ericjmorey

joined 1 year ago
MODERATOR OF
cs_career_questions
machine_learning
sorted by: new top controversial old
Firefox Nightly for Android 130 and new navigation bar in c/firefox@lemmy.world
[–] ericjmorey@programming.dev 2 points 4 days ago

I agree with you entirely on this.

Zed (vscode alternative) on Linux is out! in c/foss@beehaw.org
[–] ericjmorey@programming.dev 2 points 5 days ago (1 children)

A couple of months ago I wrote up some instructions for someone that was trying to make the switch to neovim. They reported back that it was helpful.

Check it out:
https://lemmyverse.link/programming.dev/comment/9552694

Zed (vscode alternative) on Linux is out! in c/foss@beehaw.org
[–] ericjmorey@programming.dev 7 points 5 days ago* (last edited 5 days ago) (11 children)

I'm on the Neovim train and I'm not getting off at this junction.

But more high quality choices is a good thing.

4 Million People Affected by Debt Collector Data Theft Hack in c/pulse_of_truth@infosec.pub
[–] ericjmorey@programming.dev 2 points 6 days ago* (last edited 6 days ago)

I upvote this sort if thing for visibility, but I'd rather it not be a thing.

On Open Source and the Sustainability of the Commons in c/opensource@programming.dev
[–] ericjmorey@programming.dev 2 points 6 days ago* (last edited 6 days ago)

I think that many developers are poor at or unwilling to work on marketing efforts or creating independent business relationships, so getting hired by a company like RedHat, Microsoft, etc. to work on a project is the way they sell their services.

On Open Source and the Sustainability of the Commons in c/opensource@programming.dev
[–] ericjmorey@programming.dev 3 points 6 days ago (2 children)

The way to get money from libre software is to sell support services.

Python has too many package managers in c/python@programming.dev
[–] ericjmorey@programming.dev 12 points 1 week ago (1 children)

This article is an excellent update on the state of Python package management tools.

Python has too many package managers in c/python@programming.dev
[–] ericjmorey@programming.dev 2 points 1 week ago (2 children)

What did you end up using for your workflow?

Python has too many package managers in c/python@programming.dev
[–] ericjmorey@programming.dev 2 points 1 week ago

That means it's improving! I hope the pace of improvement can accelerate.

Python has too many package managers in c/python@programming.dev
[–] ericjmorey@programming.dev 1 points 1 week ago* (last edited 1 week ago)

I'm hoping uv is able to make itself to Python what Cargo is to rust.

Seems like Pixi is close but confined to the Conda ecosystem.

Signal under fire for storing encryption keys in plaintext in c/foss@beehaw.org
[–] ericjmorey@programming.dev 8 points 1 week ago (1 children)

How would that provide additional security in the particular circumstance of someone having access to the Signal encryption keys on someone's phone?

Signal under fire for storing encryption keys in plaintext in c/foss@beehaw.org
[–] ericjmorey@programming.dev 12 points 1 week ago

A secure enclave can already be accessed by the time someone can access the Signal encryption keys , so there's no extra security in putting the encryption keys in the secure enclave.

5
Rust has a HUGE supply chain security problem | Sylvain Kerkour | July 2, 2024 (kerkour.com)
 

cross-posted from: https://programming.dev/post/16349359

July 2, 2024

Sylvain Kerkour writes:

Rust adoption is stagnating not because it's missing some feature pushed by programming language theory enthusiasts, but because of a lack of focus on solving the practical problems that developers are facing every day.

... no company outside of AWS is making SDKs for Rust ... it has no official HTTP library.

As a result of Rust's lack of official packages, even its core infrastructure components need to import hundreds of third-party crates.

  • cargo imports over 400 crates.

  • crates.io has over 500 transitive dependencies.

...the offical libsignal (from the Signal messaging app) uses 500 third-party packages.

... what is really inside these packages. It has been found last month that among the 999 most popular packages on crates.io, the content of around 20% of these doesn't even match the content of their Git repository.

...how I would do it (there may be better ways):

A stdx (for std eXtended) under the rust-lang organization containing the most-needed packages. ... to make it secure: all packages in stdx can only import packages from std or stdx. No third-party imports. No supply-chain risks.

[stdx packages to include, among others]:

gzip, hex, http, json, net, rand

Read Rust has a HUGE supply chain security problem

Submitter's note:

I find the author's writing style immature, sensationalist, and tiresome, but they raise a number of what appear to be solid points, some of which are highlighted above.

18
Rust has a HUGE supply chain security problem | Sylvain Kerkour | July 2, 2024 (kerkour.com)
 

July 2, 2024

Sylvain Kerkour writes:

Rust adoption is stagnating not because it's missing some feature pushed by programming language theory enthusiasts, but because of a lack of focus on solving the practical problems that developers are facing every day.

... no company outside of AWS is making SDKs for Rust ... it has no official HTTP library.

As a result of Rust's lack of official packages, even its core infrastructure components need to import hundreds of third-party crates.

  • cargo imports over 400 crates.

  • crates.io has over 500 transitive dependencies.

...the offical libsignal (from the Signal messaging app) uses 500 third-party packages.

... what is really inside these packages. It has been found last month that among the 999 most popular packages on crates.io, the content of around 20% of these doesn't even match the content of their Git repository.

...how I would do it (there may be better ways):

A stdx (for std eXtended) under the rust-lang organization containing the most-needed packages. ... to make it secure: all packages in stdx can only import packages from std or stdx. No third-party imports. No supply-chain risks.

[stdx packages to include, among others]:

gzip, hex, http, json, net, rand

Read Rust has a HUGE supply chain security problem

Submitter's note:

I find the author's writing style immature, sensationalist, and tiresome, but they raise a number of what appear to be solid points, some of which are highlighted above.

16
Beating NumPy's matrix multiplication in 150 lines of C code | Aman Salykov | Jul 1, 2024 (salykova.github.io)
 

Jul 1, 2024

Aman Salykov writes:

This blog post is the result of my attempt to implement high-performance matrix multiplication on CPU while keeping the code simple, portable and scalable. The implementation follows the BLIS design, works for arbitrary matrix sizes, and, when fine-tuned for an AMD Ryzen 7700 (8 cores), outperforms NumPy (=OpenBLAS), achieving over 1 TFLOPS of peak performance across a wide range of matrix sizes.

By efficiently parallelizing the code with just 3 lines of OpenMP directives, it’s both scalable and easy to understand. The implementation hasn’t been tested on other CPUs, so I would appreciate feedback on its performance on your hardware. Although the code is portable and targets Intel Core and AMD Zen CPUs with FMA3 and AVX instructions (i.e., all modern Intel Core and AMD Zen CPUs), please don’t expect peak performance without fine-tuning the hyperparameters, such as the number of threads, kernel, and block sizes, unless you are running it on a Ryzen 7700(X). Additionally, on some Intel CPUs, the OpenBLAS implementation might be notably faster due to AVX-512 instructions, which were intentionally omitted here to support a broader range of processors. Throughout this tutorial, we’ll implement matrix multiplication from scratch, learning how to optimize and parallelize C code using matrix multiplication as an example.

Read Beating NumPy's matrix multiplication in 150 lines of C code

31
An Experienced (Neo)Vimmer's Workflow (seniormars.com)
1
Meta (Facebook) is sharing new research, models, and datasets from Meta FAIR (ai.meta.com)
submitted 3 weeks ago* (last edited 3 weeks ago) by ericjmorey@programming.dev to c/machine_learning@programming.dev
0 comments fedilink
1
Let's reproduce GPT-2 (124M) | Andrej Karpathy | Jun 9, 2024 (www.youtube.com)
 

Video description:

We reproduce the GPT-2 (124M) from scratch.

This video covers the whole process:

First we build the GPT-2 network, then we optimize its training to be really fast, then we set up the training run following the GPT-2 and GPT-3 paper and their hyperparameters, then we hit run, and come back the next morning to see our results, and enjoy some amusing model generations.

Keep in mind that in some places this video builds on the knowledge from earlier videos in the Zero to Hero Playlist (see my channel). You could also see this video as building my nanoGPT repo, which by the end is about 90% similar.

2
A Powerful Way To Make Editing Code In Neovim Even Better (Treesitter & Text Objects) | Josean Martinez | October 4, 2023 (www.josean.com)
1
A nice video demonstration of Flash.nvim | Navigate your code with search labels, enhanced character motions and Treesitter integration (youtu.be)
submitted 1 month ago* (last edited 1 month ago) by ericjmorey@programming.dev to c/neovim@programming.dev
0 comments fedilink
 

The presenter compares some of the functionality to Leap.nvim

1
Setting up Python on Windows (dev.to)
1
Python Big O: the time complexities of different data structures in Python (www.pythonmorsels.com)
 

Trey Hunner writes:

This article is primarily meant to act as a Python time complexity cheat sheet for those who already understand what time complexity is and how the time complexity of an operation might affect your code. For a more thorough explanation of time complexity see Ned Batchelder's article/talk on this subject.

Read Python Big O: the time complexities of different data structures in Python

1
Cmdline - Neovim docs | Command-line window | In the command-line window the command line can be edited just like editing text in any window. (neovim.io)
 

In the command-line window the command line can be edited just like editing text in any window. It is a special kind of window, because you cannot leave it in a normal way.

There are two ways to open the command-line window:

  1. From Command-line mode, use the key specified with the 'cedit' option (default CTRL-F).

  2. From Normal mode, use the "q:", "q/" or "q?" command.

  • This starts editing an Ex command-line ("q:") or search string ("q/" or "q?"). Note that this is not possible while recording is in progress (the "q" stops recording then).

When the window opens it is filled with the command-line history. The last line contains the command as typed so far. The left column will show a character that indicates the type of command-line being edited

1
A Few Useful Things to Know About Machine Learning | Tapping into the "folk knowledge" needed to advance machine learning | Pedro Domingos | Communications of the ACM | vol. 55 no. 10 | October 2012 (cacm.acm.org)
 

Pedro Domingos summarizes 12 key lessons that machine learning researchers and practitioners have learned. These include pitfalls to avoid, important issues to focus on, and answers to common questions.

view more: next ›