Hacker News: thraxil

New comment by thraxil in "Qwen3.6-Plus: Towards real world agents"

thraxil — Thu, 02 Apr 2026 20:11:46 +0000

Yeah. Back when Gemma2 came out we benchmarked it and were looking at open models. For our use case though, while the tasks are pretty simple, we do need a pretty large context window and Gemini had a big lead there over the open models for quite a while. I'll probably be evaluating the current batch of open models in the near future though.

New comment by thraxil in "Qwen3.6-Plus: Towards real world agents"

thraxil — Thu, 02 Apr 2026 20:07:39 +0000

Thanks. Yeah, for now we're moving to 3.1 flash lite as that's the new cheapest at $.25/1M and is also still "good enough". 2.5 flash is more expensive at $.30/1M (looks like Deep Infra charges the same as GCP/VertexAI for it). I might check them out for Gemma though. We benchmarked Gemma2 when that came out and it wasn't remotely usable for us largely because the context window was way too small. It looks like 3 or 4 might be worth evaluating though.

New comment by thraxil in "Qwen3.6-Plus: Towards real world agents"

thraxil — Thu, 02 Apr 2026 16:10:13 +0000

No. Right now I'm upset that Google has removed (or at least is in the process of removing) the Gemini 2.0 flash model. We use it for some pretty basic functionality because it's cheap and fast and honestly good enough for what we use it for in that part of our app. We're being forced to "upgrade" to models that are at least 2.5 times as expensive, are slower and, while I'm sure they're better for complex tasks, don't do measurably better than 2.0 flash for what we need. Yay. We've stuck with the GCP/Gemini ecosystem up until now, but this is kind of forcing us to consider other LLM providers.

New comment by thraxil in "Delve – Fake Compliance as a Service"

thraxil — Sat, 21 Mar 2026 16:08:20 +0000

Last time I went through SOC 2 we talked to our auditor about this. His view was that there are and basically always have been auditors/companies that will sign off on anything without verifying it if you're paying them. The rest of the industry knows who they are though. If you are taking things seriously and hire an auditor who does, that's one of the things that they look at when you're reviewing the reports from the services/subprocessors that you use. Ie, you can get a SOC 2 that doesn't mean anything but then any of your customers who know/care will flag it and it won't be worth anything.

New comment by thraxil in "Ratchets in software development (2021)"

thraxil — Mon, 02 Feb 2026 10:33:24 +0000

Shameless self-promotion, but my own post on Ratchets from a few years back: https://thraxil.org/users/anders/posts/2022/11/26/Ratchet/ Similar basic idea, slightly different take.

New comment by thraxil in "Ask HN: Expository/Succinct Books on Modern Physics"

thraxil — Sat, 03 Jan 2026 19:29:38 +0000

Leonard Susskind's "The Theoretical Minimum" series is a great start. His corresponding Stanford lectures are on youtube as well and are a nice supplement.

New comment by thraxil in "How uv got so fast"

thraxil — Fri, 26 Dec 2025 21:19:29 +0000

Working heavily in Python for the last 20 years, it absolutely was a big deal. `pip install` has been a significant percentage of the deploy time on pretty much every app I've ever deployed and I've spent countless hours setting up various caching techniques trying to speed it up.

New comment by thraxil in "Avoid UUID Version 4 Primary Keys in Postgres"

thraxil — Tue, 16 Dec 2025 09:44:45 +0000

Nope. Out of the box GCP Cloud SQL instance.

New comment by thraxil in "Avoid UUID Version 4 Primary Keys in Postgres"

thraxil — Mon, 15 Dec 2025 13:34:18 +0000

Yep. We have tables that use UUIDv4 that have 60M+ rows and don't have any performance problems with them. Would some queries be faster using something else? Probably, but again, for us it's not close to being a bottleneck. If it becomes a problem at 600M or 6B rows, we'll deal with it then. We'll probably switch to UUIDv7 at some point, but it's not a priority and we'll do some tests on our data first. Does my experience mean you should use UUIDv4? No. Understand your own system and evaluate how the tradeoffs apply to you.

New comment by thraxil in "How to make a Smith chart"

thraxil — Sat, 25 Oct 2025 10:23:19 +0000

I switched from EE to CS (well, "Computer Engineering" technically) in the late 90s. Not specifically due to Smith charts, but that's relatable. For me it was just realizing that I was procrastinating on doing my EE problem sets, which just started to seem like endless grinding of differential equations, by playing around with whatever we were doing in the couple CS classes I had. I wouldn't say I've made "a large fortune" in software, but it's kept me gainfully employed for a few decades so I think it worked out.

New comment by thraxil in "Antislop: A framework for eliminating repetitive patterns in language models"

thraxil — Thu, 23 Oct 2025 19:05:36 +0000

Obviously nothing solid to back this up, but I kind of feel like I was seeing emojis all over github READMEs on JS projects for quite a while before AI picked it up. I feel like it may have been something that bled over from Twitch streaming communities.

New comment by thraxil in "Elixir 1.19"

thraxil — Fri, 17 Oct 2025 09:02:46 +0000

Erlang/Elixir supervision trees also rely on process linking, which is implemented in BEAM and doesn't have a real equivalent in most other language runtimes (modulo some attempts at copying it like Akka, Proto.Actor, etc, but it's fairly uncommon).

New comment by thraxil in "Xmonad seeking help for Wayland port (2023)"

thraxil — Sat, 20 Sep 2025 12:52:24 +0000

Yeah, I switched from XMonad (which I used for over a decade) to Sway a few years back. Spent some time trying to duplicate the XMonad behaviour but eventually just realized that spending a few hours getting used to the Sway approach and slightly changing my workflow was a lot easier.

New comment by thraxil in "The life-changing Sarah Paine framework"

thraxil — Sun, 07 Sep 2025 09:13:14 +0000

The description of the "meta framework":

  * Thesis/Starting Argument  
  * Counter-Argument (paper requirement from Naval War College)  
  * Rebuttal (different perspective, not your starting argument)

Sounds like someone discovering a variation on the thesis-antithesis-synthesis dialectical method from philosophy for the first time: https://en.wikipedia.org/wiki/Dialectic

Paine is likely well versed in the philosophy and knows exactly what she's doing. Pointing this out in case anyone wants to go deeper on this kind of approach. Much ink has been spilled over the years on different approaches, criticisms, etc.

New comment by thraxil in "Teaching feed readers about YouTube subscriptions"

thraxil — Wed, 02 Jul 2025 06:36:53 +0000

I've always just gone to the youtube channel page, view source, search for "rss", copy the URL and paste it into my feed reader. It would be great if it was more discoverable, but it's not really like you need a whole separate tool.

New comment by thraxil in "Pyrefly: A new type checker and IDE experience for Python"

thraxil — Sat, 17 May 2025 15:11:37 +0000

You can write a parser and type checker for pretty much any language in pretty much any language. It's just text files as input and text as output.

New comment by thraxil in "The True Size Of"

thraxil — Sat, 26 Apr 2025 18:51:52 +0000

Like a globe?

New comment by thraxil in "Digital Hygiene"

thraxil — Wed, 19 Mar 2025 10:03:45 +0000

The risk isn't that much that your employer gaining access to your email (though you may potentially be risking the contents of emails that you view from that machine getting saved and accessed by someone at the company). It's more that you've legally entangled things. If your employer is sued or investigated, a judge can issue a subpoena for them to turn over records. If those records show that employees accessed external accounts from work systems, now they can get a subpoena to access those accounts and any other devices that have accessed those. I've seen this happen to friends. Employer gets sued and as part of discovery, they had to hand over all of their personal devices because they hadn't kept church and state separate. Took them many months and significant legal expenses to get their stuff back. If you never access personal stuff from your work devices and never access work stuff from your personal devices, you'll never be in that position.

New comment by thraxil in "It's OK to hardcode feature flags"

thraxil — Sun, 02 Feb 2025 17:29:33 +0000

It seems like you've kind of missed both of my points.

If you're doing canary deploys to a fleet of 2000 nodes, it might take hours for the config to make it to all of them (I've seen systems where a fleet upgrade can take a week to make it all the way out). If your feature flags are configured that way, there's a long time that the state of a flag will be in that in-between state. We put feature flags in the database not config/environment so that we can turn a feature on or off more or less atomically. Ie, an admin goes into the management interface, flips a flag from off to on and then every single request that the system serves after that reflects that state. As long as you're using a database that supports transactions, you absolutely can have a clear point in time that delineates before/after that change. Rolling out a config change to a large fleet, you don't get that.

On the second point, what I'm saying is that (talk to your friendly local SRE if you don't believe me), a large percentage of production incidents in large systems are because of configuration changes, not application changes. This is because those things are significantly harder to really test than application code. Eg, if someone sets an environment variable for the production environment like `REDIS_IP=10.0.0.13` how do you know that's the correct IP address in that environment? You can add a ton of linting, you can do reviews, etc, but ultimately, it's a common vector for mistakes and it's one of the hardest areas to completely prevent human error from creating a disaster. One of the best strategies we have is to structure the system so you don't have to make manual environment/config changes that often. If you implement your feature flag system with environment variables/config, you'll be massively increasing the frequency that people are editing and changing that part of the system, which increases the chances of somebody making a typo, forgetting to close a quote, missing a trailing comma in a json file, etc.

Where I work we make production config changes maybe once a week or so and it's done by people who know the infrastructure very well, there's a bunch of linting and validation, and the change is rolled out with a canary system. In contrast, feature flags are in the database and we have a nice, very safe custom UI so folks on the Product and Support teams can manage the flags themselves, turning them on/off for different customers without having to go through an engineer; they might toggle flags a dozen times a day.

New comment by thraxil in "It's OK to hardcode feature flags"

thraxil — Sat, 01 Feb 2025 19:38:32 +0000

I would add two things:

It's often important that flag changes be atomic. Having subsequent requests get different flag values because they got routed to different backend nodes while a change is rolling out could cause some nasty bugs. A big part of the value of feature flags is to help avoid those kind of problems with rolling out config changes; if your flags implementation suffers from the same problem, it's not very useful.

Second, config changes are notorious as the cause of incidents. It's hard to "unit test" config changes to the production environment the same way you can with application code. Having people editing a config every time they want to change a flag setting (we're a tiny company and we change our flags multiple times per day) seems like a recipe for disaster.