a Nix-based continuous build system, released under the terms of the GNU GPLv3 or (at your option) any later version. It continuously checks out sources of software projects from version management systems to build, test and release them. The build tasks are described using Nix expressions. This allows a Hydra build task to specify all the dependencies needed to build or test a project. It supports a number of operating systems, such as various GNU/Linux flavours, Mac OS X, and Windows.
“tees” all TCP traffic from one server to another. “widely used by companies in China”!
Useful for private-repo Nix usage
Good doc on how to perform key rotation in AWS
Nix supports building from git sha. excellent
A nasty real-world prod error scenario worsened by THPs:
jemalloc(3) extensively uses madvise(2) to notify the operating system that it’s done with a range of memory which it had previously malloc’ed. The page size on this machine is 2MB because transparent huge pages are in use. As such, a lot of the memory which is being marked with madvise(…, MADV_DONTNEED) is within substantially smaller ranges than 2MB. This means that the operating system never was able to evict pages which had ranges marked as MADV_DONTNEED because the entire page has to be unneeded to allow a page to be reused. Despite initially looking like a leak, the operating system itself was unable to free memory because of madvise(2) and transparent huge pages. This led to sustained memory pressure on the machine and redis-server eventually getting OOM killed.
critical flaw: gaining access to the MySQL db let the attacker manipulate account balances. oh dear
‘inspires kids to explore and learn about science, engineering, and technology—and have fun doing it. Every month, a new crate to help kids develop a tinkering mindset and creative problem solving skills.’ aimed at ages 9-14+