Things we wish we didn't know

zb is a tool for reproducibly building software, similar to Bazel.
(See the comparison page if you’re curious to know the differences.)
When a software build process is reproducible,
it will produce the exact same output
when given the same inputs.
Reproducibility is a desirable property for a software build process to have:
it simplifies debugging,
it enables build speed-ups,
and it is essential for digital supply chain security.
However, reproducibility is a difficult goal to achieve.

Every so often I come across a paper, blog post, or (occasionally) video that completely changes how I think about a topic in programming languages and compilers. For some of these posts, I can’t even remember how I thought about the idea before reading it—it was that impactful.

Games can be made in many different ways. Many games are made using big, general purpose game engines such as Unity and Godot. I enjoy using the Odin Programming Language combined with Raylib.
Odin is a C-like programming language and Raylib is library for drawing graphics, checking input and playing sounds. So it’s just a program that uses a simple library, no engine!
There are no objectively best ways to create games.

When people say Rust is a “safe language”, they often mean memory safety.
And while memory safety is a great start, it’s far from all it takes to build robust applications.
Memory safety is important but not sufficient for overall r…

Security testing starts with understanding vulnerabilities. The CVE website lists known software flaws. The OWASP Top Ten highlights common weaknesses. With this knowledge, we can improve our Go development. This article shows how to put in place robust practices. They are to: fuzz inputs, verify dependencies, and use static analysis tools (SAST).

A write-ahead log is not a universal part of durability

Between our ESP32 prokaryotic organisms and our 24/7 Internet-enabled megafauna servers, there exists a vast and loosely-defined ecosystem of things the B2B world likes to call computer appliances. Picture a bespoke Pi 4 packaged up neatly with some Python scripts, a little fancy plastic embossing, and maybe a well-guarded id_ed25519.pub in case you end up in hot water during the (long - very long, stable cash flow for generations long) maintenance contract, and you’re in the ballpark.

There’s plenty of information out there on how to scale Django to handle numerous requests per second, but most of it…

Sales pitches are the only place where “self-serve dashboards" work. In the real world, it's a different story.

Why "business" people don't use metabase/power-bi.

Rust and Node aren't bad for encouraging dependency use -- your favorite language's tools just suck.

piku, inspired by dokku, allows you do git push deployments to your own servers, no matter how small they are.