Links

Tuesday 2024-04-16 Assorted Links
Assorted Links links
Published: 2024-04-16
Tuesday 2024-04-16 Assorted Links

Assorted links for Tuesday, April 16:

  1. Shared Responsibility Model
  2. Estimating the effort to build a Bazel CI/CD
  3. The Secret Sauce of Tik-Tok’s Recommendations
  4. Tulip: Modernizing Meta’s data platform
  5. How the GitHub Docs team uses GitHub Projects
  6. io_uring and networking in 2023
  7. The technology behind GitHub’s new code search
  8. Fast and Furious: Doubling Down on SBOM Drift
  9. How DoorDash Upgraded a Heuristic with ML to Save Thousands of Canceled Orders
  10. How to Increase Deployment Observability and Simplify Deployment Pipelines
Monday 2024-04-15 Assorted Links
Assorted Links links
Published: 2024-04-15
Monday 2024-04-15 Assorted Links

Assorted links for Monday, April 15:

  1. cURL audit: How a joke led to significant findings
  2. Incident travel time: The real investment is how fast you get there
  3. Introducing Hermes, An Open Source Document Management System
  4. Unreadable Metrics: Why You Can’t Find Anything in Your Monitoring Dashboards: A Guide to Effective Dashboard Design for DevOps and SRE
  5. A Complete Guide to Google’s Core Web Vitals and How to Optimize Them
  6. What Are Structured Logs and How Do They Improve Performance?
  7. The life of a DNS query in Kubernetes
  8. Building a Staging Environment for Data Teams
  9. Getting Started With Java Development in 2023 — An Opinionated Guide
  10. Fairness in multi-tenant systems
Friday 2024-04-12 Assorted Links
Assorted Links links
Published: 2024-04-12
Friday 2024-04-12 Assorted Links

Assorted links for Friday, April 12:

  1. Software Supply Chain Attestation the Easy Way
  2. How Many Is Too Much? Exploring Costs of Coordination During Outages
  3. How We Keep Our Government Apps Running With High Reliability: A Peek at Our Incident Management Strategy
  4. Infrastructure as Code is Not the Answer!
  5. 20 Terraform Best Practices to Improve your TF workflow
  6. SBoMs with Dracon, cheaper, faster, more accurate, better
  7. The State of Secrets Sprawl 2023
  8. The COGS Problem
  9. Presets for bazelrc
  10. The Biggest Cloud Native Strategy Mistake
Thursday 2024-04-11 Assorted Links
Assorted Links links
Published: 2024-04-11
Thursday 2024-04-11 Assorted Links

Assorted links for Thursday, April 11:

  1. GNU Stow 2.4.0 released – I use stow whenever I’m installing custom-compiled software.
  2. Security Vulnerability of HTML Emails

    The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the email appeared in your inbox, it changed. The innocent pretext disappeared and the real phishing email became visible. A phishing email you had to trust because you knew the sender and they even confirmed that they had forwarded it to you.

  3. Improved Alerting with Atlas Streaming Eval
  4. Why choose sum types over exceptions?
  5. Refresh vs. Long-lived Access Tokens
  6. Why you should use io_uring for network I/O
  7. Clocks and Causality - Ordering Events in Distributed Systems
  8. Twitter’s Recommendation Algorithm
  9. Introducing self-service SBOMs
  10. Practical tips for rightsizing your Kubernetes workloads
Wednesday 2024-04-10 Assorted Links
Assorted Links links
Published: 2024-04-10
Wednesday 2024-04-10 Assorted Links

Assorted links for Wednesday, April 10:

  1. Windows debugger trick: Breaking when a specific debugger message is printed
  2. Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting
  3. Developers with AI assistants need to follow the pair programming model
  4. How Copilot is being used by the Time Travel Debugging team for repetitive C++ coding
  5. Anatomy of a credit card rewards program
  6. How do mixture-of-experts layers affect transformer models?
  7. What is retrieval-augmented generation, and what does it do for generative AI?
  8. Timeline of the xz open source attack
  9. Bullying in Open Source Software Is a Massive Security Vulnerability
  10. Reverse Searching Netflix’s Federated Graph
Tuesday 2024-04-09 Assorted Links
Assorted Links links
Published: 2024-04-09
Tuesday 2024-04-09 Assorted Links

Assorted links for Tuesday, April 9:

  1. OpenBSD system-call pinning
  2. The Rise and Fall of Silicon Graphics
  3. Fine-grained RBAC for GitHub Action workflows With GitHub OIDC and HashiCorp Vault
  4. Using the Platform Engineering Maturity Model to Understand the Commitment Required for an Internal Developer Platform
  5. Best practices for monitoring software testing in CI/CD
  6. File Monitoring with eBPF and Tetragon (Part 1)
  7. Documentation as code: Principles, workflow, and challenges
  8. The lifecycle of a code AI completion
  9. What we know about the xz Utils backdoor that almost infected the world
  10. Bringing enterprise-level security and even more power to GitHub-hosted runners
Monday 2024-04-08 Assorted Links
Assorted Links links
Published: 2024-04-08
Monday 2024-04-08 Assorted Links

Assorted links for Monday, April 8:

  1. GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands: The speed increase is by increasing the default block size from 128KiB to 256KiB. Anyone still working in 4KiB or 64KiB blocks? Time to increase!
  2. Biden orders every US agency to appoint a chief AI officer

    As chief AI officers, appointees will serve as senior advisers on AI initiatives, monitoring and inventorying all agency uses of AI. They must conduct risk assessments to consider whether any AI uses are impacting “safety, security, civil rights, civil liberties, privacy, democratic values, human rights, equal opportunities, worker well-being, access to critical resources and services, agency trust and credibility, and market competition,” OMB said.

  3. Oregon Just Passed a Monumental ‘Right to Repair’ Law

    [W]hat sets this Oregon law apart from the other three states is that is bans “parts pairing,” a term that describes when companies prevent unauthorized parts from functioning in their devices.

  4. Bing on .NET 8: The Impact of Dynamic PGO: .NET continues to deliver significant performance improvements release after release, with near-perfect backwards compatibility.
  5. Google says running AI models on phones is a huge RAM hog: Is it possible that the largest barrier to Artificial General Intelligence (AGI) will be the amount of computing resources (RAM, GPU, electricity, etc.) necessary to run it?
  6. Why the Department of Justice Cares About Green Bubbles on iPhones
  7. Garbage Collection for Systems Programmers
  8. Making AI powered .NET apps more consistent and intelligent with Redis
  9. Improvements to static analysis in the GCC 14 compiler
  10. Running local tools installed by Bazel
Friday 2024-04-05 Assorted Links
Assorted Links links
Published: 2024-04-05
Friday 2024-04-05 Assorted Links

Assorted links for Friday, April 5:

  1. Scaling up the Prime Video audio/video monitoring service and reducing costs by 90% – a case study of moving from distributed microservices back to a monolith application
  2. Shaping live sports publishing traffic through a distributed scheduling system
  3. Debugging a FUSE deadlock in the Linux kernel
  4. Enum Class Bitmasks
  5. Bazel in CI (Part 1): Commit Under Test
  6. Bazel in CI (Part 2): Worker Setup
  7. Bazel Caching Explained (pt. 3): Repository Cache
  8. Fast builds, secure builds. Choose two. – How Stripe uses Bazel for build and test pipelines.
  9. Bazel roadmap
  10. Introducing rules_oci – A replacement for rules_docker which builds container images.
Thursday 2024-04-04 Assorted Links
Assorted Links links
Published: 2024-04-04
Thursday 2024-04-04 Assorted Links

Assorted links for Thursday, April 4:

  1. Why SQLite is so great for the edge
  2. OpenTelemetry: The Star of KubeCon 2023
  3. Awesome Load Management
  4. Warden: Real Time Anomaly Detection at Pinterest
  5. Packaging Open Policy Agent policies with Nix
  6. OpenSearch vs Solr: Which One Is Better to Use?
  7. 7 Core Elements of an Internal Developer Platform
  8. Native Frame Rate Playback – Netflix Technology Blog
  9. Applying GitOps principles to your operations
  10. Highlights from Git 2.41
Wednesday 2024-04-03 Assorted Links
Assorted Links links
Published: 2024-04-03
Wednesday 2024-04-03 Assorted Links

Assorted links for Wednesday, April 3:

  1. Imaginary Problems Are the Root of Bad Software
  2. DevOps uses a capability model, not a maturity model
  3. Read Every Single Error
  4. Ditch the Template: Incident Write-ups They Want to Read
  5. Load Balancing
  6. 10+ Best Tools & Systems for Monitoring Ubuntu Server Performance (2023 Comparison)
  7. How We Improved Our Monitoring Stack With Only a Few Small Changes
  8. What Every Developer Should Know About AWS Vault
  9. Move over, Dockerfiles! The new way to craft containers
  10. Software Bill of Materials (SBOM)