Contents Command Line Interface Guidelines An open-source guide to help you write better command-line programs, taking traditional UNIX principles and updating them for the modern day. Authors Aanand Prasad Engineer at Squarespace, co-creator of Docker Compose. @aanandprasad Ben Firshman Co-creator Replicate, co-creator of Docker Compose. @bfirsh Carl Tashian Offroad Engineer at Smallstep, first e
関数名、メソッド名、変数名でよく使う英単語のまとめ
プログラミングをしていると関数名、メソッド名、変数名をどうするか悩みます。 ロジックより命名に時間を費やすこともざらにあります。翻訳したり、一般的な命名規則なのかいつも検索して大変です。 よく使うサイトの内容をコピってメモしておく 関数名とメソッド名の違いについて よく使う英単語のまえに、いつもごっちゃにして使っているけど、定義はこんな感じ 「関数」と「メソッド」の違い 似ているところ どちらも何か(引数)を入れると処理をして何か(戻り値)を返してくれます。 違うところ やってること自体は大差ありません。概念としては違います。 メソッドはオブジェクト指向で登場する用語で、オブジェクトの動作を定義したものです。 まずオブジェクトありきなのですね。一方の関数は、オブジェクト云々は関係ありません。 個人的な使い分け Java で登場する関数は「メソッド」です。C 言語で登場する関数は「関数」と呼
REST API Design Best Practices Handbook – How to Build a REST API with JavaScript, Node.js, and Express.js
By Jean-Marc Möckel I've created and consumed many API's over the past few years. During that time, I've come across good and bad practices and have experienced nasty situations when consuming and building API's. But there also have been great moments. There are helpful articles online which present many best practices, but many of them lack some practicality in my opinion. Knowing the theory with
Nikkei Advent Calendar 2023の 14 日目は IDE がやっていきます。いま Web チーム内の基盤改善を専門とするチームで活動しています。自分が入社するより前に作られてメンテナンスがあまりされていなかったシステムを、現代でも戦えるようにするお仕事をしています。メンテナンスを放置することはセキュリティ的によくないので、メンテナンスを専業で行っています。最近の自分の仕事は、今日紹介する rnikkei と呼ばれるマイクロサービス群の Node.js バージョンを、v12 から v18(一部は v20) まで引き上げることです。この rnikkei は当初「爆速の日経」と呼ばれていた頃に設計・実装されたサービスです。今日はそのような過去に作られたサービスにもう一度スポットライトを当ててみようと思います。 see: https://marketing.itmedia.c
Developers are increasingly relying on AI coding assistants to accelerate our daily workflows. These tools can autocomplete functions, suggest bug fixes, and even generate entire modules or MVPs. Yet, as many of us have learned, the quality of the AI’s output depends largely on the quality of the prompt you provide. In other words, prompt engineering has become an essential skill. A poorly phrased
バージョンについては2025年2月時点での数字です。UbuntuのシステムPythonの場合、同じリリースでもマイクロバージョン(X.Y.Zの「Z」の部分)についてはアップグレードされることがあります。 UbuntuではもともとPython 2を使っていました。その後、Python 3へと段階的に移行し、2017年10月にリリースされた17.10からデスクトップ版でもPython 2が標準ではインストールされなくなりました。それからもPython 2のパッケージ自体は存在したのですが、2024年4月の24.04までにPython 2関連パッケージはすべてインストールできないようになっています。 ちなみにリリースによっては、「複数のバージョンのPython」を提供していることもあります。たとえばUbuntu 22.04 LTSのシステムPythonのバージョンは3.10.6ですが、「py
NETGEAR社製ルーターにおける認証不要の任意コード実行の技術的解説(PSV-2022-0044) - GMO Flatt Security Blog
※本記事は先立って公開された英語版記事を翻訳し、日本語圏の読者向けに一部改変したものです。 画像出典: https://www.netgear.com/business/wifi/access-points/wac124/ はじめに こんにちは、株式会社Flatt Securityのstypr(@stereotype32)です。 一昨年、日本のOSS製品で発見された0day脆弱性に関する技術解説をブログに書きました。 それ以来、私は様々な製品に多くの脆弱性を発見してきました。残念ながら私が見つけたバグのほとんどはすぐに修正されなかったので、今日まで私が見つけた、技術的に興味深い脆弱性の情報を共有する機会がありませんでした。 本記事では、NETGEAR社のWAC124(AC2000)ルーターにおいて、様々な脆弱性を発見し、いくつかの脆弱性を連鎖させて、前提条件なしに未認証ユーザーの立場からコ
抜粋 : Release cadence - Amazon Linux 2023 メジャーリリースとマイナーリリースの内容は以下AWS公式ドキュメントに記載されています。メジャーリリース時には互換性があるか十分に検証した上でアップデートしましょう。 Major version release— Includes new features and improvements in security and performance across the stack. The improvements might include major changes to the kernel, toolchain, Glib C, OpenSSL, and any other system libraries and utilities. Major releases of Amazon Linux ar
A few months ago, I set myself the challenge of writing a C compiler in 500 lines of Python1, after writing my SDF donut post. How hard could it be? The answer was, pretty hard, even when dropping quite a few features. But it was also pretty interesting, and the result is surprisingly functional and not too hard to understand! There's too much code for me to comprehensively cover in a single blog
【Python】これはするな選手権 - Qiita
まえがき おはようございます。 諸事情によりPythonについての技術書を読むことになったのですが、 掲載されているいくつかのコードを見ていると「えぇ…」と思うことが多々ありましたので、ここで共有したいと思います。 なお、この記事は特定の書籍ないしは出版社、著者、その他を批判するためのものではないこと、あらかじめご了承ください。 (強いて言うなら、こういった書き方をするPythonistaを全般的に批判しているかもしれません) None比較を==でするな 特定のオブジェクトがNone(多言語であればnull)であるかどうかを検証するときの話です。 a == Noneと書いているようであれば、それはa is Noneに書き直したほうが良いかもしれません。 なぜ? Pythonにおいて、Noneはシングルトンです。 つまり、Noneというオブジェクトはランタイム全体で共有され、同じメモリアドレ
今回はStarFive Technology製のRISC-Vシングルボードコンピューター(SBC)であるVisionFive 2にDebianをインストールして、その性能を計測してみましょう。 RISC-VとVisionFive 2 RISC-V(りすく・ふぁいぶ)は今もっとも熱い命令セットアーキテクチャーです。2010年頃に生まれたRISC-Vは、オープンな規格という強みを活かしてどんどんエコシステムを構築し、今では様々な企業がRISC-Vに本格的に手を出す状況になっています。AMD64/Intel 64やARMには性能も普及度合いもまだまだ及びませんが、今の勢いを維持できれば近い将来その状況は変わってくるでしょう。 本連載でも2018年ぐらいから、RISC-Vの記事を何度か取り上げていました。 第505回:「オープン規格の新しい命令セットアーキテクチャRISC-V入門 ツールチェインを
Happy New Year everyone! In late December 2023 (Christmas Day to be precise), CPython core developer Brandt Bucher submitted a little pull-request to the Python 3.13 branch adding a JIT compiler. This change, once accepted would be one of the biggest changes to the CPython Interpreter since the Specializing Adaptive Interpreter added in Python 3.11 (which was also from Brandt along with Mark Shann
Go is still not good
Previous posts Why Go is not my favourite language and Go programs are not portable have me critiquing Go for over a decade. These things about Go are bugging me more and more. Mostly because they’re so unnecessary. The world knew better, and yet Go was created the way it was. For readers of previous posts you’ll find some things repeated here. Sorry about that. Error variable scope is forced to b
Memory Allocation
One thing that all programs on your computer have in common is a need for memory. Programs need to be loaded from your hard drive into memory before they can be run. While running, the majority of what programs do is load values from memory, do some computation on them, and then store the result back in memory. In this post I'm going to introduce you to the basics of memory allocation. Allocators
Today we’re excited to announce the release of TypeScript 5.2! If you’re not familiar with TypeScript, it’s a language that builds on top of JavaScript by making it possible to declare and describe types. Writing types in our code allows us to explain intent and have other tools check our code to catch mistakes like typos, issues with null and undefined, and more. Types also power TypeScript’s edi
Gamedev in Lisp. Part 1: ECS and Metalinguistic Abstraction - cl-fast-ecs by Andrew
Gamedev in Lisp. Part 1: ECS and Metalinguistic Abstraction In this series of tutorials, we will delve into creating simple 2D games in Common Lisp. The result of the first part will be a development environment setup and a basic simulation displaying a 2D scene with a large number of physical objects. It is assumed that the reader is familiar with some high-level programming language, has a gener
Node.js
Notable changes built-in .env file support Starting from Node.js v20.6.0, Node.js supports .env files for configuring environment variables. Your configuration file should follow the INI file format, with each line containing a key-value pair for an environment variable. To initialize your Node.js application with predefined configurations, use the following CLI command: node --env-file=config.env
Perl 5.32の連鎖比較(Chained comparisons)はどの様に実装されているのか - Acme::AnaTofuZ->new;
この記事はPerl Advent Calendar 2020と琉大 Advent Calendar 2020の11日目の記事です。 PerlはPerl5になって長いですが、現在の最新の安定版のバージョンは5.32です。 Perl5.32で取り入れられた(厳密には5.31からですが)のおもしろ機能として連鎖比較(Chained comparisons)が存在します。 今までPerlで数値などが特定の範囲に含まれているかどうかをif文で判定するには次の様に書く必要がありました。 if (10 < $n && $n <= 20) これがこう書ける様になります!!! if ( 10 < $n <= 20 ) {...} 便利!!!!!!!!!!!!!!!!!!!!!!!! ...........というわけで、この便利な連鎖比較がどの様に実装されているかを探検してみます。 言語処理系の実装 さて今か
Weird Lexical Syntax
I just learned 42 programming languages this month to build a new syntax highlighter for llamafile. I feel like I'm up to my eyeballs in programming languages right now. Now that it's halloween, I thought I'd share some of the spookiest most surprising syntax I've seen. The languages I decided to support are Ada, Assembly, BASIC, C, C#, C++, COBOL, CSS, D, FORTH, FORTRAN, Go, Haskell, HTML, Java,
When people say “debuggers are useless and using logging and unit-tests is much better,” I suspect many of them think that debuggers can only put breakpoints on certain lines, step-step-step through the code, and check variable values. While any reasonable debugger can indeed do all of that, it’s only the tip of the iceberg. Think about it; we could already step through the code 40 years ago, sure
Parsing SQL - Strumenta
The code for this tutorial is on GitHub: parsing-sql SQL is a language to handle data in a relational database. If you worked with data you have probably worked with SQL. In this article we will talk about parsing SQL. It is in the same league of HTML: maybe you never learned it formally but you kind of know how to use it. That is great because if you know SQL, you know how to handle data. However
Note: I received a lot of great feedback from the discussions at Mastodon and Hacker News, so I've updated the post with some improvements to the font! I've also added some further examples and acknowledgements at the end. Syntax Highlighting in Hand-Coded Websites The problem I have been trying to identify practical reasons why hand-coding websites with HTML and CSS is so hard (by hand-coding, I
The Ultimate Interactive JQ Guide Learn how to search, query, and modify JSON data with 25 interactive jq examples and explanations Cover Photo by Pixabay Has this ever happened to you? You’ve just received a massive JSON file that looks like it was designed to confuse you. Or maybe you entered a command, and you got so much JSON that it looks incomprehensible. Important: Level up your jq skills w
Over the course of my Spring 2020 semester at Harvey Mudd College, I developed a self-hosting compiler entirely from scratch. This article walks through many interesting parts of the project. It’s laid out so you can just read from beginning to end, but if you’re more interested in a particular topic, feel free to jump there. Or, take a look at the project on GitHub. Table of contents What the pro
2025-05-06, Version 24.0.0 (Current), @RafaelGSS and @juanarbol We’re excited to announce the release of Node.js 24! This release brings several significant updates, including the upgrade of the V8 JavaScript engine to version 13.6 and npm to version 11. Starting with Node.js 24, support for MSVC has been removed, and ClangCL is now required to compile Node.js on Windows. The AsyncLocalStorage API
Wasm core dumps and debugging Rust in Cloudflare Workers
Wasm core dumps and debugging Rust in Cloudflare Workers2023-08-14 A clear sign of maturing for any new programming language or environment is how easy and efficient debugging them is. Programming, like any other complex task, involves various challenges and potential pitfalls. Logic errors, off-by-ones, null pointer dereferences, and memory leaks are some examples of things that can make software
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation | Datadog Security Labs
emerging threats and vulnerabilities The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation November 1, 2022 emerging vulnerability On November 1, 2022, the OpenSSL Project released a security advisory detailing a high-severity vulnerability in the OpenSSL library. Deployments of OpenSSL from 3.0.0 to 3.0.6 (included) are vulnerable and are fixed in
Tier 4 Support § Support for these targets is entirely experimental. If this target is provided by LLVM, LLVM may have the target as an experimental target, which means that you need to use Zig-provided binaries for the target to be available, or build LLVM from source with special configure flags. zig targets will display the target if it is available. This target may be considered deprecated by
Update 1.78.1: The update addresses this security issue. Update 1.78.2: The update addresses these issues. Downloads: Windows: x64 Arm64 | Mac: Universal Intel silicon | Linux: deb rpm tarball Arm snap Welcome to the April 2023 release of Visual Studio Code. There are many updates in this version that we hope you'll like, some of the key highlights include: Accessibility improvements - Better scre
Beyond the 70%: Maximizing the human 30% of AI-assisted coding
This is a follow-up to my article “The 70% problem: Hard truths about AI-assisted coding” AI coding assistants like Cursor, Cline, Copilot and WindSurf have transformed how software is built, shouldering much of the grunt work and boilerplate. Yet, as experienced developers and industry leaders note, there remains a crucial portion of software engineering that AI does not handle well – roughly tha
Zig in 30 minutes
test.md A half-hour to learn Zig This is inspired by https://fasterthanli.me/blog/2020/a-half-hour-to-learn-rust/ Basics the command zig run my_code.zig will compile and immediately run your Zig program. Each of these cells contains a zig program that you can try to run (some of them contain compile-time errors that you can comment out to play with) You'll want to declare a main() function to get
I want to write a post about Pitchfork, explaining where it comes from, why it is like it is, and how I see its future. But before I can get to that, I think I need to share my mental model on a few things, in this case, Ruby’s GVL. For quite a long time, it has been said that Rails applications are mostly IO-bound, hence Ruby’s GVL isn’t that big of a deal and that has influenced the design of so
The Go Programming Language and Environment – Communications of the ACM
Go is a programming language created at Google in late 2007 and released as open source in November 2009. Since then, it has operated as a public project, with contributions from thousands of individuals and dozens of companies. Go has become a popular language for building cloud infrastructure: Docker, a Linux container manager, and Kubernetes, a container deployment system, are core cloud techno
My thoughts on writing a Minecraft server from scratch (in Bash) For the past year or so, I've been thinking about writing a Minecraft server in Bash as a thought excercise. I once tried that before with the Classic protocol (the one from 2009), but I quickly realized there wasn't really a way to properly parse binary data in bash. Take the following code sample: function a() { read -n 2 uwu echo
Tier 4 Support § Support for these targets is entirely experimental. If this target is provided by LLVM, LLVM may have the target as an experimental target, which means that you need to use Zig-provided binaries for the target to be available, or build LLVM from source with special configure flags. zig targets will display the target if it is available. This target may be considered deprecated by
Python behind the scenes #13: the GIL and its effects on Python multithreading
As you probably know, the GIL stands for the Global Interpreter Lock, and its job is to make the CPython interpreter thread-safe. The GIL allows only one OS thread to execute Python bytecode at any given time, and the consequence of this is that it's not possible to speed up CPU-intensive Python code by distributing the work among multiple threads. This is, however, not the only negative effect of
Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s directly involved in the CUPS project said: From a generic security point of view, a whole Linux system as it is nowadays is just an endless and hopeless mess of security holes waiting to be exploited
Explicit Resource Management: Exploring JavaScript's and TypeScript's new feature | iliazeus
One of my favorite new features of JavaScript and TypeScript is explicit resource management. It brings new syntax, using foobar = ..., that enables RAII, reducing boilerplate when managing the lifecycle of various resources. In this article, I will explore this feature as implemented in TypeScript 5.2.0 with the disposablestack polyfill. I will mention both sync and async resources, DisposableSta
No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders Executive Summary In April 2016, Microsoft shocked the PC world when it announced the Windows Subsystem for Linux (WSL). WSL is a supplemental feature that runs a Linux image in a near-native environment on Windows, allowing for functionality like command line tools from Linux without the over-he
Introduction Some part of me has always been fascinated with coercing code to run in weird places. I scratch this itch a lot with my security research projects. These often lead me to writing shellcode to run in kernels or embedded hardware, sometimes with the only way being through an existing bug. For those not familiar, shellcode is honestly hard to describe. I don’t know if there’s a very form
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Command Line Interface Guidelines
Express と handlebars で動き続ける日経 — HACK The Nikkei
The Prompt Engineering Playbook for Programmers
第850回 UbuntuにおけるシステムPythonと、Pythonの仮想環境を使い分ける方法 | gihyo.jp
Amazon Linux 2023がGAされました | DevelopersIO
Writing a C compiler in 500 lines of Python
第752回 RISC-VのシングルボードコンピューターであるVisionFive 2を使ってみる | gihyo.jp
Python 3.13 gets a JIT
Announcing TypeScript 5.2 - TypeScript
What a good debugger can do 🔮
Font with Built-In Syntax Highlighting
The Ultimate Interactive JQ Guide
Kalyn: a self-hosting compiler for x86-64
Node.js — Node.js v24.0.0 (Current)
0.8.0 Release Notes ⚡ The Zig Programming Language
April 2023 (version 1.78)
So You Want To Remove The GVL?
My thoughts on writing a Minecraft server from scratch (in Bash)
0.10.0 Release Notes ⚡ The Zig Programming Language
Attacking UNIX Systems via CUPS, Part I
Linux Executables Deployed as Stealth Windows Loaders
Rust on MIPS64 Windows NT 4.0