the fact that the Poetry developers intentionally introduced failures to people’s CI/CD pipelines to motivate them to move away from Poetry’s legacy installer… Though we didn’t rely on the installer in our pipelines, this was the death knell for the continued use of Poetry.

Best times to post on social media overall: Tuesdays through Thursdays at 9 a.m. or 10 a.m. Best days to post on social media: Tuesdays through Thursdays Worst days to post on social media: Sundays

There are plenty of articles about the emergence of PyScript for embedding Python code directly into HTML, but until now the creation of browser extensions in Python has been something of a closed door.

In summary, terminal input is weird.  It’s weird largely because there’s a character-only pipe sitting between the terminal and shell.  And going one step back, the weirdness comes from the whole historical division of terminal vs. shell, which is based on emulating a physical hardware setup that hasn’t been built since the 80s. 

in MLflow 2.0, the mlflow.evaluate() API for model evaluation is now stable and production-ready. With just a single line of code, mlflow.evaluate() creates a comprehensive performance report for any ML model.

MLflow 2.0 also adds AutoML to MLflow Recipes, dramatically reducing the amount of time required to produce a high-quality model.

In MLflow 2.0, MLflow Recipes is now a core platform component with several new features, including support for classification models, improved data profiling and hyperparameter tuning capabilities.

As I think today microservice can do much more than just gives predictions using a single model, like:

notice that defaultdict not only returns the default value, but also assigns it to the key that wasn't there before:

we might need a dictionary subclass, and then we need to access a key that does not exist in that dictionary

The table also includes links to the documentation of the dunder method under the emoji 🔗. When available, relevant Pydon'ts are linked under the emoji 🗒️.

>>> 3 in my_list False >>> my_list.__contains__(3) False

“dunder” comes from “double underscore”

dunder methods are methods that allow instances of a class to interact with the built-in functions and operators

take a step back and ask a basic question: “What kind of business value are we trying to provide?"

As of today, a lot of the things in ML are not automated. They are manual or semi-manual.

If we say that MLOps is just DevOps + “some things”, then CI/CD is a core principle of that.

Not everything can be tested/evaluated with a metric like AUC or R2. Sometimes, people just have to check if things improved and not just metrics got better.

I believe that packaging/building/deploying the vanilla, run-of-the-mill ML model will become common knowledge for backend devs.

MLOps engineer today is either an ML engineer (building ML-specific software) or a DevOps engineer. Nothing special here.Should we call a DevOps engineer who primarily operates ML-fueled software delivery an MLOps engineer?I mean, if you really want, we can, but I don’t think we need a new role here. It is just a DevOps eng.

The MLOps team should consist of a DevOps engineer, a backend software engineer, a data scientist, + regular software folks.

By becoming a hybrid you can choose how you want to be unique. Countless unique combinations are available to you.

Being U-shaped requires bravery, because it’s so unusual. U-shaped people tend to be subjected to greater skepticism, because no one else really understands what they alone can see.

T-shaped. They tend to be natural leaders because they understand how different responsibilities overlap, and how to construct effective teams and processes.

The U-shaped path means developing skills that are not often found together. Like engineering and dancing, or singing and design.

The T-shaped hybrid path is one that many curious people follow. You grow your skillset and experience in areas that are adjacent to your dominant expertise. For example engineering and design, or singing and dancing.

I’m excited to see community efforts like Obsidian Ava

The sentence in italics above was not written by me. It was autocompleted as I wrote in Obsidian, using the Text Generator plugin.

In some ways it is surprising that filtering text is so technically challenging. Text seems like it would be easier to manipulate than images.

After decades of experience, he knew and understood that the most meaningful conceptual progress he made on problems was always away from his computer: on a run, in the shower, laying in bed at night. That’s where the insight came. And yet, even after all these years, he still felt a strange obligation to be at his computer because that’s too often our the mental image of “working”.

Work at MIT found that brainstorming—where a bunch of people put their heads together to try to come up with innovative solutions—generally “reduced creativity due to the tendency to incrementally modify known successful designs rather than explore radically different and potentially superior ones.”

It's like paying a quarter of your house's value for earthquake insurance when you don't live anywhere near a fault line.

The second is when your load is highly irregular. When you have wild swings or towering peaks in usage.

The cloud excels at two ends of the spectrum, where only one end was ever relevant for us. The first end is when your application is so simple and low traffic that you really do save on complexity by starting with fully managed services.

The first interaction with a programming language should be what it can do for you, rather than an exhaustive glossary of what it is.

Python is known for using more memory than more optimized languages and, in this case, it uses 7 times more than PostgresML.

PostgresML outperforms traditional Python microservices by a factor of 8 in local tests and by a factor of 40 on AWS EC2.

Lay the watch horizontally and align the hour hand of the watch with the direction of the sun. The middle point between the alignment of the sun with the hour hand, and the 12 o’clock position on the dial, approximately indicates south.

Use SSH and connect:

What makes a good error message

What makes a bad error message

By using a VPN, you are only changing who can see your network layer traffic. It does not increase any security.

any retailer doing credit card transaction processing is forced to use TLS

Because it's easy money. You just set up OpenVPN on a few servers, and essentially start reselling bandwidth with a markup.

Sometimes bullying comes with prejudice, but often it's a more instinctive behavior. There may be no belief, conscious or unconscious, behind it. It can be a plan or just an animal instinct to dominate, to coerce

git show | cat -A

For that, you must create a culture of fear in which it’s more important to show others you’ve been productive than to help the team achieve its goals.

Once you have convinced your team to estimate tasks, you can pressure people to work longer hours to prove they’re not bad at estimations.

But for all of its features, GitHub implements only a subset of git. For instance, GitHub lacks the default merge strategy of git—the fast-forward merge.

Be aware that staying at a company too long means you are likely to earn less over your career. But moving too soon means you won’t get the necessary experience that may benefit you later on.

Learning and adaptation – 3 – 6 months – getting to grips with the new company, team, and their processes. Creating value for the organization – 6 – 12 months – adding value to the business by becoming a functioning member of the team.Becoming a role expert – 6 – 18 months – owning the role completely and helping to shape the direction of the team.

Software engineers typically stay at one job for an average of two years before moving somewhere different. They spend less than half the amount of time at one company compared to the national average tenure of 4.2 years.

The average performance pay rise for most employees is 3% a year. That is minuscule compared to the 14.8% pay raise the average person gets when they switch jobs.

On “good” days, developers spend more time developing and less time collaborating

Speaking from my (R-biased) viewpoint, conda has posed some problems as well:

You can unknowingly be sending your critical database traffic in the clear because your client uses a default of allow or disable while the server you’re connecting to does, in fact, support SSL.

You can unknowingly be sending your critical database traffic in the clear because your client uses a default of prefer, allow or disable and the server you’re connecting to does not support SSL.

What Should I Do?

Many popular SQL clients do not use SSL by default. If you aren’t deliberate about choosing encryption, the connection will be unencrypted.

SSL is disabled by default in jdbc, npgsql, node-postgres, and pgx.

There are a lot of PostgreSQL servers connected to the Internet: we searched shodan.io and obtained a sample of more than 820,000 PostgreSQL servers connected to the Internet between September 1 and September 29. Only 36% of the servers examined had SSL certificates. More than 523,000 PostgreSQL servers listening on the Internet did not use SSL (64%)

At most 15% of the approximately 820,000 PostgreSQL servers listening on the Internet require encryption. In fact, only 36% even support encryption. This puts PostgreSQL servers well behind the rest of the Internet in terms of security. In comparison, according to Google, over 96% of page loads in Chrome on a Mac are encrypted. The top 100 websites support encryption, and 97 of those default to encryption.

new technologies leveraging techniques like spaced repetition mean it's much easier to remember what you learn

In 2019 the UK school inspection body Ofsted went further than this and changed their definition of ”learning” itself to “an alteration in long-term memory”.

to get faster at learning you must get more efficient at moving things into your long-term memory, i.e. stop forgetting things you learn. The less you forget the more you'll understand and the faster you'll learn.

To learn more than 4 new concepts we must move some of them into our long-term memory before learning the rest.

You can only understand something new if understanding it requires combining less than 4 new pieces of information.

our working memory has a maximum capacity of roughly 4. When reading about quantum mechanics we encounter new Concept 1 and store it in our working memory. Then when learning about Concept 1 we encounter Concepts 2, 3, and 4 and our working memory becomes full. We then cannot understand Concept 5.

transferring data across Availability zones within the same region is also a good way to save money

When you use a private IP address, you are charged less when compared to a public IP address or Elastic IP address.

But when you transfer data from one Amazon region to another, AWS charges you for that. It depends on the AWS region you are and this is the real deciding factor. For example, if you are in the US West(Oregon) region, you have to shell out $0.080/GB whereas in Asia Pacific (Seoul) region it bumps up to $0.135/GB.

When you transfer data between Amazon EC2, Amazon Redshift, Amazon RDS, Amazon Network Interfaces, and Amazon Elasticache, you have to pay zero charges if they are within the same Availability Zone.

When you transfer data from the internet to AWS, it is free of charge. AWS services like EC2 instances, S3 storage, or RDS instances, when you transfer data from the Internet into these you don’t have to pay any charge for it. However, if you transfer data using Elastic IPv4 address or peered VPC using an IPv6 address you will be charged $0.01/gb whenever you transfer data into an EC2 instance. The real catch is when you transfer data out of any of the AWS services. This is where AWS charges you money depending on the area you have chosen and the amount of data you are transferring. Some regions have higher charges than others.

Building machines and running downscaled tests is my late-night hobby.

We use Javascript everywhere, since we solve the “issues” caused by Javascript rendering we want to build as much expertise as possible in this field. But for the other parts, we are taking advantage of CloudFlare’s distributed system for fast response and global scalability. While our uptime guarantees are supported by Digital Ocean’s cloud platform. We also use a myriad of other SaaS providers to maximize our effectiveness.

we made sure to implement fail safes at each stage of the migration to make sure we could fall back if something were to go wrong. It’s also why we tested on a small scale before proceeding with the rest of the migration.

We mirrored PostgreSQL shards storing cached_urls tables in CassandraWe switched service.prerender.io to Cloudflare load balancer to allow dynamic traffic distributionWe set up new EU private-recache serversWe keep performing stress tests to solve any performance issues

“The true hidden price for AWS is coming from the traffic cost, they sell a reasonably priced storage, and it’s even free to upload it. But when you get it out, you pay an enormous cost.

In the last four weeks, we moved most of the cache workload from AWS S3 to our own Cassandra cluster.

After testing whether Prerender pages could be cached in both S3 and minio, we slowly diverted traffic away from AWS S3 and towards minio.

Phase 1 mostly involved setting up the bare metal servers and testing the migration on a small and more manageable setting before scaling. This phase required minimal software adaptation, which we decided to run on KVM virtualization on Linux.

The solution? Migrate the cached pages and traffic onto Prerender’s own internal servers and cut our reliance on AWS as quickly as possible.

After almost 10 years of remote work, it would be close to impossible for me to go back to an office.

On the internet today, it seems like it’s more common to use “absolute” domain names (like example.com).

The technical term for “THIS IS THE WHOLE THING” is “fully qualified domain name” or “FQDN”. So google.com. is a fully qualified domain name, and google.com isn’t.

So because domain names can actually be translated to something else in some cases, people like to put a "." at the end to communicate “THIS IS THE DOMAIN NAME, NOTHING GETS ADDED AT THE END, THIS IS THE WHOLE THING”.

zone files require a trailing dot at the end of a domain name (because otherwise they’re interpreted as being relative to the zone).

a fully qualified domain name is a domain with a “.” at the end!

If you work at a software company, there are some pretty common categories of work that people often avoid, including

Whenever people ask me for advice on career growth, I share what has worked reasonably well for me: find a growth company, one that really needs you to get work done, and then tackle the unpleasant work that everyone avoids.

That’s why it was such a life-changing event for me when I found Dash in 2012.

This is not "noise"

Imagine for a moment that, by some quirk of the universe, you are sharing your workspace with a time traveller. Specifically, yourself from 1 year in the future. How will you react to your new co-worker?

Mamba installs these packages in only a third of the time that Conda does. Much of that is due to less CPU usage, but even network downloads seem to be little faster; Mamba uses parallel downloads to speed them up.

So which should you use, pip or Conda? For general Python computing, pip and PyPI are usually fine, and the surrounding tooling tends to be better. For data science or scientific computing, however, Conda’s ability to package third-party libraries, and the centralized infrastructure provided by Conda-Forge, means setup of complex packages will often be easier.

My first recommendation would be fiction. Reading fiction is important to understand the cross-sectional variation in humanity, to understand how difficult generalisations can be, to just get a sense of how different social pieces fit together, and to get a sense of different historical eras – and plus, reading fiction is often just plain flat-out fun.

Quicker And More Useful Communication

The different barcode types can be categorized as one-dimensional (1D) and two-dimensional (2D). While one-dimensional barcodes consist only of lines and are usually scanned horizontally with laser scanners, two-dimensional codes make use of vertical space as well and can only be scanned with devices that contain a camera, such as imager scanners or smartphones.

# "func" called 3 times result = [func(x), func(x)**2, func(x)**3] # Reuse result of "func" without splitting the code into multiple lines result = [y := func(x), y**2, y**3]

First of all, the map does a much better job at preserving the relative size and area of land and water masses, while reducing shape distortion. It is also designed to avoid dead ends, allowing the spherical nature of the world to be visualised by simply expanding the map in any direction.

Most web servers TCP slow start algorithm starts by sending 10 TCP packets. The maximum size of a TCP packet is 1500 bytes.

Second-order thinking is more deliberate. It is thinking in terms of interactions and time, understanding that despite our intentions our interventions often cause harm. Second order thinkers ask themselves the question “And then what?” This means thinking about the consequences of repeatedly eating a chocolate bar when you are hungry and using that to inform your decision. If you do this you’re more likely to eat something healthy.

Mob requires good communication skills. There is no space for passive-aggressiveness; or arrogance. If You want to show You are better than Your colleagues, You aren’t a candidate for Mob.

Even though Chrome, Firefox, and Edge browsers all store passwords in encrypted databases, by default all three products intentionally leave the associated encryption keys completely unprotected in predictable locations.

Blog posts with images get 2.3x more engagement.

Preview: quick before and after

If I’m not able to write down any specific experiments, I know the book, video, podcast, article, or thread is just fluff and I should stop reading, listening, watching as soon as possible. This is an incredibly useful tool. Many authors and speakers are extremely skilled at creating the illusion of powerful insights through engaging stories, fortune cookie wisdom, and the use of sophisticated language.

Instead, they keep a Thing Table and a Data Table. Everything in Reddit is a Thing: users, links, comments, subreddits, awards, etc. Things keep common attribute like up/down votes, a type, and creation date. The Data table has three columns: thing id, key, value. There’s a row for every attribute. There’s a row for title, url, author, spam votes, etc. When they add new features they didn’t have to worry about the database anymore. They didn’t have to add new tables for new things or worry about upgrades. Easier for development, deployment, maintenance.

Schema updates are very slow when you get bigger. Adding a column to 10 million rows takes locks and doesn’t work. They used replication for backup and for scaling. Schema updates and maintaining replication is a pain.

To Uncover a Deepfake Video Call, Ask the Caller to Turn Sideways

When I find a "get X free" button on a website that then asks for my email address, I like to search for the email of the company behind the website (sometimes it's on the legal page, or the privacy policy page) and I submit their email. I also make sure to check the "sign me up for the newsletter" box, to make sure the spammers get at least one of their messages. I don't really know why I do this, it seemed funny a few months ago when I started and now I do it out of habit. I now keep a list of emails from these spam sites, and subscribe them all to the various newsletters I find if I have 5 minutes.

Sit to do computer work. Sit using a height-adjustable, downward titling keyboard tray for the best work posture, then every 20 minutes stand for 8 minutes AND MOVE for 2 minutes. The absolute time isn’t critical but about every 20-30 minutes take a posture break and stand and move for a couple of minutes.  Simply standing is insufficient. Movement is important to get blood circulation through the muscles. And movement is FREE! Research shows that you don’t need to do vigorous exercise (e.g. jumping jacks) to get the benefits, just walking around is sufficient. So build in a pattern of creating greater movement variety in the workplace (e.g. walk to a printer, water fountain, stand for a meeting, take the stairs, walk around the floor, park a bit further away from the building each day).

9 evidence-based common denominators among the world’s centenarians that are believed to slow this aging process.

when you use python -m pip with python being the specific interpreter you want to use, all of the above ambiguity is gone. If I say python3.8 -m pip then I know pip will be using and installing for my Python 3.8 interpreter (same goes for if I had said python3.7).

And if you're on Windows there is an added benefit to using python -m pip as it lets pip update itself. Basically because pip.exe is considered running when you do pip install --upgrade pip, Windows won't let you overwrite pip.exe. But if you do python -m pip install --upgrade pip you avoid that issue as it's python.exe that's running, not pip.exe.

The only thing that works is to remove yourself from the environment that is causing burnout, and then taking the time off to recover.

When you see a job post mentioning REST or a company discussing REST Guidelines they will rarely mention either hypertext or hypermedia: they will instead mention JSON, GraphQL(!) and the like.

It’s time to say goodbye to distutils package and switch to setuptools.

as soon as you switch to Python 3.11, you should get into habit of using import tomllib instead of import tomli

It's fine to use print if you're debugging an issue locally, but for any production-ready program that will run without user intervention, proper logging is a must.

Finally, if you don’t use either namedtuple nor dataclasses you might want to consider going straight to Pydantic.

You might be wondering why would you need to replace namedtuple? So, these are some reasons why you should consider switching to dataclasses

Using zoneinfo however has one caveat - it assumes that there's time zone data available on the system, which is the case on UNIX systems. If your system doesn't have timezone data though, then you should use tzdata package which is a first-party library maintained by the CPython core developers, which contains IANA time zone database.

Until Python 3.9, there wasn’t builtin library for timezone manipulation, so everyone was using pytz, but now we have zoneinfo in standard library, so it's time to switch!

As per docs, random module should not be used for security purposes. You should use either secrets or os.urandom, but the secrets module is definitely preferable, considering that it's newer and includes some utility/convenience methods for hexadecimal tokens as well as URL safe tokens.

pathlib has however many advantages over old os.path - while os module represents paths in raw string format, pathlib uses object-oriented style, which makes it more readable and natural to write

If you need to store duplicates, go for List or Tuple.For List vs. Tuple, if you do not intend to mutate, go for Tuple.If you do not need to store duplicates, always go for Set or Dictionary. Hash maps are significantly faster when it comes to determining if an object is present in the Set (e.g. x in set_or_dict).

How does PostgreSQL access a column? It will fetch the row and then dissect this tuple to calculate the position of the desired column inside the row. So if we want to access column #1000 it means that we have to figure out how long those first 999 columns before our chosen one really are. This can be quite complex. For integer we simply have to add 4, but in case of varchar, the operation turns into something really expensive.

WiFi QR code is simply a text QR code with a special format as follows:WIFI:S:<SSID>;T:<WEP|WPA|blank>;P:<PASSWORD>;H:<true|false|blank>;;The S sets the SSID of the network, T defines the security in use, P is the password and H whether the network is hidden or not.

If your laptop is extremely old then I would recommend Puppy Linux.If your laptop isn’t very old but doesn’t perform very well I would recommend AntiX.If your laptop is a little old but still can’t handle Windows 7/10 very well I would recommend Lubuntu.

In the functions.php of your WordPress theme add:

We can. I cannot because the shared Dreamhost hosting doesn't let me edit Apache config beyond .htaccess. But if you have access to the server or virtual host config, see here. Basically all you need to do in addition to what we did in .htaccess is to add: H2EarlyHints on

What I describe here is a one-off thing for demonstration. As you can probably guess by the "5.4.1", when you upgrade WordPress or change themes, you might need to change the URLs of the preloaded CSS in the .htaccess.

And immediately after it, the 2 CSS downloads begin. What we want to do is move the CSS downloads to the left, so all rendering starts (and finishes!) sooner. So all you do it take the URLs of these two files and add them to .htaccess with H2PushResource in front. For me that means the URL to my custom theme's CSS /wp-content/themes/phpied2/style.css as well as some WordPress CSS stuff. While I was there I also added a JavaScript file which is loaded later. Why now start early? So the end result is:

If you’ve ever felt that you can’t focus on a task when you’re hungry — or that all you can think about is food — the neural evidence backs you up. Work from a few years ago confirmed that short-term hunger can change neural processing and bias our attention in ways that may help us find food faster.

They are:doers: self-motivated or intrinsically driven to achieve and learndrivers: proactive and decisive; don't wait for orderspromoters: passionate and excited to share what they create for their own benefit and the benefit of others

Review: a formal assessment or examination of something with the possibility or intention of instituting change if necessary.

On top of that, there’s one thing you can do to extend your life. By studying the philosophies of those who came before you, you absorb their experiences. Every philosophy book you read, you’re adding the author’s lifespan to yours. There’s no better way to spend your time than studying philosophy.13

What I was trying to say before was just because someone’s always busy, and lives to an old age, doesn’t mean they’ve lived long. They’ve just existed long.

I’m not saying you should lay down on the beach all day. I’m saying you should find something that’s enjoyable to you, and valuable for the world.10 You should live your life intentionally, instead of having your time stolen from you little by little.

Even with all that, he was looking forward to the day that he could step down and retire from it all. The man with all the power in the world was happiest when he thought about the day he could let go of all the power.8 How foolish is it to spend your life chasing fame, riches, and power, while being unhappy the entire time, even after you achieve it?

The most surprising thing is that you wouldn’t let anyone steal your property, but you consistently let people steal your time, which is infinitely more valuable.2

sudo killall coreaudiod

This is a neat Docker trick for those who have an ARM development machine (Apple M1), but sometimes need to build x86/amd64 images locally to push up to a registry.

So, we can create this builder on our local machine. The nice part about this creation is that it is idempotent, so you can run this command many times without changing the result. All we have to do is to create a builder profile and in this case I have named it amd64_builder.

sum(1 to n) = n(n + 1) / 2

Python 3.11 is up to 10-60% faster than Python 3.10. On average, we measured a 1.25x speedup on the standard benchmark suite. See Faster CPython for details.

But to my knowledge, this is the first time anyone has collected public info about Bigco dev environments in one place

Git also has a built-in command (maintenance) to optimize a repository’s data, speeding up commands and reducing disk space. This isn’t enabled by default, so we register it with a schedule for daily and hourly routines.

On a new clone of the Canva monorepo, git status takes 10 seconds on average while git fetch can take anywhere from 15 seconds to minutes due to the number of changes merged by engineers.

Over the last 10 years, the code base has grown from a few thousand lines to just under 60 million lines of code in 2022. Every week, hundreds of engineers work across half a million files generating close to a million lines of change (including generated files), tens of thousands of commits, and merging thousands of pull requests.

The perpetrator in question was completing an internship and committed code into the Windows 3.1 code base that was a little prank for the test team: Under a very specific error condition, it changed the index finger pointer to a middle finger.

23.0G com.txt # 23 gigs uncompressed

What makes you unique is not your specific attributes. It’s your specific ties to the network around you.

Becoming disentangled from your web of mutual commitments, shared history, and collective responsibility is to be rendered into a transaction, a slave.

Real friendships don’t form via shared interests. They form via shared context.

In a Staging workflow, releases are slower because of more steps, and bigger because of batching.

For Staging to be useful, it has to catch a special kind of issues that 1) would happen in production, but 2) wouldn’t happen on a developer's laptop.What are these? They might be problems with data migrations, database load and queries, and other infra-related problems.

Another disadvantage of managed platforms is that they are inflexible and slow to change. They might provide 80% of the functionality we require, but it is often the case that the missing 20% provides functionality that is mission critical for machine learning projects. The closed design and architecture of managed platforms makes it difficult to make even the most trivial changes. To compensate for this lack of flexibility, we often have to design custom, inefficient and hard-to-maintain mechanisms that add technical debt to the project.

As you've probably already guessed, we've decided to replace the current Web IDE with one built on top of VS Code. In the coming milestones, we will build out custom support for the features not already available in the VS Code core, and validate that the workflows you already depend on in the Web IDE are handled in the new experience. We're working with the team that builds our amazing GitLab Workflow extension for VS Code to make it available in the browser so we can bundle it in the Web IDE, and bring all those great features along for the ride. That includes bringing merge request comments into the Web IDE for the first time ever!

A normal Makefile for building projects with Docker would look more or less like this:

One of the main benefits from tagging your container images with the corresponding commit hash is that it's easy to trace back who a specific point in time, know how the application looked and behaved like for that specifc point in history and most importantly, blame the people that broke the application ;)

Software Bill Of Materials (SBOM) is analogous to a packing list for a shipment; it’s all the components that make up the software, or were used to build it. For container images, this includes the operating system packages that are installed (e.g.: ca-certificates) along with language specific packages that the software depends on (e.g.: log4j). The SBOM could include only some of this information or even more details, like the versions of components and where they came from.

Included in Docker Desktop 4.7.0 is a new, experimental docker sbom CLI command that displays the SBOM (Software Bill Of Materials) of any Docker image.

With every generation of computing comes a dominant new software or hardware stack that sweeps away the competition and catapults a fledgling technology into the mainstream.I call it the Canonical Stack (CS).Think the WinTel dynasty in the 80s and 90s, with Microsoft on 95% of all PCs with “Intel inside.” Think LAMP and MEAN stack. Think Amazon’s S3 becoming a near universal API for storage. Think of Kubernetes and Docker for cloud orchestration.

By offering to have a real-time technical discussion, you are reframing the code review process away from an 'instructor correcting student' dynamic and into a 'colleagues working together' mindset.

if you are on the job market looking for a team that cares more about being agile than going through the motions to look agile, ask these questions

Level 5: Stop the line. The highest level of code review comments. Borrowing the term from Toyota's manufacturing process this is when the code reviewer noticed something in the PR that signals a major defect.

Level 4: Infringement. This is where things get more serious, note that infringement means rules were broken. In this context, rules can mean a number of things, from the more obvious feature spec and framework rules to things like style guides and coding principles.

Level 3: Suggestions. These can also be thought of as recommendations and alternatives.

Level 2: Nitpicks. Usually, comments about grammar errors and minor stylistic issues/typos go there. The solution to the nitpicks is usually very obvious and if the solution is opinionated, the opinion is not strongly held. Naming a method foobarGenerator vs foobarFactory goes in here, and nitpick comments often start with Nitpick:.

Level 1: Clarifications. I also think of these as sanity checks, I may even start the comment with something like I may be completely off the base here... or Just to sanity check...

Each developer on average wastes 30 minutes before and after the meeting to context switch and the time is otherwise non-value adding. (See this study for the cost of context switching).