blog.mmalecki.com

Mead, part one

This year, like almost every other, by the end of summer I found myself in possession of enormous amounts of various kinds of home-made honey of ridiculous quality. Previously I’ve been using the spoils for cooking and bartending, but this year I’ve decided to go all out and make my first mead out of it.

This is the first part of my sugar’s journey into becoming booze. My name is Maciej, and I’m here tell its (ridiculously unkempt and hastily written down) story.

Read more...

Lazy citrus cordial

This is a lazy variation of the Trash Tiki’s citrus stock. It doesn’t need any cooking, and produces a bitter-ish and sour syrup that will feel at home in any citrus-forward cocktail (pisco sour being amongst my favorites).

You can make it with any juiced citrus husks you have on hand, and the final flavor profile will depend on the fruit used. If you have access to bergamot oranges, they produce an amazingly florar result. Mandarins will yield something sweeter, while grapefruits will shift the balance towards bitterness. Lemon and limes will contribute the good old citrus sourness. Pick your poison!

Read more...

http-console2 0.9 - a friendly REPL-based HTTP API explorer

During the past few months I’ve been working on some projects that use OpenAPI to describe their HTTP interfaces. As such, I had the chance to play with the Swagger UI a lot. While I found it to be an amazing tool to experiment around with an API, one thing bugged me - I spend lots of my time in terminal, and Swagger UI is a browser app.

After some time of trying to find an existing tool, my mind turned to http-console2 - my fork of Alexis Sellier’s http-console. While it desperately needed a refactor, its interface seemed to be a prime candidate for extension with features that turn it into a full-fledged API explorer.

So, a couple of days later:

I am very pleased to announce a brand new http-console2, now supporting:

Nodejitsu security vulnerabilities

Recently, I was looking at some of Nodejitsu code, namely solenoid and forza since I was planning to use forza in my pet project. My attention was drawn to a particular piece of code which had to deal with user permissions. Soon I realized that I should be able to leave my process running on the VM even after my application was stopped and execute my child processes with the same rights as all of the instrumentation. While investigating this particular bug, I noticed that some of their sensitive configuration files were readable to world.

Read more...

Burnout

Wikipedia defines burnout:

Burnout is a psychological term that refers to long-term exhaustion and diminished interest in work.

Read more...

Using LD_PRELOAD

Recently I had a chance to play with LD_PRELOAD for a bit, due to our recent Huge Refactor (tm) at Nodejitsu. LD_PRELOAD environment variable is a way of loading a library before any other libraries are loaded.

Read more...

Hello, world!

This is your typical “Hello, world!” blog posts.

whoami

I am a node.js and C developer, a DevOps engineer by trade. I write code, I talk to servers. I work at Nodejitsu.

I’m going to blog about things I love working on: architecture, code, JavaScript and C. Maybe more. Most likely more.

Read more...