kenji yoshida xuwei-k

Practical Cryptographic Release Branch Validation

One of the problems I've been thinking about recently is how to get reasonable cryptographic validation of release sources and artifacts without destroying usability. There are several randomly-assorted problems here:

SHA-1 is relatively easy to collide, and thus signed Git commits and tags are insufficient
Maintaining an auditable and relatively tamper-proof list of trusted signatures is hard
"Strong crypto" is generally (and accurately) equated with "not human usable"

Things to Sign

Configuring SBT to use 1Password

Install swig-python
Use pip to install 1pass
Install py-levenshtein to avoid annoying warnings
Locate the nearest 1pass script (note: it may be behind you)
Test 1pass on a random password

Create ~/.sbt/0.13/plugins/build.sbt with the following contents:

This blog post series has moved here.

You might also be interested in the 2016 version.

パターンマッチいろいろ

2014/10/25 函数型なんたらの集い 2014 in Tokyo
@gakuzzzz
中村学
株式会社Tech to Value
Scalaから来ました

参加の経緯

Introduction

Machinist Issue #2 asks:

Is it correct, that this stuff is completely obsolete now due to value classes or are there still some use cases? An example of using value class for zero-cost implicit enrichment: [...]

The short answer is that Machinist is not obsolete: value classes existed before the Machinist macros were implemented, and they do not solve the

	https://github.com/playframework/playframework.com/blob/f8d7840e754ead829c7a6b6006e24b91c428faad/app/actors/DocumentationActor.scala#L135
	DocumentationSummary の translations に言語別最新バージョンが格納されてる。

	https://github.com/playframework/playframework.com/blob/f8d7840e754ead829c7a6b6006e24b91c428faad/app/actors/DocumentationActor.scala#L259-L261
	documentation.translations.mapValues(_.defaultVersion) が translations として渡されている。
	documentation は
	https://github.com/playframework/playframework.com/blob/f8d7840e754ead829c7a6b6006e24b91c428faad/app/actors/DocumentationActor.scala#L188
	var documentation: Documentation = null

	documentation は UpdateDocumentation メッセージで更新される

	module Moore where

	import Control.Comonad
	import Control.Applicative
	import Data.Monoid

	data Moore a b = Moore b (a -> Moore a b)

	pipe :: Moore a b -> Moore b c -> Moore a c
	pipe (Moore b k1) (Moore c k2) = Moore c step

	object tee {

	/**
	* Convert a `Tee` to a `Process1` by feeding the same input to both sides of the `Tee`.
	* Named after the 'diamond' shape this creates in the dataflow graph.
	*/
	def diamond[A,B](t: Tee[A,A,B]): Process1[A,B] = Process.suspend {
	// todo: there's a more complex impl that performs better when branches
	// have vastly different rates of processing
	val (hd, tl) = t.unemit

	<RaceCondition> can I use Scalaz to get exhaustion checks when matching on numeric values? Scala obviously doesn't do that
	<RaceCondition> ! 1.1 match { case x if 0.0 <= x && x < 0.5 => "bad"; case x if 0.5 <= x && x <= 1.0 => "good" }
	<dibblego> doubt it
	<multibot_> scala.MatchError: 1.1 (of class java.lang.Double)
	<multibot_> ... 38 elided
	<dibblego> use types though?
	<RaceCondition> wdym?
	<dibblego> use a type to note each range
	<dibblego> you want a floating-point between 0.0 and 1.0?
	<RaceCondition> wouldn't that just move the problem to a different stage?