I planned and started to write a series about personal productivity systems, but I’m abandoning the series. Here’s why.
https://jacobian.org/2024/apr/4/not-writing-about-productivity/
One of the main responsibilities of a leader/manager is helping their staff develop. Mentorship, coaching, and sponsorship are import tools in the staff development toolbox. Good leaders should b...
https://jacobian.org/2024/apr/1/mentorship-coaching-sponsorship/
I was invited on the Sustain podcast to discuss my recent rant about open source sustainability. I talked about my reaction to the criticism that open source maintainers receive when they take fu...
I was on the Django Chat podcast to about Django’s history, the creation of the DSF, my recent return to the DSF board and my goals there, and the things I’m excited about for Django going fo...
I’ve been through close to a dozen reorgs. This article contains the advice I wish I’d been given earlier in my career when I didn’t yet have that experience. Reorgs are disruptive, and nob...
Something missing from this series on estimation, until now, has been a discussion of how to “break down” a project into a well-defined task list. I’d not previously written about this beca...
If you have a problem with maintainers getting paid then you have a problem with me and I suggest you let that one marinate.
https://jacobian.org/2024/feb/16/paying-maintainers-is-good/
How do you understand what engineers are doing with that time? How do you know if they’re working on the “right” things? Here’s how I suggest answering those questions.
Lessons learned and updates from a couple of years of executing on my philanthropic plan: finding and tracking organizations, continuing to wrestle with anonymity, and a list of donations we’ve...
I’m really proud of my track record building diverse teams. When I’ve been responsible for hiring, those teams have consistently been more diverse than industry norms, often significantly so....
My playbook for managing technical debt.
This is my preferred decision-making process – a version of the “document-discuss-decide” process that I called for at the end of the part 1 in this series. The most important part of this ...
The RFC process has been a huge success in defining the standards that run the Internet, but naively adopting this process for your company is a mistake. RFC processes tend to fail at most organi...
It’s never acceptable to yell at work. The norms of professional behavior call for a cool demeanor. It’s normal to have emotions at work, but there’s a limit to how strongly you can express...
Managers often talk about performance as a static thing. We say that someone is a “high performer” or “low performer”, as if performance is a fixed attribute of their personality. This fi...
What are the major management behaviors that can help build trust? Management books often cover the importance of trust, but abstractly. There’s precious little writing about the nuts and bolts...
In a management Slack I’m in, someone responded to a list of commonly-recommended management books by asking, “are these people good managers though?” It’s a fair question! But it’s not...
At a certain level of seniority – typically the Staff level for ICs, and the Director level for managers – you’ll be expected to fully own huge areas of responsibility without detailed guid...
https://jacobian.org/2023/oct/4/seniority-and-self-management/
As companies start to roll out so-called “Return to Office” (RTO) policies, I’ve found myself disappointed by the hyperbolic arguments being made by remote work / Work From Home (WFH) propo...
Most managers have internalized the idea that team growth, in and of itself, is a unalloyed good, and a sign of success. This is wrong, but it’s understandable. Team growth feels like success, ...
Should you give unsuccessful job candidates feedback on what they did or didn’t get right?
When is it the right choice to hire full-time staff, and when should you use consultants or contractors instead? The short answer: hire consultants for guidance, contractors for execution, and em...
https://jacobian.org/2023/aug/24/consultant-contractor-or-employee/
When you’re hiring, try not to get caught in the trap of evaluating candidates based on their best possible performance. Look instead for consistency: reliable results in variable conditions, t...
A major personal accomplishment in 2022 – something I’m proud of – was creating a philanthropic framework. My wife and I intend to use this framework to guide our charitable giving for the ...
I received a ton of replies to my previous piece in “incompetent but nice” people. I’ve collected some of those replies, and some of my own follow-ups. I’ll cover: what managers should do...
https://jacobian.org/2023/mar/31/incompetent-but-nice-follow-ups/
A question I’ve never been able to answer to my satisfaction: how do you manage people who are nice but can’t do the work?
When you change jobs, ideally you’ll have the opportunity to brief your successor directly. But that isn’t always possible: you might get fired or laid off, you might leave for another job wi...
Stop doing performance reviews based on the calendar year. Instead, schedule performance reviews around each person’s individual calendar — a year after they join the team, switch roles, get ...
https://jacobian.org/2022/oct/25/against-performance-seasons/
Patterns of short tenure are normal at the beginning of a career, but are more of a red flag in more senior roles. Here’s why.
On using Copilot as a writing assistant, and my complex feelings about the ethics of doing so.
A pattern of short tenure – multiple short jobs over a small period of time – can be a red flag, but necessarily. I’ll dig into short tenure in this article. What’s “short”? What’s ...
https://jacobian.org/2022/oct/14/when-is-short-tenure-a-red-flag/
You tell me.
In my writing about hiring and management, I often talk about role titles – terms like “manager”, “director”, “executive”, and so forth. I’ve found that many readers find the prec...
If you’re ever an interviewer on a role I’m hiring for, there’s this one thing I’m going to ask you to do that might feel weird. After you conduct that interview, I’m going to ask you t...
https://jacobian.org/2022/sep/23/post-interview-recommendation/
Software quality is more the result of a system designed to produce quality, and not so much the result of individual performance. That is: a group of mediocre programmers working with a structur...
Techniques for effective note-taking during interviews.
There’s a Right Way to conduct job interviews: one-on-one, with a single interviewer per interview session. If you need multiple interviewers (you probably do), schedule multiple sessions, each...
Most of the time, reference checks go very well: you only turn up information that confirms your decision to hire this candidate. But sometimes — maybe about 10% of the time — the reference w...
https://jacobian.org/2022/jul/6/if-reference-checks-go-wrong/
Part two of my reference check series, covering the nuts and bolts of conducting a reference check. When should you check references? How many? How should you contact references? What questions s...
Reference checking isn’t optional: it can save you from making a big mistake. Reference checks are your last line of defense against hiring a jerk.
https://jacobian.org/2022/jun/22/yes-you-should-check-references/
“What metrics should I use to measure my engineering team’s performance?” Believe it not, there is a Right Answer: the so-called DORA metrics.
An edited transcript of a talk I delivered at the CTOCraft Hiring MiniConf. How do you make a job offer that’ll be accepted when other companies are out there offering candidates over a million...
Answering a question from a reader: how do you deal with misalignment – arguments about skills, pay, etc. – when hiring?
https://jacobian.org/2022/may/23/dealing-with-misalignment-while-hiring/
Dishonesty at work is wrong except when it isn’t.
I’m starting a new series on professionalism: the set of workplace behaviors that are generally expected at work. These behaviors are largely unspoken, but they do exist: there are consequences...
https://jacobian.org/2022/apr/12/professionalism-introduction/
A criticism of some of my writing is that it’s too mercenary. Some see my advice as coldly calculating, too focused on individual outcomes over collective ones, and implicitly distrustful of ot...
Say you agree with me that exit interviews are dangerous for employees, but you’re a kind, empathetic manager who’s built a team with high trust. You’d never dream of retaliation, are open ...
It’s tempting to air your grievances at your exit interview. Don’t. There’s almost no upside to speaking up, and tremendous potential downside. Avoid exit interviews if you can. If you must...
Ask A Manager had a wild story a week ago. A company interviewed someone, hired him, but when he showed up for work … it was a totally different person. A friend asked, “if this was your hire...
I was on The Changelog, talking about work sample tests and hiring in general. Listen wherever you get your podcasts, or right here.
How do you develop an interview question that measures a core value?
https://jacobian.org/2022/jan/31/developing-a-values-interview-question/
Patty McCord was Netflix’s first head of HR and a member of its executive team for 14 years. She (along with Reed Hastings, Netflix’s founder and CEO). She’s probably best known as the co-a...
A round up of my writing in 2021: what were my goals? How’d I do? And some statistics.
This is the final post in my series on work sample tests. It’s a wrap-up post: I’ll address a few random points I couldn’t quite fit in elsewhere, and answer some questions from readers.
I’ve written about a bunch of effective work sample tests and the “rules of the road” that make them effective. One thing I haven’t talked about is counter-examples: types of work sample ...
The work sample tests I’ve covered in this series so far all involve software development. But what about roles that don’t involve day-to-day coding: roles like security analysis, penetration...
Tomorrow is Volunteer Responsibility Amnesty Day , a day to reflect on your responsibilities as a volunteer and, if any of them are too burdensome, set them down. I’m observing it this year; he...
https://jacobian.org/2021/dec/20/volunteer-responsibility-amnesty-day/
For most software engineering roles, the best work sample test will be some combination of the exercises I covered earlier in this series. But not every role; there are some circumstances where o...
If you’re hiring engineers, some candidates will already have code they can share: side projects, open source, and so on. It’s silly to ask those candidates to write new code just for your in...
I tend to prefer asynchronous work sample tests. The flexible scheduling of asynchronous exercises (i.e. “work on this whenever you like”) works better for the majority of candidates. But for...
Coding homework is my default work sample test: I use it for all engineering roles unless it’s obvious that another kind of exercise is better. There are good reasons to make homework-style wor...
What makes a work sample test “good” – fair, inclusive, and with high predictive value? Here’s my framework: eight principles that, if followed, give you a great shot at constructing a go...
Good hiring processes try to maximize inclusivity and predictive value, but unfortunately, work sample tests bring these goals into conflict. There’s always a tradeoff between predictive value ...
https://jacobian.org/2021/nov/10/wst-inclusivity-vs-predictive-value/
Earlier this year, I wrote a series on interview questions. Good interview questions are one key to hiring well, but they’re not the only key. Today, I’m starting a new series on another crit...
If you want to be a good manager, you need to accept that your behavior is under a microscope. You need to watch your behavior carefully and pay attention to what that behavior communicates.
If you’ve used marijuana, can you still get hired by the Federal Government? Yes, but it’s complicated. I’ll try to explain…
Three simple tricks product I’ve picked up that help me be more than completely useless when I need to wear a Product hat.
Salaries in tech are going up, and many people are looking for new jobs or reevaluating the ones they have. However, many tech workers have no idea what their labor is worth on the open market. T...
Wrapping up my series on delegation with an example: how to delegate meeting attendance.
https://jacobian.org/2021/oct/6/delegating-meeting-attendance/
Some managers think delegation is easy: you just ask someone on your team to go do a thing, then kick back with your feet on the desk until it’s done. Not true: delegating that way is a recipe ...
Broadly speaking, there are two management styles: PEOPLE-ORIENTED and RESULTS-ORIENTED management. Taken to extremes both styles have failure modes, but seeking “balance” isn’t the answer....
https://jacobian.org/2021/sep/22/people-or-results-oriented/
To make delegation most effective, tell people the results you want, but let them decide on how to achieve those results.
Your gut instinct is probably to wait to delegate some work until you’re fully confident that the person can handle it. This is often a mistake. Instead of withholding a delegation opportunity ...
My foundational principle of delegation: “GIVE AWAY YOUR TOYS”. Look to delegate the work you love, not the stuff you dislike or dread.
Most managers know that delegation is part of their job, but the vast majority of management texts are incredibly non-specific about what delegation means. So today I’m beginning a series on de...
My list of “Probably Are Gonna Need It” security features for your web app – things that you should build up-front, not wait until you need them (when it’s already too late).
Team Topologies (Matthew Skelton and Manuel Pais, 2019) is, essentially, a book-length treatment of the Inverse Conway Maneuver. I recommend this book to folks looking to design or refactor produ...
https://jacobian.org/2021/jul/5/book-review-team-topologies/
For an organization to succeed – to reliably and consistently deliver great products that customers want – Product and Engineering need to work well individually, but more importantly, they n...
You’ve made and committed to a timeline, but your estimate was wrong. The timeline’s going to slip. Now what?
Sometimes, it’s more important to be able to produce a quick estimate than it is to produce a good one. In those cases, reach for the SWAG: the Simple Wild-Ass Guess. To a large degree making a...
Last time, I explained that, although estimating software project timelines is hard, you should do it anyway. With that background, I want to go into some detail and share the technique I use whe...
It’s well established that estimating software projects is hard. This is true, but you should learn how anyway.
The 2021 edition of Verizon’s Data Breach Investigations Report (DBIR) is out. I read the DBIR every year; it’s one of the only analyses of real-world security failures that approaches any so...
Managers need to understand the difference between praise and positive feedback. Feedback is one of the most important tools in your management toolbox, and an absolute MUST for any manager who w...
https://jacobian.org/2021/may/12/praise-vs-positive-feedback/
Addressing behavior through mass emails or new policy rollout is a mistake. Here’s why.
Here are three models that I like for delivering feedback. Each is valuable on its own and would make a great starting point for anyone who wants to build their feedback muscle. Together, they hi...
On the fundamental purpose of middle management: CONTEXT DOWN, INFORMATION UP.
https://jacobian.org/2021/apr/19/the-fundamental-purpose-of-middle-management/
When organizations are performing well, the whole is more than the sum of its parts. That’s the whole point of building teams: together we can accomplish more than if we work solo. But many org...
Sometimes, programming feels like magic: you chant some arcane incantation and a fleet of robots do your bidding. But sometimes, magic is mundane. If you’re willing to embrace the grind, you ca...
Sébastien asks: “Would you say that your questions are equally applicable to junior and senior positions?”
Some conversations about my previous piece brought me back to one of the earliest lessons I learned in my management career. It’s a realization that’s embarrassingly obvious in hindsight: TRE...
I had a call a few weeks ago with a friend and fellow engineering manager, and we spent most of it talking about someone on her team who wasn’t responding well to feedback. He was performing se...
Within an organization, there are three kinds of power structures: ROLE POWER, RELATIONSHIPS, and EXPERTISE. Understanding these kinds of power — how they’re built; how they’re wielded; eth...
How many hours does it take to hire someone, from approval of the open position to their first day? I tracked a recent hiring round I ran, and found it takes ABOUT 100 PERSON-HOURS. Here’s a br...
In early January, Sumana Harihareswara and I started getting together a few times a week to help each other write more. This model of working together on separate-but-related projects has worked ...
Asking candidates why they left their last job is common… but should it be? I’m not sure. What do you think?
https://jacobian.org/2021/mar/8/why-did-you-leave-your-last-job/
Here’s a weird little skill I had to learn the hard way: how to give a status update to executives, investors, or boards. It’s different from most other kinds of status updates: much shorter,...
There are three types of interview questions: behavioral, hypothetical, and trivia. BEHAVIORAL QUESTIONS ARE THE GOLD STANDARD; they’re the most effective at predicting job performance. Hypothe...
https://jacobian.org/2021/mar/1/types-of-interview-questions/
I believe that AUTONOMY is one of the most important values of effective organizations. But I also think it’s a value that’s misunderstood and misapplied. In this post, I’ll (1) define what...
A summary and wrap-up of my Unpacking Interview Questions series, covering why I wrote this series in the first place, some advice on developing your own questions, and answers to a few questions...
The fifth and final part of my Unpacking Interview Questions series, where I share one of the questions I use when I interview for technical roles. Today’s question is the most difficult-to-ask...
https://jacobian.org/2021/feb/12/interview-questions-weakness/
Part 4 of my Unpacking Interview Questions series, where I share one of the questions I use when I interview for technical roles. Today, an oldie-but-goodie: looking into a candidate’s ability ...
https://jacobian.org/2021/feb/11/interview-questions-disagreement/
Part 3 of my Unpacking Interview Questions series, where I share one of the questions I use when I interview for technical roles. Today: making sure candidates align with organizational values of...
Part 2 of my Unpacking Interview Questions series, where I share one of the questions I use when I interview for technical roles. Today: measuring a manager’s ability to lead projects and manag...
https://jacobian.org/2021/feb/9/interview-questions-project-you-led/
Part 1 of my Unpacking Interview Questions series, where I share one of the questions I use when I interview for technical roles. Today: asking candidates to explain a topic at multiple levels. T...
https://jacobian.org/2021/feb/8/interview-questions-explain-a-topic/
In my previous article, I wrote about gathering consensus before a decision. Several folks asked for more detail about how I structure those consensus-gathering and decision-making exercises. The...
The next time you have an important proposal to make, don’t wait until the big meeting to ask for support. Here’s how to gather feedback and build consensus beforehand, so you can make that b...
https://jacobian.org/2021/jan/18/consensus-before-a-decision/
Over on the Hangar tech blog, I’ve posted our Dumb Security Questionnaire (the questions we ask vendors to evaluate their security maturity). All DSQs are dumb, but I think ours is a little les...
I’m terrifically excited to get a COVID vaccine. Not just “willing”, but actually quite excited. mRNA vaccines are this generation’s moonshot – a huge leap forward in science. Im terrif...
Practical ways to bridge the gap between AppSec and Engineering.
How should you structure a larger engineering organization, one with dozens (or hundreds) of engineers? There are many tradeoffs to consider, and no single right answer. But, there are some struc...
https://jacobian.org/2021/jan/5/designing-engineering-organizations/
One of the major trends I’ve been thinking about a lot this year is that the reality of AI has starting catching up to the hype. This thought has been percolating in my brain for a while, and f...
Hiring is one of the most important parts of a manager’s job. Over the last few years, I’ve developed a metric I use to measure hiring performance. It’s simple to calculate, and reasonably ...
https://jacobian.org/2020/sep/14/measuring-hiring-manager-effectiveness/
Denial-of-Service (DoS) vulnerabilities are common, but teams frequently disagree on how to treat them. The risk can be difficult to analyze: I’ve seen development teams argue for weeks over ho...
https://jacobian.org/2020/sep/11/analyzing-dos-vulnerabilities/
What’s the best way to train folks to conduct job interviews? I have a process I’ve used for about five years that seems to work well. It’s loosely based on the “see one, do one, teach on...
SQL Injection (SQLi) is one of the most dangerous classes of web vulnerabilities. Thankfully, it’s becoming increasingly rare — thanks mostly to increasing use of database abstraction layers ...
Effective resumes need to contain two things: responsibilities and accomplishments. The first tells the read what your job was; the second, what your results were. Unfortunately, most people fail...
https://jacobian.org/2020/may/8/engineering-resume-accomplishments/
It’s looking increasingly likely that the COVID-19 pandemic will cause a recession. It’s easy to think we might be immune from the effects of a global recession, but my experience is that tec...
Starting today, Django has a new governance model. Previously, a small “core team” made most decisions, including electing a Technical Board to own decisions about each release. Now, the “c...
Lately I’ve been working with our startups to establish their engineering strategies. One model I’ve found useful is to place their technical challenge on an innovation/execution spectrum.
Retrospectives are probably the most important software development practice. They build a culture of continuous improvement. We may fail, but we’ll learn and do better next time. (Or, at, lea...
Much of my work at Hangar involves early product development, helping our startups “break ground” on their products. We’re starting with little more than an idea, and maybe some theories fr...
A quick announcement: as a bit of an experiment, I’ve moved this site to Google Cloud Run. Please let me know if anything seems broken. I may in the future write a bit about Cloud Run: there’...
For years I’ve noodled around with various setups for a Python development environment. A couple of years ago I wrote about a setup I finally liked; this is an update to that post. Bad news: th...
Last time I was looking for a job, I wrote up a list of questions I wanted to ask prospective employees. I just ran across the list again, and figured I’d share. I was looking for a senior mana...
https://jacobian.org/2019/apr/23/questions-for-employers-director-vp/
I’ve interviewed hundreds of people for technical roles, and a pattern has emerged. In general, we reject many more candidates for social skills than for technical competence. In fact, most tec...
https://jacobian.org/2019/apr/3/iq-isnt-enough-to-get-hired/
Craig recently wrote about his mixed opinions about OKRs. The crux of his argument, I think, is that communicating goals is the important thing, and that OKRs are a heavyweight tool (with limited...
When I interview, I say nearly the same thing at the beginning of the interview. It’s a script I’ve practiced and honed over the years . It’s only eleven sentences, but each has a specific ...
https://jacobian.org/2018/nov/29/annotated-interview-kickoff-script/
Do you have a growing engineering organization that needs help hiring effectively? I can help! I have consulting availability over the next few months to help organizations hire better. I can des...
I’m trying out Tiller (a service that pulls financial transaction data into Google Sheets), and there’s a nifty bit of security design. Instead of its own authentication, you login via Google...
“So, what’s new with you?” Um, a lot: Today’s my last day at 18F. It’s been an honor and a privilege to get to work at such an amazing place with such fantastic colleagues. I’ve learn...
Like many engineers, I got thrown into management without any real guidance. I thought management was just telling people what to do. I thought there wasn’t any real science to it; you just nee...
When social media was small, it was a bubble: a quiet conversation among friends. It was nice, but not particularly challenging. Pleasant, but maybe not useful. Then there was a moment. A short o...
This is out of date. For a newer version, see My Python Development Environment, 2020 Edition For years I’ve noodled around with various setups for a Python development environment, and never r...
Welcome to FictionalSoft! I hope your first week is going well? Great. As you start to find your feet, I want to make sure we have a shared understanding of what success looks like here. Apologie...
You’ve probably heard about the massive wildfires in Northern California. You probably know that they’re huge, that over 50 people have died, and that some wineries have burned. You might hav...
I’m not a fan of including social engineering – spearphishing, calls to support tickets, office visits – as part of penetration tests. These activities are risky, and often involve borderli...
https://jacobian.org/2017/jun/27/social-engineering-pentests/
Pytest is my preferred Python testing library. It makes simple tests incredibly easy to write, and is full of advanced features (and tons of plugins) that help with more advanced testing scenario...
https://jacobian.org/2016/nov/27/getting-started-with-pytest/
Videos from Django Under the Hood 2016 are up - check ’em out! As usual, the conference was amazing and the content was fantastic. I really enjoyed all the talks, and they’re all worth your t...
Django’s admin site is about 12 years old. It started circa early 2004 as an internal CMS at the Lawrence Journal-World, was released as part of Django in 2005, and has been chugging away ever ...
There are a couple of metaphors that tend to guide my thinking about the practice of security: ratchets and levers. Ratchets Dr. Schorsch, CC-BY-SA 3.0, via Wikimedia Commons A ratchet is a kind ...
The 2016 edition of Verizon’s Data Breach Investigations Report is out, and as usual it’s compelling reading. The DBIR is one of the only sources of hard data about information security, whic...
I’ve started a curated reading list for InfoSec engineers. I was inspired by Mark McGranaghan’s Services Engineering reading list. I really enjoy these kinds of personal, highly-curated readi...
https://jacobian.org/2016/apr/20/infosec-engineering-reading-list/
My co-worker Eric Mill recently brought up the topic of psychological safety. Referencing a study by Google that points to psychological safety as a key factor in successful teams, Eric wrote: Ma...
https://jacobian.org/2016/apr/18/psychological-safety-in-infosec/
I run a distributed team, across nine hours of time zone offset, so staying in sync takes some work. We’ve been fooling around with different methods and cadances for our sync-ups, so as a way ...
A few folks have asked about a link between my PyCon talk and Shanley’s writing, specifically her essay 10x Engineer, which you can find in her essay collection, Your Startup Is Broken. Shanley...
Context: Uber Executive Suggests Digging Up Dirt On Journalists, The moment I learned just how far Uber will go to silence journalists and attack women. An old adage: “never pick a fight with s...
https://jacobian.org/2014/nov/18/uber-and-the-fourth-estate/
Please join me in helping making the Python community better by supporting the Ada Initiative. Last year, the Python community raised $10,000 for the Ada Initiative. This year I am betting we can...
TL;DR: Ignore Jeff; read Shanley. Jeff Atwood: If you see any behavior that gives you pause, behavior that makes you wonder “is that OK?” speak up. Honestly, as one man to another. OK, you g...
Obligatory Disclaimer: this post discusses unlimited vacation policies. My employer (Heroku) has one such policy. However, this post isn’t really specifically about Heroku’s policy; it’s ab...
Adrian broke the news: today, he and I are retiring as BDFLs, transitioning to a truly community-run project. Adrian wrote a bit about the history of the BDFL term and our roles wearing that hat....
It’s impossible to get good bagels further west than about New Jersey, so I make my own. My recipe’s adapted from Baking Illustrated, Alton Brown’s pretzel recipe (yes pretzels, see below),...
Dear friends in the Node community, I’m excited and inspired by the work that you’re doing. Being new is exciting: you get to re-invent the world, and shape it to suit your purposes. You’re...
Yesterday brought news of TRUCEConf. It’s a terrible, dangerous and insulting idea. The organizers should reconsider, either canceling the event or changing its scope and mission radically. I h...
Three things I want to remember from XOXO, written in haste as the conference wraps up: Optimism XOXO is so un-snarky, so radically honest and sincere, that it almost feels like another world. XO...
I believe deeply in the importance of gender equality, yet I work in open source, a community with shockingly few women. The Ada Initiative is working together with people like me to bring more w...
Getting new features into Django isn’t easy. It’s that way for a reason — I spoke recently about why conservatism is a virtue — but it does happen. I’d like to do a better job e...
https://jacobian.org/2013/may/23/getting-features-into-django/
I’ve joined Heroku as their Director of Security. Why? I started as a Heroku skeptic. The first iterations of Platform-as-a-Service left me deeply underwhelmed. “Deploying web apps is hard,�...
Here’s a quick way to automatically regenerate your Sphinx docs as you make changes to the source. There’s probably a million ways to do this; here’s mine: $ pip install watchdog $ watchmed...
In 2007, and again in 2009, I made an attempt to measure the size of the Django community. By popular request — okay, a couple people asked for it, whatever — let’s do this thing again. Use...
Since moving to the country a year ago my weekends and evenings have turned into project time. I’m a cheapskate, so I’ve been buying and repairing lots of used tools and making a lot of my ow...
As usual, what I write here is my opinion and I don’t speak for anyone else. In particular, this isn’t any sort of official PyCon anything. Recently, tech conferences have started publishing ...
P.J. Eby: The cardinal rule of successful groupware is that those who put information into the system must receive a proportional benefit for their efforts, or those who want to get information o...
Here’s a thought that’s been rummaging around in my brain for some time now: is there a market for commercial, closed-source Django apps? Suppose someone released a high-quality, well-documen...
Consider a simple photo storage service as an API. Users can only interact with the API if they’ve got an account. Let’s say authorization happens over HTTP Basic. Given that, would you use U...
Rusty Russell — a hacker I admire greatly — writes: “If you didn’t run code written by assholes, your machine wouldn’t boot.” This was passed on to me by Ben Elliston, ex-gcc hacker a...
Are you looking for an awesome web development gig? Then you should come work for me at Revsys. We’re hiring a full-time Python/Django developer. Update: The position’s been filled. That said...
I’m looking for some help-desk style software with some very specific features: Users create new help requests by emailing a support@example.com-style email. There should be some sort of concep...
This is the second part in my series about building a build farm for Django with Buildbot. Part 1 covered some background, including the specific problems facing a CI system for Django’s core d...
https://jacobian.org/2010/nov/9/configuration-and-architecture/
Buildbot, the venerable Python continuous integration server, has the reputation of being complex and difficult to set up. After spending a couple of weeks deep in Buildbot land, I’ve come to t...
Frank and I held our first Revsys “office hours” this past Friday, November 5th. We’ve taken the IRC transcript, organized and cleaned it up a bit, and posted it online for those who couldn...
(Cross-posted from the Revsys blog; I think folks here might be interested, too.) Next month I’ll be teaching two new one-day classes, both of which evolved from common questions we get at Revs...
Look, people, cooking isn’t hard. Some recipes are hard, but really most of the best, classic dishes are as easy as pie . Take a nice roast chicken. It’s showy – whole birds look fantastic ...
Since 1.0, Django’s supported model inheritance. It’s a neat feature, and can go a long way towards increasing flexibility in your modeling options. However, model inheritance also offers a r...
On Twitter, I asked, “what’s your favorite third-party Django app?” Eight hours later, I’ve got about 50 replies. I meant the question to be fairly open-ended – I deliberately didn’t ...
Christophe Pettus: What does mean? It clearly means something along the lines of, “Can handle lots of transactions per unit time,” but how many? I mean, WordPress with WP-SuperCache is “we...
Peter Norvig: language choice is not as important as all the other choices: if you have the right overall architecture, the right team of programmers, the right development process that allows f...
man tar: The GNU folks, in general, abhor man pages, and create info documents instead. Unfortunately, the info document describing tar is licensed under the GFDL with invariant cover texts, whic...
Mark Shuttleworth: Tribalism is when one group of people start to think people from another group are “wrong by default”. It’s the great-granddaddy of racism and sexism. And the most danger...
https://jacobian.org/2010/jul/31/mark-shuttleworth-tribalism/
Guido van Rossum: Maybe we’ve been too careful with only giving commit privileges to to experienced and trusted new developers. I spoke to Ezio Melotti and from his experience with getting comm...
Lately PyPI, the Python package index, has been having some availability issues. When PyPI goes down it really hurts Python developers: we can’t install new packages, bring up new development e...
Backwards compatibility is pain sometimes: # We need backwards compatibility with code which spells it this way: # def my_view(): pass # my_view = cache_page(my_view, 123) # and this way: # my_vi...
D’oh: django/contrib/admin/util.py django/contrib/admindocs/utils.py django/contrib/comments/views/utils.py django/contrib/formtools/utils.py django/contrib/gis/db/backends/util.py django/contr...
I had the pleasure of being on a forms panel at PyCon 2010 chaired by Brandon Craig Rhodes. To get a stable baseline, Brandon asked each of us to provide code showing how each forms toolkit might...
Early registration ends Friday for the March Advanced Django Class I’m teaching, so if you’re planning on coming, you should sign up soon! I’m really excited about this class: we’ll get t...
Ian Hickson (emphasis added): Someone whom I can’t identify publicly, since he posted only on one of the secret W3C member lists, contributed to the following thread Net result: the latest pub...
Ubuntu 9.10 installs PostgreSQL with a default encoding of SQL_ASCII. This is dumb: SQL_ASCII basically means “I don’t care about the encoding of my data; just store garbage.” This is espec...
I’m supposed to be this expert on writing, right? So how come my previous articles have had so many errors? Simple: my blog doesn’t have an editor. That’s typical for a blog, but it’s unf...
Now that I’ve discussed what kinds of technical documentation to write, I can move on to the question of how to actually develop a writing style that produces great technical documentation. Lea...
Tech docs can take a bunch of different forms ranging from high-level overviews, to step-by-step walkthroughs, to auto-generated API documentation. Unfortunately, no single format works for all u...
I travel quite a bit. This means I’ve often experienced a particularly geeky form of pain: the frustration of missing that one cable or power adaptor I really need. This has happened to me enou...
In March of 2007, I attempted to measure the size of Django’s community. That March turned out to be a major inflection point in Django’s growth: the release of 0.96 brought a lot of new feat...
It’s fashionable, or perhaps inevitable, for tech communities to trash their competition. The Emacs folks like to mock vi users; Windows folk look down on us Mac users (and Linux users mock us ...
Commit bits What’d you do the day you started your job? Got a little tour. Found your desk. Some HR paperwork. Figured out the network. Set up your new company machine. Got your VPN credentials...
Last night Rackspace Cloud had some downtime. Reading post-mortems is always instructive, so let’s see what we can learn from Rackspace. It sounds like this downtime was caused by a power issue...
https://jacobian.org/2009/nov/3/lessons-from-rackspace-downtime/
The power of “no” Last week, I wrote on Twitter: Closed-source software gets worse with each release (Microsoft, Adobe, …). Open-source software gets better (OOo, Ubuntu, …). Discuss. Muc...
Please die in a fire: From: <…@hootsmart.com> Subject: I would like to offer free SEO for the djangoproject.com Hi Jacob, I would like to offer my SEO services free of charge for the djangoproj...
Daniel Dvorkin: In every field which was once exclusively male, but is now no longer, it’s been claimed first, that no woman can perform alongside men; second, when the first claim is disproven...
This is a paid advertisement. My friends and former co-workers at Whiskey Media are looking for a developer to join their team. I can’t possible say enough good things about Whiskey Media: it�...
Ryan’s I like Unicorn because it’s Unix appears to have started a mini-meme of folks writing simple forking network servers in their language of choice. I’m really enjoying reading ’em �...
Ryan Tomayko’s I like Unicorn because it’s Unix should be required reading for anyone doing anything involving networks or unixes these days. Like Ryan, I share a deep appreciation for the da...
I’m pleased to announce that I’m teaming up with Steve Holden and Holden Web to teach a one-day Django Master Class. The class’ll be in Washington, DC on October 16th, 2009. I’ll be cover...
Mike Malone emailed me an interesting question, which I thought I’d answer publicly: under the BSD license. We want to accept patches from the community, but were wondering whether we need to ...
https://jacobian.org/2009/sep/17/contributor-license-agreements/
A talk given at PyCon Argentina and PyCon Brazil, 2009. Web development sucks. It’s true: web development, at its worst, is difficult, repetitive, and boring. The tools we have suck. At best, t...
A quick reminder: if you’re thinking of coming to me week-long Django course in Kansas City next month, today’s the last day to sign up at early-bird pricing. The price goes up by $500 tomorr...
I’m pleased to announce that I’ll be teaching a week-long introductory Django course in Kansas City, September 21st - 25th. Teaching’s folks how to use Django is one of my favorite things t...
foo.py is a Python library released under the GPLv3. bar.py is a library distributed commercially. If bar contains import foo, must bar.py be released under the GPL? Does the answer change if foo...
Django’s session and authentication frameworks are designed to Just Work™, and can seem pretty magical. Like the rest of Django, though, these parts aren’t magic — just Python. So let’s...
Yes, it’d be nice if contractors kept up to date on the progress of the various building codes. They don’t. There are a lot of people who asked about the building codes in the 1970s and were ...
Okay, time to import this code into SVN. svn import, right? This should be easy! svn import https://...../trunk/ Oh crap, that tried to import everything. ^C Guess I’ll just set svn:ignore. svn...
Need an experienced Python/Django developer? A good friend of mine is looking for a new gig. He’s employed currently and wants to keep his search on the D/L, so I’m putting the word out on hi...
I got a lot of great feedback on my buildout tutorial I posted last week. In general, the comments there have some excellent tips, tricks, and extra pointer, so check ’em out. After reading the...
Developing a Django app with zc.buildout Over the weekend I put together django-shorturls, the latest in a series of small plugable Django apps I’ve written. This time, though, I used zc.buildo...
Python has one package distribution system: source files and setup.py install. And easy_install. Python has two package distribution systems: setup.py install and easy_install. And zc.buildout. P...
https://jacobian.org/2009/apr/13/nobody-expects-python-packaging/
Hey, look, it’s a new W3C site. Hm: Ooh, XHT...
I’m sitting here at PyCon at the Python Language summit discussing differences between Python versions, and the topic of implementation details came up. The main part of getting Django working ...
https://jacobian.org/2009/mar/26/python-implementation-details/
It’s the era of change, I suppose… Starting today I’m joining Frank Wiles – a good friend and fellow Lawrencian – at his consulting firm, Revolution Systems, LLC. I’m really excited t...
An input form that takes raw HTML. It’s a pretty common thing to see in web apps these days: many comment forms allow HTML, or some subset thereof; many social-network-style applications allow ...
What a way to start the morning: Yup, that’s right; my former employer the Lawrence Journal-World – one of the most ground-breaking, award-winning, forward-looking, innovative news organizati...
This is a rough transcript, with links, of a 3-minute lightning talk I gave at LCA. It’s obviously not a complete argument; just a 180-second pitch for why the drama about Py3k is all smoke and...
https://jacobian.org/2009/jan/22/why-im-excited-about-python-3/
In the world of grammarians there are two competing camps: descriptivists and prescriptivists. Edward Finegan of the University of Southern California sums up the difference: Descriptive grammari...
https://jacobian.org/2009/jan/13/descriptivists-and-prescriptivists/
Since it comes up a lot, I thought I’d spend a bit of time writing up my thoughts on what django.contrib really is, and what including a package in it really means. The following is just my per...
It frustrates me when I hear people dismiss the differences between computer languages. There really isn’t any difference between languages, the argument goes, because “all Turing complete la...
Horizontal motion Bringhurst: Anything from 45 to 75 characters is widely regarded as a satisfactory length of line for a single-column page The 66-character line is widely regarded as ideal (2...
https://jacobian.org/2008/nov/21/typography-rhythm-proportion/
I’ve been working on redoing my website for at least the last year or so… and finally got it done. I drew obvious inspiration from the minimalism trend (c.f. Bennett, Tomayko, Pilgrim); the s...
A few weeks ago, I sent the following in a email to a co-worker asking for input on designing REST APIs in Django. Since then, I’ve quoted myself a few times; I thought these thoughts would be ...
PyCon 2008 Brain Dump There are some great roundups of the content at PyCon out there; this isn’t one of them. See, I have this notebook (Moleskine FTW!) I carry with me everywhere, and now it�...
I try not to get political here, so I’ll try to keep this as neutral as possible. Bruce Perens is running for a board seat at the Open Source Initiative and has asked for public support. My tak...
Almost four years ago, Adrian posted about a job opening at this little newspaper in the middle of the country. He wrote that World Online is one of the most innovative online-news operations in...
Paul Graham: Arc only supports Ascii. MzScheme, which the current version of Arc compiles to, has some more advanced plan for dealing with characters. But it would probably have taken me a couple...
I’ve got a couple of sweet upcoming speaking/teaching gigs coming up, and now I’m going to pimp them out. If you’re not down with self-promotion, you should read no further. February 22-23 ...
A quick update on the Django Book: Adrian and I wrapped up the last few bits last week, and the book went to the printer on Friday. It should start shipping to bookstores around the second week o...
I’ll have more notes about CouchDB later tonight. First, though, I want to step back and look at the big picture. A few months ago, Bill de hÓra wrote that “a framework like Django or Rails ...
I’m playing with CouchDB tonight. Some first thoughts, as they occur to me: The build process was very easy. I already had Erlang and all the standard automake/autoconf crap installed, so it wa...
I’ve been following with interest as Derek Willis explores Caspio, a sort of hosted data-driven web app tool for journalists. The following started out as a comment on his blog, but soon balloo...
My personal security plan Prompted by recent reading on cryptography and computer security, I’ve been rethinking my pretty lax personal security plan. Right now I’m doing a number of pretty s...
I’m a food geek. I spend my free time contemplating recipes. I bore my friends by talking about the Maillard reaction and annoy them by saying things like, “did you know that cheesecakes aren...
Like everyone else, I got sick of looking at Marker Felt on my iPhone. So I did something about it. OK, so it wasn’t a huge amount of work; I mostly pieced together the cool shit that others ar...
Dear Adobe – Acrobat sucks gigantic mountain-goat testicles. Everything about it from the installer to the interface to its performance seems designed to be as user-hostile as possible. Everyon...
There’s a fun thread over at Poynter’s Online News mailing list about what the future might hold for digital journalism. I thought I’d post my contributions here as well: Steve Yelvington: ...
I’ve always thought that the sign of a healthy Open Source project is a vibrant ecosystem around that project. That’s why I’ve been thrilled to see that there are a bunch of cool third-part...
I’m extremely excited to announce our new internship program here in Lawrence. Starting this summer we’re going to be hiring interns to join our kick-ass team and learn the ropes. If you’re...
So here’s a question I get asked a lot: “How big is Django’s community?” Anyone who works in open source knows that it’s basically impossible to know the size of any open source communi...
“Be liberal in what you accept.” dummy_thread » entry.bozo » req.assbackwards » UnicodeDammit » x possibly equals y »
It’s been a bad new year for Wikipedia, and it’s probably just going to get worse. While watching such a noble experiment come apart at the seams is depressing, it seems there’s a pretty va...
What a fun morning. The Daily Python-URL carried a link to an Engadget story featuring a picture of the OLPC from PyCon (Ian Bicking’s badge is visible in the background). Hey, doesn’t that p...
Inspired by Titus (who was in turn inspired by brian d foy), here’s what I hate about Python. I completely agree with Brian that you can’t trust any advocate who doesn’t know enough to find...
Overheard at PyCon: James Tauber: “Reinventing the wheel is great if you’re trying to learn more about wheels.” Adrian Holovaty: “Having Python produce JavaScript is like using a motorize...
Lately there’s been a big flare-up of web geek dick waving. This happens from time to time, and every time it just pisses me off to no end. All this arguing over “glue” versus “decoupled�...
I’ve been trying to make outstanding fried chicken for about four years, and I think I’ve finally got it. I don’t mean to toot my own horn, but I just made the best damn fried chicken I’v...
I swear, sometimes this programming thing is really just the digital equivalent of baling twine and duct tape. If you happen to be watching 6News in Lawrence last night, you’d have seen the ele...
Wanted: kick-ass sysadmin Update: The position has been filled. Thanks to all who applied. A quick note: we’re currently hiring a sysadmin to join us here at World Online. The complete job deta...
So it seems the BDFL Pronounced that Django is the Python web framework. Obviously this makes me pretty damn happy. I’m sure this will help people trying to choose a web framework come to Djang...
Post-OSCONum part 1: try not to suck Good lord, I’m exhausted. OSCON was amazing. It’s clear that a sea change is occurring in the open source movement: to paraphrase Tim O’Reilly’s keyno...
Lately a large number of questions posted to django-users have included phrases like “this is a show-stopper” or “this is critical”. I think it’s worth my time to point out that this is...
My last entry about my dog eating my DSlite hit Digg (screenshot), Reddit (screenshot), and a couple of other big-traffic sites over the weekend. Pretty cool, but the coolest part is that my serv...
So I came home to find this: He mangled the thing pretty good, but amazingly it still turns on, albeit with a busted touch-screen. However, Nintendo’s customer service provides a happy(ish) en...
I just found this in my django-ego-feed: 23 excuses: Simple Django View for Dynamic Text Replacement I’ve been using something similar to generate the titles for the site (look at the title abo...
I’m about to print up some Django shirts to take to OSCON next month – got any ideas? We gotta move pretty fast (we’re going to try to get an order in to the printer this week) so if you’...
Some Django propaganda: Video killed the radio star The talk I gave last week at Google is now up on Google Video. I covered similar ground to what Adrian talked about at Snakes and Rubies so if ...
Inspired by Online News Squared, and with my sincerest apologies to Adrian, I give you chicagomime.user.js (requires Firefox and Greasemonkey).
Update Ack – I mistyped the date on this page! The meetup will be Thursday, April 27th (not Wednesday as this originally said). Hopefully that still works for anyone planning to come… Later t...
Brian Beck just announced that he’s beginning work on Merquery, a full-text indexer and search engine specifically designed for developers using RAD frameworks like Django. I’m so excited abo...
I just found this reading through the Amazon Web Services license: EXCEPT TO THE EXTENT PROHIBITED BY APPLICABLE LAW, AMAZON DISCLAIMS ALL WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED W...
As the saying goes, if it sounds too good to be true, it probably is. A few weeks ago I applied for Sun’s Niagra try-before-you-buy program hoping to get a chance to benchmark how a Django stac...
So Sun’s giving away T2000 servers for free. Well sort of, anyway: you get to try ’em for 60 days, and according to Jonathan Schwartz if you post benchmarks of the thing’s performance, the ...
For anyone looking for the Django stuff I showed off at PyCon: Slides from my presentation (PDF version ) The Sudoku app I demonstrated Source to the Sudoku app
What Would Bill Do? Bill would increase debt by $851 billion Bill would require universities to disclose deals between professors, businesses Bill would let immigrant students pay in-state tuitio...
Here’s a simple class for a template tag that caches its output (with apologies to Chris Parnell and Andy Samberg): from django.core import template from django.core.cache import cache from dja...
Inspired by Guido van Rossum’s plea to be taught web frameworks here are (in no particular order) ten reasons why he — and you — should use Django. 1. Django works — right now Don’t be ...
I’m thrilled to announce we’ve hired James Bennett (a.k.a ubernostrum in #django) as World Online’s new front end developer. About a month ago he wrote: I’m desperately looking for someon...
Yes, the Snakes and Rubies videos are now online. No, they’re not perfect. No, I’m not going to wait for FCP to re-render any more. I’ll write a post-mortem after I’ve gotten some sleep; ...
Since my last post hit the Dojo folks pretty hard for the lack of documenation, I’d be remiss if I didn’t point out that they now have a manual online. It’s far from complete at this point,...
After hearing some rave reviews of Dojo on django-dev, I finally got around to checking it out today. Here are my thoughts (with an obvious focus towards) using Dojo with Django). The good Dojo i...
Have more than thou showest, Speak less than thou knowest, Lend less than thou owest, Ride more than thou goest. — King Lear 1.4.71-4
Django handles lots of traffic with ease; Django sites have survived slashdottings, farkings, and more. Here are some notes on how we tweak our servers to get that type of high performance. Use a...
Want to work for the most innovative news organization in the country, if not the world? Want to join a team of the best and brightest online media developers? Want to get paid to create award-wi...
Want to work for the most innovative news organization in the country, if not the world? Want to join a team of the best and brightest online media developers? Want to get paid to create award-wi...
Ubuntu “Breezy” doesn’t have lighttpd (yet), and the only Ubuntu binaries I could find were (a) stale and (b) compiled for x86. Building lighty from source with the standard configure; make...
One of the questions asked at Snakes & Rubies was about what Django could learn from Rails (and vice versa). Once I finish wrestling Final Cut Pro to the ground you’ll be able to see how Adrian...
I really love allofmp3.com. It’s really everything a music download service should be: the site is nicely designed, works perfectly, and allows you to download music in whatever codec you prefe...
As I was going over some notes on our internal wiki, I ran across a list of rejected names for the framework that become Django: brazos superglue bodhisattva webbing boidae bohdi skoro consolidat...
When a job listing says it requires knowledge of web standards, don’t bother applying if you haven’t changed your markup since 1998. From the web page of a designer applying for the senior de...
The Microsoft way Windows 2003 Server, Enterprise Edition: $3,999 Visual Studio.NET, Enterprise Edition: $2,499 per developer SQL Server, Enterprise Edition: $19,999 per processor Programming in ...
For three 3 eggs 2 cups flour 3/4 teaspoon baking powder 3/4 teaspoon salt 2 tablespoons sugar 1 - 1 1/2 cup milk 3 tablespoons melted butter For four 4 eggs 2 2/3 cups flour 3/4 teaspoon baking ...
Sam Newman just posted a comparison of Django and Rails which is extremely balanced and fair, and a very good read. I’ve obviously got a few bits of feedback, so here goes: Background As a fram...
Well, now. I hear that there’s this thing all the cool kids are doing. Something about a web stick, or a web tree or something… Web Log, that’s it. (Hear that? It’s me running after the b...