I’m investigating the use of LetsEncrypt for gRPC services. I found this straightforward post by Scott Devoid and am going to try this approach. Before I can do that, I need to be able to publish services (make them Internet-accessible) and would like to try to continue to use GCP for free. Some time ago, I wrote about using the excellent Microk8s on GCP. Using an f1-micro, I’m hoping (!) to stay within the Compute Engine free tier.

The Go team is developing a Language Server Protocol [LSP] implementation) called gopls. Visual Studio Code (and others) support LSP. Other languages (e.g. Python have LSP implementations too). I’ve been using gopls for some time. It works (mostly) very well and replaces multiple, indepedent tools with two (gopls and delve). My Visual Studio Code settings that include gopls is: "go.autocompleteUnimportedPackages": true, "go.useLanguageServer": true, "[go]": { "editor.snippetSuggestions": "none", "editor.formatOnSave": true, "editor.codeActionsOnSave": { "source.

The goal of pypi-transparency is very similar to the underlying motivation for the Golang team’s Checksum Database (also built with Trillian). Even though, PyPi provides hashes of the content of packages it hosts, the developer must trust that PyPi’s data is consistent. One ambition with pypi-transparency is to provide a companion, tamperproof log of PyPi package files in order to provide a double-check of these hashes. It is important to understand what this does (and does not) provide.

Now that I’ve (p)retired from Google, I’m starting this blog and will no longer post stories to Medium. As I concluded my time at Google, I wrapped up work on a Trillian prototype. As it remains Google’s IP, I’m not permitted to discuss it here. I’ve begun work on another Trillian prototype for Python package transparency, informally pypi-transparency.