Thoughts and Tidbits

Technical Museum

All Hardware Maps ML & AI Music Social Tools Writing Apps & Games

Deciduous

Decision graph CLI for tracing how software decisions evolve

Deciduous Archaeology Demo

Demonstrations of decision archaeology on React and stacked git workflows

Phish Explorer

Jam analytics dashboard for Phish 3.0 era

Local LLM on MacBook

4-bit quantization, safetensors, and Bumblebee + EMLX for Apple Silicon

A Bot that posts like me

Porting the posting bot to Elixir using local LLM work

Receipt Printer Software Suite

A complete software suite for thermal receipt printers

Role Call

TV writer overlap explorer

Fill Your Sky

Interactive map of 418+ Bluesky communities with 545K+ people

Code Mirror

A live code mirror experiment

Pocket Pnin

A local LLM running on my iPhone, coming to the App Store for free

NYC Census Maps

Interactive census and PLUTO data visualization for New York City

MTA Bus Tracker

Real-time MTA bus and train tracking on an interactive map

Concert GIF Maker

Extract GIFs from concert videos with a retro Mac interface

Send a VERY direct message, to my receipt printer

A social project where friends send photos that print on my receipt printer

Archive TV

A real over-the-air TV channel from magnetic media archives

Losselot

Neural network loss function explorer

Todoinksies

A personal todo app

Ormery

An ORM written in Temper

Collage Maker

Upload photos and arrange them into grid collages

GenStage Tutorial 2025

A modern GenStage tutorial for the Elixir ecosystem

Temper Rust Bug

Found a bug in the Temper compiler and built a demo repo

300+ Years of Tree Law

A blog post that became its own LiveView application

HEEx in Other Languages

Experiments porting Phoenix HEEx templates to Rust, Lua, C#, Java, Python, and JS

Live Draft LSP

Live-stream blog drafts from Zed to Phoenix via a custom LSP

Bluesky Hoover Apps

Various apps that vacuum up and process the Bluesky firehose

Bobby Posts Bot

A bot that posts like me, in Python

Photo Booth Receipt Printer

A portable photo booth that prints on receipt paper

Nathan For Us

A Nathan For You social network with video search and GIF creation

Browser History Roast MCP

An MCP server that roasts you based on your browser history

GenStage Tutorial (Original)

The original GenStage tutorial

Bluesky Firehose Toys

Real-time firehose visualizations: emoji streams, jetstream comparisons, and more

31 exhibits Apps & Games

MY FAV
LEICA SHOTS

Work Log — Recent Commits

+4108-0 notactuallytreyanastasio/nvim_temper_syntax_highlighter/main Mar 15 15:57

cf510c3 Auto-publish from templight@d19a7d0

+67-0 notactuallytreyanastasio/templight/main Mar 15 15:57

7338a18 Add README Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+6161-0 notactuallytreyanastasio/templight/main Mar 15 15:56

1fe9a5a Add Neovim plugin source, build output, and CI workflow - nvim/: plugin source files (ftdetect, plugin, highlighting logic) - temper.out/lua/: committed build output for CI testing - .github/workflows/: CI that runs Lua tests and publishes to nvim_temper_syntax_highlighter on success Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+3465-1 notactuallytreyanastasio/templight/main Mar 15 15:56

d19a7d0 Include luaunit in committed build output for CI tests Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+14-14 notactuallytreyanastasio/snake-js/main Mar 15 14:25

3c5373c Update from temper_snake a39098b041de1619f89cf75b20e1b9365fc7ee3c

+375-257 notactuallytreyanastasio/temper_snake/main Mar 15 14:22

a39098b write up teh whole thing a bit more

07a8562 write up the process a bit more

+16-16 notactuallytreyanastasio/snake-js/main Mar 15 08:54

a43dcf6 Update from temper_snake 0344778b5417ec14c5717d2cff2765f03dca4b5a

+19-19 notactuallytreyanastasio/snake-java/main Mar 15 08:54

d125fa1 Update from temper_snake 0344778b5417ec14c5717d2cff2765f03dca4b5a

+19-19 notactuallytreyanastasio/snake-csharp/main Mar 15 08:54

a024134 Update from temper_snake 0344778b5417ec14c5717d2cff2765f03dca4b5a

+10-10 notactuallytreyanastasio/snake-js/main Mar 15 08:48

ebd07ef Update from temper_snake 26476b980303ae985689513527c1731356962183

+23-15 notactuallytreyanastasio/snake-lua/main Mar 15 08:47

91e3fd5 Update from temper_snake bc2e9fd57ff0765930c54c5a8c0b6c14ad2c46a1

+33-27 notactuallytreyanastasio/snake-js/main Mar 15 08:47

b5ca7cb Update from temper_snake bc2e9fd57ff0765930c54c5a8c0b6c14ad2c46a1

+22-15 notactuallytreyanastasio/snake-rust/main Mar 15 08:46

04421f1 Update from temper_snake bc2e9fd57ff0765930c54c5a8c0b6c14ad2c46a1

+19-15 notactuallytreyanastasio/snake-python/main Mar 15 08:46

cc0105d Update from temper_snake bc2e9fd57ff0765930c54c5a8c0b6c14ad2c46a1

+22-15 notactuallytreyanastasio/snake-java/main Mar 15 08:46

073a11b Update from temper_snake bc2e9fd57ff0765930c54c5a8c0b6c14ad2c46a1

+23-15 notactuallytreyanastasio/snake-csharp/main Mar 15 08:46

d11e917 Update from temper_snake bc2e9fd57ff0765930c54c5a8c0b6c14ad2c46a1

+12-5 notactuallytreyanastasio/temper_snake/main Mar 15 08:44

26476b9 docs: final README polish - fix build commands, controls, summary - Build command: gradlew installDist (not cli:build) - Show all 6 backend build commands - Controls: no Enter needed (raw mode) - Summary: updated file/line counts to include follow-up fixes Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+92-14 notactuallytreyanastasio/temper_snake/main Mar 15 08:42

bc2e9fd feat: add backend-specific compiler change details to child repo READMEs Each of the 6 published repos now explains exactly what had to change in the Temper compiler to make that backend work: - JS: auto-connected pattern, setTimeout + process.stdin raw mode - Python: ThreadPoolExecutor futures, tty/termios raw mode - Lua: cooperative coroutine scheduler, non-blocking IO polling - Rust: cross-crate FunctionCall paths, dependency detection fix - C#: native async/await, net8.0 framework, namespace fixes - Java: CompletableFuture + ForkJoinPool, timeout fix, stty raw mode Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+161-33 notactuallytreyanastasio/snake-lua/main Mar 15 08:29

d3109c1 Update from temper_snake d27a2fddc11e33daafd386ab9534e4084cb1d29b

+26-17 notactuallytreyanastasio/snake-csharp/main Mar 15 08:29

38abb24 Update from temper_snake d27a2fddc11e33daafd386ab9534e4084cb1d29b

+23-7 notactuallytreyanastasio/snake-python/main Mar 15 08:29

fcf2847 Update from temper_snake d27a2fddc11e33daafd386ab9534e4084cb1d29b

+67-12 notactuallytreyanastasio/snake-rust/main Mar 15 08:29

6180b3b Update from temper_snake d27a2fddc11e33daafd386ab9534e4084cb1d29b

+33-12 notactuallytreyanastasio/snake-java/main Mar 15 08:29

a2fe4a9 Update from temper_snake d27a2fddc11e33daafd386ab9534e4084cb1d29b

+30-14 notactuallytreyanastasio/snake-js/main Mar 15 08:29

1ce066c Update from temper_snake d27a2fddc11e33daafd386ab9534e4084cb1d29b

+19-3 notactuallytreyanastasio/temper_snake/main Mar 15 08:26

d27a2fd fix: update CI workflow with correct run commands for all backends - Python: add std to PYTHONPATH, update prereqs to 3.11+ - Java: add run.sh script (installs local Maven deps then runs) - Java run_cmd in README now points to run.sh instead of incomplete mvn command Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+9-71 notactuallytreyanastasio/snake-python/main Mar 15 08:11

79b8b32 Update from temper_snake 607863589efbf618cd4d0b2bf09037a93358517f

+9-90 notactuallytreyanastasio/snake-csharp/main Mar 15 08:11

ec41f3a Update from temper_snake 607863589efbf618cd4d0b2bf09037a93358517f

+9-70 notactuallytreyanastasio/snake-lua/main Mar 15 08:11

d685074 Update from temper_snake 607863589efbf618cd4d0b2bf09037a93358517f

+22-95 notactuallytreyanastasio/snake-js/main Mar 15 08:11

ad1ddd1 Update from temper_snake 607863589efbf618cd4d0b2bf09037a93358517f

+9-101 notactuallytreyanastasio/snake-rust/main Mar 15 08:11

724eca8 Update from temper_snake 607863589efbf618cd4d0b2bf09037a93358517f

+9-88 notactuallytreyanastasio/snake-java/main Mar 15 08:11

ea8dce6 Update from temper_snake 607863589efbf618cd4d0b2bf09037a93358517f

+400-51 temperlang/temper/do-crimes-to-play-snake Mar 15 08:08

ca3191c test: add functional test for `std/io` `sleep()` across backends Adds `control-flow/io-sleep/io-sleep.temper.md` to the functional test suite, verifying that `sleep()` from `std/io` works correctly: - Sleep returns and execution continues after `await` - Multiple sequential sleeps work - Zero-ms sleep resolves immediately - Sleep interleaved with computation produces correct results Uses short delays (5-10ms) to avoid slowing the test suite. Passes on: JS, Python, Lua, Java 17, C#. Skipped on Rust (`@Ignore`) because the Rust functional test infrastructure only links `temper-core`, not `temper-std`, so `import("std/io")` produces an unresolved crate at cargo build time. The Rust `sleep` implementation itself works (verified manually via the snake game with `cargo run`). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

4e085e3 fix: make all 6 backends run the snake game correctly Lua: - Replace temper.TODO stub with cooperative coroutine scheduler - async {} now compiles to temper.async_launch() (was "TODO") - LuaTranslator emits temper.run_scheduler() after top-level code - Non-blocking IO: sleep uses deadline-based promises, readLine uses stty min 0 time 0 for polling - Round-robin scheduler drives multiple async blocks cooperatively Rust: - Fix missing temper-std dependency in generated Cargo.toml - Connected functions (stdSleep, stdReadLine) reference temper_std:: paths but bypassed the import-based dependency scan - RustTranslator now tracks usedSupportFunctionPaths - RustBackend scans these after translation to inject temper-std dep with correct features - Also fixes missing temper_std::init() in generated lib.rs - Add raw terminal mode for single-keypress input Java: - Fix waitUntilTasksComplete() 10-second hard timeout - Now loops until ForkJoinPool is truly quiescent - Add raw terminal mode via stty for single-keypress input C#: - Update target framework from net6.0 to net8.0 (current LTS) - Namespace-qualify OrderedDictionary and AsReadOnly in RegexSupport.cs to avoid conflicts with System.Collections.Generic.OrderedDictionary introduced in .NET 9+ - Add single-keypress input via Console.ReadKey Python: - Add raw terminal mode for single-keypress input via tty/termios Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+455-39 notactuallytreyanastasio/temper_snake/main Mar 15 08:07

6078635 docs: update README with all 6 backend fixes and run commands - Lua: document cooperative coroutine scheduler replacing temper.TODO stub - Rust: document connected function dependency detection fix - Java: document waitUntilTasksComplete timeout fix - C#: document net8.0 target framework and OrderedDictionary namespace fix - Add run commands for all 6 backends (was missing Python, C#, Java) - Add prerequisites for all backends Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+100-8 notactuallytreyanastasio/snake-rust/main Mar 15 06:28

8356001 docs: add detailed compiler modification context for Rust backend Explains what was changed in the Temper compiler (commit 0f31c89) to make this game possible — RustSupportNetwork.kt, RustBackend.kt, and std/io/support.rs with thread::sleep + PromiseBuilder pattern. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+89-8 notactuallytreyanastasio/snake-csharp/main Mar 15 06:28

644acf8 docs: add detailed compiler modification context for C# backend Explains what was changed in the Temper compiler (commit 0f31c89) to make this game possible — StandardNames.kt, CSharpSupportNetwork.kt, CSharpBackend.kt, and std/Io/IoSupport.cs with native async Task.Delay. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+70-8 notactuallytreyanastasio/snake-python/main Mar 15 06:28

e647da7 docs: add detailed compiler modification context for Python backend Explains what was changed in the Temper compiler (commit 0f31c89) to make this game possible — PySupportNetwork.kt and temper_core/__init__.py with ThreadPoolExecutor-based sleep and Future-based readLine. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+69-8 notactuallytreyanastasio/snake-lua/main Mar 15 06:28

212eed0 docs: add detailed compiler modification context for Lua backend Explains what was changed in the Temper compiler (commit 0f31c89) to make this game possible — temper-core/init.lua with synchronous blocking sleep, temper.TODO() async stub, and make_resolved() pattern for await translation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+82-9 notactuallytreyanastasio/snake-js/main Mar 15 06:28

75a4c9d docs: add detailed compiler modification context for JavaScript backend Explains what was changed in the Temper compiler (commit 0f31c89) to make this game possible — JsSupportNetwork.kt, JsBackend.kt, and temper-core/io.js with setTimeout-based sleep and raw mode stdin readLine. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+87-8 notactuallytreyanastasio/snake-java/main Mar 15 06:28

389ab33 docs: add detailed compiler modification context for Java backend Explains what was changed in the Temper compiler (commit 0f31c89) to make this game possible — StandardNames.kt, JavaSupportNetwork.kt, and Core.java with ForkJoinPool Thread.sleep + CompletableFuture. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+14-14 notactuallytreyanastasio/snake-js/main Mar 15 06:13

963db3d Update from temper_snake 8d15eff257d06df8969d197fa1b6d6d36da346ca

+222-1 notactuallytreyanastasio/temper_snake/main Mar 15 05:59

72c63eb feat: CI pipeline to build and publish snake to 6 language repos GitHub Actions workflow that: - Builds Temper compiler from do-crimes-to-play-snake branch - Compiles snake game for JS, Python, Lua, Rust, C#, Java - Runs 18 tests - Publishes compiled output to 6 child repos via SSH deploy keys Child repos: snake-js, snake-python, snake-lua, snake-rust, snake-csharp, snake-java Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+35-8 notactuallytreyanastasio/temper_snake/main Mar 15 05:49

0e8f644 get the build right

+134-0 notactuallytreyanastasio/temper_snake/main Mar 15 05:46

9670598 tell a story

+62-0 notactuallytreyanastasio/temper_snake/main Mar 15 05:41

c8c27ab docs: add KNOWN_ISSUES.md for Rust backend dep resolution bug Documents the temper-std missing dependency issue when multi-module projects import from std/io in a secondary module. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+208-162 notactuallytreyanastasio/temper_snake/main Mar 15 05:30

9218db1 feat: real-time keyboard input via two async blocks Split into 3 pure Temper modules: - src/ (snake library): pure game logic, types, render, PRNG - game/ (snake-game runner): two async blocks for stdin input + game loop - test/ (snake-test): 18 tests, separated to avoid readLine blocking Game uses w/a/s/d + Enter for direction control. Input loop and game loop cooperate via shared mutable direction variable. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+23-5 notactuallytreyanastasio/alloy/main Mar 14 11:51

38e266a Fix native test detection: install pytest, use pipefail Two bugs prevented Python test failures from being caught: 1. pytest was never installed — pip only installed the ORM packages 2. pipe to tee swallowed exit codes — tee always succeeds, masking the actual test runner exit code Fixes: add `pip install pytest` before running tests, add `set -o pipefail` to all native test steps so failures propagate. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+118-34 notactuallytreyanastasio/alloy/main Mar 14 11:44

106f24a Run native runtime tests on generated code before publishing Test matrix now runs both `temper test -b <lang>` AND native tests (pytest, npm test, cargo test, etc.) against temper.out/<lang>/. Publish is gated on native test results. Issues auto-opened only when temper tests pass but native tests fail (codegen bug signal). Reverts notify-app-template to simple vendor push since all testing now happens in the top-level alloy repo. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+3-167 notactuallytreyanastasio/alloy-js/main Mar 14 11:22

176770f Update from alloy 8e45223e9a5f78ce5ce7569f6012d77711f3f03b

+3-167 notactuallytreyanastasio/alloy-csharp/main Mar 14 11:22

03e5369 Update from alloy 8e45223e9a5f78ce5ce7569f6012d77711f3f03b

+3-167 notactuallytreyanastasio/alloy-py/main Mar 14 11:22

60f013b Update from alloy 8e45223e9a5f78ce5ce7569f6012d77711f3f03b

+3-167 notactuallytreyanastasio/alloy-java/main Mar 14 11:22

9ba52d0 Update from alloy 8e45223e9a5f78ce5ce7569f6012d77711f3f03b

+3-167 notactuallytreyanastasio/alloy-rust/main Mar 14 11:22

a5945bb Update from alloy 8e45223e9a5f78ce5ce7569f6012d77711f3f03b

+0-118 notactuallytreyanastasio/alloy-java-app/main Mar 14 11:22

fb17652 Update ORM vendor from 9ba52d01dfa2abb7eba10010b27fce231c0f5fab

+3-167 notactuallytreyanastasio/alloy-lua/main Mar 14 11:22

f6b603f Update from alloy 8e45223e9a5f78ce5ce7569f6012d77711f3f03b

+0-467 notactuallytreyanastasio/alloy-rust-app/main Mar 14 11:22

8b8c7bf Update ORM vendor from a5945bb70e40676bc5bf06312084e8c4baf7fa69

+0-23497 notactuallytreyanastasio/alloy-js-app/main Mar 14 11:22

711a98e Update ORM vendor from 176770ff7b7231be3f3842a0bfee6e620c1076a3

+61-169 notactuallytreyanastasio/alloy/main Mar 14 11:16

8e45223 Add per-backend test gating with auto-issue on failure - New test matrix job: runs `temper test -b <lang>` for all 6 backends in parallel (js, py, rust, java, lua, csharp) - Publish job gated per-backend: only pushes to lib repo if that backend's tests passed, preventing broken code from cascading - Auto-opens GitHub issue with test output on failure, comments on existing issue if one is already open - Reverts notify-app-template to simple vendor push (testing moved upstream to avoid PAT requirement for cross-repo issue creation) - Build job uploads Temper compiler + ORM source as artifacts for test matrix consumption Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+167-3 notactuallytreyanastasio/alloy-java/main Mar 14 03:20

0add71b Update from alloy 92aa09f508b14fcd34bbc6b93f1bd900043dd774

+167-3 notactuallytreyanastasio/alloy-rust/main Mar 14 03:20

3d2c2c6 Update from alloy 92aa09f508b14fcd34bbc6b93f1bd900043dd774

+167-3 notactuallytreyanastasio/alloy-py/main Mar 14 03:20

bda2f0b Update from alloy 92aa09f508b14fcd34bbc6b93f1bd900043dd774

+167-3 notactuallytreyanastasio/alloy-js/main Mar 14 03:20

191469e Update from alloy 92aa09f508b14fcd34bbc6b93f1bd900043dd774

+167-3 notactuallytreyanastasio/alloy-lua/main Mar 14 03:20

3e8b52d Update from alloy 92aa09f508b14fcd34bbc6b93f1bd900043dd774

+167-3 notactuallytreyanastasio/alloy-csharp/main Mar 14 03:20

7636cd5 Update from alloy 92aa09f508b14fcd34bbc6b93f1bd900043dd774

+23497-0 notactuallytreyanastasio/alloy-js-app/main Mar 14 03:20

7d44610 Update ORM vendor from 191469e523f536e08c9208483a6aa8c9d69a28d9

+467-0 notactuallytreyanastasio/alloy-rust-app/main Mar 14 03:20

2dab4a8 Update ORM vendor from 3d2c2c6a5e20d5d6432e9b8288f547eaf199a872

+118-0 notactuallytreyanastasio/alloy-java-app/main Mar 14 03:20

9c20f72 Update ORM vendor from 0add71b193f988a774fdd725bdfdd087ea54c411

+170-58 notactuallytreyanastasio/alloy/main Mar 14 03:15

92aa09f Add runtime test gate to child repo CI pipeline Rewrites notify-app-template.yml so child lib repos (alloy-py, alloy-js, etc.) run their own native tests before pushing vendor code to app repos. Flow: alloy temper test → publish to child libs → child runs native tests (pytest, npm test, cargo test, etc.) → if pass, push to app repo; if fail, open issue on alloy with stack trace. Simplifies top-level test job to just gate publishing (no issue creation) since child repos now handle runtime-specific failure reporting. Requires ALLOY_ISSUES_TOKEN secret on each child repo for cross-repo issue creation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+1-23489 notactuallytreyanastasio/alloy-js/main Mar 14 03:05

09f2332 Update from alloy b779c12ae66281dc8e2804e679fad8c391e5cd76

+0-447 notactuallytreyanastasio/alloy-js-app/main Mar 14 03:05

b6a6fce Update ORM vendor from 09f2332e76b24a6db56b9a87907cdd5724715fd0

+202-11 notactuallytreyanastasio/alloy/main Mar 14 03:00

b779c12 Fix CI: surface test failures and auto-open issues Three bugs fixed: - Test job showed green despite failures (continue-on-error swallowed exit code) - Issue creation failed silently when "bug"/"ci" labels didn't exist - Every push created duplicate issues instead of commenting on existing ones Added explicit "Fail job if tests failed" step so the test matrix shows red. Labels are now created before use. Existing open issues get a comment instead of a duplicate. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

+89-89 notactuallytreyanastasio/alloy-js/main Mar 14 01:49

f19da0d Update from alloy 8dd5a3bd15b95b28f9c222fa9f1547d2183adc85

+44-44 notactuallytreyanastasio/alloy-js-app/main Mar 14 01:49

0388891 Update ORM vendor from f19da0d0369c23064345013acfb7b65d186765b5

+585-0 notactuallytreyanastasio/alloy/main Mar 14 01:44

0405645 Add expanded security audit: 17 vulnerabilities across 7 classes Original audit found 2 SQL injection vulns (fixed by Alloy). Expanded audit covers full OWASP Top 10 and finds 15 additional: 4 NoSQL injection ($where + operator injection), RCE, SSRF, SSTI, XXE, zip slip, hardcoded keys, MD5 hashing, open redirect, mass assignment, sensitive query params. The NoSQL vulns are structurally identical to the SQLi we fixed — same anti-pattern, different database layer — making the case for extending Temper's type-safe approach to NoSQL query generation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

8dd5a3b kick off CI

+33-33 notactuallytreyanastasio/alloy-js-app/main Mar 13 22:54

0244f19 Update ORM vendor from 6d4f1f57fd883cf5f95952d479ef1b7241329442

+67-67 notactuallytreyanastasio/alloy-js/main Mar 13 22:54

6d4f1f5 Update from alloy 4c7ec398b2daca3669e1604eb75e0f592c357eb9

+7022-961 notactuallytreyanastasio/alloy/main Mar 13 22:50

ec60310 Add Juice Shop SQL security migration plan and audit trail - juice-shop-alloy-migration.md: Full technical plan with MITRE CWE analysis (11 CWEs), all 40 SQL touchpoints mapped, escaping proofs - PROCESS.md: Live audit trail documenting each change, validation results from 7 injection payloads, and final assessment showing Alloy eliminates all SQL injection vectors by construction

4c7ec39 Add git operation log

cc01b98 Track apps/ directory and update temper.keep name selections Remove apps/ from .gitignore to track demo applications and the Juice Shop security migration as submodules.

47862b0 Point juice-shop submodule to fork with Alloy security migration Juice Shop fork at notactuallytreyanastasio/juice-shop includes: - Vendored Temper-compiled Alloy ORM - Login route migrated from raw SQL to type-safe SqlBuilder - Search route migrated from raw SQL to type-safe SqlBuilder - All 6 injection payload types validated as blocked

+15007-6 notactuallytreyanastasio/juice-shop/master Mar 13 22:48

914c8e9 Replace vulnerable raw SQL with Alloy ORM type-safe query builder Migrate login and search routes from string-interpolated SQL to Alloy's type-safe SqlBuilder API. All user input now flows through appendString() which escapes quotes at the type level, making injection unrepresentable. - Vendor Temper-compiled Alloy ORM (orm, std, temper-core) - Add lib/alloy.ts bridge (ESM loader + query builders) - Add lib/orm-src.d.ts TypeScript declarations for Alloy API - Migrate routes/login.ts: email/password no longer interpolated - Migrate routes/search.ts: search criteria no longer interpolated - Validated against 6 injection payloads on running server: all blocked

+69-69 notactuallytreyanastasio/alloy-js/main Mar 13 12:45

0b00d3c Update from alloy aebc624a77c36a816e37ecf53c421940553f9ce4

+34-34 notactuallytreyanastasio/alloy-js-app/main Mar 13 12:45

45f098e Update ORM vendor from 0b00d3ca33303c1a2ee338b18095ebf6f23e31d9

+35-0 notactuallytreyanastasio/alloy/main Mar 13 12:41

aebc624 Add Phase 0 (Core Foundation) to Per-Phase Security Analysis Covers the foundational implementation layer that all subsequent phases inherit: SafeIdentifier validation, sealed SqlPart hierarchy, SqlBuilder structure/data separation, sql template tag, basic Query builder, Changeset pipeline, and deleteSql. Documents 28 components with type safety mechanisms. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

+4903-4338 notactuallytreyanastasio/alloy-py/main Mar 13 11:54

e097524 Update from alloy 501f6c0442ff8ceed4c293e9701f62a86ae6e024

+10955-9305 notactuallytreyanastasio/alloy-js/main Mar 13 11:54

851f4ae Update from alloy 501f6c0442ff8ceed4c293e9701f62a86ae6e024

+818-963 notactuallytreyanastasio/alloy-csharp/main Mar 13 11:54

c9c01d2 Update from alloy 501f6c0442ff8ceed4c293e9701f62a86ae6e024

+5309-4626 notactuallytreyanastasio/alloy-lua/main Mar 13 11:54

9d25318 Update from alloy 501f6c0442ff8ceed4c293e9701f62a86ae6e024

+7687-6323 notactuallytreyanastasio/alloy-rust-app/main Mar 13 11:54

fa0f041 Update ORM vendor from 5491e93082b67b4b9e5430daf246e747952b023a

+4902-4337 notactuallytreyanastasio/alloy-py-app/main Mar 13 11:54

28783b7 Update ORM vendor from e097524c1c2bc6eefeb0a48e6cec4edcbb765e2d

+831-979 notactuallytreyanastasio/alloy-java-app/main Mar 13 11:54

e4459e7 Update ORM vendor from 872dfb2a5f7777b6b619346aff62c83c641d0839

+817-962 notactuallytreyanastasio/alloy-csharp-app/main Mar 13 11:54

8f1a5e5 Update ORM vendor from c9c01d2e07eb141e758aca2b61b69db5289099f9

+5477-4652 notactuallytreyanastasio/alloy-js-app/main Mar 13 11:54

6b94625 Update ORM vendor from 851f4ae93894fc17a079ad017060d21e7345ba4c

+5308-4625 notactuallytreyanastasio/alloy-lua-app/main Mar 13 11:54

a927898 Update ORM vendor from 9d25318d8719772668521612e3dfb7e7a4937b08

+2376-175 notactuallytreyanastasio/alloy/main Mar 13 11:49

501f6c0 Comprehensive pre-production test audit: 37 new tests and refactoring Phase 1-3: Coverage, test quality, and complexity audits producing three APPEND ONLY documents (docs/COVERAGE_AUDIT.md, TEST_AUDIT.md, COMPLEXITY_AUDIT.md). Mapped ~195 code paths (~72% coverage), rated all 184 existing tests, identified 8 complexity findings. Phase 4: Added 37 new tests across 4 files (184→221 total): - schema_test: 3 (single-char identifiers, all-underscore, empty TableDef) - sql_tests: 5 (negative ints, single-element lists, SqlDefault, backslash) - query_test: 8 (immutability, limit(0), safeToSql(0), negative limits) - changeset_test: 21 (boundary validators, all-6-field INSERT, immutability, multi-validator chains, all-virtual UPDATE bubble, skip-when-absent) Phase 5: Refactoring guided by complexity audit: - changeset: Extracted addError() helper, simplified 14 validators (~30 lines removed) - query: Extracted renderWhere/Joins/GroupBy/Having free functions, eliminated 4 WHERE copies and JOIN/GROUP BY/HAVING duplication (~50 lines removed) All 221 tests pass. Decision graph updated (62 nodes, 54 edges). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

+99-99 notactuallytreyanastasio/alloy-js/main Mar 13 08:12

52ae3be Update from alloy f4060ec2a3399652674719754a4c56df423da768

+35-35 notactuallytreyanastasio/alloy-js-app/main Mar 13 08:12

009104a Update ORM vendor from 7f98f7b400d231a86b3decdaf90bc7a6637af376

+49-49 notactuallytreyanastasio/alloy-js-app/main Mar 13 08:12

0027fa4 Update ORM vendor from 52ae3be52af175689736f20bb23a9a9f385febf4

94 pushes github.com/notactuallytreyanastasio

Thoughts & Tidbits - Blog

📝

Vibe Coding Rescue Missions

February 16, 2026 blog coding vibe-coding

📝

this mortal coil

January 22, 2026 guest-post

📝

are the buttons in the post editor just for show?

January 21, 2026 guest-post

📝

heya

January 21, 2026 guest-post

📝

it is katproto

January 21, 2026 guest-post

📝

Under-learning > Over-learning

January 21, 2026 guest-post

📝

Asking. Hacker News to Write For me

January 21, 2026 guest-post

📝

Anyone can post

January 20, 2026 guest-post

📝

Rat Kings Are Good Actually

January 20, 2026 guest-post

📝

Untitled

January 20, 2026 guest-post

📝

327 Years Of Tree Law In The Usa

June 16, 2025 law hobbies blog deep_dive tangent random

📝

A Genstage Tutorial And Reflection

June 01, 2025

📝

Nathan Fielder

May 28, 2025 comedy writing long

📝

Whats My Schtick

February 14, 2025 blog random

📝

Lets Write Letters

February 14, 2025 programming elixir fun

📝

A Quick Typewriter Set Letter Project

February 14, 2025 programming elixir fun

📝

I Pulled The Paul Tickets

February 12, 2025 music nyc memories

📝

A Fun Experiment

February 12, 2025 tech programming fun

📝

A Hilarious Shared Keyboard Key

February 05, 2025 programming funny games recurse-center

📝

A Me Museum

February 05, 2025 preservation tech history love

📝

On Making A Link Blog

February 04, 2025 links blog tech

📝

Building This Blog

February 02, 2025 blog programming elixir phoenix

22 posts 0 readers

phangraphs — Phish 3.0 Jam Analytics

phangraphs

Mr. Completely

.533

BATTING AVG

8 JC · 15× played

Avg 14.4m · Peak 22:29 · 🎧 14/15

★ Longest: 22:29

2024-07-31 · Chaifetz Arena, Saint Louis University

♥ Most Loved: 38 likes

2017-07-26 · Madison Square Garden

📊 93% Set 2 · 8/8 JCs from Set 2

Last: 2024-07-31 (592d ago) · avg every 184d

Best year: 2017 — 2/2 JC

🔥 JC Streak: 4 in a row

"Busted out after a 380 show absence, Phish goes 2 for 2 on delivering the goods ..."

TAP TO SEE AND PLAY JAMS

Mr. Completely .533

TAP TO FLIP BACK

8 jams

★ 2017-07-19 21:18

Petersen Events Center · Pittsburgh, PA

Busted out after a 380 show absence, Phish goes 2 for 2 on delivering the goods with this TAB standby. The jam quickly goes "Type II" and features bliss jamming aplenty as well as some new synth sounds from Page.

★ 2017-07-26 13:52

Madison Square Garden · New York, NY

Surprising -> out of a great "Carini". A fiery minor key jam develops out of the verses, and Page takes control on the keys as Trey fires off echo-laden notes. They pivot nicely into a new key, where Mike really impresses and Fish pushes the tempo up a gear as Trey plays around with the "Mr. Completely" theme and leads the band into an anthemic finale. A high-spirited, energetic good time, with a > into an even more surprising "1999".

★ 2021-08-04 18:55

Ascend Amphitheater · Nashville, TN

The opening to one of the year's strongest second frames, this "Mr. Completely" indulges in its usual jam before Fish switches up his flow and Trey moves into a new key. Page's electric piano cuts through the mire, and a warm groove emerges as a result. Fish starts throwing in the "Mr. Completely" drum fill almost as a challenge to himself, and Trey moves to stabbing echo-laden chords as the jam picks up speed "Bathtub Gin" style. Something funkier and stranger emerges, and Mike flips on his envelope filter as the jam builds to a ferocious climax, then dies away with some more "Mr. Completely" drum fills by Fish for fun. > into "BOAF".

★ 2021-08-29 18:47

Gorge Amphitheatre · George, WA

Quickly maneuvers into major-key bliss, distinguished by some frenetic playing from Fishman, then moves into a brisker and snappier zone thanks to Trey switching to chords. The band briefly dips into contemplative minor key playing, before moving to something more upbeat, with Page's electric piano at the forefront. Trey's effects-smothered guitar playing and Page's synths combine wonderfully, with Mike going to the envelope filter and Fish as steady as ever. Very good -> into "Meat" to close. A fine companion piece to the 8/4/21 version.

★ 2022-08-13 14:26

Alpine Valley Music Theatre · East Troy, WI

First locks into a super-cool and menacing, textural jam with a perfectly integrated "Crazy Train" tease from Trey, then slides into major for a heavenly spell before more familiar bliss brings it all home.

★ 2023-04-23 18:03

Hollywood Bowl · Hollywood, CA

Another huge version of the once rare song in the catalog. Plucky playing from Trey around 9:30 changes the jam's trajectory. The searching, grimy jam sounds like the background to a noir detective show at times. The tempo gets kicked up towards the end, before eventually > "A Song I Heard the Ocean Sing".

★ 2023-04-23 0:56

Hollywood Bowl · Hollywood, CA

-> from "A Song I Heard the Ocean Sing" to close out the "Mr C" > "ASIHTOS" -> "Mr C" sandwich.

★ 2024-07-31 22:29

Chaifetz Arena, Saint Louis University · St. Louis, MO

After transitioning away from the song, Pageâs grand piano gives the improvisation shape and direction as Trey responds leading the band through uplifting and thematic play that modulates across both delicate and thornier spaces. Listen for Mike's "Meowdulator" pedal and Trey's "Hanon exercises" to make appearances before returning to the song proper to close.

Open full page with graphs →

phangraphs Phish 3.0 Jam Analytics

AIM Chat - Terminal

Online (0)

jeff 02:52 AM

What is up y'all

jeff 03:44 AM

Thanks for visiting my website

jeff 03:51 AM

Trying from mobile let’s see what’s up

Uechi Nerd 03:54 AM

Hi, greetings from Planet Crackpot!

jeff 03:55 AM

oh man what's up

jeff 03:56 AM

Hey everyone

Uechi Nerd 03:56 AM

winding down with a beer or three

Uechi Nerd 03:57 AM

desktop version

Uechi Nerd 04:01 AM

Disappointed that War does not lead to actual combined-arms conflict.

jeff 04:01 AM

that would be hard to conjure

jeff 04:02 AM

I am so excited that this works and is a successful combination of windows and old apple lol

Uechi Nerd 04:02 AM

Probably for the best, actually. That shit is very very messy.

Uechi Nerd 04:02 AM

I am intrigued and happy it works!

Uechi Nerd 04:03 AM

I respect the wizardry.

Visitor7804 04:05 AM

this is delightful.

jeff 04:06 AM

hell yeah visitor 7804, this is livin' brother

guy4get 04:07 AM

i've never felt so alive

EarlofVincent 04:09 AM

Commencing experiment in 3....2....

jeff 04:14 AM

leah 04:16 AM

hi!

leah 04:16 AM

this is lovely

jeff 04:21 AM

hi! lol I was just like what if I combined Mac and windows and added a flower tree of life and called it my homepage and then smoked some weed and made it happen in an empty mall in Connecticut

B. Droptables 10:51 AM

Always cool to play with your toys.

Visitor1128 08:47 AM

yo!

Visitor1128 08:48 AM

i can barely work my phone. what am i doing here?

jeff 09:04 AM

the phone is not optimized yet but it "kind of works" I am sorry lol

jeff 09:04 AM

you have to pick a username, then it goes to the chat, then if you hit the bottom tabs it'll let you go to the app sections.

Bobdawg 04:43 AM

Hi everybody this is my blog I hope you enjoy it I did some more changes and anyone can write a post here now for me.

dinkleberg 01:45 AM

ALL HAIL TREE OF LIFE

jeff 08:55 PM

hi Hacker News

jeff 04:28 PM

hey there I am not really Jeff

Mal Function 05:34 PM

Hey! Please reveal... how exactly do I actually use losselot on my Mac? I've run the git clone commend in Terminal.app and seem successfully to have installed into a new <losselot> sub-folder in my home folder but now???

Tidbits, Thoughts

Recent Posts

Vibe Coding Rescue Missions

this mortal coil

are the buttons in the post editor just for show?

heya

it is katproto

Under-learning > Over-learning

Asking. Hacker News to Write For me

Anyone can post

Rat Kings Are Good Actually

Untitled

327 Years Of Tree Law In The Usa

A Genstage Tutorial And Reflection

Nathan Fielder

Whats My Schtick

Lets Write Letters

A Quick Typewriter Set Letter Project

I Pulled The Paul Tickets

A Fun Experiment

A Hilarious Shared Keyboard Key

A Me Museum

On Making A Link Blog

Building This Blog

Posts by Tag