Press "Enter" to skip to content

Category: Technology

Jupyter Notebooks, GitHub, & Secrets

This week I needed to do some analysis of JIRA tickets that goes beyond the reporting JIRA provides — not entirely an uncommon task. My usual quickie toolkit for that purpose involves Jupyter notebooks, which I prefer over downloading CSVs and playing with spreadsheets because I can automate the notebooks given a JIRA API key.

In this case, though, I really want one of my PMs to be able to run these reports, and I don’t want to get into the whole “OK then type this at the command line” thing. The post title kind of gives this away, but after some thought I realized, hey, just check the notebook into the company’s GitHub and there we go.

But how about that API key? Obviously I don’t want to embed mine in the notebook. Is there some way to use GitHub secrets for this? Answer: yes, there is, and it’s really simple, but I don’t see it documented step by step anywhere else so I’m gonna do that here.

If you want the quick answer: GitHub makes secrets available as environment variables, and if you’re working in the GitHub Jupyter environment, you don’t need to do anything special with workflows to make that happen. Therefore, you can just use Python’s os.environ mapping object to get at secrets.

FoundryVTT on Fly.io

FoundryVTT is a high quality virtual online tabletop platform. Unlike Roll20, however, there’s not a central server — once you buy a license, you have to run it someplace. There are a few services that will do this for you at a reasonable price, but I’m a geek, so if I start using FoundryVTT I want to host it myself.

Fly.io is a very cool new application hosting cloud. I experimented with it a month ago for hosting an NJPWWorld RSS feed generator and it was awesomely simple. They support persistent disk, so I couldn’t see any reason why it wouldn’t work for FoundryVTT. And it did! Details after the cut.

Simplified Unsplash Widget

My old boss Steve Makosfky was singing the praises of Scriptable the other day — it’s an iOS app that allows you to run Javascript in a number of ways, including as a widget. It’s also free (but tip the developer if you like and use it). So I modified an existing script that displays random photos from Flickr to replace my clunky Unsplash photo widget.

It’s way better than my previous solution. It doesn’t clog up my photo library, plus it’s mildly configurable. (Could be more so, but I’ll leave that as an exercise to the reader.) I’ve set mine up such that it only pulls down nature photos, which means I’m no longer seeing people I don’t know on my iOS home screen.

I stuck my code in a gist in case anyone finds this useful.

Weird Instagram Bot Traces

So far this month I’ve received a couple hundred email messages from Instagram notifying me that their Terms of Use have been updated. They’re legitimate emails; it looks like someone signed up hundreds of Instagram accounts using randomized innocence.com email addresses. Since I moved my mail to Fastmail, I’m now seeing them all. I poked around a couple of the accounts (hi, kurt.clemons78446!) and the ones I spot checked have all been deleted.

I imagine someone used innocence.com as a domain for non-existent email addresses, and these either date back to before Instagram added a confirmation step (and were later removed for spamming) or they just never confirmed the accounts. You’d think that deleted accounts would be removed from whatever list of email addresses Facebook is using to generate these emails. Unconfirmed accounts… I guess those should still see the Terms of Use changes.

Good times. Finally added a filtering rule for the emails, anyhow.

Auto-Pause for Zoom

I don’t like wearing headphones all day and since I’m lucky enough to have a spare room for an office, I can play music through my Bluetooth speaker. However, I’m lazy, and I don’t want to fiddle around with my music player just cause I’m starting a Zoom meeting. Thus, automation.

Zoom provides callbacks when meetings start, but that’s aimed at people writing plugin modules. OK, we can go a bit lower level. I can’t just watch for a process, cause Zoom is always running on my laptop. But I can watch for open UDP sockets!

$ lsof -i 4UDP | grep zoom
zoom.us 88028 bryantd 83u IPv4 0xa90f1ce03eca5d5 0t0 UDP xx.xx.xx.xx:57275
zoom.us 88028 bryantd 84u IPv4 0xa90f1ce03eca2ed 0t0 UDP xx.xx.xx.xx:52612
zoom.us 88028 bryantd 90u IPv4 0xa90f1ce09340175 0t0 UDP *:65048
zoom.us 88028 bryantd 91u IPv4 0xa90f1ce0939ce8d 0t0 UDP *:60088
zoom.us 88028 bryantd 95u IPv4 0xa90f1ce0939c8bd 0t0 UDP *:50594

That’ll do, pig. That’ll do.

#!/bin/bash

trap ctrl_c INT

function ctrl_c() {
        stop_music
        exit
}

function stop_music() {
        /usr/bin/osascript -e 'tell application "Music" to pause'
}

while true; do
        zoom_status=$( /usr/sbin/lsof -i UDP | /usr/bin/grep zoom | wc -l )

        if (( $zoom_status > 0 )); then
                stop_music
        fi

        sleep 30
done

I’m catching interrupts because I want a quick keyboard method to stop the music just in case. Right now I don’t think I want it to restart music when I leave a Zoom call, but easy enough to add that if I do.

Tech Note: JournalPress Plugin

This is very obvious in retrospect: the reason my WordPress to Dreamwidth crossposting stopped working is because Dreamwidth made security changes and as a result you don’t get to use your password for the API any more. Good change! If you cluelessly don’t pay attention, though, your WordPress plugin will stop working.

Solution: go to the Mobile Post Settings page and generate yourself a new API key. Easy.

This is a very light excuse for a weekly post but man, this week was kind of disfocused for various reasons.

Automating Unsplash Widget

iOS 14 allows you to put widgets on the home screen, which is very exciting to those of us who aren’t Android users. For Android users, it’s an opportunity to point out that Apple is late to the party. The new capabilities resulted in a wave of widget apps, which allow you to customize widgets and put your own stamp on your phone. I like tinkering, so I decided I wanted to do something beyond the typical “calendar with a photo of my cats behind it.”

Thread Reader’s Conspiracy Theory Problem

So I’ve been scraping Thread Reader for a month and I think I have enough data to talk about it. Very important: the guy who runs the site and bot seems like a decent dude, I don’t think this is intentional, but there are some actions I think are worth taking.

If you look at the Trending section of Thread Reader as I post this you’re gonna see people angry at Kavanaugh, which is good. Usually, though, you’re probably going to see a lot of Trump fans, a couple of QAnon threads, a random thread… and maybe a progressive thread. Maybe.

Does that matter? Yeah, probably — a lot of us use the site to save off interesting threads, and we link to those threads, and that means a bunch of conspiracy propaganda is one click away from our links, and it’s presented as “trending.” This is a very small scale example of the kind of algorithmic radicalization that Zeynep Tufekci and James Bridle have written about. (Phrase coined by Kim-Mai Cutler.)

I’ve been scraping the trending threads from the Thread Reader front page hourly for a month, along with metadata: who posted them, how many subscribers they have on Thread Reader, hash tags, links, etc. I wanna dig more but I did some quick and dirty number crunching which is worth sharing.

The big dog of Thread Reader is Thomas Wictor. Over the month I’ve been watching, he’s had 42 threads in trending. He’s full of conspiracy theories about how Trump is setting people up — not a QAnon guy but the same kind of themes. He has 1120 followers. The number 2 poster is Stealth Jeff. He credits Thomas with converting him to a Trump fan. Jeff had 20 trending threads in a month, and has 827 followers. Number 3 is a guy named REX. He cites Stealth Jeff and Thomas Wictor often. “Now I can’t prove that this 4Chan prank was a Trump hit, but it wouldn’t surprise me.” He had 16 trending threads last month and 566 followers.

At number 4, we have Lisa Mei Crowley, our first QAnon follower. She had 11 trending threads in a month, 479 followers. Number 5 is Praying Medic, also a QAnon follower. 10 threads, 820 followers.

The first left-winger on the list is Seth Abramson, in sixth place with 5 trending threads over the month. He has 567 followers. After him there’re three people with 3 trending threads, 14 people with 2, and 91 with 1. (Hi, Ed Whelan!)

Generally speaking if you have more than a few hundred followers and you roll up threads frequently you can count on getting onto the trending list regularly. Notable progressive tweet-stormers have lots of threads rolled up — but no followers and thus rarely trend.

I also tracked hashtags and @mentions. Top five used hashtags in order: qanon, maga, fakenews, spygate, and metoo. Most often referenced Twitter accounts: Trump, POTUS, Jeff Flake, Chuck Grassley, General Flynn… and sixth is Thomas Wictor again. Thomas just got banned from Twitter again, by the by.

This is what algorithmic radicalization looks like. It’s the unintentional result of algorithms which highlight popular content. If you’re turned off by the list of trending threads, you’re less likely to make an account. Positive feedback loop.

So: algorithms are easy to game. The behavior we see on TRA may or may not be people gaming the system; doesn’t matter. If you think it would be a good idea to see more sane ideas trending on the biggest Twitter threading platform, make an account at Thread Reader — it’s free. Subscribe to your faves. If they’re OK with it, roll up their threads. The numbers are low in absolute terms; it doesn’t take a lot to make a difference.