From ZeroVer to SemVer: A Comprehensive List of Versioning Schemes in Open Source

date: 2024-10-21 · Tags: #dev, #til

In the past, versioning was a relatively chaotic situation. As time goes by, I prefer the Semantic Versioning (SemVer) MAJOR.MINOR.PATCH for libraries and dependencies due to clear and predictable (breaking) changes in software projects. For end-to-end applications, I favor Calendar Versioning (CalVer) YYYY.MM.DD/YY.0W because of its human-readable and understandable indication of the release date.

It's still fun to know that there are so many other ways1 to version a release.

Footnotes

  1. From ZeroVer to SemVer: A Comprehensive List of Versioning Schemes in Open Source

No More Orphans

date: 2024-10-20 · Tags: #scala, #dev

Recently, I read a blog post about the orphan1 import statement in Scala. It's quite interesting to read because I also have the same feeling about the import statement in Scala.

But I today I want to talk about another import statement feature in Scala.

Yeah, when starting with Scala, I really hate the import statement like import cats.implicits._ or import cats.syntax.all._ because it's not clear what's being imported.

I have to go to the documentation to confirm what's being imported. But unfortunately, the Scala community is also notorious for incomplete documentation and tutorials. So, I must go to the source code to know what's being imported.

Even after a while, I still don't understand or often forget what is being imported. I have to go back to the source code again and again.

And it's quite funny that they do things like this in tutorials. People come here to learn how to use the library, and they write orphans import statements assuming that the readers are already familiar with or experts in the library.

When you have a well-set-up IDE, you can just hover over the import statement and jump into source to see what's being imported. But what if I don't have a well-set-up IDE? And shouldn't we remember that high-level code is written for humans instead of for machines?

  • I have to go to the source code to see what is being imported.
  • I have to go to the source code to see what is being imported.
  • I have to go to the source code to see what is being imported.

What I could accept is syntax or prelude import like import cats.syntax.all.* or import cats.effect.prelude.* for many feasible reasons:

And I strongly suggest libraries maintainers to declare what would happen while import above import statements. It should be not too hard to write a comment around the import statements.

Explicit is better than implicit.

-- Python Zen2

Eplicit import is a pretty code smell

Footnotes

  1. No More Orphans

  2. The Zen of Python

How we made Haskell search strings as fast as Rust

date: 2024-10-20 · Tags: #haskell, #algorithm

Channable shares a post on how they made Haskell search strings as fast as Rust1.

Footnotes

  1. How we made Haskell search strings as fast as Rust: In this post, we will describe our quest to create Alfred–Margaret, the fastest Haskell implementation of the Aho–Corasick string searching algorithm, which powers string search in Channable.

io_uring and seccomp

date: 2024-10-13 · Tags: #system-programming

Till now I just known that io_uring is not enabled by default while using container (in the past day XD).

A side effect is that io_uring effectively bypasses the protections provided by seccomp filtering — we can't filter out syscalls we never make! This isn't a security vulnerability per se, but something you should keep in mind if you have especially paranoid seccomp rules. 1

Fortunately, moby and containerd have already added allow list for io_uring in seccomp filters. 23

But @tgross still suggest to to check up on if you're expecting seccomp filtering to harden your applications.

Footnotes

  1. io_uring and seccomp | 0x74696d

  2. seccomp: whitelist io-uring related system calls #39415

  3. seccomp: allow io-uring related system calls #4493

<
Prev
2024-12
Next
2024-06
>