duncan­lock­.net

It’s too easy to overlook the countless hours of dedication poured into the open source software that powers our digital lives. I want to take a moment to express my appreciation and admiration for one of the many unsung heroes of my digital world, who’s software I use all the time.

David Peter / sharkdp

GitHub Profile

Avatar
GitHub Profile

These are the projects of theirs that I love & use the most:

bat

A cat(1) clone with wings.

Bat is a cat clone with syntax highlighting for loads of languages, Git integration - and it’s written in Rust, so it works on Linux/Windows/MacOS. It’s completely replaced cat for me:

alias cat="bat"

fd

A simple, fast and user-friendly alternative to ‘find …

Continue reading “Thanks, David Peter (sharkdp)!”

How to use an existing instance of a browser to debug in VSCode - instead of always launching a new one, or use debug in Brave.


Open source developers are often the unsung heroes of the technology world, creating & maintaining the software that powers our digital lives. Sadly, their contributions often go unnoticed, but without their dedication and expertise, much of the software & digital infrastructure what we take for granted today wouldn’t exist.

I want to recognize the brilliant work of one developer and express my gratitude to them for making the world a better place through open source.

Zachary Yedidia / zyedidia

GitHub Profile

Avatar
GitHub Profile

These are the projects of theirs that I love & use the most:

eget

Easily install prebuilt binaries from GitHub.

Most of the software on my machine comes from the systems package manager, and is automatically kept up to date. The problems with this, is that …

Continue reading “Thanks, Zachary Yedidia (zyedidia)!”

How to use git hashes - or other environment variables in Vite & Vue 3


Open source developers are often the unsung heroes of the technology world, creating & maintaining the software that powers our digital lives. Sadly, their contributions often go unnoticed, but without their dedication and expertise, much of the software & digital infrastructure what we take for granted today wouldn’t exist.

I want to recognize the awesome work of one developer and express my gratitude to them for making the world a better place through open source.

Andrew Gallant / burntsushi

GitHub Profile

I love to code.

Avatar
GitHub Profile

These are the projects of theirs that I love & use the most:

ripgrep

ripgrep recursively searches directories for a regex pattern while respecting your gitignore

Ripgrep is a superfast replacement for grep, ag, ack etc…​ It’s not just way faster than all …

Continue reading “Thanks, Andrew Gallant (burntsushi)!”

How apy keys work, what .source files are and how to fix Key is stored in legacy trusted.gpg keyring Warnings


I run a Miniflux instance on my desktop computer, which fetches all my feeds and makes the content available locally.

Inspired by a discussion the other day on HackerNews, I wrote a little script that asks Miniflux for a list of my feeds in OPML format and turns it into an AsciiDoc page, which I publish on here, as my BlogRoll & Links page:

import os
import sys
import urllib.request
import xml.etree.ElementTree as ET
from datetime import datetime

key = os.environ["MINIFLUX_API_KEY"]

if not key:
    print("$MINIFLUX_API_KEY not set.")
    sys.exit(-1)

url = "http://miniflux.home/v1/export"
hdr = {"X-Auth-Token": key}
request = urllib.request.Request(url, headers=hdr)
opml = ET.fromstring(urllib.request.urlopen(request).read())

header = f"""
:title: Blogroll & Links
:slug: blogroll-links
:created: 2022-11-15 13:23:54-08:00
:date: {datetime.now().astimezone().replace …
Continue reading “Automatically Publishing a Blogroll from an OPML File”

Music great, lighting great, encore fantastic. Loads of audience participation, singing and dancing throughout. Fun!

I don’t particularly like the Commodore Ballroom, as a venue. It’s OK, but it’s a bit of an echoey box. The sound for Loviet, the warm-up band, was a bit echoey and too loud, lyrics indistinct.

They pulled it together though and the sound for Morcheeba was great. I was about four people from the front, great view & atmosphere - although I seemed to be in the unofficial tall guys section for some of the gig.

The band seemed to be having a good time - just like the audience. They were all excellent, from Skye Edwards huge stage presence and amazing voice, to Ross Godfrey’s great guitar work. It was lots of fun, music was great, lighting was great, encore was fantastic …

Continue reading “Review: Morcheeba Blackest Blue Tour, Vancouver 2022”

Just experienced the incredible, joyous, wonderful Florence + the Machine in Vancouver. Amazing. I’m officially part of Miss Haversham’s cult now!

I’ve been a fan for ages; their music just really lifts me up. This is the first time I’ve seen them live, and they really blew me away - what a great show!

This was their first tour post-covid, so included some emotional tales about how the pandemic affected people who’s vocation - and living - comes from performing live music.

Learnings

Things I learned from this gig:

  • Rogers Arena is a pretty good venue, especially if you’re on the floor, near the front.
  • Make a playlist after each gig with the setlist, so that you can relive the gig. I’ve been making these on YouTube Music, usually with the setlist from https://www.setlist.fm …
Continue reading “Review: Florence + the Machine Gig, Vancouver 2022”

In this When Will We Learn post, Drew DeVault talks about supply chain attacks against language package managers (npm, PyPI, cargo, etc…​) - and compares them to official Linux distribution repositories (deb, rpm, etc…​).

The conclusion drawn was:

The correct way to ship packages is with your distribution’s package manager. These have a separate review step, completely side-stepping typo-squatting, establishing a long-term relationship of trust between the vendor and the distribution packagers, and providing a dispassionate third-party to act as an intermediary between users and vendors. Furthermore, they offer stable distributions which can be relied upon for an extended period of time, provide cohesive whole-system integration testing, and unified patch distribution and CVE notifications for your entire system.

I think I agree with this, essentially. We do need to change the way we do …

Continue reading “Supply Chain Attacks & Package Managers - a Solution?”