User avatar

gcollazo

Follow with
Beluga RSS JSON

Using iPhone Mirroring 😜

☠️ https://bvisness.me/microlibraries/

Same https://kokada.capivaras.dev/blog/go-a-reasonable-good-language/

how to pwn a billion dollar vc firm using inspect element https://www.kibty.town/blog/a16z/

“New CSAIL research highlights how LLMs excel in familiar scenarios but struggle in novel ones, questioning their true reasoning abilities versus reliance on memorization” https://news.mit.edu/2024/reasoning-skills-large-language-models-often-overestimated-0711

Reasoning skills of large language models are often overestimated | MIT News | Massachusetts Institute of Technology
news.mit.edu

"If you couldn’t have a utopia in the real world, then dammit you’d have one in your obscure codebase! It shall have clean logic untarnished by dirty, filthy hobbitses error-checking."

https://gieseanw.wordpress.com/2024/06/25/you-probably-wrote-half-a-monad-by-accident/

You probably wrote half a monad by accident – Andy G's Blog
gieseanw.wordpress.com

eventually, shared mutable state will ruin your day

After extensive research, testing, and trial and error, here are my recommended settings for Django web apps using SQLite as the primary database. I anticipate these settings will evolve over time, and I will update them accordingly. My goal is to have these settings ready to copy and paste into every new Django project, ensuring they are the most current and optimal for most web apps. https://gcollazo.com/optimal-sqlite-settings-for-django/

Optimal SQLite settings for Django – Giovanni Collazo
gcollazo.com

new old optiplex server

post image

Now every room in the house has a CAT6 cable and AP 🤓

post image post image

Security Bsides badge

post image

🌳 🌸

post image

😂

post image

Launched a tiny side project today

https://dejatesentir.com

Don't be afraid of hosting your own database. Managed DB services want you to think is too hard. For a lot of apps it's easy to get it right.

Notepad HTML Assistant Pro BBEdit Dreamweaver Textmate Sublime Text Vim Atom Visual Studio Code PyCharm, GoLand

post image

Most apps/organizations are not secure, they are just “not targeted by a sufficiently motivated/skilled attacker”

this is good 👍 https://grafana.com/blog/2024/02/09/how-i-write-http-services-in-go-after-13-years/

How I write HTTP services in Go after 13 years | Grafana Labs
grafana.com

htmx enables me to undo the frontend/backend split that react-like apps sold us as a positive feature of that architecture.

In my experience that split translated to more time/cost with very little benefit. You will still need to build a bespoke API endpoint for every screen if you care about perf. The split requires more coordination and lockstep motion.

😎 🏴‍☠️ https://m.youtube.com/watch?v=YP2XNAbB_Nw

I’ve looked into many of the most showcased/popular react/next.js apps out there and a lot of what they do is fetch some JSON and generate some static/non-interactive DOM. Yet they pay the full price of a client side framework and related tooling.

These apps will be redically simplified if they shipped HTML directly from the server and swapped just parts of the UI as needed.

Do you really need all that client code to do that?

Really enjoying PyCharm. Once I learned 5 o 6 keyboard shortcuts I feel much more productive than using VSCode.

shift shift - search ⌘ shift a - actions ⌘ e - recent files ⌘ b - go to def ⌘ [ - back ctrl g - select another alt ⬆️ - select containing scope

favorite desk

post image

Too good https://www.youtube.com/watch?v=ze4xcmBFvaE

I’m almost convinced that adding dependencies into source control is the better way of doing things

TIL that if you add .atom to a GitHub releases page it will return a RSS/Atom feed that you can follow with your reader and get notified of new releases

For example: https://github.com/benbjohnson/litestream/releases.atom

Start learning Web custom element API TODAY, it’s a great investment.

I use them to attach interactive behavior to existing DOM nodes. Starting to build a collection of very portable and reusable “components” that are very unlikely to stop working whenever a framework author feels like it

Thinking about how to implement web mentions in Beluga.

We would need a server to receive mentions on behalf of Beluga users and then deliver them when they are back online. Something like https://webmention.io

Word! https://chriscoyier.net/2024/01/13/exposed-rss/

Exposed RSS – Chris Coyier
chriscoyier.net

I need a good tutorial for git-send-email

The next version of HTML should look at htmx for inspiration. We need access to all HTTP verbs from and a way to replace just part of the page.

Plain text https://youtu.be/4mRxIgu9R70?si=EheAht1vcatMNmAN

To me this sounds like hexagonal / ports and adapters architecture with a better name and a 100x better diagram.

https://medium.com/@remast/the-ddd-hamburger-for-go-61dba99c4aaf

The DDD Hamburger for Go. The DDD Hamburger is my favorite… | by Jan Stamer | Jan, 2024 | Medium
medium.com

Super Grover fixes the computer https://youtube.com/watch?v=ypP4zlpZUhI

This is where is at https://frontendmasters.com/blog/light-dom-only/

My main browser is Safari, I use Brave for video conferencing with Google Meet and Firefox for web development.

Lluvia https://youtu.be/UTrd-aX3sC4?si=Mfj0pN2rbBDgtZYC

Notes #12 https://gcollazo.com/notes-12/

Notes #12 – Giovanni Collazo
gcollazo.com

Just published Beluga 🐳 version 2023.3 to the AppStore. This is a small update that fixes a few issues with the generated web site.

Download here

‎Beluga Social on the App Store
apps.apple.com

https://minnesotareformer.com/2022/12/15/toxic-3m-knew-its-chemicals-were-harmful-decades-ago-but-didnt-tell-the-public-government/

Toxic: 3M knew its chemicals were harmful decades ago, but didn’t tell the public, government - Minnesota Reformer
minnesotareformer.com

I can’t find a logging solution that works for me.

Requirements:

  • Capture logs from multiple hosts
  • Docker logs
  • Host /var/logs files
  • Generate basic metrics from logs
  • Generate alerts from metrics
  • Easy to deploy on a single host

Why YAML? Can we use something else? Please 🙏

This is great. Interactive guide to CSS Grid https://www.joshwcomeau.com/css/interactive-guide-to-grid/

An Interactive Guide to CSS Grid
www.joshwcomeau.com

Taking HTML+CSS seriously and investing the time to really learn them will give you an unfair advantage over most web engineers

Great web #a11y tip https://gomakethings.com/dont-disable-buttons/

Don't disable buttons | Go Make Things
gomakethings.com

Notes #11 https://gcollazo.com/notes-11/

Notes #11 – Giovanni Collazo
gcollazo.com

Development tools like code formatters, linters and similar must not clutter or interfere with my projects’s dependencies. These tools should be distributed as single-file binaries.

Python needs ONE solution for linting, code formatting, package management. Right now its just a mess.

Picking a technology to learn so you can get a job is NOT a technical decision. Just pick the technology with the most job listings, end of story. 🤓

Web technologies have been moving faster for a while now but people have not noticed it. A lot of the web toolkit is becoming unnecessary.

For example CSS has variables, nested selectors and functions like calc, max and repeat all built-in.

Use the platform.

I would never do such a thing 🥸 https://benjamincongdon.me/blog/2023/10/29/Avoid-Load-bearing-Shell-Scripts/

Avoid Load-bearing Shell Scripts | Ben Congdon
benjamincongdon.me

😏

post image

Closing shop for the day ✌️

Weeknotes #10 https://gcollazo.com/weeknotes-10/

Weeknotes #10 – Giovanni Collazo
gcollazo.com

Weeknotes #9 https://gcollazo.com/weeknotes-9/

Weeknotes #9 – Giovanni Collazo
gcollazo.com

Weeknotes #8 https://gcollazo.com/weeknotes-8/

Weeknotes #8 – Giovanni Collazo
gcollazo.com

🤡

post image

Weeknotes #7 https://gcollazo.com/weeknotes-7/

Weeknotes #7 – Giovanni Collazo
gcollazo.com

“The future is already here — it's just not very evenly distributed.”

  • William Gibson

🥸

post image

Weeknotes #6 https://gcollazo.com/weeknotes-6/

Weeknotes #6 – Giovanni Collazo
gcollazo.com

TIL https://en.wikipedia.org/wiki/Embarrassingly_parallel

Mac SE Easter Egg https://trmm.net/Mac-SE_Easter_Egg/

Trammell Hudson's Projects
trmm.net

TIL https://en.m.wikipedia.org/wiki/BUNCH

Weeknotes #5 https://gcollazo.com/weeknotes-5

Weeknotes #5 – Giovanni Collazo
gcollazo.com

Bug bounty programs have emerged as a crucial cybersecurity measure, allowing organizations to harness the skills of the security community in identifying and resolving vulnerabilities before malicious actors can exploit them. https://gcollazo.com/running-a-bug-bounty-program-without-spending-a-fortune/

Running a Bug Bounty Program Without Spending a Fortune – Giovanni Collazo
gcollazo.com

Unpopular opinion: Many (most?) web apps could run on a single cheap VM, but a lot of developers are convinced that anything that's not pressing the TAB key to Copilot suggestions is too hard and not worth it.

Weeknotes #4 https://gcollazo.com/weeknotes-4/

Weeknotes #4 – Giovanni Collazo
gcollazo.com

If your SPA is just taking JSON and adding some HTML to display on the browser and you don’t have a highly interactive and stateful UI you are wasting your complexity budget

Weeknotes #3 https://gcollazo.com/weeknotes-3/

Weeknotes #3 – Giovanni Collazo
gcollazo.com

🥸

post image

Sao Paulo: The City With No Outdoor Advertisements https://www.amusingplanet.com/2013/07/sao-paulo-city-with-no-outdoor.html

post image

https://gcollazo.com/weeknotes-2/

Weeknotes #2 – Giovanni Collazo
gcollazo.com

I’m trying to post more regularly so I stole this weeknotes idea from Simon Willison’s Weblog. The plan is to share articles, videos, books and things I learn. Here’s the first one.

https://gcollazo.com/weeknotes-1/

Weeknotes #1 – Giovanni Collazo
gcollazo.com

Unpopular opinion: AWS CloudWatch Logs is better than most other logs and metrics solutions out there

Sobran las ideas y las buenas intenciones, lo que hace falta es ejecución efectiva, rendición de cuentas y consecuencias cuando se falle.

Aquí cualquier pelagatos dirige una agencia y nadie le exige nada más que visitar a Rubén Sánchez de vez en cuando y no parecer subnormal.

El problema no es falta de imaginación ni maldad (en muchos casos), el problema es incompetencia.

«Nunca atribuyas a la maldad lo que se explica adecuadamente por la estupidez»

https://es.wikipedia.org/wiki/Principio_de_Hanlon

🖤 https://www.youtube.com/watch?v=XbQ08Ixczvo

🤓The browser tab was a great invention

🔥

post image

No lies detected

post image

How much of winning a war is just logistics?

TIL where Debian code names come from: "So far they have been characters taken from the Toy Story movies by Pixar"

🖤

https://www.debian.org/doc/manuals/debian-faq/ftparchives#sourceforcodenames

Not understanding the difference between logging, metrics and traces allows me to do all using structured logs and search. It works!

Self-hosting PostgreSQL is possible

TIL that @digitalocean Spaces have support for lifecycle configuration. So my backups bucket now takes care of purging old stuff

https://www.howtogeek.com/devops/how-to-set-an-expiration-policy-on-digitalocean-spaces-buckets/

How to Set an Expiration Policy on DigitalOcean Spaces Buckets
www.howtogeek.com

Boring tech is my favorite tech

😎

post image

https://youtu.be/lO2fzDY5wc8

Writing Python like it's Rust https://kobzol.github.io/rust/python/2023/05/20/writing-python-like-its-rust.html

Favorite Tiny Desk Concerts https://gcollazo.com/favorite-tiny-desk-concerts/

Favorite Tiny Desk Concerts – Giovanni Collazo
gcollazo.com

📊 https://www.visualcapitalist.com/100-most-spoken-languages/

post image

Django's internationalization and localization features are great but if you add Poedit to your workflow it's hard not to justify having multi-language support in your apps.

https://poedit.net

Poedit Translation Editor — Poedit
poedit.net

¡Buenos días!

post image

Django class-based views are harder to use than function-based views. With CBVs, one must constantly reference the docs to understand the order of method calls, their args, and return types. On the other hand, FBVs get a req and return a res, plain and simple.

Another incredible product https://teenage.engineering/products/tp-7

post image

🏝️ 😎 🏝️

post image

All HTMX does, is make the browser better at hypermedia by giving us more options regarding what can trigger an HTTP request and allowing us to update a part of the page rather than a full page reload.

https://quii.dev/HTMX_is_the_Future

🧐 https://www.primevideotech.com/video-streaming/scaling-up-the-prime-video-audio-video-monitoring-service-and-reducing-costs-by-90

Page not found - Prime Video Tech
www.primevideotech.com

You don’t need serverless functions at the edge

Just write a state machine and call it a day

Inside the secret list of websites that make AI like ChatGPT sound smart https://www.washingtonpost.com/technology/interactive/2023/ai-chatbot-learning/

See the websites that make AI bots like ChatGPT sound so smart - Washington Post
www.washingtonpost.com

yup

post image

web dev can be very simple and very powerful

🏴‍☠️ Not paying a ransom in a doble extorsion scheme is not always the best option.

If we want the Web to stay relevant we must put huge emphasis on accessibility, usability and design.

YES superficial artsy-fartsy design too. How things look and feel is part of the experience and the Web must be as good or better than proprietary platforms like Android and iOS

Some times the solution is to create a private CA 😶🔫

Running servers with quality software isn’t as scary as someone wants you to think. https://sizovs.net/boring/

Choose boring tools – Eduards Sizovs
sizovs.net

Git Worktree: Enhance your Git Workflow https://www.dylanpaulus.com/posts/git-worktree

Git Worktree: Enhance your Git Workflow
www.dylanpaulus.com

Multiple sources of truthiness™

For the past few months, I've mostly been coding by myself. One thing that has helped a lot is that I stopped using GitHub issues and instead create TODO/FIXME comments in the code.

I use a VSCODE extension called Todo Tree to index the comments. For Xcode projects, I found a tiny script that finds the comments and creates a warning when the build runs.

post image post image

👀

post image

🖤 https://youtu.be/Q07CTj4fUeY

If you owned the hardware your software is running on you would never consider serverless functions as the architecture

🏴‍☠️

post image

TIL: Go (like JavaScript) does automatic semicolon insertion

It’s Alive!!!

post image

Selling MVP quality software is 100x easier than selling highly polished software that only exists on a slide deck. Sadly, if you want to sell a product, you have to build it. You could also fake it but IMHO it’s almost always waste of time.

Just updated my "uses" page https://gcollazo.com/uses/

Uses – Giovanni Collazo
gcollazo.com

True story

post image

Public service, if your Apple TV remote stops controlling the TV volume just restart the remote. YES the remote https://support.apple.com/en-us/HT203777

Carnaval

post image

I like vim for simple and quick file editing but prefer vscode for web dev.

I get people that have a vim/neovim setup that has evolved over years to fit their needs. I envy experienced vim users and how fast they move.

I don’t get people just getting started with vim trying to recreate vscode by installing lots of plugins and spending a lot of time configuring stuff. Most of this people would be better served by enabling vim mode on a more preconfigured editor.

🖤🖤🖤 https://marketplace.visualstudio.com/items?itemName=tonybaloney.vscode-pets

😂 https://dumbpasswordrules.com/

Dumb Password Rules
dumbpasswordrules.com

Agree. At this point in my career focusing on a single thing feels too limiting and boring TBH https://world.hey.com/dhh/inspiration-is-perishable-f2c8652e

Inspiration is perishable
world.hey.com

True Story

post image

“ChatGPT Is a Blurry JPEG of the Web” https://kottke.org/23/02/ted-chiang-chatgpt-is-a-blurry-jpeg-of-the-web

Si estás haciendo software para un negocio que su idioma principal no es Inglés, está bien (y recomiendo) usar los nombres que usa el negocio en el idioma que sea #unpopularopinion

✉️ Email signstures. Please stop! 🛑

Having Touch ID on the external keyboard is a tiny quality of life improvement that I really enjoy

post image

After years of building SPAs, getting back to the web framework approach to making web apps feels like cheating https://www.reddit.com/r/django/comments/10vl4eq/django_is_truly_amazing/

🌮 Monday? 🍺

Trolls World Tour is crazy!

post image

📸 🌙

post image

Been writing quite a lot of Python 🐍 lately. Like it!

🎶https://www.youtube.com/watch?v=uOK5Q6csXiI

People using React actually look at Facebook and see excellent front end development?

Trying to use the built-in terminal in iOS instead of iTerm 😵‍💫 https://support.apple.com/guide/terminal/keyboard-shortcuts-trmlshtcts/mac

Lambda Cold Starts analysis. Visualize 10 Cold Starts for each runtime, updated daily https://maxday.github.io/lambda-perf/

Rockets

post image

Everytime I have to setup git on a new machine theres a new login method 😵‍💫

Good security engineering has little to do with compliance ✨

Hey YouTubers please remove the mic from the frame or even better use a lavalier 🧘‍♂️

New website for my consulting business https://blimp.io

Custom software & digital marketing
blimp.io

The React ecosystem is great if what you sell is online courses and YouTube video views

Switched to using Firefox full time and the experience has been great. Some sites perform better than with Safari for Mac.

Don’t want to write boilerplate? Use a framework. Don’t want to use a framework? Write boilerplate. 👻

Great artists need to know a thing or two about marketing their work

post image

Usar ChatGPT para generar los talking points de los fotutos

Llevar a tres niños a la escuela todos los dias y a tiempo es una batalla 😥

Just realized that I can add Beluga 🐳 support to a lot of shared hosting providers by creating a simple PHP script to list, updaload and delete files. The script must also authenticate the user and restrict files operations to the correct folder. IT’S DOABLE!

😬

post image

☠️ OUCH! “malicious individual who knew a target node’s database ID could generate and accept a sharing invite for that node without being an admin of the target node’s tailnet” https://tailscale.com/security-bulletins/#ts-2023-001/

Security Bulletins · Tailscale
tailscale.com

Great post. I need to read it again https://rauljordan.com/rust-concepts-i-wish-i-learned-earlier/

rauljordan::blog
rauljordan.com

Bought a new laptop

post image

This is an insane AWS bill https://twitter.com/dhh/status/1613508201953038337?s=46&t=GridpnLMsET-8z8vK0LCeA

🌳

post image

🤔 In software going wide (superficial features) is better for sales than going deep (complex domain specific features). Good software is a mix of both, great software finds the perfect balance.

The Fake Cisco https://www.f-secure.com/content/dam/press/ja/media-library/reports/F-Secure%20Report%20-%20The%20Fake%20Cisco%20(English).pdf

post image

My touchbar now flashes 📸 a bright white light for a few minutes every time I wake up my laptop

post image

Our art gallery

post image

Password notebooks are a good idea for most non-technical users. There’s only a few tuings to have in mind to stay secure. The notebook never leaves the house, keep it in a safe place and use a different passphrase for every app or site.

https://twitter.com/troyhunt/status/1612538664533504000?s=46&t=Ae3PfrSxGpdSnb6P2-hNaw

post image post image

I’ve been doing some Django web app development these days and I have to say it again. Django is great! 🔥

I missed Django for Web development. It’s really good.

This is crazy https://www.tiktok.com/@ukconqueror/video/7178382395484245254

Wireframes are my favorite kind of spec for MVP software 👨‍💻

The Rivian R1S looks like the Simpsons' Canyonero 🚗

Some folks have asked how will Beluga 🐳 handle a user with thousands of posts.

The short answer is that the beluga.json feed can be trucated after a fixed number of posts. The JSON Feed spec includes a next_url field to handle pagination. I will implement this on the app very soon.

I like this https://brandur.org/fragments/deleted-record-insert

This week I will release a new version of Beluga fixing some of the reported issues with Backblaze

✈️ Going home ☀️

🐧

post image

Boston

post image

❄️ Posting from my vacation just to test the experience with horrible connectivity ⛄️

First post from the cloud ✈️

Make th web weird agan https://localghost.dev/blog/building-a-website-like-it-s-1999-in-2022/

Building a website like it's 1999... in 2022 - localghost
localghost.dev

Getting ready ⛄️ ❄️ for the family winter vacation

https://yarocruz.netlify.app/posts/no-pressure/

This is good https://dynomight.net/arguments/

Things to argue about over the holidays instead of politics
dynomight.net

Ouch! https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

Notice of Recent Security Incident - The LastPass Blog
blog.lastpass.com

The feedback from yesterday’s launch was great thank you all 🐳

My response to the large feed problem https://lobste.rs/s/hvvf7a/free_twitter_like_app_for_ios_uses_s3#c_12m3f0

Currently on the #1 spot on Lobsters https://lobste.rs/s/hvvf7a/free_twitter_like_app_for_ios_uses_s3

Beluga 🐳 got to the #12 spot on Product Hunt

Just published the website https://beluga.social

Beluga - A Space For Your Short Posts
beluga.social

Beluga 🐳 will launch tomorrow on Product Hunt

I think I might be able to add partial Mastodon 🐘 support to Beluga 🐳

“code isn’t really written so much as beaten it into shape and then refactored” https://pboyd.io/posts/cargo-cult-of-good-code/

🇦🇷

Take note https://bishopfox.com/blog/unredacter-tool-never-pixelation

Never Use Text Pixelation To Redact Sensitive Information | Bishop Fox
bishopfox.com

🔥 Very productive day. Designed a website before lunch, worked on some documents for Beluga 🐳 and debugged an issue on an old web app ✨

Development of the Beluga 🐳 website is getting started. Looks like I’m launching the app at some point next week.

https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm

NIST Retires SHA-1 Cryptographic Algorithm | NIST
www.nist.gov

GitHub broke the back button

https://tfos.co/p/rebuild-social-media/

How to rebuild social media on top of RSS
tfos.co

Today I spent all day working on the web site design of https://beluga.social

Anoche recibí este intento de phishing via SMS diseñado para clientes de FirstBank

post image

https://macwright.com/2022/12/09/activitypub.html

Playing with ActivityPub - macwright.com
macwright.com

🥳

post image

Now we wait

post image

Beluga usa el formato JSONFeed para maximizar su compatibilidad. Muchos lectores RSS pueden leer este formato.

En el update de hoy de Beluga arreglé algunos issues en el website generado y también resolvi un problema con los link previews que hacia que aparecieran en el feed (beluga.json)

🎄🎄🎄

post image

I would try this https://www.apple.com/newsroom/2022/12/apple-introduces-apple-music-sing/

Apple introduces Apple Music Sing - Apple
www.apple.com

Reading text from a web page in Swift is possible but not that obvious

post image

Lo mejor de este break del trabajo que estoy tomando es que apenas recibo emails 🥳

iOS tiene una cantidad gigante de APIs que funcionan excepcionalmente bien

post image

Hello, World!