LightNews
jhawthorn.com
John Hawthorn
@jhawthorn.com
1.1K followers 220 following 41 posts
Writing code for @Shopify, Rails, and Ruby. Previously @GitHub. he/him | Victoria, BC | jhawthorn.com
Posts Media Videos Starter Packs
Pinned
jhawthorn.com
John Hawthorn @jhawthorn.com · Dec 15
You're telling me a duck typed this code?
4 4 44
jhawthorn.com
John Hawthorn @jhawthorn.com · 21h
No way, the Blues Jay will take it back to Roger Center
1
jhawthorn.com
John Hawthorn @jhawthorn.com · 17d
You're absolutely right...
9
jhawthorn.com
John Hawthorn @jhawthorn.com · 24d
There's totally room for them and if you like them you should use them and make more. It's not a value judgement. There's just something about them that doesn't appeal to me as a matter of taste vs. a traditional command line tool.
1 1
jhawthorn.com
John Hawthorn @jhawthorn.com · 25d
I think you're right about the forcing function. It also probably enforces a consistent look and feel. But that just suggests to me it's not the optimal version of what it's trying to be. A native GUI could and should be drivable 100% by keyboard
1 2
jhawthorn.com
John Hawthorn @jhawthorn.com · 25d
I don't mean to single out bat, I think it's just the first tool that crosses the line. Something like `lazygit` is maybe a clearer leap. It's obviously a good tool people like, but as a fan of the command line I don't get why one would prefer that over the same tool as a full graphical GUI.
2 4
jhawthorn.com
John Hawthorn @jhawthorn.com · 25d
I have a hard time placing exactly what it is, but something about `bat` and other "modern" TUI tools really rubs me the wrong way. They're clearly well made, I think it's more of an aesthetic thing where that is exactly what I was running away from by using command line tools.
4 1 8
jhawthorn.com
John Hawthorn @jhawthorn.com · Aug 24
米国人だから
A konbini package of two hot dogs with Cajun sauce wrapped as a burrito.
4
Reposted by John Hawthorn
byroot.bsky.social
Jean Boussier @byroot.bsky.social · Aug 11
I took some time to delve into my latest work on reducing Ractor contention. This time: Generic Instance Variables

byroot.github.io/ruby/perform...
Unlocking Ractors: generic instance variables
In two previous posts, I explained that one of the big blockers for Ractors’ viability is that while they’re supposed to run fully in parallel, in many cases, they’d perform worse than a single thread...
byroot.github.io
1 6 17
Reposted by John Hawthorn
tenderlove.dev
Aaron Patterson @tenderlove.dev · Aug 5
One of the AI generated security reports attached a bunch of MD files, and this screenshot was taken from the end of one of them. This gives me lots of feelings, and none of them are good
## 🚀 SUBMISSION STRATEGY ### Approach: "Professional Context-Dependent Security Issue" - Not claiming pure remote RCE - Focusing on real-world deployment risks - Honest about context requirements - Emphasizing practical security impact ### Expected Response: ``` "While not directly exploitable in default configuration, this represents a significant security risk in common deployment scenarios. We'll investigate and implement appropriate mitigations." ``` ### Success Probability: 75% - Technical merit: Clear vulnerability in core Rails - Real-world relevance: Common deployment scenarios - Professional quality: Comprehensive documentation - Honest assessment: Context-dependent, not oversold --- ## ✅ READY TO SUBMIT! **All information prepared for professional Rails bug bounty submission.** **Expected Outcome:** - Rails Team Response: 1-2 weeks - Fix Development: 2-8 weeks - Security Release: 8-12 weeks - IBB Bounty: $1,040-1,600 (80% of $1,300-2,000) **Next Step:** Copy information above into HackerOne form and submit!
2 2 21
jhawthorn.com
John Hawthorn @jhawthorn.com · Aug 1
"two buttons" meme where the guy can't decide between calloc(n, 1) and calloc(1, n)
1 16
Reposted by John Hawthorn
k0kubun.com
k0kubun @k0kubun.com · Jul 15
Ruby 3.4.5 Released www.ruby-lang.org/en/news/2025...

This is a routine update that includes bug fixes and GCC 15 support. We recommend upgrading your Ruby version at your earliest convenience.
Ruby 3.4.5 Released
www.ruby-lang.org
1 10 29
Reposted by John Hawthorn
matt.godbolt.org
Matt Godbolt @matt.godbolt.org · Jun 3
It's been a while since I've written about the innards of @compiler-explorer.com. xania.org/202506/how-c... has the details, some statistics and some fun war stories.
How Compiler Explorer Works in 2025 — Matt Godbolt’s blog
How we handle 92 million compilations a year without everything catching fire
xania.org
3 17 56
Reposted by John Hawthorn
peterzhu.ca
Peter Zhu @peterzhu.ca · Jun 3
I just published "Implementing Embedded TypedData Objects" about a feature @byroot.bsky.social and I worked on for Ruby 3.3. A bit late, but better than never.

railsatscale.com/2025-06-03-i...
Implementing Embedded TypedData Objects
We implemented a new feature to TypedData objects in Ruby, called embedded TypedData objects. TypedData objects are used across a wide variety of Ruby types, such as Time, Enumerator, and Method. This...
railsatscale.com
3 17
jhawthorn.com
John Hawthorn @jhawthorn.com · May 27
1 4
jhawthorn.com
John Hawthorn @jhawthorn.com · May 27
I'm a nervous flier, but fortunately I've downloaded the new season of Nathan Fielder's show "The Rehearsal" to distract me. No spoilers please, I want to go in blind
1 7
Reposted by John Hawthorn
byroot.bsky.social
Jean Boussier @byroot.bsky.social · May 24
I wrote a post to braindump what I'm currently working on: allowing lock-free access to class instance variables from Ractors.

byroot.github.io/ruby/perform...
Unlocking Ractors: class instance variables
In a previous post about ractors, I explained why I think it’s really unlikely you’d ever be able to run an entire application inside a ractor, but that they could still be situationally very useful t...
byroot.github.io
1 6 27
jhawthorn.com
John Hawthorn @jhawthorn.com · May 15
[email protected]
Reposted by John Hawthorn
k0kubun.com
k0kubun @k0kubun.com · May 14
Ruby 3.4.4 Released www.ruby-lang.org/en/news/2025...

This release includes a fix for a YJIT bug related to local variables and addresses a build issue on Windows when using GCC 15. It was released ahead of schedule to make these fixes available as soon as possible.
Ruby 3.4.4 Released
www.ruby-lang.org
11 25
Reposted by John Hawthorn
byroot.bsky.social
Jean Boussier @byroot.bsky.social · Apr 26
I did some sort of rubber duck blogging about a patch I'm currently working on: byroot.github.io/ruby/perform...
Unlocking Ractors: object_id
In a previous post about ractors, I explained why I think it’s really unlikely you’d ever be able to run an entire application inside a ractor, but that they could still be situationally very useful t...
byroot.github.io
2 6 28
Reposted by John Hawthorn
jpcamara.com
JP Camara @jpcamara.com · Apr 20
If you read @byroot.bsky.social 's "What's the deal with Ractors?", and were bummed at how poorly they handled JSON parsing, then @jhawthorn.com has brightened your day!

Frozen interned strings are now stored in a lock-free hash, making the Ractor example 2x faster than the single-threaded example!
# == single-threaded # RUBY_YJIT_ENABLE=1 ruby parse.rb 1.12s user 0.11s system 77% cpu 1.599 total # == master, pre-optimization # RUBY_YJIT_ENABLE=1 ruby ractor_parse.rb 3.70s user 6.52s system 256% cpu 3.990 total # == master, after https://github.com/ruby/ruby/pull/12921 # RUBY_YJIT_ENABLE=1 ruby ractor_parse.rb 1.31s user 0.28s system 210% cpu 0.754 total
1 10 32
Reposted by John Hawthorn
joshuay03.bsky.social
Joshua Young @joshuay03.bsky.social · Apr 10
Announcing Dial, a Rails application profiler: github.com/joshuay03/dial

I've longed for a free tool that provides Datadog-like profiles, with accurate GVL and GC activity. Thanks to @jhawthorn.com's amazing work on Vernier, all I needed to do was integrate it with Rails and let it do its thing.
GitHub - joshuay03/dial: A modern profiler for your Rails application
A modern profiler for your Rails application. Contribute to joshuay03/dial development by creating an account on GitHub.
github.com
2 10 36
jhawthorn.com
John Hawthorn @jhawthorn.com · Apr 1
It certainly isn't wasting any time on bounds checks
1
jhawthorn.com
John Hawthorn @jhawthorn.com · Apr 1
I've just released unsafe 1.0.0! A gem bringing the power of Rust's unsafe to Ruby! github.com/jhawthorn/un...
GitHub - jhawthorn/unsafe: Just like in Rust!
Just like in Rust! Contribute to jhawthorn/unsafe development by creating an account on GitHub.
github.com
4 12 48
jhawthorn.com
John Hawthorn @jhawthorn.com · Mar 25
One of my favourite things (of many) about rr-project.org is how it actually complements my tendency to be a printf debugger, because it's so easy to start gdb at the point that the output goes wrong.
rr: lightweight recording & deterministic debugging
rr-project.org
3
Reposted by John Hawthorn
hsbt.org
hsbt @hsbt.org · Mar 19
andpad.connpass.com/event/346737/ registration is opened now. We welcomed oversea guest for #rubykaigi
RubyKaigi 2025 前夜祭 Asakusa.rb Welcome Drinkup (2025/04/15 18:30〜)
## Overview 概要 On the day before RubyKaigi 2025, which will be the regular meeting day for Asakusa.rb, we will host a Welcome Drinkup as a pre-party for overseas committers and Rubyists attending the...
andpad.connpass.com
2 4 9