Links for November 2023

Thu Nov 30 2023E.W.Ayers

1. My month in data

My life keeps coming back to this question

• At work I've been using Redux Queries to manage client state. The main complaint here is we end up with Browser Client → API → random microservice, and at each stage we end up having to maintain a massively redundant list of schemas, data models, request/response models. It's a little crazy that this is the industry standard. It seems to me that a much better way is to solve the difficult distributed data sync problem once in a general way, then sync the authorised subset of the database to the client, and the UI is just driven off a local copy of the db. Instead we have this boilerplaty patchwork of REST endpoints, with libraries like Redux trying to recover a local store from it.

• Geoffrey Litt -- SQLite in browser (video). Also essay. The software is called Riffle. He is part of a collective called Ink and Switch that looks amazing. This essay was a goldmine of links:

  • Automerge involves Kleppmann so it will be good.

  • A Future for SQL on the web

  • SQL.js is an in-memory SQL database.

  • absurd-sql implements a backend for SQL.js using the browser storage IndexedDB.

  • Ink & Switch is an interesting collection of projects

• Learning about React Concurrency:

  • Blog post announcing it,

  • they also have a discussion group on Github

    • Introducing React 18

    • Questions about specifics of Concurrent scheduling

    • Concurrent React for Library Maintainers

    • What is Tearing?. Tearing in graphics is when your frame-buffer is out of sync with your render. So eg if you are scrolling a page and the rendering step is too slow you can end up with a 'torn' frame where two parts of the screen are rendering different scroll positions. The above article abstracts the terminology to also mean React-renders where the VDOM is in an inconsistent state when a DOM-patch occurs.

  • Unfortunately there doesn't seem to be a definitive article explaining what React concurrency does, so I'm going to try to write about this.

• Battle of the multiplayer app sync frameworks:

  • Microsoft Fluid, used by Microsoft Loop

  • Reflect

  • Liveblocks

  • Automerge

  • Couchbase Mobile

• PRQL is yet another replacement language for SQL.

• LiteFS by fly.io is a distributed SQLite. Looks similar to litestream.

• dqlite is another distributed sqlite by Canonical.

2. other

• Modern Guide to OAuth2, is a good reference. I want to find a book which teaches auth protocols in the abstract at the same time as practically teaching OAuth2, OpenID Connect, active directory. Also teaching the cryptographic primitives: hash, public/private keys, trapdoors, signing, etc. It seems like there are a few abstract patterns that come up a lot; creating a secure channel, authentication of identity, allocating 'keys', allocating 'tickets' that authorise certain actions once. Often these kinds of tutorials will devolve into guides where they assume you understand the lingo (eg words like 'federated').