Hi everyone! 👋
Welcome to cron.weekly issue #145.
This is a slightly shorter one, unless I missed it most news was dominated by Mozilla’s announcements this week. More on that below.
Grab a ☕️ and enjoy the read!
News & general 🗞
On Mozilla & Firefox
Mozilla announced earlier this week it’s going to let go of 250 of its employees in a move to stay profitable afloat.
While it’s hard to find exact and correct numbers, it looks like most of the MDN team has been laid of, as well as areas of their testing & (some of) the security teams.
My largest concern right now is with MDN though. If you’ve ever done web development and looked up a CSS property, a browser-compatibility table, the details of a JavaScript function, chances are you’ve ended up on the Mozilla Developer docs. I hope they pull through.
There’s lots of support being shown to Mozillians if you happen to be on the lookout for talent.
Open Sourcing the Have I Been Pwned Code Base
The Have I Been Pwned codebase is going to get open-sourced, soon. This post goes into the thought-process and is an interesting read to see what goes on in turning a closed-source app into an open-source one.
Tools & Projects 🛠
pomerium
Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in.
Barebackups: Super-simple Database Backups
I’m an indie hacker launching Barebackups out of my own need. It is a service to automatically backup your databases on a schedule. You can also bring your own S3 account for unlimited backup storage and fully control your data.
Try it today and save yourself the time and hassle of worrying about backups. Sponsored
openage
Free open-source clone of the Age of Empires II engine.
git-delete-merged-branches
A convenient command-line tool helping you keep repositories clean.
cortex
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus.
Oh Dear, a better uptime monitor
For the last 3 years, Freek & Mattias - me, the one writing this newsletter - have been building what we feel is a better uptime monitor for websites. We do multi-location uptime & performance monitoring, SSL/TLS/X.509 certificate checking, we crawl your site to find broken links & mixed content and we’re soon launching cron job monitoring as well.
Give it a try, there’s 10-day free trial. No strings attached. If you do sign up, use coupon code CRON-WEEKLY-READERS-ARE-AWESOME
for a €10 credit. Sponsored
pysa
Pysa, is an open-source static analysis tool built to detect and prevent security and privacy issues in Python code.
crush
Crush is an attempt to make a traditional command-line shell that is also a modern programming language. It has the features one would expect from a modern programming language like a type system, closures and lexical scoping, but with a syntax geared toward both batch and interactive shell usage.
Guides & Tutorials 🎓
Stopping phishing campaigns with bash
A good challenge for anyone that gets a phishing link sent to them: generate random data, submit a few million form requests and overload their data collection efforts. 😄
File handling in Unix: tips, traps and outright badness
Lots of details on how the kernel handles file writes in its syscalls, all the tricky bits that go on behind the scenes and some spectacular ways it can fail that you need to be aware of.
Pros and cons of dynamic linking versus static linking
A well-thought thesis on dynamic vs. static linked libraries, clearly outlining the pros and cons of each approach.
This train of thought also applies to things like PHP & composer: when do you decide to package things up in an independent package vs. keep the logic in your own application? The static vs. dynamic linking in Linux is the equivalent of PHP/Ruby/Perl’s monorepo vs. package-ecosystem. It’s all about trade offs.