This is so cool... just run “docker run --rm -it bahamat/unix-1st-ed” to drop into a simulation of a PDP-11 running genuine 1972 era Unix! If you haven’t got into Docker yet, Docker for Mac is a single click install these days and works incredibly well. # 22nd November 2017, 3:36 pm

gzthermal-web (via) I built a quick web application wrapping the gzthermal gzip visualization tool and deployed it to Zeit Now wrapped up in a Docker container. Give it a URL and it shows you a PNG visualization of how gzip encodes that page. # 21st November 2017, 6:24 pm

simonepri/geo-maps. Neat project which publishes GeoJSON maps of the world automatically derived from OpenStreetMap. Three variants are available: country political maritime boundaries, country political coastline boundaries and a general outline of the world’s land territories. # 21st November 2017, 4:06 pm

gzthermal (via) “pseudo thermal view of Gzip/Deflate compression efficiency”—neat tool for visualizing gzip compressed data and understanding exactly how run-length encoding and back references apply to a gzipped file. # 21st November 2017, 2:56 pm

Of SVG, Minification and Gzip. Delightfully nerdy exploration of tricks you can use to hand-optimize your SVG in order to maximize gzip compression. Premature optimization may be the root of all evil but this is still a great way to learn about how gzip actually works. # 21st November 2017, 2:54 pm

JOY.js (via) Delightful new exploratory programming environment from Nicky Case. Try the Turtle demo, which takes Logo and updates it for the modern web. # 21st November 2017, 2:50 pm

SSL Issuer Popularity. The impressive growth of Let’s Encrypt in one graph: from 4.87% of TLS-enabled domains in May 2016 to 36.68% in November 2017. # 21st November 2017, 2:44 pm

Publishing the Lahman Baseball Database with Datasette (via) Ted Lawless used Datasette to publish an API for the Lahman Baseball Database—a dataset of players and teams spanning 1871 to 2016, available under a Creative Commons License. # 20th November 2017, 9:15 pm

Medicaid Eligibility | (via) Useful resource for helping government writers use clear language. I love that this is an official US government website written using Jekyll and developed entirely in the open on GutHub—the commit history is fascinating. # 20th November 2017, 1:59 am

csvs-to-sqlite: Automatically deploy tags as PyPI releases. I learned how to set up Travis CI to automatically deploy new package versions to PyPI when I push a version tag to GitHub (and the tests pass). # 19th November 2017, 6:35 am

pythondotorg/ (via) There are some neat tricks in the Django application that powers (built a few years ago by RevSys). Here’s how their admin app handles creator/last_modified_by user relationships. # 19th November 2017, 6:28 am

Monodraw for macOS (via) Spectacular OS X application for drawing ASCII art diagrams—it’s basically OmniGraffle for ASCII art. The output is beautiful, and it even lets you do things like draw connecting arrows between boxes and then re-arrange the boxes such that the arrows keep up with your changes. # 18th November 2017, 6:58 pm

Scaling Postgres with Read Replicas & Using WAL to Counter Stale Reads (via) The problem with sending writes to the primary and balancing reads across replicas is dealing with replica lag—what if you write to the primary and then read from a replica that hasn’t had the new state applied to it yet? Brandur Leach dives deep into an elegant solution using PostgreSQL’s LSN (log sequence numbers) accesesed using pg_last_wal_replay_lsn(). An observer process continuously polls the replicas for their most recently applied LSN and stores them in a table. A column in the Users table then records the min_lsn valid for that user, updating it to the pg_current_wal_lsn() of the primary whenever that user makes a write. Combining the two allows the application to randomly select a replica that is up-to-date for the purposes of a specific user any time it needs to make a read. # 18th November 2017, 6:42 pm

csvs-to-sqlite: Refactoring columns into separate lookup tables. I just shipped a new version of csvs-to-sqlite with the ability to extract specified columns into a separate SQLite lookup table by passing additional command-line arguments. # 17th November 2017, 6:41 am

The Pac-Man Rule at Conferences. This is such a good idea from Eric Holscher: at the conferences he organizes he tells his attendees “When standing as a group of people, always leave room for 1 person to join your group”—to encourage networking and inclusive converations. # 17th November 2017, 2:34 am

now-ab. Intriguing example of a Zeit Now microservice: now-ab is a Node.js HTTP proxy which proxies through to one of two or more other Now-deployed applications based on a cookie. If you don’t have the cookie, it picks a backend at random and sets the cookie. Admittedly this is the easiest part of implementing A/B testing (the hard part is the analytics: tracking exposures and conversions) but as an example of a microservice architectural pattern this is fascinating. # 16th November 2017, 11:03 pm

DSF calls for applicants for a Django Fellow. This is a fantastic opportunity: the Django Software Foundation’s fellowship program is providing the opportunity for a new developer to get paid to work on Django 20-40 hours a week. Tim Graham has held this position full-time for the past three years and is looking to scale back to part-time, hence this new opportunity. Applications are due by December 18, 2017. # 16th November 2017, 10:31 pm

django-multitenant (via) Absolutely fascinating Django library for horizontally sharding a database using a multi-tenant pattern, from the team at Citus. In this pattern every relevant table includes a “tenant_id”, and all queries should specifically select against that ID. Once you have that in place, you can shard your rows across multiple different databases and route to the correct database based on the tenant ID, safe in the knowledge that joins will still work provided they are against other rows belonging to the same tenant. # 16th November 2017, 9:12 pm

Introducing security alerts on GitHub. This is huge: GitHub’s dependency graph feature now shows any dependencies that have a known security vulnerability, based on CVE IDs—and you can sign up for notifications of new vulnerabilities as well. Only supports Ruby and JavaScript today, but Python support is coming in 2018. # 16th November 2017, 7:48 pm

gitchangelog. Handy Python utility that can generate a reStructured Text changelog from your git commit log. I used this to help get the Datasette release notes started. # 16th November 2017, 4:52 pm

Datasette 0.12. I just released v0.12 of Datasette. The most exciting new feature is the ability to display a UI for editing named parameters—so you can construct an arbitrarily complex SQL query, include some named parameters and then link directly to it in Datasette to provide a simple interface for changing those parameters. An example involving Australian dogs is included in the release notes. # 16th November 2017, 3:55 pm

Verified cryptography for Firefox 57 (via) Mozilla just became the first browser vendor to ship a formally verified crypto implementation. # 16th November 2017, 2:26 pm

Plotly Falcon SQL Client and the Remarkable Datasette SQLite2API Generator. Lovely write-up of Datasette by Tony Hirst. I’m particularly excited about its applications in the world of data journalism so it’s great to see it starting to get attention from people in that sphere. # 16th November 2017, 3:04 am

Release Notes for Safari Technology Preview 44. The big news is support for the W3C Payment Request API for devices with Apple Pay enabled. Chrome, Firefox and Edge have been working on this as well. # 15th November 2017, 11:35 pm

tuxracer-web. Brilliant Docker hack from David Cooper: just run “docker run -p 8008:80 dtcooper/tuxracer-web” to get Tux Racer (the 3D game) running in your browser, on top a cunning mix of the noVNC HTML5 VNC client and icecast for sound. # 14th November 2017, 11:28 pm