I was reading some git hints & tips and I realised that I really should be signing my commits since github supports signing using SSH keys. I previously haven’t been because GnuPG was just too hard (even though I use it with gopass); reusing my ssh keys seems like a good idea with github.

So, supply chain attacks are all the rage; and by all the rage I mean it’s a thing that’s happening, security people are concerned, and there’s been some thought leadership happening around it. People that know me know that I have a tangential interest in security; I couldn’t hold my own in a conversation about security with a professional but I am a dangerous amateur. If I’m lucky maybe the semi-finals of the local county schools’ championships (choose your elitist activity here, I would choose trash-talking). I’m not going to talk about why you should pin, but some of the practical consequences on pinning.

I recently purchased a framework laptop; the Framework 13 13th Gen Intel variant. I have no complaints about the hardware, and I’m loving the hardware switch for the webcam & microphone. I have yet to find any niggles with it (though I have only had it for ~1 week). This acts as documentation for my setup to dual boot Windows (on NVMe) and Ubuntu (on 1Tb expansion).

I forked a nodejs project a last year since I had a need to do some pretty charts with data from my Tesla Powerwall. It’s been working well enough, and I hacked around with it to get some additional info out and to make sure it could run in my homelab. Since it’s a fairly easy project to understand from a feature perspective it’s one that I’m using to experiment with other languages. I have a Go implementation and a Rust implementation in the works which might eventually get pushed.

In the midst of my move of all “code related” things into WSL2, I started using Visual Studio Code with the Java extension pack and this works well enough. However, I’m a long time IntelliJ user for Java (I was using their Rust preview but stopped because it’s not that much better than the equivalent vscode extensions). If you search for ‘IntelliJ WSL2’ through your preferred search engine, you’ll find the official documentation that says its supported and you can just point it at a project in \\wsl$\Ubuntu\home\user\project and it’ll be quite happy. I gave it a go, and that’s not my experience.