13:58, 23rd December 2021
Animated Unicode Plots with Julia
Creating animated Unicode plots in Julia involves using the UnicodePlots.jl package to generate visualisations directly in the terminal, with a custom function written to sequence and display multiple frames sequentially. The process includes a helper function to reposition the cursor for overlapping output, followed by printing each frame with a specified delay, concluding with the final frame displayed without cursor movement adjustments. Thus, you can generate a series of line plots with varying parameters and animating them through a loop, highlighting the technical approach to achieving dynamic visual output in a terminal environment.
13:56, 23rd December 2021
Speeding up Julia precompilation
Creating a custom Julia version with precompiled packages using PackageCompiler.jl reduces startup time for data science projects by generating a sysimage file and configuring a Jupyter kernel, which involves installing the package, creating the sysimage and setting up the kernel to include specific libraries such as Plots.jl and Flux.jl. The process involves running commands to compile selected packages into a shared object file, which is then used to launch Julia with those packages preloaded, minimising repeated compilation delays during notebook sessions or interactive work.
10:34, 23rd December 2021
Makie.jl is a relatively new but rapidly growing data visualisation library for the Julia programming language, gaining a strong reputation within the Julia community for its versatility and active development. It operates through a system of interchangeable backends, namely CairoMakie for static plots, GLMakie for interactive and three-dimensional visualisations using OpenGL and WGLMakie for interactive web-based visualisations.
The library follows a structure built around three core objects, being the Figure, the Axis and the Plot, which can be created and modified individually to allow precise control over the appearance and layout of visualisations, including subplots, legends, axis labels and titles. Rather than relying on a grammar of graphics approach, Makie provides a set of ready-to-use plotting functions such as scatter, lines and density, with a syntax broadly comparable to that of Matplotlib in Python.
Plots can be saved in various formats, including PNG and SVG, the latter being a particular advantage of the CairoMakie backend. Beyond static visualisations, the library also supports animations and a wide range of further customisation options, with comprehensive documentation and dedicated coverage in the Julia Data Science book serving as useful learning references.
10:31, 23rd December 2021
The DataFramesMeta.jl package simplifies data manipulation in Julia by streamlining operations such as aggregation, column selection and transformation within the DataFrames.jl ecosystem. It introduces macros like @combine, @select and @transform to perform these tasks, with @select retaining only computed columns and @transform preserving original data alongside new ones.
By-row operations, indicated by the r prefix, automate broadcasting for element-wise computations, while the ! suffix enables in-place modifications to avoid duplicating large datasets. Examples demonstrate how to calculate aggregated values, apply mathematical transformations and efficiently manage data modifications, highlighting the package's utility in reducing complexity during data processing workflows.
11:45, 12th December 2021
Getting Started with Python in VS Code
Visual Studio Code's Python extension allows developers to write, run and debug Python code directly within the editor. Getting started requires installing Python 3, VS Code and the Python extension, after which users can set up a project-specific virtual environment to keep package dependencies isolated and avoid version conflicts.
A simple script can then be created, run via the built-in terminal or play button, and stepped through using the integrated debugger, which supports breakpoints, variable inspection and a debug console. Additional functionality can be added by installing third-party packages such as NumPy via pip or the package management interface, and dependencies can be tracked using a requirements.txt` file to ensure consistency across different environments. From this foundation, developers can extend their work into web frameworks such as Django, Flask and FastAPI, or explore further features including linting, formatting, testing and remote development.
17:07, 10th December 2021
Rob J Hyndman is a statistician and researcher whose blog, Hyndsight, covers topics spanning forecasting, time series analysis, anomaly detection, data science and statistical computing. His recent work includes updates to the forecast and fpp3 R packages, the development of Quarto templates for Monash University, and the addition of instructional videos to the third edition of his co-authored textbook, Forecasting: Principles and Practice. He has also explored methodological questions around forecast accuracy metrics, AIC calculations, prediction intervals and the Ljung-Box test, while writing a forthcoming textbook on anomaly detection. Beyond his own research, he has contributed to open data advocacy in Australia, organised forecasting workshops in cities including New York, Chicago and Canberra, and highlighted Python implementations of his statistical models and algorithms for those outside the R ecosystem.
10:07, 9th December 2021
The Invisible JavaScript Backdoor
Researchers have demonstrated how invisible and visually deceptive Unicode characters can be exploited to embed hidden backdoors in JavaScript code that are effectively undetectable during manual code reviews. By using a Unicode character known as HANGUL FILLER (U+3164), which is recognised by JavaScript as a valid identifier yet renders as completely invisible in most editors, an attacker can introduce additional variables and inject arbitrary operating system commands through what appears to be a routine network health check endpoint.
A separate but related technique, known as a homoglyph attack, involves substituting standard code characters with visually similar Unicode equivalents, such as replacing an exclamation mark with an ALVEOLAR CLICK character, which can silently alter the logic of conditional statements. Both approaches pose a particular risk in open-source projects, where contributions may come from anonymous or untrusted developers. Since non-ASCII characters are rarely necessary in most codebases, especially those using English as the primary development language, a practical defensive measure would be to disallow non-ASCII characters entirely, and some development tools have since introduced features to flag such characters when they are detected.
10:05, 9th December 2021
Trojan Codes
Researchers at the University of Cambridge have identified a class of security vulnerabilities, tracked as CVE-2021-42574, that exploit Unicode bidirectional control characters to manipulate how source code is visually presented to human reviewers without altering how compilers and interpreters process it. By embedding these control characters within comments and string literals, an adversary can make malicious logic appear harmless or invisible to anyone reading the code, while the underlying execution follows an entirely different path.
A related variant, tracked as CVE-2021-42694, achieves a similar effect through the use of homoglyphs, which are characters that appear visually identical or near-identical but are encoded differently, allowing an attacker to define subtly distinct functions that are difficult to distinguish by sight. Both attack patterns pose a particular risk within software supply chains, where compromised open-source code can propagate vulnerabilities into downstream projects. Recommended defences include compilers and interpreters raising errors for unterminated bidirectional control characters, formal language specifications prohibiting such characters in comments and string literals, and code editors surfacing these characters through visible warnings or symbols.
14:45, 30th November 2021
juliabloggers.com
This is Julia blog aggregator that is worth a look if you fancy seeing what is happening in the community. If you have a Julia-focussed blog, you can submit your own RSS feed. Being more of a generalist and not wanting to swamp others with irrelevant content, I am leaving my own efforts out of there.
14:44, 30th November 2021
Learn X in Y minutes is a community-driven reference resource offering quick introductory guides to a wide range of programming languages, frameworks, libraries, developer tools and computer science topics such as algorithms and data structures. The catalogue spans well-known languages including Python, JavaScript, Java, Rust and Ruby, alongside more niche or academic options such as APL, Coq, BQN and LOLCODE, with many guides available in multiple human languages including English, German, French, Portuguese, Chinese and others. Frameworks and libraries such as jQuery, OpenGL and PyQt are covered, as are practical tools including Git, Docker, Vim and Make.