Why Try Codespaces?
Why I've been trialling GitHub Codespaces as a more secure alternative to local development. I never expected to be pushing changes from my phone!
Paul Brabban, Lead Consultant at Equal Experts
With experience in software development, data engineering and machine learning, I specialise in data-intensive problems and decentralised data engineering at scale. My experience extends to leading teams, technical architecture and product development. Find out more about my experience and publications in my portfolio.
Contact me to see how I can help at paul@tempered.works.
Why I've been trialling GitHub Codespaces as a more secure alternative to local development. I never expected to be pushing changes from my phone!
mkdocs-material-insiders
is the version of mkdocs-material
with extra sponsor-only features. I wanted to use some of those features, but I didn't like the risk of GitHub classic personal access tokens. I'll describe how fine-grained access tokens, currently in beta, mitigate the risk and how I set up to use them for local development and in CI. The solution works, because that's how I wrote and published this post!
When I wrote about dangerous advice about installing Python packages last week, I was curious about the dangers of setup.py
. How is it exploited? What is the Python community doing to prevent this abuse? What would happen if setup.py
were neutralised?
I started with a custom Gatsby site, then switched to Hugo (which I didn't write about). Last weekend, I switched again to mkdocs. Am I addicted to fiddling and changing stuff? Well, maybe... but each of those changes happened because of problems or concerns I had. I hope that mkdocs and mkdocs-material will be my home for a while. Pull up a seat and let's take a look at how and why I ended up here.
Are we experts teaching safe computing? Or are we empowering the less-experienced without informing about the risks and responsibilities? I suspected the latter but had no evidence to back it up. I've tried to run a quick experiment as impartially as I can to see what the evidence suggests.
Part of an exploration of supply chain security.
I wrote about why I'd automated my laptop build last week. This post concludes this short series, introducing a walkthrough video and answering some questions about the choices I've made and how I've improved reliability and sustainability.
I've invested a fair bit of time over the last few years incrementally automating my laptop build. Now, I've got to a point where I can reliably wipe, rebuild, and pick up working where I left off in under thirty minutes. This post explains why I've invested that time.
As part of my work on the PyPI downloads dataset, I needed a way of matching package versions to vulnerability report ranges. I didn't find a solution I trusted, so I implemented a solution from spec with decent test coverage and CI/CD automation in user defined functions (UDFs). This post covers a novel approach to incorporate UDFs into the dbt ecosystem that is working really well for me - treating UDFs as dbt models with custom materialization.
Last time, I said:
[BigQuery] doesn't offer a "don't bankrupt me without asking first" setting.
After further work, I find that's not true! This setting is available in the UI, just a bit tricky to find. More importantly, there's another set of controls elsewhere that you need to know about if you want to use BigQuery safely.
Given a historical view of the Safety DB, I need to get a historical view of PyPI downloads. The source dataset contains 274TB at time of writing, and grows every day - one naive query against that table could cost $1,370. A query over a single day can scan hundreds of GB, so I need to do some work to make it usable.