markjgsmith

home > archives > links > 2024 > 04 > 18

Linkblog

2024/04/18 #

  • OpenJS: "XZ Utils Cyberattack Likely Not an Isolated Incident" - The team at socket currently catch around 100 similar supply chain attacks per month. It's a really tough problem because you have to be on the one hand welcoming to new legitimate contributers while at the same time block malicious entities, and the communities are already pretty unwelcoming in my experience. There's a general feeling that the open source infrastructure is a bit behind the times. At some point we need to realise it's a common good, much like "clean water, roads and bridges, and healthy capital markets". If you look around the world in most places there are major issues funding all of these things. socket.dev #

  • The Many, Confusing File System APIs - Great bit of work and writeup by Scott Vandehey. I had an incling that this was a bit of a mess, but I had no idea it was so unbelievably bad. We really should prioritise to get this fixed, there's just no way web applications can ever compete if something so core as reading and writing files is a nightmare. We might as well all stop being web developers now. Is it any wonder that local first apps are having a hard time taking off? cloudfour.com #

  • Trip report: Node.js collaboration summit (2024 London) - Another great writeup, this time by Joyee Cheung. There are so many awesome things being investigated and worked on in nodejs. From web servers to cool new cli features, from package manager version management to scheduling and memory management, from nodejs release tooling to general governance, collaboration and information sharing. And ecmascript modules and interop, TC39 standards, there's so much going on. However I feel like all this swirling progress could do with a bit of direction, so it feels more cohesive, lest we end up with core parts that are a real mess. The various file system web APIs are an example of what could happen if the garden isn't pruned and refactored well. nodejs.org #

  • BTC ETF Fund Flow - Tracks the Bitcoin ETFs inflow / outflow to the Bitcoin blockchain. Nice looking graph with live data for each vendor's ETF. You can get a sense of the overall flow. It's weird that Greyscale looks totally different to others, apparently because their initial ETF cost was way higher than others so there's a lot of outflow as their customer move to other providers. btcetffundflow.com #

For enquiries about my consulting, development, training and writing services, aswell as sponsorship opportunities contact me directly via email. More details about me here.