Archive for the ‘software’ Category
While I wait for GitHub to get their act together on my Dependabot Wishlist I’ve created a little script for my first frustration – rollups. Another morning, another patch release of Dart, another 4 Dependabot PRs in my inbox: Only this time I was able to simply run: and the subsequent 3 PRs were rolled […]
Filed under: howto, software | Leave a Comment
Tags: bash, Dependabot, dependencies, dependency management, gh, git, github, PR, PRs, rollup, script
Dependabot Wishlist
GitHub is at the heart of how I do work, and Dependabot is one of the core tools. Even before we started using OpenSSF Scorecards, which pushed us to pin dependencies, Dependabot was something we used a lot to ensure that things were up to date. But, Dependabot isn’t perfect, and looking at the discussion […]
Filed under: could_do_better, software | Leave a Comment
Tags: Dependabot, dependencies, dependency management, github, rollup, wishlist
TL;DR OSSF Scorecards provide a visible badge that lets people see that an open source repo is adhering to a set of practices that minimise risks, measured by a set of automated checks. Getting this right for a single repo can be an involved process, but with that experience in hand applying the learning to […]
Filed under: security, software | Leave a Comment
Tags: Allstar, CI, github, OSSF, scorecard, security
The GraphQL Way
TL;DR From a short time using GraphQL APIs I sense that there’s a ‘GraphQL Way’ for how things should be. A set of promises that the technology makes to its users. But those promises are frequently being broken, or at least undermined, as people rush to create GraphQL end points without perhaps investing enough time […]
Filed under: software, technology | Leave a Comment
Tags: API, documentation, examples, filtering, GraphQL, samples, self describing
The @ Company uses a lot of SSL certificates, and we’ve been using ZeroSSL and its Certbot wrapper zerossl-bot to automate how we manage certs. But we wanted more control over the process, which has driven us towards the ZeroSSL API. Sadly the docs don’t provide usage examples, which has made it quite a journey […]
Filed under: howto, software | 2 Comments
Tags: API, automation, bash, certificate, curl, Digital Ocean, jq, json, python, script, SSL, ZeroSSL
TL;DR Best practice gets encoded into industry leading software (and that happens more quickly with SaaS applications). So if you’re not using the latest software, or if you’re customising it, then you’re almost certainly divergent from best practices, which slows things down, makes it harder to hire and train people, and creates technology debt. Background […]
Filed under: cloud, software | Leave a Comment
Tags: best practice, Kubernetes, processes, saas
Further thoughts on TornadoVM
TornadoVM was definitely the coolest thing I learned about at QCon London last week, which is why I wrote up the presentation on InfoQ. It seems that people on the Orange web site are also interested in the intersection of Java, GPUs and FPGA, as the piece was #1 there last night as I went […]
Filed under: software | Leave a Comment
Tags: compiler, FPGA, Go, golang, GPU, java, JIT, TornadoVM, VM
Marginal cost of making mistakes
In a note to my last post ‘Safety first‘ I promised more on this topic, so here goes… TL;DR As software learns from manufacturing by adopting the practices we’ve called DevOps we’ve got better at catching mistakes earlier and more often in our ‘production lines’ to reduce their cost; but what if the whole point […]
Filed under: code, culture, software | Leave a Comment
Tags: architecture, cost, design, DevOps, economics, mistakes, risk
The compiler will not save you
…at least not in an embedded environment. There’s a commonly held myth in modern software development that compilers are smarter than people at optimising code for its eventual runtime environment. By extension there’s no point in writing efficient code, because your idea of efficient code might not actually be all that efficient, and any time […]
Filed under: code, software | 2 Comments
Tags: binary, c, compiler, microcontroller, msp430, optimisation, size