科技前沿
How to align columnar output in the terminal
In bioinformatics we are handling a lot of tabular data. Be it VCF files, tabular Blast output, or just creating a CSV or TSV samplesheet. Actually, one of my favorite tabular formats is by using SeqKit to convert Fasta or FastQ files to tabular format, as this allows to do various filtering operations by row , using standard unix tools if so wished. Scrolling through this type of data in the terminal can be messy to say the least though. Although CSVs can of course be imported into a spreadsheet software for viewing, it would be very powerful to be able to view them comfortably right from the terminal, isn't it? To take one example that fits within the code window of a blog post, let's take a selected set of columns from the CSV output from the Mykrobe tool. And to make it emulate another common problem with many csv formats, let's also use tr to convert the _ :s in the headers into real spaces (Mykrobe does not do this, but many other tools do): $ cat SOME_SAMPLE.csv | cut -d , -f 2,3,10,14,15,17,18 | tr '_' ' ' > selection.csv $ cat selection.csv "drug" , "susceptibility" , "kmer size" , "phylo group per covg" , "species per covg" , "phylo group depth" , "species depth" "Amikacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Capreomycin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ciprofloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Delamanid" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ethambutol" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ethionamide" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Isoniazid" , "R" , "21" , "99.672" , "98.428" , "372" , "347" "Kanamycin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Levofloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Linezolid" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Moxifloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ofloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Pyrazinamide" , "S" , "21" , "99.672"
AI 资讯
Most AI dev tools assume you have a repo. Ops engineers have a broken node and a 3am page.
Most AI coding tools assume you're sitting in front of a repo. There's a working directory, some source files, tests, maybe a CI pipeline. The AI reads your code, suggests changes, ru****ns tests. Great model — if you're a developer writing code on a Tuesday afternoon. Now picture the other scenario. It's 2am. PagerDuty fires. You SSH into a box you haven't touched in three months. Something is broken, you're not sure what, and the runbook was last updated by someone who left the company in 2022. You're not thinking about repos. You're thinking: what OS is this thing running? What just failed? Is it safe to restart that service or will I make it worse? These are two fundamentally different workflows. But almost every AI terminal tool I've seen is built for the first one. The 30 minutes nobody builds for There's a ton of tooling for the world before you log into the box: Prometheus, Grafana, PagerDuty, incident.io, runbooks, dashboards. All useful. No complaints. But there's this practical 30-minute window after you SSH in where you're basically doing archaeology with journalctl and grep. You check systemd. You look at disk. You read logs that were clearly written by someone who hated future-you. You copy-paste terminal output into Slack so your teammate can squint at it from a different timezone. This is where I think AI could actually help. Not by replacing Grafana. Not by building another dashboard. Just by being present in the shell while you're debugging. Please, for the love of uptime, don't replace my shell I've seen a few AI terminal projects that basically build an entire new terminal experience from scratch. New keybindings, new UI, new everything. Here's the thing: ops people have muscle memory. We have aliases we wrote in 2019 and forgot about. We have tmux configs we'd defend with our lives. We SSH through jump hosts with key forwarding chains that barely work but have worked for years so nobody touches them. If your AI tool requires me to abandon all of
AI 资讯
I stopped trusting curl | sh — so I built a tool that reads the script first
Every developer has done it. You hit a README, you see the install command: curl -fsSL https://example.com/install.sh | sh And you run it. Maybe you skim the script first. Maybe you don't. But you run it. I've been doing this for years. And each time, a small voice in the back of my head says: you have no idea what that script actually does. You just piped a stranger's code straight into your shell. Eventually I got tired of ignoring that voice. What the pattern actually is curl | sh is not a bad pattern — it's a fast, convenient pattern with a real trust gap. The script runs with your permissions, in your shell, right now. It can: Install something with sudo Delete files with rm -rf Write to your disk with dd Access your SSH keys or .env files Set up a cron job or a systemd service that runs again next reboot Decode and run a payload with base64 | eval Most install scripts do none of these things maliciously. But many do several of them legitimately — and you wouldn't know which ones until something went wrong. --- ## What I built instead I'm a solo founder based in Ouagadougou, Burkina Faso. I build with heavy AI pairing — I'm not a trained engineer, I work with Claude, review the output, and ship. This tool ( peek ) was AI-paired and reviewed by me before release. peek is a ~130-line POSIX shell script that sits in front of the pattern: # Instead of: curl -fsSL https://example.com/install.sh | sh # Do: peek https://example.com/install.sh Before anything runs, peek: Fetches the script Scans it for risky patterns Prints a risk score and the exact dangerous lines Asks you to confirm — and refuses to auto-run a HIGH-RISK script unless you type RUN You can also pipe into it, or run it in analysis-only mode: curl -fsSL https://example.com/install.sh | peek # analyze from a pipe peek --print ./downloaded.sh # never runs, analysis only What it flags (and what it doesn't) The patterns peek checks: Root escalation — sudo , running as root Destructive file ops — rm -rf , fi
AI 资讯
I built a Brave debloater that refuses to brick your browser
(yes, its open source. link at the bottom, if u want to skip ahead!) Most "debloat scripts" are a pile of registry edits you run as admin and pray. No preview, no undo, and half of them happily disable Safe Browsing or updates for "performance." For your browser, the most security-sensitive app you run, that's reckless. So I built BraveDebloater with one rule: never make Brave less safe. It clears out the noise like Rewards, Wallet, VPN nags, Leo AI prompts, News, and telemetry such as P3A, Web Discovery, and Chromium metrics. But it flat-out refuses to disable Shields, weaken Safe Browsing, turn off updates, or touch your hosts file. That isn't a README promise. It's enforced in the tool itself. A few things that make it trustworthy: Dry-run by default. Nothing changes until you explicitly apply. Official Brave/Chromium enterprise policies, so every change is visible and auditable in brave://policy instead of hidden. Automatic backups before any change, written safely so you never end up with a corrupted file. Validated restore that checks the backup before writing anything and only touches Brave's own policy and profile files. Doctor mode, a read-only health check of your current policy state with no writes. It's MIT-licensed, PowerShell 5.1 compatible, and has a few beginner-friendly issues open. If you care about privacy or Windows tooling, I'd love a star and a PR. Check it out at: https://github.com/osfv/BraveDebloater