Contents Command Line Interface Guidelines An open-source guide to help you write better command-line programs, taking traditional UNIX principles and updating them for the modern day. Authors Aanand Prasad Engineer at Squarespace, co-creator of Docker Compose. @aanandprasad Ben Firshman Co-creator Replicate, co-creator of Docker Compose. @bfirsh Carl Tashian Offroad Engineer at Smallstep, first e
関数名、メソッド名、変数名でよく使う英単語のまとめ
プログラミングをしていると関数名、メソッド名、変数名をどうするか悩みます。 ロジックより命名に時間を費やすこともざらにあります。翻訳したり、一般的な命名規則なのかいつも検索して大変です。 よく使うサイトの内容をコピってメモしておく 関数名とメソッド名の違いについて よく使う英単語のまえに、いつもごっちゃにして使っているけど、定義はこんな感じ 「関数」と「メソッド」の違い 似ているところ どちらも何か(引数)を入れると処理をして何か(戻り値)を返してくれます。 違うところ やってること自体は大差ありません。概念としては違います。 メソッドはオブジェクト指向で登場する用語で、オブジェクトの動作を定義したものです。 まずオブジェクトありきなのですね。一方の関数は、オブジェクト云々は関係ありません。 個人的な使い分け Java で登場する関数は「メソッド」です。C 言語で登場する関数は「関数」と呼
REST API Design Best Practices Handbook – How to Build a REST API with JavaScript, Node.js, and Express.js
By Jean-Marc Möckel I've created and consumed many API's over the past few years. During that time, I've come across good and bad practices and have experienced nasty situations when consuming and building API's. But there also have been great moments. There are helpful articles online which present many best practices, but many of them lack some practicality in my opinion. Knowing the theory with
Developers are increasingly relying on AI coding assistants to accelerate our daily workflows. These tools can autocomplete functions, suggest bug fixes, and even generate entire modules or MVPs. Yet, as many of us have learned, the quality of the AI’s output depends largely on the quality of the prompt you provide. In other words, prompt engineering has become an essential skill. A poorly phrased
NETGEAR社製ルーターにおける認証不要の任意コード実行の技術的解説(PSV-2022-0044) - GMO Flatt Security Blog
※本記事は先立って公開された英語版記事を翻訳し、日本語圏の読者向けに一部改変したものです。 画像出典: https://www.netgear.com/business/wifi/access-points/wac124/ はじめに こんにちは、株式会社Flatt Securityのstypr(@stereotype32)です。 一昨年、日本のOSS製品で発見された0day脆弱性に関する技術解説をブログに書きました。 それ以来、私は様々な製品に多くの脆弱性を発見してきました。残念ながら私が見つけたバグのほとんどはすぐに修正されなかったので、今日まで私が見つけた、技術的に興味深い脆弱性の情報を共有する機会がありませんでした。 本記事では、NETGEAR社のWAC124(AC2000)ルーターにおいて、様々な脆弱性を発見し、いくつかの脆弱性を連鎖させて、前提条件なしに未認証ユーザーの立場からコ
抜粋 : Release cadence - Amazon Linux 2023 メジャーリリースとマイナーリリースの内容は以下AWS公式ドキュメントに記載されています。メジャーリリース時には互換性があるか十分に検証した上でアップデートしましょう。 Major version release— Includes new features and improvements in security and performance across the stack. The improvements might include major changes to the kernel, toolchain, Glib C, OpenSSL, and any other system libraries and utilities. Major releases of Amazon Linux ar
A few months ago, I set myself the challenge of writing a C compiler in 500 lines of Python1, after writing my SDF donut post. How hard could it be? The answer was, pretty hard, even when dropping quite a few features. But it was also pretty interesting, and the result is surprisingly functional and not too hard to understand! There's too much code for me to comprehensively cover in a single blog
今回はStarFive Technology製のRISC-Vシングルボードコンピューター(SBC)であるVisionFive 2にDebianをインストールして、その性能を計測してみましょう。 RISC-VとVisionFive 2 RISC-V(りすく・ふぁいぶ)は今もっとも熱い命令セットアーキテクチャーです。2010年頃に生まれたRISC-Vは、オープンな規格という強みを活かしてどんどんエコシステムを構築し、今では様々な企業がRISC-Vに本格的に手を出す状況になっています。AMD64/Intel 64やARMには性能も普及度合いもまだまだ及びませんが、今の勢いを維持できれば近い将来その状況は変わってくるでしょう。 本連載でも2018年ぐらいから、RISC-Vの記事を何度か取り上げていました。 第505回:「オープン規格の新しい命令セットアーキテクチャRISC-V入門 ツールチェインを
Go is still not good
Previous posts Why Go is not my favourite language and Go programs are not portable have me critiquing Go for over a decade. These things about Go are bugging me more and more. Mostly because they’re so unnecessary. The world knew better, and yet Go was created the way it was. For readers of previous posts you’ll find some things repeated here. Sorry about that. Error variable scope is forced to b
Memory Allocation
One thing that all programs on your computer have in common is a need for memory. Programs need to be loaded from your hard drive into memory before they can be run. While running, the majority of what programs do is load values from memory, do some computation on them, and then store the result back in memory. In this post I'm going to introduce you to the basics of memory allocation. Allocators
Today, we are excited to announce the launch of .NET 10, the most productive, modern, secure, intelligent, and performant release of .NET yet. It’s the result of another year of effort from thousands of developers around the world. This release includes thousands of performance, security, and functional improvements across the entire .NET stack-from languages and developer tools to workloads-enabl
Today we’re excited to announce the release of TypeScript 5.2! If you’re not familiar with TypeScript, it’s a language that builds on top of JavaScript by making it possible to declare and describe types. Writing types in our code allows us to explain intent and have other tools check our code to catch mistakes like typos, issues with null and undefined, and more. Types also power TypeScript’s edi
Gamedev in Lisp. Part 1: ECS and Metalinguistic Abstraction - cl-fast-ecs by Andrew
Gamedev in Lisp. Part 1: ECS and Metalinguistic Abstraction In this series of tutorials, we will delve into creating simple 2D games in Common Lisp. The result of the first part will be a development environment setup and a basic simulation displaying a 2D scene with a large number of physical objects. It is assumed that the reader is familiar with some high-level programming language, has a gener
Node.js
Notable changes built-in .env file support Starting from Node.js v20.6.0, Node.js supports .env files for configuring environment variables. Your configuration file should follow the INI file format, with each line containing a key-value pair for an environment variable. To initialize your Node.js application with predefined configurations, use the following CLI command: node --env-file=config.env
Perl 5.32の連鎖比較(Chained comparisons)はどの様に実装されているのか - Acme::AnaTofuZ->new;
この記事はPerl Advent Calendar 2020と琉大 Advent Calendar 2020の11日目の記事です。 PerlはPerl5になって長いですが、現在の最新の安定版のバージョンは5.32です。 Perl5.32で取り入れられた(厳密には5.31からですが)のおもしろ機能として連鎖比較(Chained comparisons)が存在します。 今までPerlで数値などが特定の範囲に含まれているかどうかをif文で判定するには次の様に書く必要がありました。 if (10 < $n && $n <= 20) これがこう書ける様になります!!! if ( 10 < $n <= 20 ) {...} 便利!!!!!!!!!!!!!!!!!!!!!!!! ...........というわけで、この便利な連鎖比較がどの様に実装されているかを探検してみます。 言語処理系の実装 さて今か
When people say “debuggers are useless and using logging and unit-tests is much better,” I suspect many of them think that debuggers can only put breakpoints on certain lines, step-step-step through the code, and check variable values. While any reasonable debugger can indeed do all of that, it’s only the tip of the iceberg. Think about it; we could already step through the code 40 years ago, sure
Parsing SQL - Strumenta
The code for this tutorial is on GitHub: parsing-sql SQL is a language to handle data in a relational database. If you worked with data you have probably worked with SQL. In this article we will talk about parsing SQL. It is in the same league of HTML: maybe you never learned it formally but you kind of know how to use it. That is great because if you know SQL, you know how to handle data. However
The Ultimate Interactive JQ Guide Learn how to search, query, and modify JSON data with 25 interactive jq examples and explanations Cover Photo by Pixabay Has this ever happened to you? You’ve just received a massive JSON file that looks like it was designed to confuse you. Or maybe you entered a command, and you got so much JSON that it looks incomprehensible. Important: Level up your jq skills w
Over the course of my Spring 2020 semester at Harvey Mudd College, I developed a self-hosting compiler entirely from scratch. This article walks through many interesting parts of the project. It’s laid out so you can just read from beginning to end, but if you’re more interested in a particular topic, feel free to jump there. Or, take a look at the project on GitHub. Table of contents What the pro
2025-05-06, Version 24.0.0 (Current), @RafaelGSS and @juanarbol We’re excited to announce the release of Node.js 24! This release brings several significant updates, including the upgrade of the V8 JavaScript engine to version 13.6 and npm to version 11. Starting with Node.js 24, support for MSVC has been removed, and ClangCL is now required to compile Node.js on Windows. The AsyncLocalStorage API
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation | Datadog Security Labs
emerging threats and vulnerabilities The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation November 1, 2022 emerging vulnerability On November 1, 2022, the OpenSSL Project released a security advisory detailing a high-severity vulnerability in the OpenSSL library. Deployments of OpenSSL from 3.0.0 to 3.0.6 (included) are vulnerable and are fixed in
Tier 4 Support § Support for these targets is entirely experimental. If this target is provided by LLVM, LLVM may have the target as an experimental target, which means that you need to use Zig-provided binaries for the target to be available, or build LLVM from source with special configure flags. zig targets will display the target if it is available. This target may be considered deprecated by
Update 1.78.1: The update addresses this security issue. Update 1.78.2: The update addresses these issues. Downloads: Windows: x64 Arm64 | Mac: Universal Intel silicon | Linux: deb rpm tarball Arm snap Welcome to the April 2023 release of Visual Studio Code. There are many updates in this version that we hope you'll like, some of the key highlights include: Accessibility improvements - Better scre
Beyond the 70%: Maximizing the human 30% of AI-assisted coding
This is a follow-up to my article “The 70% problem: Hard truths about AI-assisted coding” AI coding assistants like Cursor, Cline, Copilot and WindSurf have transformed how software is built, shouldering much of the grunt work and boilerplate. Yet, as experienced developers and industry leaders note, there remains a crucial portion of software engineering that AI does not handle well – roughly tha
Zig in 30 minutes
test.md A half-hour to learn Zig This is inspired by https://fasterthanli.me/blog/2020/a-half-hour-to-learn-rust/ Basics the command zig run my_code.zig will compile and immediately run your Zig program. Each of these cells contains a zig program that you can try to run (some of them contain compile-time errors that you can comment out to play with) You'll want to declare a main() function to get
I want to write a post about Pitchfork, explaining where it comes from, why it is like it is, and how I see its future. But before I can get to that, I think I need to share my mental model on a few things, in this case, Ruby’s GVL. For quite a long time, it has been said that Rails applications are mostly IO-bound, hence Ruby’s GVL isn’t that big of a deal and that has influenced the design of so
My thoughts on writing a Minecraft server from scratch (in Bash) For the past year or so, I've been thinking about writing a Minecraft server in Bash as a thought excercise. I once tried that before with the Classic protocol (the one from 2009), but I quickly realized there wasn't really a way to properly parse binary data in bash. Take the following code sample: function a() { read -n 2 uwu echo
Tier 4 Support § Support for these targets is entirely experimental. If this target is provided by LLVM, LLVM may have the target as an experimental target, which means that you need to use Zig-provided binaries for the target to be available, or build LLVM from source with special configure flags. zig targets will display the target if it is available. This target may be considered deprecated by
Python behind the scenes #13: the GIL and its effects on Python multithreading
As you probably know, the GIL stands for the Global Interpreter Lock, and its job is to make the CPython interpreter thread-safe. The GIL allows only one OS thread to execute Python bytecode at any given time, and the consequence of this is that it's not possible to speed up CPU-intensive Python code by distributing the work among multiple threads. This is, however, not the only negative effect of
Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s directly involved in the CUPS project said: From a generic security point of view, a whole Linux system as it is nowadays is just an endless and hopeless mess of security holes waiting to be exploited
Introduction Some part of me has always been fascinated with coercing code to run in weird places. I scratch this itch a lot with my security research projects. These often lead me to writing shellcode to run in kernels or embedded hardware, sometimes with the only way being through an existing bug. For those not familiar, shellcode is honestly hard to describe. I don’t know if there’s a very form
Reading the excellent article by JeanHeyd Meneide on how broken string encoding in C/C++ is made me realise that Unicode is a topic that is often overlooked by a large number of developers. In my experience, there’s a lot of confusion and wrong expectations on what Unicode is, and what best practices to follow when dealing with strings that may contain characters outside of the ASCII range. This a
I spend an awful lot of my day in Unix terminals running shell commands. For some reason, the variance in efficiency between different people when using the shell is huge: I know people who can run rings around me, and I’ve come across more than one paid professional who doesn’t use the “up” key to retrieve the previous command. I chose that last example very deliberately: most of the commands mos
Rust Programming Language Tutorial – How to Build a To-Do List App
By Claudio Restifo Since its first open-source release in 2015, the Rust programming language has gained a lot of attention from the community. It's also been voted the most loved programming language on StackOverflow's developer survey each year since 2016. Rust was designed by Mozilla and is considered a system programming language (like C or C++). It has no garbage collector, which makes its pe
Try Mastering Emacs for free! Are you struggling with the basics? Have you mastered movement and editing yet? When you have read Mastering Emacs you will understand Emacs. It’s that time again: there’s a new major version of Emacs and, with it, a treasure trove of new features and changes. Notable features include the formal inclusion of native compilation, a technique that will greatly speed up y
Rust for Secure IoT Applications: Why C Is Getting Rusty
www.embedded-world.eu Rust for Secure IoT Applications Why C Is Getting Rusty Mario Noseda, Fabian Frei, Andreas Rüst, Simon Künzli Zurich University of Applied Sciences (ZHAW) Institute of Embedded Systems (InES) Winterthur, Switzerland mario.noseda@zhaw.ch, fabian.frei@zhaw.ch, andreas.ruest@zhaw.ch, simon.kuenzli@zhaw.ch Abstract— Memory corruption is still the most used type of exploit in toda
vim9script4pythondevelopers.md Vim9 script for Python Developers Vim9 script�Vim script��������������������������������������������������系��� def������義����������Vim script��vim9script�����使����������(vim9script���
Node.js
Notable changes Add support for externally shared js builtins By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code
Renato Athaydes
Revenge of Lisp (Part 1⁄2) Background vector created by upklyak - www.freepik.com This may surprise you if you know me, but I’ve been learning Common Lisp for a few weeks now. It all started when I was reading, funnily enough, a blog post about another, much more hyped, language called Julia. The post was titled Julia and the reincarnation of Lisp, and in it the author lamented that despite his lo
A professional programmer delivers value through the authoring and maintaining of software that solves problems. (There are other important ways for professional programmers to deliver value but this post is about programming.) Programmers rely on various tools to author software. Arguably the most important and consequential choice of tool is the programming language. In this post, I will articul
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Command Line Interface Guidelines
The Prompt Engineering Playbook for Programmers
Amazon Linux 2023がGAされました | DevelopersIO
Writing a C compiler in 500 lines of Python
第752回 RISC-VのシングルボードコンピューターであるVisionFive 2を使ってみる | gihyo.jp
Announcing .NET 10 - .NET Blog
Announcing TypeScript 5.2 - TypeScript
What a good debugger can do 🔮
The Ultimate Interactive JQ Guide
Kalyn: a self-hosting compiler for x86-64
Node.js — Node.js v24.0.0 (Current)
0.8.0 Release Notes ⚡ The Zig Programming Language
April 2023 (version 1.78)
So You Want To Remove The GVL?
My thoughts on writing a Minecraft server from scratch (in Bash)
0.10.0 Release Notes ⚡ The Zig Programming Language
Attacking UNIX Systems via CUPS, Part I
Rust on MIPS64 Windows NT 4.0
Unicode is harder than you think · mcilloni's blog
Laurence Tratt: Better Shell History Search
What's New in Emacs 28.1?
Vim9 script for Python Developers · GitHub
Gregory Szorc's Digital Home | Rust is for Professionals