cron.weekly issue #121: yarn, DNS, TLS, JC, Bash, find & more

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, February 16, 2020

Follow me on Twitter as @mattiasgeniar

Hi everyone! ๐Ÿ‘‹

Welcome to cron.weekly issue #121.

This week’s issue is nice and varied, with a lot of interesting links on the history of popular tools (like git, Let’s Encrypt and SpellCheck). There are plenty of new projects and more guides/tutorials than usual. Keep those coming, I love them!

I also wanted to ask a favor: this newsletter has no tracking. No open- or click tracking whatsoever. It’s as pure of an e-mail newsletter as I could make it.

But … I’ve been working on the e-mail & backend setup for the last few weeks and want to make sure I didn’t accidentally damage my deliverability. So next week, I’m including an open tracker in the newsletter. This will be in the usual form of a hidden image. It’s a one-time thing and I don’t track individual URL clicks.

I’d appreciate it if you could load the images for next weeks’ issue so I can have a good look at the delivery rates of this newsletter.

Thanks in advance and happy reading! โ˜•๏ธ

News & general ๐Ÿ—ž

Why Red Hat is investing in CRI-O and Podman

This post gives insights into what Red Hat finds important on the CRI-O and Podman projects. If you’re heavily invested in container technologies, I’d keep a close eye on both of these.

IANA forced to postpone crucial DNSSEC root key signing ceremony

I chuckled, sorry IANA. ๐Ÿ˜… “The organization that keeps the internet running behind-the-scenes was forced to delay an important update to the global network - because it was locked out of one of its own safes."

Lazyload images and iframes gets merged into the HTML spec

There’s now an official standard for lazy-loading images on the web. Firefox already has an implemention in its Nightly browser, I’m unsure of Chrome but I feel like this standard will get implemented & shipped in record time.

The history of Let’s Encrypt

This paper tells the story of Let’s Encrypt, from it’s early beginnings in 2012/13 all the way to becoming the worldโ€™s largest HTTPS Certificate Authority (CA) today - accounting for more currently valid certificates than all other browser-trusted CAs combined.

The History of Git

I enjoyed this read to get a glimpse of the why a tool like git gets created. A good example of scratch your own itch.

Internals of Google Cloud Spanner

This is a good write-up of how a tool like Spanner (Google’s geo-distributed database) gets designed. It had many iterations and it’s interesting to see each step of the way contribute to what it has become now.

EV Certificates Make The Web Slow and Unreliable

I’ve never been a fan of Extended Validation certificates myself. This post gives the technical reasons why using them can slow down TLS connections.

Lessons learned from writing ShellCheck, GitHubโ€™s now most starred Haskell project

“ShellCheck is a static analysis tool that points out common problems and pitfalls in shell scripts. As of last weekend it appears to have become GitHubโ€™s most starred Haskell repository, after a mention in MIT SIPBโ€™s Writing Safe Shell Scripts guide."

The post isn’t really about Haskell but gives you a general overview of how ShellCheck (the online tool) came to be.

Tools & Projects ๐Ÿ› 

GitHub CLI

The team at Github has released an official CLI tool for interacting with your projects: list open pull requests, see issues, etc.

scandum/quadsort

You’d think that by now, sorting a list of items would be a solved problem. But even today, new and novel ways are being found to sort lists. I find it fascinating that what we take for granted (or consider “solved”) always has room for improvement.

broxy

Broxy is an open source intercept proxy written in Go. It makes use of goproxy as core proxy implementation and the interface is implemented with a Qt wrapper for Go.

cloud-hypervisor

Cloud Hypervisor is an open-source Virtual Machine Monitor (VMM) that runs on top of KVM. The project focuses on exclusively running modern, cloud workloads, on top of a limited set of hardware architectures and platforms.

sh-git

Sh-git is an implementation of Git using (almost) entirely POSIX shell.

(The project is named differently, but I fear spam filters would punish me for using it.)

pgcat

A tool for enhanced PostgreSQL logical replication.

systemd Home Directories

This is the man page for the new systemd-homed.service. Worth a read if you’re concerned about what systemd might do with the management of your home directories.

JC

jc is used to JSONify the output of many standard Linux CLI tools and file types for easier parsing in scripts. It can take a command like ls -l /usr/bin and give you a JSON representation of the output, which you could then filter with tools like jq.

Yarn 2

After exactly 365 days of very intensive development, there is now a first stable release of Yarn 2. Yarn is a new JavaScript package manager that aims to be speedy, deterministic, and secure and is a drop-in replacement for npm.

Guides & Tutorials ๐ŸŽ“

7 Open Source Cloud Security Tools You Should Know

This list includes some really nice tools for performing security audits, I think I’ve used about half myself so far. A good explanation per tool to give you a birds-eye look at what it does.

Bash Quick References

I’ll admit that most Bash scripting syntax is still something I have to Google most of the time. This site provides a handy overview of the most used Bash operators.

What does /etc/mailname do?

The plain text file /etc/mailname is used by the Mail Transfer Agent (i.e. mail server) to know its own hostname. This page has been created in the hope that it can be used to document which MTA does it which way (because obviously, there isn’t one standard).

How to Use the fold Command on Linux

The Linux fold command brings unruly output to heel. Read wide chunks of text, endless strings, and unformatted streams by controlling the width of the output.

Using ranges in Vim

A good in-depth explanation of what ranges are in vim (ie: for selecting/manipulating text) with a lot of background information to explain where it comes from.

jq: The JSON CLI tool

A good guide to explain how you can use the jq tool to work with json data at the CLI. It’s a very powerful tool for filtering data & matching particular patterns in json data.

Using systemd as a better cron

Another good guide on how to use systemd unit files to schedule commands instead of the cron daemon. Examples include random delays, logging, CPU & memory limits.

Find arguments are ordered (Tomas Sedovic on Twitter ๐Ÿฆ)

“I wanted to delete every file called “contents.html” so I ran: find -type f -delete -name contents.html. It worked! But it also deleted every other file. find's args are ordered. “delete” works on every match before it, ignoring anything after. “name” should have gone first."

Be warned!

Deploy a Pod on CentOS with Podman

Some practical tips on how to use podman to run your containers.

Faster rsync of huge directory which was not changed

Some really good tips on this StackOverflow answer on where to start looking if your rsync's are running slow.

Tuning dynamic php-fpm settings

This guide offers advice on how to pick the right amount of worker processes in your php-fpm configuration, together with a handy calculator & config generator at the very bottom.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.