blog-2019-may-19.md
Warning: this blog is adhd af, all over the place, literally just goin' with my own brain flow here. All. over. the. place. Beware, like the broodwich. If you heard his delicious voice (minus sundried tomatos - those are mine!) in your head, read on.
"How to write a memory leak in Javascript?" was the first thought I had.
https://auth0.com/blog/four-types-of-leaks-in-your-javascript-code-and-how-to-get-rid-of-them/
High-level languages embed a piece of software called "garbage collector" whose job is to track memory allocation and use in order to find when a piece of allocated memory is not needed any longer in which case, it will automatically free it. This process is an approximation since the general problem of knowing whether some piece of memory is needed is undecidable (can't be solved by an algorithm).
https://en.wikipedia.org/wiki/Decidability_%28logic%29
https://en.wikipedia.org/wiki/Undecidable_problem
to identify a leak, use chrome memory usage tools
is this useful to ppl who wanna break a site?
https://blog.cystack.net/arbitrary-file-read-vulnerability-in-hackerrank/
Accept ../../../../../../../../../../etc/passwd{{
Recent hackerrank.com exploit. Dude didn't even get paid for it :(
From Amber Brown's amazing "Batteries included but theyre leaking"
https://pyfound.blogspot.com/2019/05/amber-brown-batteries-included-but.html
- typing works best with mypy
- the ssl module requires a monkeypatch to connect to non-ASCII domain names
- datetime needs pytz
- six is non-optional for writing code for Python 2 and 3
- http.client documentation advises readers to use Requests
- datetime module is confusing compared to its competitors such as arrow, dateutil, and moment
- asyncio
- attrs
- twisted
"what is mypy?"
mypy is a type-checker. If you write your code in static-type style, this will be very helpful. I will be working this into my flow.
"what is the ssl module in relation to connecting to non-ascii domain names?"
ssl module is obvious but seems cannot handle non-ascii. hmmm...
https://github.com/python-trio/trio/issues/11
"what is pytz and why does datetime need it?"
This led me down a crazy rabbit-hole on how time works in general. Why are there so many different ways to deal with time? This is crazy.
Here's something useful: https://stackoverflow.com/questions/35057968/get-system-local-timezone-in-python/35058476
from dateutil.tz import tzlocal
datetime.now(tzlocal())
"what is six and why is it non-optional for writing py2/3 code?"
I'm really not interested in python2 tbh...I got started so late into python that I'm just mainly sticking with 3 for now. Forward rather than backward and all that. If I get a real strong reason to dig back, I might, but for now...
never heard of arrow, never heard of moment, what can they do?
https://arrow.readthedocs.io/en/latest/
https://github.com/zachwill/moment
yet more ways to deal with time, great! -_-
barely heard of asyncio, what can it do?
https://docs.python.org/3/library/asyncio.html
If this is anything like GCD in objective-c on macOS/iOS, this is like, a cool way to write code in a multithreaded-kinda way.
https://docs.python.org/3/library/asyncio-task.html
import asyncio
import time
async def say_after(delay, what):
await asyncio.sleep(delay)
print(what)
async def main():
print(f"started at {time.strftime('%X')}")
await say_after(1, 'hello')
await say_after(2, 'world')
print(f"finished at {time.strftime('%X')}")
asyncio.run(main())
Expected output:
started at 17:13:52
hello
world
finished at 17:13:55
One thing unrelated that I notice is that you can write arbitrary code inside f-strings. This seems extremely vulnerable/bad in general. I need to write code to play with this.
not sure if heard of attrs, what can it do?
https://github.com/python-attrs/attrs
I'm a little bit triggered reading Amber Brown's name in the testimonials list. What's so hard about writing classes in python that requires an entire package to make it easier?
https://nedbatchelder.com/blog/200605/dunder.html
They're referencing those special methods like __init__, __repr__, etc. Normally you'd have to write those if you want them in there, but I guess attrs helps take care of that leg-work or something.
Might be worth checking out.
i used twisted long ago, where is it in python3 support?
https://twistedmatrix.com/trac/
They say "a subset of" and growing, but we will see next time I check it out...
The last episode of Game of Thrones is about to come on, I need to get ready with a walk to the corner store for snackage (which also counts as exercise), and post this thing, so I will call that a blog post. Take it easy!
Top comments (0)