Thomas DePierre joins Open Source Security to discuss the central idea from his blog post, “You are all on the hobbyist maintainers turf now,” exploring the massive disconnect between the corporate world that consumes open source and the hobbyist community that actually produces it. The conversation reveals this isn’t a new problem, but a long-standing reality whose consequences for security, stability, and the future of software we are only now beginning to truly confront.| Open Source Security
By Johanness Alarik Nilsson [returning after his triumphant debut] – Wednesday July 16 03:35:35 PM UTC 2025 “The difference between screwing around and science is writing it down.” — Ad…| Terraform Industries Blog
In the classic 1986 essay, No Silver Bullet, Fred Brooks argued that there is, in some sense, not that much that can be done to improve programmer productivity. His line of reasoning is that programming tasks contain a core of essential/conceptual1 complexity that's fundamentally not amenable to attack by any potential advances in technology (such as languages or tooling). He then uses an Ahmdahl's law argument, saying that because 1/X of complexity is essential, it's impossible to ever get m...| danluu.com
Howdy everyone! It's been a while since my last blog post since I have been busy dealing with the volatile equity markets due to the reciprocal tariff war l...| *ฅ^•ﻌ•^ฅ* ✨✨ HWisnu's blog ✨✨ о ฅ^•ﻌ•^ฅ
Imagine entering the biggest library in the world. You peer down an incredibly long aisle with wooden bookshelves brimming with books. You can see multiple such corridors, all lit with a comfortable warm light. There’s a rich smell of old paper. You can hear some muted voices, perhaps arguing in a whisper. It’s perfect, but vast and difficult to make sense of. Just this day, it doesn’t feel like such a terrible ordeal to just wander for a while, see where your legs take you. Maybe you...| Robin's blog
While source code is critical for user autonomy, it isn’t required to evaluate software security or understand run-time behavior. One of the biggest parts of the Free and Open Source Software definitions is the freedom to study a program and modify it; in other words, access to editable source code. I agree that such access is essential; however, far too many people support source availability for the wrong reasons. One such reason is that source code is necessary to have any degree of tran...| privsec.dev
I see people make the same mistakes over and over again when learning Rust. Here are my thoughts (ordered by importance) on how you can ease the learning process. My goal is to help you save time and frustration. <…| Corrode Rust Consulting
Over the past few years, it seems like the rate at which new CLI tools are being written has picked back up again, accelerating after seeing relatively little activity between ~1995 and ~2015. I’d like to talk about this trend I’ve noticed, where people are rewriting and rethinking staples of the command line interface, why I think this trend might be happening, and why I think this trend is a good thing.| Mildly interesting
If you grew up in the PC scene during the 1980s or early 1990s, you know how painful it was to get hardware to work. And if you did not witness that (lucky you) here is how it went: every piece of hardware in your PC—say a sound card or a network card—had physical switches or jumpers in it. These switches configured the card’s I/O address space, interrupts, and DMA ports, and you had to be careful to select values that did not overlap with other cards. But that wasn’t all. Once you ha...| Julio Merino (jmmv.dev)
Rust has a lot to like. Protobuf has a lot to hate. Can we make Protobuf better by replacing it with Rust? What follows is part of a long tradition of replacing things with Rust [1][2][3][4][5][6]. Protobuf is a language that describes an interface. An| creston.blog
As GreyNoise researcher, you always have things to write detection rules for. Some of them aren’t always exciting, but they become more interesting as you dive deeper.| GreyNoise Labs
By Matt Schwager and Travis Peters We are publishing another set of custom Semgrep rules, bringing our total number of public rules to 115. This blog post will briefly cover the new rules, then exp…| Trail of Bits Blog
rga is a line-oriented search tool that allows you to look for a regex in a multitude of file types. rga wraps the awesome ripgrep and enables it to search in pdf, docx, sqlite, jpg, zip, tar.*, movie subtitles (mkv, mp4), etc. ExamplesPDFs Say you have a large folder of papers or lecture slides,| phiresky.github.io
NixOS modules are great; and it’s one of the superpowers of NixOS. They’re so great, there was a working group to look into how to apply the concept to Nixpkgs itself. For those uninitiated, there are plenty of guides online describing it’s value and purpose such as this one or on nix.dev. My largest complaint thus far with it was that it’s hard to go backwards. ⏪ “Who and what defined a particular option?” 🕵️| Farid Zakaria’s Blog
Slow Rust Builds? Here are some tips to speed up your compile times. This list was originally released on my private blog, but I decided to update it for 2024 and move it here. Tabl…| Corrode Rust Consulting
Closing the MacBook lid with an external monitor connected can turn off and disable the internal display. Let's figure out how macOS does that and bypass the lid sensors.| alinpanaitiu.com
By default ripgrep uses Rust’s regex crate for parsing regular expressions which does not support look-ahead or look-behind assertions. — can be read in 1 minute| til.codeinthehole.com
grep is a powerful tool for searching code from the terminal. This post will show you how to use grep and why it's an essential developer tool.| MDN Web Docs
After working through “the book” on the Rust programming language and getting started with the first non-trivial, real-world application I found myself faced with a question I didn’t yet feel well-equipped to handle: “How should you structure error handling in a mature rust application?”| nick.groenen.me
Storytelling is part of the human essence. Stories have let humans survive until today, they became the medium to move information between individuals. Programming can be considered another form of …| ricardoanderegg.com
ZSH is a powerful shell, and there's just oodles of ways to configure it. In this post, I've collected a number of tricks that make my life easier, and are simple to implement.| thenybble.de
Using ripgrep, perl, sd and GNU sed commands to perform multiline fixed string search and replace operations from the command line| learnbyexample.github.io
I set out to understand which website platforms are the best (and the worst), what drives really fast websites, the state of small business SEO, and how well this stuff correlates with Google...| Fresh Chalk
As part of my PhD I do computational modeling of quantum-biological systems. One of my simulations was misbehaving and in certain cases could take 8 hours to complete. That's really bad when you're trying to iterate quickly. This post describes how I made a series of optimizations to reduce the runtime by 250x via profiler driven algorithmic improvements, rewriting the core in Rust, and making use of parallelism.| Tinkering
An opinionated list of useful and well-rounded VIM plugins as of 2023. Linting, commenting, fuzzy finding, mass editing, advanced text editing, UI enhancements, etc.| hacking C++
This is the second in my series on finding an alternative to Mac OS X. Part 1 was about evaluating 13 alternative operating systems and then choosing one to use full time. The selected OS was elementary OS. The motivation for this change is to get access to better hardware since Apple is neglecting the Mac lineup.| bitcannon.net
A few days ago, Andrew Gallant (AKA BurntSushi) released ripgrep, a search tool similar to to ag. To coincide with the initial release, Gallant wrote a blog post comparing various search tools. In i…| geoff.greer.fm
In this article, we share empirical measurements from our experiments in using Postgres to index and search over 10,000 top GitHub repositories using pg_trgm on only a Macbook.| devlog.hexops.com
A post on configuring a user account for heavy interactive HPC usage with Spack, Nix and self-hosted applications. Background I have in the past written a few posts about configuring my HPC setup. Since the Research and University Network of Iceland hf. (RHnet) recently recieved funding for a new machine, called Elja 1, I decided to jot down my notes from my setup as part of the user interaction team.| rgoswami.me
If you’ve used grep to search for text or patterns in files, you’ll love ripgrep - a command-line utility tool written in Rust. By default, ripgrep will respect gitignore rules and automatically skip hidden files/directories and binary files. ripgrep is grep on steroids. It’s super fast for searching patterns within single files and huge directories of files. In this blog, I’ll help you get started with using ripgrep and hope it’ll help you become more productive on the command-line.| Dewan's Blog
I use the draw.io desktop app to make diagrams for my website. I run it on an actual desktop, like Windows or macOS, but the asset pipeline that converts .drawio files, to ...| fasterthanli.me
Finding that one comment, class, or function in your codebase is important. You might not always know where to look... which is why we created a brand new Code Search tool! From simple queries to regular expressions it has never been easier to get work done on Replit. The new Code Search tool supports queries with word filters, regular expressions, include patterns, exclude patterns, as well as replacements (with regular expression capture group support) so that you can find what you need and...| Replit Blog
In 2011-2012 I worked on FIFA Street, followed by FIFA EURO 2012 DLC and finally FIFA 13 - all of these games were based on the same codebase, and this codebase was HUGE. Given an unknown codebase, you need a way to quickly get around it - since you don’t know the code, you resort to search-based navigation, aka grep. Using Visual Studio Ctrl+Shift+F search on a HDD on a codebase this size means that every search takes minutes. This was frustrating and as such I decided to solve this problem.| zeux.io
Many CLIs are general enough to be powerful in many situations; fzf is a good example. Fast, highly customizable, it answers many needs.| The Valuable Dev
UPDATE 2: I have made the title longer because people seem to be insisting on misunderstanding me, giving examples where the only reasonable thing to do is to escalate an Err into a panic. Indeed, such situations exist. I am not advocating for panic-free code. I am advocating that expect should be used for those functions, and if a function is particularly prone to being called like that (e.g. Mutex::lock or regex compilation), there should be a panicking version.| The Coded Message
When it comes to bug bounty hunting and finding exciting areas to explore, it is vital to familiarise yourself with the technologies vendors, and companies rely on. One particularly interesting environment that caught our eye was popular integrations used by various open-source projects, primarily as part of their development life cycle. Some continuous-integration services turned out to be extremely rewarding for us as bug bounty hunters.| edoverflow.com
