cron.weekly issue #154: Ubuntu, HTTP/3, bat, git & more


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.
Image of Mattias Geniar

Mattias Geniar, October 25, 2020

Follow me on Twitter as @mattiasgeniar

Hi everyone! 👋

Welcome to cron.weekly issue #154.

Any typos will be blamed on the cat, who insisted he co-write this issue.

Happy ☕️ time & enjoy!

News & general 🗞

The story behind Markdown

This is a fun historic read on Markdown. I write it daily (and it’s the basis for this newsletter), it was interesting to read it dates back to even comics in the early 1900s.

Don’t Copy Paste Into A Shell

A good demo on what can go wrong if you copy/paste commands from the web. JavaScript has an API that allows it to overwrite/modify what is in your clipboard-buffer, so you might paste something entirely unexpected.

An alternative exploit is one where some part of the command is hidden using CSS, but is still copied when you select it.

1Password for Linux beta is now open

No more using wine, a native 1 Password client for Linux is almost here!

Facebook rolling out HTTP/3

A very detailed write-up of how Facebook is rolling out QUIC-HTTP/3 to all its users, describing the benefits & hurdles it encountered every step of the way.

The chicken/egg challenge of HTTP/3 (servers vs. clients) is slowly resolving itself, with Chrome enabling HTTP/3 by default and major internet platforms adding support as well.

The era of HTTP/3 is here!

XFS File-System With Linux 5.10 Punts Year 2038 Problem To The Year 2486

First, the “Year 2038” problem everyone should be aware of:

Storing the time since 1970 in seconds will no longer fit in a signed 32-bit integer and thus wraparound

XFS has added some improvements that make it possible to store the seconds in a 64-bit integer instead, only causing a problem in 2486.

Tools & Projects 🛠

Ubuntu 20.10 - Groovy Gorilla

The latest 20.10 release of Ubuntu is available. Based on the 5.8 kernel, it’s quite an upgrade from the 20.04 LTS’s 5.4 kernel.

Smallstep - Single Sign On SSH. Zero key mgmt

Smallstep SSH delivers an end-to-end workflow that marries modern identity providers with short-lived SSH certificates. Eliminate TOFU warnings and drop complex key approval & distribution processes. Extend single sign-on to SSH and make SSH keys ephemeral.

Give it a try, it’s free. Sponsored

multiplex

View output of multiple processes, in parallel, in the console, with an interactive TUI - built on Python. Think of it as a lightweight Tmux.

OpenBSD 6.8

OpenBSD 6.8 has been released. I’m too unfamiliar with OpenBSD to interpret the list of changes, but I do love that every 6 months the release is accompanied by a matching song.

Investigate PostgreSQL issues quickly with custom dashboards

Create custom dashboards for PostgreSQL and 400+ other technologies with Datadog’s unified monitoring platform. With drag-and-drop customization features, it only takes minutes to start monitoring PostgreSQL data and correlating it with metrics from the rest of your stack.

Start a free trial today, build one dashboard, and Datadog will send you a free t-shirt! Sponsored

Git 2.29

While it’s only a minor release for git, it does include an important (experimental) feature: SHA-256 support.

bat

bat is like cat on steroids: it supports syntax highlighting for a large number of programming and markup languages.

crowdsec

A modern alternative to fail2ban, written in Go. Crowdsec is an open-source and lightweight software that allows you to detect peers with malevolent behaviors and block them from accessing your systems at various level (infrastructural, system, applicative). To achieve this, crowdsec reads logs from different sources (files, streams, …).

Guides & Tutorials 🎓

Google’s QUIC-HTTP/3 protocol: moving the web from TCP to UDP

This is an older post if mine from 2016, which describes the key differences of HTTP/3 vs. its older versions. It’ll give you a good understanding of why HTTP/3 is needed and what it means to move from the TCP to the UDP transport layer.

The Long Road to HTTP/3

Another look at the history of HTTP/3 and its road from HTTP/1.0 and onwards.

Getting started with MongoDB: what I’ve learned

An engineer’s take on what it means to get to grips with the key concepts of MongoDB, when switching from a relational database environment.

It only occurred to me in this post, that if you’ve only ever learned the basics of SQL - without using joins or foreign keys - you probably wouldn’t notice the difference between relational databases and key/value stores like MongoDB. It’s just a dumber version of relational databases, and by doing so it can achieve greater throughput, easier sharding, etc.

Using Face ID and Touch ID to authenticate on the Web

This post contains lots of details & code examples for web developers on how to use Touch ID & Face ID to authenticate users on the web. If you’re serving primarily iOS users, this could be a very cool addition to your login flow.

Can you parse HTML with regex?

This post answers the age-old question (in a funny way): is it possible to parse HTML using regular expressions?

git diff –color-moved 🐦

After 13 years of git I just now discovered git diff --color-moved — It detects and displays chunks that have moved, which is pretty common, in my experience. I find it really useful to be able to separate what has changed from what just moved around when reviewing some code.

@rsms

So you want to build an embedded Linux system?

I’m filing this on the “I’ll get to it once I retire”-pile. Super detailed, but does anyone really have the time to deep-dive into this? 😅

Jobs 📇

Reliability Engineer at ECMWF

You will be joining a team that is responsible for ensuring that ECMWF and community-developed applications operate reliably and with good performance on our infrastructure. This will involve engaging with, advising, steering and supporting all functions involved in the lifecycle of application deployment and hosting. Your tech stack will include Ansible & Puppet and you’ll work cloud-native.

Location: Reading, Berkshire, UK

💡 Interested in listing your job here? Get in touch!



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.