Program design

Building Tools

Tool is not the flashiest or attention-grabbing type of software. A great tool, one that successfully automates or enhances a repetitive process, gives valuable time back to your colleagues, allowing them to spend less time clicking buttons and more time on thoughtful projects.

There is a type of software that gets overlooked in the IT space and in software development in general. This software, these programs are tools, little pieces of software that act as the glue in larger processes or as utilities which automate or otherwise make a process that someone needs to complete easier and more reliable. In many cases, they're highly customized part of one company's workflow or to a very specific operation that needs to be done in precisely the same way each time, and many of them allow less technical end users the ability to use procedures and techniques that they otherwise wouldn't be comfortable doing. Businesses pay human beings to do human things, to use our human minds to be creative and solve problems or to use our human hands to build and create, so anytime a human is doing something that can be automated, something repetitive, something that a robot or a program could do, it's a waste of potential. I've created dozens of tools to improve our workflows and to free up human time for things that humans needs to do.

General perspective

Programming language design

Focus on creating a programming language which is a tool for other programmers.

I've always been very focused on the sort of activity of programming itself

and not so much what happens with the program you write.

Library design

Great libraries often follow Unix philosophy: do one thing and do it well

Libraries provide a layer of reusable software which we compose into our programs.

API design

what is an API?

In a nutshell, an API (or Application Programming Interface) is the code that allows applications to talk to each other. But why would you need an API?

Let's say you want to build an app that will list all the off-leash dog parks within a 20-mile radius and give you directions on how to get there from your location.

Instead of collecting all that data and building all those features yourself from scratch, you can take a shortcut and utilize APIs.

How exactly would you do that, in this example?

Many cities provide APIs that list the locations and other information for their dog parks. Google Maps provides an API that will tell you how to get from where you are to any given location.

You can utilize those two existing APIs to build a new app that will do the following: Call the city’s API to retrieve the nearest off-leash dog parks, and Call Google’s API to retrieve the directions from your location.

Bada-bing, bada-boom. Your dog is chasing frisbees in no time.

Authentication and authorization

Intro to Authentication

So, what’s the difference between authentication and authorization?
And what's OAuth?
Getting started with authentication
Best practices

Already know what authentication is? Skip to Getting Started with Authentication.

Because the Eventbrite API provides entry points into the secure parts of the Eventbrite platform, the protection of the data is an integral part of the API and the system as a whole. Authentication and authorization work as a team to secure the Eventbrite API. So, what’s the difference between authentication and authorization?

Imagine you’re in line to see your favorite band in concert.

Authentication verifies your identity, just like the security guard checking your ID at the door to make sure it matches the name on your ticket.

OAuth does this by providing you with a public or private token. Every request to the Eventbrite platform must be authenticated; no unauthorized access is allowed. For more on OAuth, see the And what's OAuth? section.

Authorization verifies your privileges, just like the usher who scans your ticket and walks you to the section that you’re allowed to access, whether it's general admission, the front row, or a backstage to meet the band.

OAuth does this by generating a private token that's tied to an account or user. Each time you request something, you'll send this token to the server so that it knows whom the request came from and what that request is allowed to do.

Authorization privileges might include the data, files, and pages you can view, edit, download, or delete.

Once you have your token, you’ll use the same one every time you access the API. And what's OAuth?

OAuth 2 (Open Authorization) is a security technology used for token-based authorization on the Internet. An OAuth token can also be called a private token.

OAuth 2 replaced OAuth1 and is currently the most recent version of OAuth and the leading authorization solution on the Internet.

Python's perspective

Ruby's perspective

Perl's perspective

PHP's perspective

Everyone needs a framework. What everyone does not need a general purpose framework. Nobody has a general problem. Everyone has a very specific problem to solve. And a general purpose framework while it can solve it, it usually solves in a way that you get so many things that you don't need that ends up being done on every request. Usually what happens, when a company grows and starts with a general purpose framework, they start optimizing things by ripping stuff out and tear the framework apart to the point they could never upgrade. If there is a newer version of the framework, they modified the damned framework so much they are stuck on the version they are on and I think this is a huge problem.

I admire PHP and its ability of solving problems. It grows because, some times, some poor soul wants to create an online encyclopaedia, or some teacher needs an online teaching platform, or someone wants to write a blog. Those people do not want to learn to program, they want to solve problems.

LibreOffice's perspective

Vim diff

Bundling an internal diff library with Vim

This problem was well known and can still be found in the well known todo.txt file (:h todo.txt, search for diff). One problem why it wasn’t done earlier, was that there did not exist a good documented and simple to use C library that could be used by Vim.

So I started working on how to improve this situation and decided to go with the xdiff library which the git developers finally settled to use. They basically had the same problem when the git vcs system was developed by Linus Torvalds. Back in around 2006 they decided to ship git with the libxdiff library, which over time got heavily modified to fit better the needs of git.

The advantage of using the same library for Vim is that, for one, the library has been tested and proven to be working well over the last 12 years. In addition, is has been tweaked and several new diff algorithms have been added, like the patience diff algorithm and histogram diff algorithm and the indent-heuristics.


Instagram engineering

Doing the simple thing first as a survival tactic We were just the two of us, we didn't have the time to do the fanciest, most complete thing

From the product manager:

The goal is just to inspire creativity To help people create things that they want to share with others, and that they're happy with. And doing that in a really simple, elegant way is actually really hard.

About being challenged on technical matters:

Guys, you don't have a single customer or user yet.

Practicality favored over perfection:

If it solves a problem and gets us closer to launch, let's do it.

We're not refactoring or rewriting code just for its own sake. Software is like gardening on day. I'll go behind the shed and clean up. But if nobody ever goes there, does it matter a lot ?

Python 2 to Python 3 migration

What does this change mean for a company that heavly relies on a deprecated language ?

Many times, the Python 2 deployed in an organization still generates a lot of value.


For services that deliver value today, and will deliver even more value in the future, it may be worth rewriting.

For any services that still provide customer value, you should take a hard look at rewriting that service. This new service can be written using Go, Java, Kotlin, or Python 3 — whatever you like as long as it is not Python 2!

However, you can’t — and probably don’t want to — rewrite everything. There are legacy use cases that some customers still depend on, and there are other use cases you may not be ready to support before the Python 2 End of Life. In these cases, you have the option of migrating code to Python 3, or mitigating your risk by patching the code as vulnerabilities are discovered. Let’s consider migration first.

Back to top