News and podcasts for developers

Adam and Jerod are joined by Ken Kantzer, co-founder of PKC Security. Ken and his team performed upwards of 20 code audits on well-funded startups. Now that it’s 7 or 8 years later, he wrote up 16 surprising observations and things he learned looking back at the experience. We gotta discuss ’em all!

A deep discussion on that tension between development speed and software quality. What is velocity? How does it differ from speed? How do we measure it? How do we optimize it?

I love the name “YOLO” for this because it’s single-stage, but I have to laugh that it’s now on its sixth version. You only live once… six times? 😆

VirtualBuddy can virtualize macOS 12 and later on Apple Silicon, with the goal of offering features that are useful to developers who need to test their apps on multiple versions of macOS, especially betas.

Ben Johnson, the creator of Litestream, joined Fly.io a few weeks after we migrated changelog.com - episode 50 has all the details. That was pure coincidence. What was not a coincidence, is Gerhard jumping at the opportunity to talk to Ben about Postgres vs SQLite with Litestream.

The prospect of running a cluster of our app instances spread across all regions, with local SQLite & Litestream replication, is mind boggling. Let’s find out from Ben what will it take to get there. Thanks Kürt for kicking off this dream.

Miguel Grinberg built a SQLite-backed web app for the blogging team at Twilio to track their effectiveness that started to respond slugishly when it grew much bigger than he expected (6.5 million individual daily traffic records, and with a user base that grew to over 200 employees).

He thought this might be a good time to switch to Postgres, but he wasn’t sure if the wins he expected would be realized:

Having publicly professed my dislike of performance benchmarks, I resisted the urge to look up any comparisons online, and instead embarked on a series of experiments to accurately measure the performance of these two databases for the specific use cases of this application.

In this in-depth article on Twilio’s blog (no doubt being tracked by Miguel’s web app as we speak) he goes into the details of his efforts with lots of interesting findings along the way (even a plot twist!). I’ll leave you with this statement from the end:

If you are going to take one thing away from this article, I hope it is that the only benchmarks that are valuable are those that run on your own platform, with your own stack, with your own data, and with your own software. And even then, you may need to add custom optimizations to get the best performance.

James Hawkins, after being on a team that’s interviewed over 725 people:

It’s normal for candidates not to ask harder questions about our company, so they usually miss out on a chance to (i) de-risk our company’s performance and (ii) to increase the chances they’ll like working here.

Does the company have product-market fit? How much runway does the company have? Does their spending look within reason? What’s the culture like? And more tough questions that you really should be asking before accepting that offer.

Drausin Wulsin, Director of ML at Immunai, joins Daniel & Chris to talk about the role of AI in immunotherapy, and why it is proving to be the foremost approach in fighting cancer, autoimmune disease, and infectious diseases.

The large amount of high dimensional biological data that is available today, combined with advanced machine learning techniques, creates unique opportunities to push the boundaries of what is possible in biology.

To that end, Immunai has built the largest immune database called AMICA that contains tens of millions of cells. The company uses cutting-edge transfer learning techniques to transfer knowledge across different cell types, studies, and even species.

The P in PRQL (pronounced “Prequel”) stands for Pipelined, which I’m convinced is a great way of writing and reasoning about queries:

A PRQL query is a linear pipeline of transformations

Each line of the query is a transformation of the previous line’s result. This makes it easy to read, and simple to write.

It compiles to SQL, which means it’s compatible with most databases already and there are currently bindings for Python, JS & Rust, which is the compiler itself.

Try it out in their web-based playground. (Thanks, Wasm!)

This is a minimal implementation of DALL·E Mini. It has been stripped to the bare essentials necessary for doing inference, and converted to PyTorch. The only third party dependencies are torch for the torch model and flax for the flax model.

How much mini-er can it get from here? 🤔

Excellent prose and super-useful diagrams make this post from architecture notes a 10/10 🏆

We’re experimenting with something new: a super-brief Monday edition of “The Changelog” to help start your week off right and keep you up with the fast-moving software world.

If you like this, would listen to it, and want us to keep it going… let us know in the comments or by tweeting @changelog. If you’d rather we didn’t… also let us know!

Rewind like video, see output in a pager, Vim-like keymaps, and more. “Viddy well, gopher. Viddy well.”

Brandon Rhodes’s solution to conflicts between his ~/bin scripts and system binaries: the humble comma

I heartily recommend this technique to anyone with their own ~/bin/ directory who wants their command names kept clean, tidy, and completely orthogonal to any commands that the future might bring to your system. The approach has worked for me for something like a decade, so you should find it immensely robust. And, finally, it’s just plain fun.

Nick went to Amsterdam for JSNation & React Summit 2022 and he joins Jerod to report on all the goodness! He also sits down with two special guests involved with the confs to talk Jest Preview and GraphQL Cache

• ⇄ Verifies across many different databases
• 🔍 Outputs diffs of rows in detail
• 🚨 Simple CLI/API to create monitoring and alerts
• 🔁 Bridges column types of different formats and levels of precision
• 🔥 Verify 25M+ rows in <10s, and 1B+ rows in ~5min
• ♾️ Works for tables with 10s of billions of rows

Speaking this morning at The Linux Foundation’s Open-Source Summit, Linus Torvalds talked up the possibilities of Rust within the Linux kernel and that it could be landing quite soon – possibly even for the next kernel cycle…

The Linux 5.20 merge window will open following the release of Linux 5.19 stable around the end of July, so at that point we’ll see if the Rust PR is submitted and lands for this next kernel version. It wouldn’t be too surprising with how things have been pacing and already having the blessing of Linus.

Lots of positivity about this in the attached comment thread.

The Documentary tells the story of how Svelte came to be, what makes Svelte different, and how it changes the game as a JavaScript framework. Filmed in locations throughout Europe and the US, it features Svelte’s creator Rich Harris and members from the core community who contributed to making Svelte what it is today.

Lots of familiar faces in this one.

The year is 2053. The tabs-vs-spaces wars are long over. Ron Evans is the only Go programmer still alive on Earth. All he does is maintain old Go code. It’s terrible! He must find a way to warn his fellow gophers before it’s too late. Good thing he finally got that PDQ transmission system working…

Laravel Pint is a zero-dependency PHP code style fixer for minimalists - built on top of PHP-CS-Fixer. Pint makes it simple to ensure that your code style stays clean and consistent.

Goggles enable anyone, be it individuals or a community, to alter the ranking of Brave search by using a set of instructions (rules and filters). Anyone can create, apply, or extend a Goggle. Essentially Goggles act as a custom re-ranking on top of Brave’s search index.

This could be really cool! A few examples use cases:

• No Pinterest - Rerank results to remove pages / threads hosted on Pinterest.
• Rust programming - Rerank results to boost content related to the Rust programming language.
• Hacker News / 1k short – Prioritizes domains popular with the Hacker News community, minus those that would rank among the top 1000 most-viewed websites.