The Changelog The Changelog #476  – Pinned

Supabase is all in on Postgres

This week Paul Copplestone, CEO of Supabase joined us to catch us up on the next big thing happening in the world of Postgres. Supabase might be best known as “the open source Firebase alternative,” a tagline they might be reluctant to maintain. But from Adam’s perspective, he’s never been more excited about what they’re bringing to market for Postgres fans. In the last year, Supabase has gone from 0 to more than 80,000 databases on their platform — and they’re still in beta…and it’s open source. Hopefully today’s show sheds some light on why everyone is talking about Supabase.

Culture cheapskatesguide.org

The old internet shows signs of quietly coming back

Old as in old school cool not old as in passe:

Despite the new gatekeepers’ best efforts, the old Internet never completely disappeared. Personal websites created by individuals that have always been the meat of the old Internet are still around. They are still about exploration, innovation, fun, and all the rest. Try as the new gatekeepers have, they simply have not had the power to eradicate the old Internet completely. All they can do is pretend it does not exist. And, that is exactly what they do.

But…

… the old Internet seems to be slowly and quietly coming back, and it is coming back even better than before. Now it has better technology and an additional well-defined purpose that it never had before.

Some people have begun to refer to personal websites as the “indie web”, the “small Internet”, or the “smol Internet”. Some seem to reserve the last two terms exclusively for the Gemini Network, which nearly quadrupled in size last year. But, I think all three terms should also apply to some of the other networks that use alternative networking protocols–the Gopher Network, the Tor network, and the ZeroNet network, to name a few.

Ars Technica Icon Ars Technica

A bug lurking for 12 years gives attackers root on every major Linux distro

Linux users on Tuesday got a major dose of bad news—a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running any major distribution of the open source operating system.

Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes. It provides a mechanism for nonprivileged processes to safely interact with privileged processes. It also allows users to execute commands with high privileges by using a component called pkexec, followed by the command.

Oh my. It requires local access first, which is the only good news here.

Databases github.com

PRQL – a modern language for transforming data

PRQL (pronounced “Prequel”) aims to be “a simpler and more powerful SQL”

Like SQL, it’s readable, explicit and declarative. Unlike SQL, it forms a logical pipeline of transformations, and supports abstractions such as variables and functions. It can be used with any database that uses SQL, since it transpiles to SQL.

To get an idea on PRQL’s design, they provide this SQL statement as an example:

SELECT TOP 20
    title,
    country,
    AVG(salary) AS average_salary,
    SUM(salary) AS sum_salary,
    AVG(salary + payroll_tax) AS average_gross_salary,
    SUM(salary + payroll_tax) AS sum_gross_salary,
    AVG(salary + payroll_tax + benefits_cost) AS average_gross_cost,
    SUM(salary + payroll_tax + benefits_cost) AS sum_gross_cost,
    COUNT(*) as count
FROM employees
WHERE salary + payroll_tax + benefits_cost > 0 AND country = 'USA'
GROUP BY title, country
ORDER BY sum_gross_cost
HAVING count > 200

And then translate it to PRQL, which looks like:

from employees
filter country = "USA"                           # Each line transforms the previous result.
let gross_salary = salary + payroll_tax          # This _adds_ a column / variable.
let gross_cost   = gross_salary + benefits_cost  # Variables can use other variables.
filter gross_cost > 0
aggregate by:[title, country] [                  # `by` are the columns to group by.
    average salary,                              # These are the calcs to run on the groups.
    sum     salary,
    average gross_salary,
    sum     gross_salary,
    average gross_cost,
    sum     gross_cost,
    count,
]
sort sum_gross_cost                              # Uses the auto-generated column name.
filter count > 200
take 20

Troy Hunt troyhunt.com

How I got pwned by my cloud costs

Troy Hunt (of Have I been Pwned fame) has been a vocal proponent of cloud-first services for awhile. Last December, that strategy came back to bite him:

It all started with my monthly Azure bill for December which was way over what it would normally be. It only took a moment to find the problem…

He goes on to tell the tale in excruciating detail. Be careful out there, cloud natives.

Vue.js github.com

Wordle built with Vue, aka VVordle

Rebuilding Wordle is a fun way to show off what your frontend framework is capable of (and how). Evan You has been doing just that for Vue. It’s not a 100% reproduction of the original, but it does have one cool feature the official game does NOT:

You can make your own Wordle and send it to friends by base64-encoding a word and include it as the URL query

Here’s a custom one using an acronym that many devs think about often…

Nix blog.wesleyac.com

The curse of NixOS

Wesley Aptekar-Cassels has been using NixOS on his main laptop for ~3 years and he’s ready to talk about it:

I don’t think that NixOS is the future, but I do absolutely think that the ideas in it are, so I want to write about what I think it gets right and what it gets wrong, in the hopes that other projects can take note. As such, this post will not assume knowledge of NixOS — if you’ve used NixOS significantly, there probably isn’t anything new in here for you.

Test Double Icon Test Double

Stop paying tech debts, start maintaining code

Jesse O’Brien from Test Double wants us to stop using the term “Tech Debt”

There’s loads of reasons why unmaintainable code ends up running in the systems our products are built on, but none of these fit the definition of debt.

Instead, I propose we drop the term Tech Debt and start talking about maintenance tasks. Maintenance is what we’re really talking about. When parts on our car or bicycle suffers wear from driving them around, we don’t talk to our mechanic about “mechanical debt”. (Go back and re-read that sentence, but replace things with “software” and “programmers”). We talk about maintenance.

This post starts as mostly a semantic debate, and I’m not convinced by his arguments there. I think the debt metaphor is useful when you’re talking about trading quality for speed. That’s what you do when you take on debt: you trade higher cost at a future date (principle + interest) to gain access to the money today (speed).

That being said, I really like where Jesse ends this piece talking about software maintenance and methods of going about it. Lots of actionable advice there and I’m 100% onboard with talking about software maintenance early and often. One of the first things I consider when somebody approaches me with a feature idea is ask myself: what will this cost to maintain?

Ship It! Ship It! #36

Keep on-call simple

Gerhard loves simple ideas executed well, which is why he is excited to be speaking today with Ildar Iskhakov & Matvey Kukuy about their startup Amixr, a.k.a. Grafana OnCall.

Ildar & Matvey started with a simple idea and a simple stack - Django, Celery, RabbitMQ & MySQL - all running on Kubernetes. Because they kept their main thing their main thing, and kept improving it every day for a couple of years, now your on-call can be simple too.

This is another Big Tent philosophy story with a Black Swan moment towards the end.

Zach Leatherman zachleat.com

Eleventy v1.0.0, the stable release

Eleventy creator, Zach Leatherman:

This project would not be possible without our lovely community. Thank you to everyone that built something with Eleventy (×476 authors on our web site!), wrote a blog post about Eleventy, contributed code to core or plugins, documentation, asked questions, answered questions, braved The Leaderboards, participated on Discord, filed issues, attended (or organized!) a meetup, said a kind word on Twitter ❤️.

Congrats to Zach and the entire Eleventy community on the big 1.0! 🎉

Go Time Go Time #213

AI-driven development in Go

Alexey Palazhchenko joins Natalie to discuss the implications of GitHub’s Copilot on code generation. Go’s design lends itself nicely to computer generated authoring: thanks to go fmt, there’s already only one Go style. This means AI-generated code will be consistent and seamless. Its focus on simplicity & readability make it tailor made for this new approach to software creation. Where might this take us?

Git render.com

Git organized: a better git flow

Imagine this: you’ve been paged to investigate a production incident, and after some digging, you identify the commit with the breaking code. You decide to revert the change:

git revert 1a2b3c

Unfortunately, in doing so, a new bug is introduced! As it turns out, hidden in that old “broken” commit was some code that another part of the app depended upon, and when you reverted those lines, it left the site once again in a broken state. 🙃 Oh dear.

How can situations like this be avoided? To answer this question, we first need to examine how these types of commits come to be.

If you’ve never heard of or used git reset… this article is a must-read.

Podcasts from Changelog

Weekly shows about software development, developer culture, open source, building startups, artificial intelligence, brain science, and the people involved.

0:00 / 0:00