cron.weekly issue #145: crush, openage, cortex, bash & more

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, August 16, 2020

Follow me on Twitter as @mattiasgeniar

Hi everyone! 👋

Welcome to cron.weekly issue #145.

This is a slightly shorter one, unless I missed it most news was dominated by Mozilla’s announcements this week. More on that below.

Grab a ☕️ and enjoy the read!

News & general 🗞

On Mozilla & Firefox

Mozilla announced earlier this week it’s going to let go of 250 of its employees in a move to stay profitable afloat.

While it’s hard to find exact and correct numbers, it looks like most of the MDN team has been laid of, as well as areas of their testing & (some of) the security teams.

My largest concern right now is with MDN though. If you’ve ever done web development and looked up a CSS property, a browser-compatibility table, the details of a JavaScript function, chances are you’ve ended up on the Mozilla Developer docs. I hope they pull through.

There’s lots of support being shown to Mozillians if you happen to be on the lookout for talent.

Open Sourcing the Have I Been Pwned Code Base

The Have I Been Pwned codebase is going to get open-sourced, soon. This post goes into the thought-process and is an interesting read to see what goes on in turning a closed-source app into an open-source one.

Tools & Projects 🛠

pomerium

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in.

Barebackups: Super-simple Database Backups

I’m an indie hacker launching Barebackups out of my own need. It is a service to automatically backup your databases on a schedule. You can also bring your own S3 account for unlimited backup storage and fully control your data.

Try it today and save yourself the time and hassle of worrying about backups. Sponsored

openage

Free open-source clone of the Age of Empires II engine.

git-delete-merged-branches

A convenient command-line tool helping you keep repositories clean.

cortex

Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus.

Oh Dear, a better uptime monitor

For the last 3 years, Freek & Mattias - me, the one writing this newsletter - have been building what we feel is a better uptime monitor for websites. We do multi-location uptime & performance monitoring, SSL/TLS/X.509 certificate checking, we crawl your site to find broken links & mixed content and we’re soon launching cron job monitoring as well.

Give it a try, there’s 10-day free trial. No strings attached. If you do sign up, use coupon code CRON-WEEKLY-READERS-ARE-AWESOME for a €10 credit. Sponsored

pysa

Pysa, is an open-source static analysis tool built to detect and prevent security and privacy issues in Python code.

crush

Crush is an attempt to make a traditional command-line shell that is also a modern programming language. It has the features one would expect from a modern programming language like a type system, closures and lexical scoping, but with a syntax geared toward both batch and interactive shell usage.

Guides & Tutorials 🎓

Stopping phishing campaigns with bash

A good challenge for anyone that gets a phishing link sent to them: generate random data, submit a few million form requests and overload their data collection efforts. 😄

File handling in Unix: tips, traps and outright badness

Lots of details on how the kernel handles file writes in its syscalls, all the tricky bits that go on behind the scenes and some spectacular ways it can fail that you need to be aware of.

Pros and cons of dynamic linking versus static linking

A well-thought thesis on dynamic vs. static linked libraries, clearly outlining the pros and cons of each approach.

This train of thought also applies to things like PHP & composer: when do you decide to package things up in an independent package vs. keep the logic in your own application? The static vs. dynamic linking in Linux is the equivalent of PHP/Ruby/Perl’s monorepo vs. package-ecosystem. It’s all about trade offs.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.