Category: Short and Sweet

Building my own home entertainment center code name: RelaxingSpa

ckLeave a comment

Two weeks ago I found myself frustrated – I had been using Emby on my homelab (stand in for plex/kodi/whatever) and started seeing advertisements pop up in my last place of refuge.

So, I thought to myself, hey – this is a well defined domain, I recently got laid off, why not create my own?

Within a day or two I had a functional prototype. Two weeks later I am basically done. There’s definitely some UI/UX stuff I would want to polish for a greater audience, but it works great for me.

Some things that were core in my mind for delivery:

  • A page refresh shouldn’t break playback, ever.
  • A user’s state is useful to remember not just resume this song, but resume this playlist, and support adding, removing, and replacing the existing playlists fluidly.
  • Mixed multi-media playlists.
  • Duplication removal and managing files needs to be WAY EASIER if you are managing local libraries – I don’t like Spotify.
  • It should support iOS and mobile without having to install an app (don’t want to deal with sideloading or an app store fee.)
  • It needs to be fast to load and respond – no React, Vite, no third party data stuff, everything local, everything issuing asynchronous calls and replacing the current context while remaining responsive.

Here’s a little product review that’s produced every time a build completes.

The home page presents active entry points while the persistent shell keeps playback controls alive across navigation.
The dock player exposes transport controls, seek state, history, visualizer, and the Up Next queue without leaving the current page.
Music browsing supports album artwork, metadata columns, queue actions, set actions, row playback, and configurable column visibility.
Track grids expose format/container and codec metadata so playback compatibility problems can be diagnosed from the UI.
Album detail combines artwork, tags, ordered tracks, album queue actions, title correction, and merge/recovery controls.
Movie browse rows expose poster artwork, progress context, playback, and queue actions through the shared playable-grid model.
Season pages provide ordered episode playback plus season-level queue and save-as-set workflows.
The video library groups local and subscription media by channel with thumbnails, source metadata, tags, and playback actions.
Subscription management shows resolved YouTube sources, download targets, quality choices, current status, and recent download state.
Sets are saved queue snapshots with create, inspect, load, duplicate, export, reorder, and delete workflows.
Search spans artists, albums, tracks, videos, movies, and shows without arbitrary hidden result caps.
Metadata detail pages show applied fields, provider state, artwork candidates, online album-art search, extraction, corrections, and physical files.
Duplicate review loads asynchronously into a flat sortable grid with recommendations, filters, dismissal, and safe exclusion cleanup.
Settings centralizes library management, provider diagnostics, ffmpeg/ffprobe status, storage usage, and recovery links.
The media-files diagnostic page exposes the full indexed media table for scan, path, probe, format, and availability review.
The audio visualizer renders inside the floating visual player with selectable modes (bars, wave, radial, pulse, kaleidoscope, lissajous, starfield, waterfall, flower, orbs, shine, dual bars) and color schemes.
Artist detail aggregates albums, track counts, tags, and metadata provider state for a single artist.
Movie detail combines poster artwork, summary, tags, playback progress, queue actions, and metadata recovery controls.
The shows browser lists series with artwork, season counts, tags, and entry points to season and episode flows.
What’s New surfaces recently added media across all library types in a unified discovery feed.
The tags index lists all applied tags across media types, with counts and drill-down into each tag’s contents.

There’s also some easter eggs, for instance – here’s a gif of the visualizers available.

visualizers

When I started this project I was playing with python, but the speed and the delivery mechanism wasn’t the play. I quickly switched to Go because of its extremely simple deployment story, while the language is one I am pretty unfamiliar with, I really like the results! Maybe I should build in Go more.

For now, I am not releasing this code online – the tool serves me, but if you want a copy hit me up via email at my first name at this domain and let’s chat!

“I don’t really get the point of a right join if you can just do the same thing with a left join”

ck1 Comment

I was talking to a friend of mine and they are learning some SQL and they said something that I have seen come up multiple times in learning SQL.

They said “Yeah, I need to study the join types more. They make sense to me but I want to be able to not reference my notes” and also “I don’t really get the point of a right join if your can do the same thing with a left join by just switching the table name.”

These are great points, and common questions that occur when first learning SQL.

Before I talk about LEFT/RIGHT JOINs, I wanted to mention that in my experience, idiomatic SQL does not contain RIGHT and OUTER joins, ignore them.

That might be contentious among folks, but unless you have a large amount of code written in a specific way where a RIGHT or OUTER join is the only thing that makes sense, fine, you’ve found the way, but generally you probably just want a subquery or CTE to encapsulate your logic and maintain “one way” of thinking about the problem.

The second piece of the puzzle that helped me a lot was understanding that all JOINS are just specialized versions if CROSS JOINs that help communicate your intent.

If we start with the following example, we’re making sure that every row in left and every row in right will touch. A classic CROSS JOIN.

SELECT *
FROM left AS l 
CROSS JOIN right AS r

Now, a Cartesian product is rarely useful (unless you are making a numbers table!) but its the basis for the next step, a predicate (or WHERE clause) which allows us to restrict to only useful rows on the left hand side of the query.

SELECT *
FROM left AS l 
CROSS JOIN right AS r 
WHERE 
    l.id = r.left_id AND 
    r.left_id IS NOT NULL

Some knowledgeable folks in the audience might be confused why I would filter on r.left_id IS NOT NULL (given the original condition) but some SQL dialects match on NULLs!

This CROSS JOIN is equivalent to a LEFT JOIN that looks like

SELECT *
FROM left AS l 
LEFT JOIN right AS r ON 
    l.id = r.left_id

The same applies to a RIGHT JOIN – just swap the main characters.

The INNER JOIN is even easier, it just makes sure there’s no unmatching values on both sides of the equation.

Now, this isn’t hugely different, but being able to call out LEFT LEFT LEFT LEFT INNER LEFT when you are reading through a long procedure is a critical part of reading SQL, swapping between RIGHT LEFT INNER all the time will absolutely make a difference in the mental model of your reviewer, and expect them to call you out if you use a RIGHT JOIN for anything but fun.

I hope you learned something from one of my early SQL insights, hopefully it can help you understand why there are multiple join types.

 

Choose A Simple System Over Most Other Things

ckLeave a comment

Over the last decade, I’ve spent my time fixing performance issues, untangling conceptual models, cleaning up pipelines, and generally taking things apart so I can put them back together to go fast. Through all of it, one truism remains: systems that are simple to reason about are easier to maintain, debug, and scale.

I’ve been told this is obvious. Yet, every company I walk into has a mess of code—a tangled, aging rat’s nest where yesterday’s quick fix has hardened into today’s critical infrastructure. Grain by grain, small oversights compound into load-bearing pearls of complexity that nobody dares touch.

Often, the original developers are still around. They understand the improvements that could be made but lack the time, authority, or appetite to rewrite the system that’s keeping the lights on. And when I dig deeper, it’s rarely a personal failure—it’s a systemic one. The complexity is tolerated, even defended, because addressing it is seen as an unjustifiable cost.

So what can you do? The only real solution is prevention.

Guardrails Against Complexity:

  • Treat any one-off complexity as a blinking red warning light.
  • Before solving a problem with an overly complex solution, ask: Can we avoid solving this entirely?

Technical debt isn’t just about writing bad code—it’s about making bad bets. And the easiest way to win is to stop playing losing hands before they’re dealt.

Reading about Python’s Poetry

ckLeave a comment

Poetry bills itself as “Python packaging and dependency management made easy” – I will dive in a bit more…

Installing and configuring

  • Poetry requires Python 3.8+ (that’s a lot of missing Python)
  • Has the classic “fun” insecure installer approach by default curl -sSL https://install.python-poetry.org | python3 – not my favorite, but it looks like Poetry has its own bootstrapping problem right now.
  • Uses the pyproject.toml format for configuration, with the tool.poetry, tool.poetry.dependencies, and build-system are the most important starting fields.
    • Poetry has a pretty well-thought-out use of the pyproject format.

Commands and Usage

  • Initializing an existing project is as easy as poetry init it will ask you questions about your package and get your boostrapped.
  • You can add packages with poetry add and poetry remove, first blush it feels like I am using cargo.
    • Upon upgrade/change Poetry removes old packages.There are a few GitHub issues about it, so if you are Windows and you want a faultless experience you might want to skip Poetry for now.
    • This will also resolve the package versions to ensure compatibility – a clear positive knowing your packages work out of the box together, but I have burned by Conda before, so a package solver always gets some side-eye.
  • poetry install grabs the packages and installs them in your environment.
  • poetry update Gets the latest versions of the dependencies and write them to your lock file.
  • poetry run runs the command within the current virtualenv.
    • This combines with the tool.poetry.scripts section of the pyproject file – you can define a file to run and then poetry run special-command to run your special-command.
  • poetry shell spawns a shell in the virtual environment (really useful for testing random stuff).
  • There’s a few more commands around lock files and more esoteric needs for the build system, so I will stop there for now.

Other interesting differences from a simplified pip env

  • Poetry is much more active in managing environments than a simple pip+venv setup, and actively takes steps to activate/validate the version of Python and your current environment when running code.
  • There’s a bit more on the type of build tools you can emit, versioning, and dependency groups which you generally wouldn’t have in the simpler tooling modes.

Final Thoughts

Overall my first blush with Poetry is that it’s a very cool tool (if you are not on Windows) and that it definitely seems that once it’s set up. It seems like you’d have more luck getting new packages added to existing projects without the “fun” of Python packaging issues arising suddenly in the wild (or hopefully your full featured test suite)/

Because of the file deletion issue (and me on Windows most of the time) I am still going to be sticking to pip+venv. Any add/remove command has about a 50% chance of going south for the boxes I am using.

A Simple 5x Speed Up With My Django Testing

ckLeave a comment

the statistics in pycharm showing that the built-in method of _hashlib.pbkdf2_hmac is taking 36.4% of the time
PyCharm Profile Stats

More than a third of the time was taken with a hashlib function. My current testing regime doesn’t take long (about 3 seconds on my slow machine) but any iteration time is precious when you are working on your side project.

Before I wax poetic, here’s the changes you’d make to your project’s settings.py

 
# This is only needed if you don't already have a PASSWORD_HASHERS list in your settings 

PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
    'django.contrib.auth.hashers.Argon2PasswordHasher',
    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
]

# DO NOT USE INSECURE HASHING OUTSIDE OF DEBUG MODE OR YOU WILL GET HACKED
# All of your data will be stolen and all of your good works undone 
# Avoid having your company added to this list https://haveibeenpwned.com/
if DEBUG:
    PASSWORD_HASHERS.insert(0, 'django.contrib.auth.hashers.MD5PasswordHasher')

So what’s happening here?

Context

If you’re fairly new to Django you might not know the settings.py file controls the general configuration of your application, and defines arbitrary values available from the settings module (a really useful feature!)

The DEBUG value is set for test environments (earlier in the file) based on environment variables that I control, if you want to learn more check out the DEBUG documentation.

Most values that could exist in your settings file have sane defaults, but it can be a bit confusing that not everything is there at once. If you dont have a PASSWORD_HASHERS list in your settings Django will pick whatever the “right” option is.

In this case we’re defining the standard items and then inserting a new default hash option in the list (during DEBUG mode only.)

This sets PASSWORD_HASHERS to reference a very fast and very weak (full list here).

Using the PyCharm test UI I found my slow machine testing went from 2987ms to 526ms, and improvement of  >5x!

The observer effect is in play for the statistics but we still show the entire hashing process gone from the stats:

PyCharm profiler statistics showing no hashing algorithm in the top items and a much faster result
PyCharm Profile Stats … Much Better

It’s worth repeating – don’t run insecure hashing such as md5 algorithms in production ever. It’s the difference between your password being cracked in seconds and making it impractical for decades or centuries.

It may seem weird, but being purposefully slow is an important feature of cryptographic hashes that you should not attempt to defeat.

If you want to learn more about how cryptographic hash functions work check out Practical Cryptography For Developers.

 

Fixing – Error: “PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

ck2 Comments

During my attempt to connect PyCharm to a SQL Server data source with Windows Authentication and ran into a slew of errors. Upon searching I noticed there was a dearth of resources on this issue.

Some posts mention messing with your certificate store but with a local sever I dont have the interest in configuring certificate based auth.

From experience I knew a security issue reported in SQL Auth generally is related to the certificates/encryption settings on the connection, often turning it off works fine (don’t do this in production.)

I found nothing useful in the SSL/TLS – clearly the standard “uncheck encryption” trick isn’t managed here.

 

 

Looking further I found the Driver: section, here the MSSQL driver settings I needed are available.

picking advanced/driver settings

 

 

 

Click the Advanced tab.clicking the advanced tab in the driver settings

 

 

 

 

Update integratedSecurity to true and encrypt to false. changing pycharm driver settings

 

 

This fixed my authentication issues with the local server.connected window

Removing Microsoft’s News In The Taskbar

ck1 Comment

So in a “not shit crap again” post – MSFT releases a “News” update to take up space on your taskbar and just allow Microsoft to serve you more ads.

The boiling of the frog of the modern treatment of privacy is so annoying, so here’s the registry path to disable it.

Cool that you get to open the registry instead of just get presented a “Would you like a new informative tool by Microsoft?” It’s almost like they know that NOBODY wants this.

Remember – dont just randomly run registry files – they are plain text documents interpreted in a special way – so crack them open and make sure you feel comfortable running them.

You can review/download the data here:

How do companies handle blue green deployments with their SQL Server Database?

ckLeave a comment

An interesting discussion/question in the SQL Community Slack today arose around how to implement blue/green deploys.

If you’re not familiar – blue/green refers to a deployment strategy with at least two hosts of your services, where you host in the green, deploy to the blue, and slowly drain the green to the blue until it becomes the green.

This has consequences in terms of keeping the lights on for both services, potentially rolling back the traffic to the green node (if the blue deployment fails some tests) and identifying things like dead code/data paths.

I was pondering how to answer the question in anything but the most generic way when this youtube video by Kevin Feasel was posted and it’s such a great resource I’m reposting it.

Thanks @reid and Kevin!

Fixing Unicode Conversion Issues in XML documents, TRY_CONVERT returns question mark instead of NULL

ckLeave a comment

An interesting question asked by @danthesqlman in #sqlhelp (sqlcommunity.slack.com)

Having issues with Unicode in my XML, tried using a try_convert(varchar,fieldname) but not returning NULL.
Set it to have a test on my box, and weird results.
declare @n nvarchar(10) = N’ניקודות‎’
select try_convert(varchar(10),@n)
This doesn’t return NULL, but ?????????
I’m curious what would I be doing wrong, or how can i locate unicode within XML easily

And then when people suggested individual character shredding –

XML documents in a table over 200k rows, 2mb xml each, could take hours to parse 1 character at a time

There were a few suggestions, (my initial crap one was just dumping it to C#), but after a few jokes back and forth about how SQL Server was just returning normal question marks for TRY_CONVERT and how silly that was the idea came up… why not just:

  1. Replace all question marks with something unique? (I suggested a GUID)
  2. Run the conversion and then do a reverse replace, updating the data in place.
  3. Profit!

For a simple code example…

DECLARE @magic_value UNIQUEIDENTIFIER = NEWID()
SELECT 
  TRY_CONVERT
  (
    VARCHAR(100),
    REPLACE(tar.name,'?',@magic_value)
  ) 
FROM target_table AS tar

Any new question marks that exist in the output would be characters that failed the conversion process.

The test ran in ten minutes instead of a few hours… great!

Also a fun followup on weird SQL Server homoglyph conversion issues in general – https://bertwagner.com/posts/how-unicode-homoglyphs-can-thwart-your-database-security/

Disable powershell update nag in one line

ckLeave a comment 
[System.Environment]::SetEnvironmentVariable("POWERSHELL_UPDATECHECK",0,[System.EnvironmentVariableTarget]::User)

To be clear – I think you should be updating your PowerShell regularly, however the HUGE WHITE BLOCK ACROSS MY ENTIRE SCREEN EVERY TIME I LAUNCH VISUAL STUDIO CODE ISN’T GREAT.

Hated that caps? Yeah, that’s basically my eyes every time I see this nag window inverting the colors across my ennntiiirrreee screen.

I checked the PS repo and some one liners posted didnt work (and used SetEnvironmentVariableTarget which was not a method I had?), so I wanted to make this easy in case you are getting frustrated with the PowerShell update version check message and you want it to go away and didnt want to crack open the environment variables.

Now go update your PowerShell 🙂