What's it all about, Alfie?

Nothing major, but I did notice that 14.4 was the stable release of Postgres, and so I decided it was time to upgrade to the latest from Homebrew. And it really is very easy (again):

  $ brew upgrade postgresql

and then after all the downloading and installing, we have:

  $ psql --version
  psql (PostgreSQL) 14.4

Then we are good to go! 🙂

Interestingly, this time I didn't have to run:

  $ brew services restart postgresql

for when I did, it told me it was already running. Nice - it restarted on it's own. 🙂

This morning I decided to see if I could get the AdoptOpenJDK 11, now called Temurin 11, going on my M1Max MacBook Pro. In the past, they have had the AdoptOpenJDK 11 on Homebrew, but it was Intel, and I didn't want to bring in Rosetta 2 for any Clojure work, so I was willing to wait. I read on Twitter from the Eclipse Foundation that they had placed Java 11 and 8 for Apple Silicon on Homebrew, so why not?

It turns out, it's not bad at all:

  $ brew tap homebrew/cask-versions
  $ brea install --cask temurin11

and it's ready to go. Then I can use my setjdk function to switch between JDK 11 and 17 on my laptop, which is nice when there are some issues I've had to deal with in the past. Don't know when I'll need this again.

Sadly, the architecture for JDK 8 is still Intel:

  $ brew info temurin8
  temurin8: 8,332,09
  https://adoptium.net/
  Not installed
  From: https://github.com/Homebrew/homebrew-cask-versions/blob/HEAD/Casks/temurin8.rb
  ==> Name
  Eclipse Temurin 8
  ==> Description
  JDK from the Eclipse Foundation (Adoptium)
  ==> Artifacts
  OpenJDK8U-jdk_x64_mac_hotspot_8u332b09.pkg (Pkg)

that last line is the kicker: x64... so it goes. Still... I have JDK 11 for Apple Silicon now, that's good. 🙂

This morning I was looking into the Ubuntu 20.04 to 22.04 LTS upgrades, and decided that it was probably a good time to see about the latest version of Postgresql for my laptop. Thankfully, it's a minor version upgrade from 14.0 to 14.2, and this is something that Homebrew can do quite nicely:

  $ brew upgrade postgresql
  $ brew services restart postgresql

and then after all the downloading and installing, we have:

  $ psql --version
  psql (PostgreSQL) 14.2

Then we are good to go! 🙂

I haven't had a need to use the local Postgres server a lot in the last year or so - using a Google Cloud instance for a while, but it's nice to have all the client support, and to have something local as that's still the best insurance to off-the-grid development.

Over the weekend, I had a problem with a project at work that was using PostGraphile and I was having an issue with the Postgres URL that I was feeding to the configuration of PostGraphile:

    postgraphile(
      process.env.PLATTER_POSTGRES_URL,
      'public',
      {
        watchPg: false,
        graphiql: true,
        enhanceGraphiql: true,
        graphqlRoute: '/graphql/v2',
        graphiqlRoute: '/graphiql/v2',
        eventStreamRoute: '/graphql/v2/stream',
        appendPlugins: [
          require('@graphile-contrib/pg-simplify-inflector'),
          require('postgraphile/plugins').TagsFilePlugin,
        ]
      }
    )

The process.env.PLATTER_POSTGRES_URL was generated by a call to the Platter service, and it turned out to be cached, and stale, and as the source is Let's Encrypt, it needs to be updated monthly. The cache had been running for more than a month, and that left an old, expired, certificate for the site, in memory.

It was easy enough to have them restart the cache, getting to that point... well... 🙂 that was a little more involved. The first issue was that with PostGraphile, used as a Library, had the feature that if it could not generate the initial schema for the GraphQL engine, it would exit the process, and effectively crash the service.

I wanted to protect the service, so the first order of business was to update the way I was using PostGraphile to allow me to capture the failure, and just disable the GraphQL engine until we could get this problem figured out. Thankfully, that was as easy as adding a function to the retryOnInitFail option:

    postgraphile(
      process.env.PLATTER_POSTGRES_URL,
      'public',
      {
        watchPg: false,
        graphiql: true,
        enhanceGraphiql: true,
        graphqlRoute: '/graphql/v2',
        graphiqlRoute: '/graphiql/v2',
        eventStreamRoute: '/graphql/v2/stream',
        appendPlugins: [
          require('@graphile-contrib/pg-simplify-inflector'),
          require('postgraphile/plugins').TagsFilePlugin,
        ],
        retryOnInitFail: (err, att) => {
          log.error(`[PostGraphQL] Error on initialization: '${err}' with ${att}
                     attempts. Bailing out on PostGraphQL.`)
          return false
        }
      }
    )

At this point, we had time to figure out what the issue was. I was going to dig into the PostGraphile code, and Alex, at Platter, was going to look at it from his end. Which brings me to the point... the PostGraphile TypeScript code is very nice. Yes, there are a lot of packages/modules, and the organization is clean, but I'd have done it the same way - easy separation of responsibilities. The code is exceptionally clean... well considered and implemented. The more I dug into it, the more impressed I was with it as a project.

I thought it might be an issue with their code - an asset they are loading that has an expired certificate, so I filed that on GitHub, and had a wonderful exchange with the maintainer of the project. As I dug in more, and worked to repeat the issue on a much more limited basis, the back and forth with the maintainer was very helpful... just exactly what you'd hope to encounter - but often don't.

It was the most unexpected, wonderful, experience I'd had in months. It renewed my faith in Open Source again. 🙂

It's been a wild couple of weeks for the log4j team... I mean, the problem with a logger is that you don't really want to limit it, and adding the url handlers probably seemed like a great idea at the time, but once they started to be used, it was understandably hard to drop support for them. And then the exploit hit.

It's just one of those nearly universal components of JVM systems that is being supported by volunteers, and trying to thread the needle between keeping as much of the functionality as they can... while restricting the vulnerability to something that can't be exploited. It's clearly not easy, as they've had at least three releases of the 2.x codebase to try and correct the vulnerability, and each time, there seems to be more there is to do.

This is certainly going to shift how some open source teams function... it's great to be the author, or maintainer of something as used as log4j, but to have this kind of attention... well... I'm sure it's not what they were hoping for this Christmas. 🙂

I knew it was coming... they warned me with macOS 11 Big Sur... but it was still a bit of a surprise this morning to reconfigure Apache 2 to use userdir, which macOS Monterey doesn't enable by default, and undoes if you have it already configured. That's OK, it's not a huge deal to turn it back on, but the big news was the complete loss of PHP.

I haven't used it in many years, but it was the one tool that shipped with macOS that I could talk to Postgres, and script, but hey... things change, and they did warn me. 🙂

I guess it would be nice to have something like Node automatically handled, but then that would likkely clash with the Node devs and the nodenv installs, etc. So I'll live with Apache 2, and the userdir, and then just serve up static content on port 80, and leave the other stuff for the development environments.

I did a little digging over the past few days to see what's new in the latest release of Blink (v14.0.2) - the terminal/shell for iOS and iPadOS. It's a nice tool - has even more features than I initially thought. It's really a nice subset of a Unix shell without needing to connect to any other hosts. But that's not really the point of this dig... I was hoping that they had implemented SSH Agent Forwarding in mosh connections so that I'd be able to use git on the remote machines. If you don't forward the SSH key, then you have to have them on the remote hosts, and ssh-add them there. That's not ideal for me, as it opens up the location of the key to a somewhat untrusted host.

I read the release notes and it seems they have re-written the SSH Agent component, and yet they didn't get very specific about the Mosh improvements, so I did a little more digging on the mosh-client code itself, and it seems that there's a bit of a disagreement about including Agent Forwarding in mosh due to security reasons. The conveneince of using git and SSH keys for git operations means that most folks want to have the key forwarding. And you can do it in simple ssh connections.

But for mosh, eventhough it's built on ssh, it seems they don't want to add it. Odd. But hey... it's their code, it's their choice, and that's why I have the workflow where I do the commits on my iPad, and use Blink with mosh just to run the code. It would be nice to have SSH Agent Forwarding, but the durability of mosh trumps the need for agent forwarding... so I'll just stick to what I have now.

But it sure would be nice... maybe they'll figure it out.

This morning I was looking to visualize some time-series data from a Plaid Asset Report, in preparation for some work at The Shop, and I thought that it would be a perfect opportunity to use the xkcd Chart package. I like the way it's clearly trying to be a little less serious, and it seems like just the thing to try out for this visualization.

The data from the endpoint I created is returned as a sequence of tuples:

{
  accounts: {
    'Checking': [
      [ '2021-09-05', 115.4 ],
      [ '2021-09-06', 115.4 ],
      [ '2021-09-07', 110 ],
      [ '2021-09-08', 110 ],
      [ '2021-09-09', 110 ],
      [ '2021-09-10', 110 ],
      [ '2021-09-11', 110 ],
      [ '2021-09-12', 110 ],
    ],
    ...
  }
}

these are really the closing balances for each date for the account, and I just wanted to be able to visualize them so that any calculations can be validated by looking at the data.

The graph turned out pretty well:

This is just exactly what I'd hoped for. 🙂

In the last few months there seems to have been a lot of changes in the IRC world. Freenode had what has been called a hostile takeover by some, and a good number of high-profile projects left that network and went to Libera, which was started by some ex-Freenode folks. All this was probably a lot more traumatic for those immediately involved, and I feel for them. It also meant that for the IRC channels and projects I do follow, it meant that many went dark for a bit.

It happens. We adapt.

When the projects popped up on Libera, I was able to get on there, and see that they were as popular and active as ever. Sure, it's a little more diffuse than before because some didn't move, but my IRC Client on macOS - Textual, allows for multiple server connections, so that I can have Freenode and Libera connected, and the side-bar has all the channels - some on Freenode, some on Libera, and it works just fine.

I never expected that it had multiple server connections - I just never needed them... until I did. And when I did, I was so very glad that it handled it as nicely as it did.

In the end, to me, it looks very much like nothing changed, but I know quite a lot did.

I was reading IRC this morning, and saw that someone was asking about pattern matching in Clojure, and there were two suggestions: core.match and fnl-match. The first seems to do a pretty nice job, and it's got a lot of examples of the different kind of sources, and patterns. In all, it's an excellent example of a really super-charged case statement.

The second is written by technomancy - the author of Leiningen, a really good build, version, project tool for Clojure, so I was very interested in that as well. It looks like there is a lot of overlap in the design and capabilities, and that's nice - and it also means that there are options if I ever really need to use this.

The examples for core.match really make it clear how useful this is, and how much effort went into making the code efficient. That's where I'll likely start, as soon as I need something.