Find the largest unstaged files in Git

I was recently adding a bunch of files to a new Git repo, but I couldn't be sure if I was about to commit a 100MB file. The following bash command should print out a sorted list of unstaged files and their size, so you can check if you are…

Automated GitHub releases for Rust projects using Actions

I've been using GitHub Actions more and more across the projects I maintain. It's a great offering and integrates well into GitHub. There are a few Rust projects I have where I wanted to automate the publishing of prebuilt binaries to the GitHub releases page. I've seen others do it…

Node.js memory flamegraphs

If you read my blog or follow me on Twitter you may have noticed I'm a huge fan of flamegraphs. I've previously written about how I use them to profile PHP and Node.js applications, and I help maintain rbspy, a Rust profiler for Ruby, which outputs flamegraphs. Most of…

Avoiding double builds in GitHub Actions

I was recently setting up some CI on GitHub Actions and ran across double builds for pull requests. The official documentation is still a bit lacking and it's a problem because it burns 2x the credits. In the end, I made this diff: -on: [push, pull_request] +on: + pull_request:…

If you are still using PHP 5.6 or 7.0, you need to upgrade

Last October I made Upgrade your PHP, a site to let people know that PHP 5.6 and PHP 7.0 were about to reach their End of Life, and would no longer be officially supported. In the time since, I've been helping people upgrade their servers to recent, supported…

Suggested settings for Cloudflare

I always recommend to my clients that they use a CDN on their website. These are my recommendations for people using the Cloudflare Free plan, along with some warnings to watch out for. DNSStatus: Orange Cloud - this will ensure the requests go through Cloudflare.CryptoSSL: Full (Strict) - if…

DigitalOcean Spaces doesn't support HTTP/2

Earlier today I was looking at a couple of sites to see why they were much slower than I expected. I ran them through GTmetrix and saw the following in the waterfall tab. Straightaway I could see that this is the classic pattern produced by trying to load a bunch…

Flamegraphs for Ruby 2.6

I recently added support for Ruby 2.5.4, 2.5.5 and 2.6.0-2.6.3 to rbspy, the sampling profiler written in Rust. I have replaced the original Flamegraph library by Brendan Gregg with Inferno, a Rust port. I also updated and merged a PR for handling…

Linode corrupted our server and how I got it back up

A few days ago, the server running Nomad List and Remote OK randomly went down. This is the timeline of what happened and how I fixed it. All times are in ┬áKorean Standard Time. 21:05Pieter starts messaging me on Telegram and I receive notifications from our uptime service. All…

Generating response time histograms for PHP

Whilst debugging an issue related to response times on Nomad List and Remote OK, I started to think about what kind of data we have available to analyse. We keep access logs for all requests coming through the PHP-FPM engine. I briefly wrote about how I use these to find…

Fuzzing Rust

I spent some time fuzzing various Rust fuzzing tools against Rust libraries. This table is a list of all the issues I found and links to my bug report. Date Project Description Link 2017-03-13 ntp Fix panic caused by a malformed input PR 2017-03-23 npy-rs Fix panic caused by trying…

Server monitoring

This post is about how we monitor Nomad List, Remote OK and others. Over the years, Pieter and I have built up a set of tools to run and inform us when the sites may be experiencing an issue. Cron DashboardWe use cron jobs for almost every task, from updating…

How to fuzz a Rust program

Manish Goregaokar wrote a brilliant blog post about cargo-fuzz and its use in fuzzing Rust programs. Since that post, I have pushed code to update the default fuzz target template and to make the whole fuzzing experience even nicer. I also cloned a load of open-source projects and ran cargo-fuzz…

Passive network topology scanning

Back in April 2017 I was assigned a networking coursework for my Computer Science degree. It required us to choose a topic in computer networking that interested us and conduct a research experiment. You can read the original report here.…

How to profile your PHP apps

Part of my job at Nomad List, Remote OK et al. is to keep the sites fast and responsive, even from an influx of traffic to Pieter's latest app. Launches are usually kept controlled by exporting the pages to static HTML files and serving using Nginx. However, in the best…