Actualizaciones - page 7

Sometimes I wish we had something like SSHFS but for executable files.

Yes, I’m aware of the ssh [hostname] [command] syntax. But, just like when you mount a remote file system using something like SSHFS or DAVFS, your local applications can interact with that remote directory without them ever noticing files are not actually in your computer (aside from the network latency), I just wish the same could be done with executable files.

You run (or another application runs) ./hello, and that gets translated into ssh foo@ /usr/bin/hello. stdin is piped to the remote server, stdout is piped from the remote server. It doesn’t matter if you are on a Mac and /usr/bin/hello is a Linux ELF binary file, because the file is actually executed on a remote server. A use case for this would be being able to run remote debuggers without having to rely on fancy IDEs that support this feature, such as debugging a remote Node.js or Python script in a server or in a Vagrant box.

I guess the people behind Plan 9 actually had their point.

Always read your PKGBUILDs →

If you don’t read the PKGBUILD file whenever you download something from the AUR repositories, you are exposing yourself to terrible security issues, as the world has recently seen.

Malware was spotted in the AUR repositories of Arch Linux last week. Someone modified the PKGBUILD of a package to add a curl call in the script file, as can be seen here (as long as they don’t purge the blob object from the repository, because they stripped out the commit from the history).

I would file this tip in the same category as “don’t just curl bash pipe stuff you find at GitHub”, but it’s getting late and I don’t have time for entering in the rabbit hole argument of where do we put the limit on trusting the software and the installers we put in our machines.

TIL: Jekyll’s incremental builds do not trigger rebuilds of pages that make use of the site.posts variable, which means that, if you have a page that lists recent posts using site.posts, and you update a post, the page won’t be regenerated. This can be fixed by adding regenerate: true to those pages that you want to always be regenerated on each incremental rebuild.

I make use of incremental builds to speed up the compilation time of my site in development mode, but I also have a lot of feed pages on my site, and it always drove me bonkers that my feed pages were not being regenerated, because apparently I didn’t see this footprint.

Enough with the font smoothing

I seriously condemn websites that change the font smoothing of blocks of text in their CSS styles. I seriously hate font-smoothing, -webkit-font-smoothing and -moz-osx-font-smoothing and I strongly believe that the world would be better if those goddamn’d properties didn’t exist. Ye, I understand that subpixel antialiasing doesn’t make sense on high DPI screens and that HDPI screens are usually better with grayscale scaling. But most websites change the aliasing in awful ways. Why can’t you apply a media query to only change the font smoothing on bigger displays? On my non-HDPI 1080p Dell display, grayscale antialiasing makes me want to rip off my eyes.

Un selfie llevando una camiseta con el logotipo de NGINX.

Hoy mi apodo es… nginxman.

Levanta el pulgar imitando el gesto de una pegatina pegada en la puerta de un tren de Metro.

Born to be a rebel.

Captura de pantalla de la app Slack cambiando el estado por el texto: De puente

Situación actual: cambiando el estado del Slack.

Sandra →

Esta semana me he ventilado en mis trayectos en transporte público Sandra, una ficción sonora (en inglés) que habla de cómo podría ser la IA en un mundo paralelo parecido al nuestro. Son 7 capítulos y una de las voces la pone Kristen Wiig.

Sandra →

I’ve listened this week to Sandra. It’s a fictional podcast located in a world where IA and virtual assistants are… slightly different than what we are used to. Kinda distopical at a few moments, but I’m sure after listening to the first episode you’ll want to keep listening. The entire seasion is available online so you can listen to it at once in an afternoon or in a few commutes.

FTR, Telegram is not the proper alternative to WhatsApp or FB Messenger if you’re looking for something “open”. Just because the client is open source doesn’t make the cut, if the server is closed source, and I don’t understand why people don’t get this.

Signal may be a better alternative since the server code is open source, although it’s not easy to rollout your own server because the official client has the central server address hardcoded and you’d have to fork the client as well.

Another alternative is XMPP, although it doesn’t have a lot of traction, specially considering how modern chatty stuff such as ‘last online at’ or ‘read receipts’ depend on XEP extensions that have to be implemented by both the server and the client. Despite that, running an XMPP server nowadays is as easy as installing ejabberd, keeping sensible defaults such as making logins private, and using your Let’s Encrypt SSL certificate (yes it can be used!).