Hynek Schlawack

@hynek
3.4K Followers
190 Following
6.9K Posts

• blogger 📝, speaker 📢, and YouTuber 📺
• 💗 Python 🐍, Go 🐹, DevOps 🔧
• Patron Saint of Shitty Air Travel ✈️💩
• works for a smol web host & domain registrar 🌐
• substance over flash, nuance over loudness, outcomes over ego 🧠
• HOA reply = block ❌
• PSF fellow 🏆
• 🗣🇨🇿🇩🇪🇺🇸
• 🏚️🐻🇩🇪
• 💙💛

tfr

Homepagehttps://hynek.me/
GitHubhttps://github.com/hynek
YouTubehttps://www.youtube.com/@The_Hynek
Keyoxidehttps://keyoxide.org/aspe:keyoxide.org:5KLULPTEPFVHZUBX2QRS4XM2M4
Hynek Schlawack13h ago
Watching crime happening in real time
Hynek Schlawack1d ago
Baldur Bjarnason1d ago

All the devs saying that Anthropic’s code quality is “normal” are telling on themselves and everybody they’ve worked with

(Also supports what many have been saying about software quality being a crisis that precedes LLMs, but that’s another story)

Hynek Schlawack1d ago
Iris1d ago
I happen to think that striving so hard to have the right politics that you forget to actually be *good* (as in courageous, temperate, wise, merciful) is a really bad thing and we should avoid it.
Hynek Schlawack2d ago
given the claude code leak i'm starting to suspect that when boosters say they don't look at the code it's an act of fear, not confidence
Hynek Schlawack2d ago
heh, Kagi's April's Fool is actually funny: https://kagi.com
Kagi Search - A Premium Search Engine

Better search results with no ads. Welcome to Kagi (pronounced kah-gee), a paid search engine that gives power back to the user.

Hynek Schlawack2d ago

dependency cooldowns are all cool and nice until dependabot comes in hot and trying to update reverts some oMg cRiTiCaL rEdOs

Adjacent problem: maybe I want a cooldown for external packages but none for mine? Although the whole topic is moot since devpi doesn't provide upload dates anyways.

our tools still have a LONG way to go, unfortunately. there is no “JUST do this best practice”.

https://github.com/devpi/devpi/issues/1061

Add `upload-time` support to links parsed from a JSON API · Issue #1061 · devpi/devpi

See #1023

GitHub
Show threadHynek SchlawackMar 26
look ma, so little duplication: https://github.com/hynek/argon2-cffi-bindings/pull/116
Use baipp for matrix by hynek · Pull Request #116 · hynek/argon2-cffi-bindings

Low-level Python CFFI Bindings for Argon2. Contribute to hynek/argon2-cffi-bindings development by creating an account on GitHub.

GitHub
Hynek SchlawackMar 26

Here’s my part in the great nogil/free-threading endeavor: build-and-inspect-python-package now will optionally add 3.14t and 3.15t to the generated matrix if a package indicates to support 3.14 or 3.15!

https://github.com/hynek/build-and-inspect-python-package/releases/tag/v2.16.0

Release v2.16.0 · hynek/build-and-inspect-python-package

Added New include-free-threaded input. When set to 'true', free-threaded Python siblings (for example, 3.14t) are included in the version outputs for Python 3.14 and later, inserted inline after e...

GitHub
Hynek SchlawackMar 26

wish there was a "fuck this guy and never allow them to report anything again” option

(c.f. https://blog.yossarian.net/2022/12/28/ReDoS-vulnerabilities-and-misaligned-incentives)

Hynek SchlawackMar 25

speaking of Sentry: y'all might want to add a "werkzeug!=3.1.7" pin if you run Werkzeug (maybe via Flask) in a cluster with weird hostnames:

https://github.com/pallets/werkzeug/issues/3141

3.1.7 version introduces a BC break in host validation · Issue #3141 · pallets/werkzeug

A feature to validate host http header no matter what introduces backwards compatibility break. The bug presents itself by regarding the host invalid (false-positive) A host like 069ef83c8f81497b8e...

GitHub