8 | 404 Sorry, I could not find that page 9 |
10 | 11 |
12 |
16 |
19 | Avoiding homework with code (and getting caught)
31 | 32 |33 | Back in 2020, my school used a few online learning platforms that allowed 34 | professors/teachers to assign homework to students. I, as a lazy developer, wanted to 35 | spend more time playing games and writing code, especially when everyone was spending 36 | their time at home because of lockdown. I started writing this post in January of 2022, 37 | but I put off publicizing it for a while. It has been long enough since this all happened, 38 | so please sit back and enjoy. 39 |
40 | 41 |The back story
42 |43 | Let's set the scene. 2018, my school introduces a new online homework platform for 44 | students. It's called HegartyMaths and it does a lot. It's fairly simple, teachers 45 | choose a topic to set for us as homework, with that we get a 10-15 minute 46 | tutorial/informational video on the subject (of which we have to write down notes whilst 47 | watching) and a shortish quiz to complete after finishing the video. It's a lot of work, 48 | especially the quiz, and in the worst cases can take up to an hour to complete one topic 49 | (bad). 50 |
51 |52 | Mostly, software engineers are rather lazy individuals. We tell metal how to do stuff for 53 | us. Homework then, naturally, is an arduous task for a developer who is still at school. 54 | So, still 2018, a close friend of mine by the name of{' '} 55 | 56 | Scott Hiett 57 | {' '} 58 | and I decided to do something about the Hegarty situation. We started to reverse engineer 59 | the frontend app and eventually came up with a Tampermonkey userscript that would glitch 60 | the embedded YouTube player to say that we'd watched the video at least 1x. Crucially, our 61 | teachers could see how many times we'd watched the video, so being able to skip up to 20 62 | minutes of homework time was especially useful – and it was a lot of fun to build too. 63 |
64 |65 | So we flexed it on our Snapchat stories and had our school friends message us to use it 66 | blah blah. We eventually figured out that we could also set it to be watched over 9999x 67 | times; every time we did that our accounts were reset by the Hegarty team. 68 |
69 |The first email
70 |71 | After this, we got in contact with our Math teacher in November of 2018 and got her to 72 | send an email to HegartyMaths informing them of our petty exploit and they got back to us 73 | very quickly.{' '} 74 | 75 | I don't have the original email anymore but I distinctly remember it saying something 76 | along the lines of "Stop trying to hack our platform and get back to doing your 77 | homework." 78 | {' '} 79 | Edit: While writing this, I was able to uncover the deleted email from a photo we had 80 | taken of it in 2020. See below{' '} 81 | (certain details redacted for obvious reasons): 82 |
83 |85 | This response excited us a bit, as they were now aware of us messing around with the site 86 | and they had no intention of fixing the minor vuln we had anyway, so we kept using it. We 87 | had tried to build a script to answer the questions for us, but it was too much work at 88 | the time (complex data structures, weird API responses, etc etc). 89 |
90 |Educake
91 |92 | For a while, students had access to another platform called Educake. Similar to 93 | HegartyMaths but targeting Biology, Chemistry and Physics. There was no video to watch at 94 | the beginning. We'd used it for a few years, in fact since I joined the school, but I'd 95 | never thought about reversing until all of this began. 96 |
97 |98 | One common factor between Hegarty and Educake is that they immediately give you the 99 | correct answer if you got a question wrong. We took advantage of this and wrote a small 100 | node/mongo app & tampermonkey script to detect when a user was on a quiz page, answer 101 | every question with a random number, and then store the correct answer in mongodb. I don't 102 | have the original source but the TamperMonkey script was probably something like 103 | the following: 104 |
105 |
128 | As you can see, it was quite literally a loop through every question, saving the correct
129 | answer as we got it and moving on. Eventually I added a few more features to fetch from
130 | the database if we already had the right answer (meaning we don't answer{' '}
131 | Math.random every time) and also I added in support for multiple choice (so
132 | that we actually pick one of the possible answers rather than making it up – however I was
133 | surprised that the Educake backend would allow an answer that wasn't even in the possible
134 | choices).
135 |
138 | Now working on the project solo, I decided it would be time to build a nice UI for it all 139 | and bundle it all into a simple Tampermonkey script for both flexing rights on Snapchat 140 | (people constantly begging me to be able to use it was certainly ego fuel I hadn't 141 | experienced before) and also for myself to get out of homework I didn't want to do. 142 |
143 |144 | The end result? A ~200 line codebase that scooped up all questions and answers on the site 145 | that could repeatedly get 100% on every single assignment and a 15mb mongo database. 146 |
147 | 148 |149 | Below is a small video of what it all looked like. It also demonstrates a feature I added 150 | allowing for a "target percentage" — meaning users could get something other than 100% to 151 | look like more real/human score. Video was recorded on my Snapchat in November 2019. 152 |
153 | 154 | 155 | 156 |Hegarty 2
157 |158 | The success of this script, along with pressure from my peers, led me to gain a lot of 159 | motivation to start working on reversing Hegarty again. I reached out to an internet 160 | friend who, for the sake of his privacy, will be named "Jake." He also used HegartyMaths 161 | at his school and was in the same boat as me trying to avoid doing our homework. Together, 162 | we managed to figure out how to answer many varying types of questions, including multiple 163 | choice and ordered answers, resulting in a huge amount of data stored. We had sacrificial 164 | user accounts and managed to answer 60,000 questions in a couple minutes, rocketing our 165 | way to the top of the HegartyMaths global leaderboard.{' '} 166 | 167 | Would like to give a special shoutout to Boon for lending us his login and letting us 168 | decimate his statistics. 169 | 170 |
171 |172 | Together, Jake and I scraped the entirety of Hegarty's database and now had a JSON file 173 | that could be argued to be worth as much as Hegarty the company itself due to the entire 174 | product quite literally being the database we had copied. 175 |
176 |177 | With this file, I wanted to take it a step further and allow my friends and other people 178 | to make good use of it without directly giving out the database (irresponsible)... And 179 | here Mochip was coined. 180 |
181 |Mochip
182 |183 | So, where does Mochip tie in to this? Mochip was a Chrome extension, a collection of both 184 | our scraped Hegarty and scraped Educake databases sat behind a TypeScript API and a small 185 | React app. Hosted on Heroku free tier and MongoDB Atlas free tier, users could log in, 186 | enter a question (from either site) and get back a list of answers Mochip has for that 187 | question. Here's what the landing page looked like: 188 |
189 |191 | In the screenshot we can see a few stats on the right like total estimated time saved and 192 | how long you've had your account for. We gamified it a little just to keep people engaged 193 |
194 |195 | Our chrome extension was made for Educake as they disabled copying question text with the 196 | clipboard. We re-enabled that just by clicking a button that was injected into the UI. The 197 | chrome extension is no longer on the chrome web store, but we've found that mirrors still 198 | have listings that we can't get taken down:{' '} 199 | 200 | extpose.com/ext/195388 201 | 202 |
203 |204 | Our userbase grew so big that we ended up with a Discord server and even our own listing 205 | on Urban dictionary — I'm yet to find out who made it!{' '} 206 | 211 | urbandictionary.com/define.php?term=mochip 212 | 213 |
214 |215 | Eventually we "rebranded" as I wanted to disassociate my name from the project. 216 | Unfortunately I do not have any screenshots from this era to show. I made an alt discord 217 | account and a few announcements saying we'd "passed on ownership" however this ineveitably 218 | only lasted for a couple weeks before we were rumbled. 219 |
220 |Crashing down
221 |222 | All good things must come to and end, and Mochip's did after Scott posted about Mochip on 223 | his reddit account. Like any good CEO, Colin searches his company every now and then on 224 | Google to see what people are saying or doing and unfortunately came across our reddit 225 | post. He signed up (although under a different email) and tested out the app and was 226 | shocked to see it working. Shortly after this I received an email from Colin directly. See 227 | below 228 |
229 |231 | I was upset but also a little content — it was sort of validation that I'd successfully 232 | made it and that catching the attention of Colin himself was sort of a good thing. We 233 | quickly scheduled a Google Meet, also inviting Scott, and I had one of the most memorable 234 | conversations of my life. I am extremely grateful for the advice Colin gave us in the 235 | call. 236 |
237 |239 | I'd like to give a special thank you to the legendary Colin Hegarty for his kindness and 240 | consideration when reaching out to me. Things could have gone a lot worse for me had this 241 | not been the case. HegartyMaths is a brilliant learning resource and at the end of the 242 | day, it's there to help students learn rather than be an inconvenience. 243 |
244 |245 | Shortly after, Colin reached out to the Educake team, who we also scheduled a call with. 246 | We explained our complete methodology and suggested ways to prevent this in the future. 247 | The easiest fix from our point of view would be to implement an easy rate limit with Redis 248 | that would make it wildly infeasible to automate a test. The other thing we suggested was 249 | to scramble IDs in the database to invalidate our cloned database as much as 250 | possible (e.g. we only had the Hegarty IDs, so we could no longer reverse lookup a 251 | question). 252 |
253 | 254 |257 | Thank you for reading, truly. Mochip was a real passion project and I had a wild time 258 | building it. ⭐ 259 |
260 | 261 |262 | 263 |
264 | Edit 23 Sept, 2022: After making this post public, I posted this on HackerNews and 265 | amazingly sat in the #1 spot overnight. This site consequently received a lot of traffic, 266 | and I served almost 1.5TB in just shy of 6 hours. Some of the employees at Sparx (the 267 | parent company of HegartyMaths) ended up seeing this and forwarded it to Colin. A few 268 | minutes ago I just received a really lovely email from Mr Hegarty himself with the subject 269 | "Congrats to you!" I am so grateful for the kindness and consideration Colin has shown 270 | Scott and me, so if you are a teacher reading this, then please consider using 271 | HegartyMaths at your school! This was the happy ending! 272 |
273 | 274 | ); 275 | } 276 | } 277 | -------------------------------------------------------------------------------- /src/blog/2022/01/serverless-discord-oauth/discord-oauth-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alii/website/9e7e8f5aabf66a628dc36a7f083a1433ac764735/src/blog/2022/01/serverless-discord-oauth/discord-oauth-dashboard.png -------------------------------------------------------------------------------- /src/blog/2022/01/serverless-discord-oauth/serverless-discord-oauth.tsx: -------------------------------------------------------------------------------- 1 | import {stripIndent} from 'common-tags'; 2 | import Link from 'next/link'; 3 | import {Highlighter, Shell} from '../../../../components/syntax-highligher'; 4 | import {Post} from '../../../Post'; 5 | import discordOAuthDashboardImage from './discord-oauth-dashboard.png'; 6 | 7 | export class ServerlessDiscordOAuth extends Post { 8 | public name = 'Serverless Discord OAuth with Next.js'; 9 | public slug = 'serverless-discord-oauth'; 10 | public date = new Date('2 January 2022'); 11 | public excerpt = "Implementing basic Discord OAuth on Vercel's serverless platform"; 12 | public hidden = false; 13 | public keywords = ['serverless', 'vercel', 'discord', 'oauth', 'node']; 14 | 15 | public render() { 16 | return ( 17 | <> 18 |Serverless Discord OAuth with Next.js
19 | 20 |21 | OAuth is a brilliant solution to a difficult problem, but it can be hard to implement, 22 | especially in a serverless environment. Hopefully, this post will help you get started. 23 |
24 | 25 |26 | Live demo:{' '} 27 | /demos/serverless-discord-oauth 28 |
29 | 30 |The setup
31 |32 | Firstly, we're going to need to create a Next.js with TypeScript app. Feel free to skip 33 | this if you "have one that you made earlier." 34 |
35 |Dependencies
37 |
38 | We will be relying on a few dependencies, the first is discord-api-types{' '}
39 | which provides up-to-date type definitions for Discord's API (who could've guessed). We'll
40 | also need axios (or whatever your favourite http lib is) to make requests to
41 | Discord. Additionally, we'll be encoding our user info into a JWT token & using the cookie
42 | package to serialize and send cookies down to the client. Finally, we'll use{' '}
43 | dayjs for basic date manipulation and pathcat to easily build
44 | urls with query params.
45 |
Code
53 |Dope, you've made it this far already! Let's get some code written
54 |
55 | Firstly, you're going to want to open up the folder pages/api and create a
56 | new file. We can call it oauth.ts. The api folder is where Next.js will
57 | locate our serverless functions. Handily, I've written a library called{' '}
58 | nextkit that can assist us with this process but for the time being it's out
59 | of scope for this post – I'll eventually write a small migration guide.
60 |
166 | Cool! This is the bare bones that we will need to start writing our OAuth. It's quite a 167 | lot to bite, but if you break it down line by line and read the comments, it should be 168 | fairly self-explanatory. We're still missing a few prerequisites to tell Discord who we 169 | are: the client id and secret. 170 |
171 | 172 |Obtaining keys
173 |174 | Our tokens can be obtained by visiting{' '} 175 | 176 | discord.com/developers/applications 177 | {' '} 178 | and registering a new application. 179 |
180 |-
185 |
-
186 | Copy and paste your client ID into your
oauth.tsfile 187 |
188 | -
189 | Copy and paste your client secret into your
oauth.tsfile 190 |
191 | -
192 | Add your redirect URI (
http://localhost:3000/api/oauth) on the dashboard 193 |
194 | - 195 | Make sure all your changes are saved and then we are ready to test it out for the first 196 | time! 197 | 198 |
Testing it
201 |
202 | Awesome, we've got everything setup correctly. Now we can give it a quick spin. You can
203 | start your Next.js development server if you haven't already by running{' '}
204 | bun dev in your terminal, you should be able to navigate to{' '}
205 |
206 | localhost:3000/api/oauth
207 | {' '}
208 | and successfully authenticate.
209 |
212 | Afterwards, if you open up your browser's devtools and check for the cookie section, you
213 | should see a cookie by the name of token – this is ours! Copy the value and
214 | paste it into{' '}
215 |
216 | jwt.io
217 | {' '}
218 | to decode it and see your details encoded inside it!
219 |
Why JWT?
222 |223 | We've picked JWT because it lets us store information on the client side where only the 224 | server can mutate and verify that the server created it. This means users can't modify the 225 | data inside a JWT token, allowing the server to make guarantees about the data encoded. 226 |
227 | 228 |Environment variables
229 |Okay, we're almost there. Final stretch
230 |231 | Right now, we have our constants defined in this file which is fine for prototyping but it 232 | now means that if you want to push your code to github, for example, your client secret 233 | and perhaps other private information will be publicly available on your project's 234 | repository! The solution? Environment varibles. 235 |
236 |237 | Environment variables are bits of information that are provided to a process at runtime. 238 | It means we don't have to store secrets inside our source code. 239 |
240 |241 | Thankfully, Next.js makes it super easy for us to use environment variables with something 242 | called an env file. 243 |
244 | 245 |Creating our env file
246 |
247 | Firstly, make a new file in your project's file structure called .env and add
248 | the content below. The format for env files is KEY=value. You can use{' '}
249 | openssl rand -hex 64 to generate a JWT secret.
250 |
261 | Finally, we need to update our code to make sure that our api/oauth.ts file
262 | can use the newly generated environment variables.
263 |
275 | And that should be all good! I'll be writing a part two and three later on that will cover 276 | accessing the JWT from the server and also deployment to vercel. 277 |
278 | 279 |Thanks for reading!
280 | 281 | ); 282 | } 283 | } 284 | -------------------------------------------------------------------------------- /src/blog/2022/01/zero-kb-blog/zero-kb-blog.tsx: -------------------------------------------------------------------------------- 1 | import {stripIndent} from 'common-tags'; 2 | import {Note} from '../../../../components/note'; 3 | import {Highlighter} from '../../../../components/syntax-highligher'; 4 | import {Post} from '../../../Post'; 5 | 6 | export class ZeroKbBlog extends Post { 7 | public name = 'The 0kb Next.js blog'; 8 | public slug = 'zero-kb-nextjs-blog'; 9 | public date = new Date('6 Jan 2022'); 10 | public hidden = false; 11 | public excerpt = 'How I shipped a Next.js app with a 0kb bundle'; 12 | public keywords = ['nextjs', 'zero', 'bundle', 'nextjs-zero-bundle', 'unstable_runtimeJS']; 13 | 14 | public render() { 15 | return ( 16 | <> 17 |The 0kb Next.js blog
18 | 19 |pages directory of Next.js as App Dir
21 | (released in v13) does not support the settings used here. RSCs offer a similar idealogy
22 | of rendering components on the server only, while also allowing for client side JS.
23 | 26 | Ok so the title was a liiittle bit clickbaity, but it's not technically a lie. This 27 | entire website has zero JavaScript on every single page... a Next.js app with zero 28 | client side JS. How can this be possible? 29 |
30 | 31 |Some context
32 | 33 |
34 | Next.js is a huge abstraction of react-dom/server and other helpful utilities
35 | for building server side rendered apps powered by React. It's really easy to get started
36 | with, and features things like file system routing, statically generated content and much
37 | much more. The most important thing to understand here is that there's a server...
38 |
41 | For those of you who are not familiar with React, it's a JavaScript framework for 42 | building user interfaces. It handles the view layer of an app and is used to render the 43 | UI. Next.js takes this a step further and allows you to write your own view layer to have 44 | the first render performed on a server, which allows for a lot of performance and UI 45 | optimizations because we can ship back a lot less to the client (foreshadowing). 46 |
47 | 48 |Runtime JS
49 | 50 |
51 | With something called PageConfig, we can instruct Next.js to supply zero
52 | runtime JS to the client. It comes with a couple of trade-offs, but the general idea is
53 | that we perform our first render on the server and the resulting HTML and CSS is "frozen"
54 | and sent down to the client over the wire. Zero JavaScript runtime in the browser, no{' '}
55 | <script> tags in sight!
56 |
What's the catch?
59 | 60 |
61 | As the saying goes, there's no such thing as a free lunch. As with anything, doing this
62 | comes with some trade-offs. For example, Next has a lot of built-in React components that
63 | can speed up not only your app, but also development speed. Using the zero kb mode, we
64 | unfortunately cannot make full use of the next/link component; a component
65 | that prefetches pages so that clicks on links don't cause a full page reload.
66 | Additionally, we cannot use next/image as this also requires some minimal
67 | runtime JavaScript (a regular img works just fine). This also means zero
68 | state updates or literally any JavaScript that would've otherwise been bundled can run.
69 |
72 | So if you're fine with that, then you can go ahead and enable it. No more worrying about 73 | worrying about installing huge npm packages and watching your user count drop in realtime. 74 | See your gorgeous website in pure static HTML & CSS. Gone are the days of 75 | bundlephobia.com... I bet at this point you are itching to know how to enable it. Well, 76 | here's a quick example: 77 |
78 | 79 |This page has no JavaScript!
; 89 | } 90 | `} 91 |94 | And boom! just like that, 0kb bundle. If you are going to use this though, just bear in 95 | mind that as well as the trade offs mentioned above, you literally cannot use any 96 | JavaScript in the client anymore for this page. Zero. Nada. Null. Void. That means no 97 | state updates, no network requests, no useEffect, no event listeners, no timers. Nothing. 98 |
99 | 100 | ); 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /src/blog/2022/03/open-source/open-source.tsx: -------------------------------------------------------------------------------- 1 | import {Post} from '../../../Post'; 2 | 3 | export class OpenSource extends Post { 4 | public name = 'Open Source'; 5 | public slug = 'open-source'; 6 | public date = new Date('20 Mar 2022'); 7 | public hidden = true; 8 | public excerpt = 'Thoughts & feelings on Open Source'; 9 | public keywords = ['Developer', 'Open Source', 'GitHub', 'sponsorships']; 10 | 11 | public render() { 12 | return ( 13 | <> 14 |Open Source
15 | 16 |17 | 18 | Relevant xkcd: #2347 19 | 20 |
21 | 22 |23 | I really do love open source. I love being able to build software that I know people will 24 | be able to make great use of. I love that we can extend already existing open source 25 | software & I love that we're able to put licenses on our code and explain where and 26 | how you can use it. 27 |
28 |29 | But open source is a truly double-edged sword. There are always stories on Twitter with 30 | people explaining how they were taken advantage of, or don't have the resources to keep 31 | maintaining a project. 32 |
33 |
34 | Recently, a library called faker.js was nuked by the author in an attempt to
35 | make a "political" point. Wildly unsuccessful and, in my opinion, extremely immature.
36 | However, the community responded really quickly and quickly forked the project into{' '}
37 | @faker-js/faker. This meant developers could easily switch their project over
38 | to use a 100% API compatible, up-to-date and community-managed version of the project. The
39 | original author, Marak Squires, ended up deleting the original repo. As well as that,
40 | Squires also placed malicious code in another project of his, colors.js, that
41 | would infinite loop the victim's computer.
42 |
44 | But there was a reason for this. Thanks to the wonderful archive.org, we're able to see 45 | old and deleted posts explaining why this had happened — and it's a common frustration 46 | within the community. Famously, Marak mentions he will do{' '} 47 | 48 | No more free work 49 | {' '} 50 | and he's also written a good{' '} 51 | 52 | few hundred words 53 | {' '} 54 | on the topic, too. 55 |
56 |57 | Okay, so he's frustrated with people taking Open Source for granted. What's the solution 58 | here? Well, fantastic companies like OpenCollective and GitHub are taking the initiative 59 | to provide a direct, low-fee method of sponsoring open source projects. Big companies like 60 | Discord, Stripe, and Microsoft have all sponsored small and large projects and sometimes 61 | they get their name on the README in return. At the moment, we're not quite there 62 | completely, but we're definitely heading in the right direction. 63 |
64 |
65 | Alternatively, a recent JavaScript library popped up called motion (
66 | motion.dev) which caused a bit of a stir in the
67 | community for shaking things up a little bit with regards to their monetization strategy.
68 | The library itself exists on npm and can be installed as you would any other node module,
69 | except there is no GitHub URL for the package..? Taking a look at the README on npm says
70 | the following:
71 |
74 | Become a sponsor and get access to the private Motion One repo. File issues, read the 75 | changelog and source code, and join discussions that help shape the future of the API. 76 |77 | 78 |
79 | Okay, interesting, so you can use the module and read the documentation for free, but 80 | accessing the source code requires somewhat of a paid subscription. There is valid 81 | incentive for companies to do this as it allows them to not only audit the codebase (under 82 | security concerns), but also it allows for reading the source code to see how everything 83 | works and learn a lot. 84 |
85 | 86 |
87 | So what's the downside to this? Well, one of the reasons traditional open source is
88 | brilliant is because it allows anybody to freely see how something works — so assuming
89 | that is true, could we even call motion an open source project? What's more,
90 | a lot of individual developers are students or kids learning and as such, they're not
91 | financially able to support projects. On top of that, they are the generation we want to
92 | be educating the MOST about programming and so immediately cutting them off is definitely
93 | not a win.
94 |
97 | One final example of open source being painful has got to be Fastify. Fastify's creator is 98 | active on Twitter very often and there have been a few Tweets describing some headaches 99 | they have had to go through as a team to get Fastify to be successful. Keeping it short, 100 | but one thing they have done extensively has been advertising Fastify, which has kept it 101 | mainstream and allowed for more users and therefore sponsorships. Matteo Collina, 102 | Fastify's creator, has explained that had there not been the advertising done, Fastify 103 | would not be as maintained, if at all, as it is today. Right now, Fastify has two core 104 | maintainers and 16 on the core team overall. 105 |
106 | 107 |108 | There is plenty of room for innovation in this space. I'm excited to see where GitHub 109 | sponsors and OpenCollective go and if we can see some large tech companies spreading the 110 | word about open source. 111 |
112 | 113 |114 | By the way, I do accept sponsorships via GitHub, so if you enjoy my work or writing then 115 | please consider any spare VC funding you have just raised 😊{' '} 116 | github.com/sponsors/alii 117 |
118 | 119 |Thanks for reading!
120 | 121 | ); 122 | } 123 | } 124 | -------------------------------------------------------------------------------- /src/blog/2022/08/strict-tsconfig/strict-tsconfig.tsx: -------------------------------------------------------------------------------- 1 | import {stripIndent} from 'common-tags'; 2 | import {Highlighter} from '../../../../components/syntax-highligher'; 3 | import {Post} from '../../../Post'; 4 | 5 | export class StrictTSConfig extends Post { 6 | public name = 'A strict TSConfig'; 7 | public slug = 'strict-tsconfig'; 8 | public date = new Date('08 Sep 2022'); 9 | public hidden = false; 10 | public excerpt = 'The strictest TypeScript configuration possible. "Look ma, no errors!"'; 11 | public keywords = ['strict', 'tsconfig', 'typescript']; 12 | 13 | public render() { 14 | return ( 15 | <> 16 |17 | Here's a very strict TypeScript configuration file. All the safety checks you could ever 18 | want. "Look ma, no errors!" 19 |
20 | 21 |48 | 49 |
50 | Although, nowadays I'm just using bun init...
51 |
WTF, ESM!?
21 | 22 |
23 | I{' '}
24 |
Preface
34 | 35 |
36 | I am so incredibly grateful for the absolutely wonderful{' '}
37 |
46 | Andrew works on TypeScript itself at Microsoft, specifically on auto imports and modules. 47 | It's likely he's the only person on the planet who knows exactly how this works inside 48 | out. It's been rumoured that he will be summoned if you utter "module resolution" three 49 | times in the dark. Thank you Andy - you're truly a super star ⭐💖 50 |
51 | 52 |53 | 54 |
55 | Right now, it's extraordinarily clear we are experiencing growing pains in our great
56 | migration to ECMAScript Modules. Below is the part of my package.json that I
57 | posted.
58 |
80 | As mentioned above, I made some mistakes here. First of all, it's important to
81 | differentiate between what is runtime code that engines will understand (what is
82 | JavaScript), and what is type definitions (what is TypeScript). This (seems) easy enough,
83 | we can see clearly that there are two types fields. One is under the{' '}
84 | . entrypoint for exports, the other is at the root. Let's break
85 | it down.
86 |
Where did I go wrong?
89 | 90 |91 | It's pretty hard to get a conclusive answer from the "crowd" of JavaScript developers 92 | about the best way to publish a package to npm. Everyone has conflicting answers & we 93 | all seem to be following what already exists on GitHub and npm. There are lots of packages 94 | that are published technically incorrectly but used and installed by millions of people. 95 | This means a lot of packages follow what I'm calling a colloquial standard. Here's what I{' '} 96 | *thought to be true*, and so do most other devs... 97 |
98 | 99 |-
105 |
-
106 |
.typesat the root is for TypeScript type definitions. A single{' '} 107 |.d.tsfile can define all exported symbols in your package. 108 |
109 |
110 | -
111 |
.mainis for CJS beforeexportsexisted. You can emit a single 112 | CJS compatible file that can be consumed by (legacy) runtimes. 113 |
114 |
115 | -
116 |
.moduleis for an ESM entrypoint beforeexportsexisted. This 117 | was mostly used by bundlers like Webpack, and has never been part of any standard. It's 118 | superseded byexports, but it might be good to keep in order to support the 119 | older bundlers. 120 |
121 |
122 | -
123 |
.exportsis the new standard for defining entrypoints for your package. It 124 | is a map of entrypoints to files. The.entrypoint is the default 125 | entrypoint. We also include./package.jsonso the package.json file is also 126 | accessible. Theexportsfield is supported in modern runtimes. Node has 127 | supported it since v16.0.0 - for this reason, you will seeexports{' '} 128 | sometimes referenced as node16. 129 |
130 |
131 | -
132 |
.exports.*.typesis for TypeScript type definitions. A single{' '} 133 |.d.tsfile can define all exported symbols in your package for both CJS and 134 | ESM. 135 |
136 |
137 | -
138 |
.exports.*.importis for ESM. This is the entrypoint for how a modern 139 | runtime should import your package when running under CommonJS. It is a single ESM 140 | compatible file. 141 |
142 |
143 | -
144 |
.exports.*.requireis for CJS. This is the entrypoint for how a modern 145 | runtime should import your package when running under CommonJS. It is a single CJS 146 | compatible file. 147 |
148 |
149 | -
150 |
.exports.*.defaultis for when a runtime does not match any other 151 | condition, and is a fallback. It's also within the spec to specifydefault{' '} 152 | as the only entrypoint. I did not usedefaultin my initial Tweet. 153 |
154 |
157 | I made a few mistakes here. First of all, types are specific to ESM and CJS. This means
158 | there should be two types fields. One for ESM, one for CJS. Even the
159 | TypeScript documentation gets this wrong, and is something they're working on updating.
160 | Solutions for this are also pretty wild. I've managed to get things working by simply
161 | copying ./dist/index.d.ts to ./dist/index.d.cts after bundling,
162 | and making the following changes to my package.json.
163 |
186 | Note that we point to a .js file and not .mjs when targeting ESM. This is because our
187 | package.json has type set to module. This tells our runtime that
188 | all files are assumed to be ESM unless they have a .cjs extension. There's no
189 | such thing as an ESM package, only ESM files. Using "type": "module", is just
190 | a way to tell the runtime to interpret existing files as ESM.
191 |
What gives?
194 | 195 |
201 | Clearly, this is messy. It's messy because we're trying to support a lot of different
202 | runtimes, and we're trying to support them all at once. We're trying to support ESM, CJS,
203 | legacy bundlers, modern bundlers, and TypeScript. We're trying to support all of these
204 | runtimes at once, and finally, we're trying to support them all at once in a single{' '}
205 | package.json file. Few other languages suffer from this level of complexity
206 | and fragmentation.
207 |
210 | Let's break down the mess and why all these things are the way they are. Starting off with{' '}
211 | exports.
212 |
215 | exports is the modern way to define what your package exports. We have
216 | already established that it is a map of entrypoints to files. Let's step through what
217 | happens when a runtime/consumer (we'll use the word consumer, because TypeScript - which
218 | is not a runtime - is also reading our code in this case) wants to import our package.
219 |
-
222 |
-
223 |
Consumer encounters an import statement
224 | 225 |226 | {stripIndent` 227 | import {something} from 'my-package'; 228 | `} 229 | 230 |
231 |
232 | -
233 |
234 | Consumer resolve the source code for
238 |my-package. In Node.js this is done 235 | by looking for the folder name innode_modules, and then finding the{' '} 236 |package.json. In any case, this is up to the consumer to implement 237 |
239 |
240 | -
241 |
242 | Consumer finds
245 |package.jsonfile in the source code folder, and begins to 243 | read theexportsfield 244 |
246 |
247 | -
248 | It steps through each field (in order, despite it being an object) and checks if the
249 | condition the consumer is looking for exists in the
exportsfield. 250 |
251 |
252 | -
253 |
254 | If the condition is met, the consumer will use the file specified in the{' '} 255 |
259 | 260 |exportsfield as the entrypoint for the package. If the condition is not 256 | met, it will continue to the next field. If no condition is met, a consumer will 257 | usually exit/throw an error. 258 |261 | An example of a condition being met could be Node.js looking for an ESM file. In this 262 | case, it would look for the
265 |importcondition first, before trying to fall 263 | back todefaultif it exists. 264 |
266 |
Ambient Declarations
18 |19 | I recently landed a pull request ( 20 | #18024) in{' '} 21 | Bun that reorganized and rewrote significant portions of 22 | Bun's TypeScript definitions. Working on this PR made me realize how little documentation 23 | there is on ambient declarations, so I wanted to write about it. 24 |
25 |What are ambient declarations?
26 |I'll start by answering this question with a couple questions...
27 |
28 | 1. How does TypeScript know the types of my node_modules, which are mostly
29 | all .js files?
30 |
31 | 32 | 2. How does TypeScript know the types of APIs that exist in my runtime? 33 |34 |
35 | The short answer: It can't! 36 |
37 |
38 | The short but slightly longer answer is that it CAN with some extra files - ambient
39 | declarations! These are files that exist somewhere in your project (usually in{' '}
40 | node_modules) that contain type information and tell TypeScript what{' '}
41 | things exist at runtime. They use the file extension .d.ts, with the
42 | `.d` denoting "declaration".
43 |
45 | By things I mean anything you import and use. That could be functions, classes, 46 | variables, modules themselves, APIs from your runtime, etc. 47 |
48 |49 | They're called "ambient" declarations because in the TypeScript universe ambient simply 50 | means "without implementation" 51 |
52 |53 | If you've ever imported a package and magically got autocomplete and type checking, you've 54 | benefited from ambient declarations. 55 |
56 |A simple ambient declaration file could look like this:
57 |
71 | If you can already read TypeScript this ambient declaration will be very easy to
72 | understand. You can clearly see a JSDoc comment, the types of the arguments, the return
73 | type, an export keyword, etc. It almost looks like real TypeScript, except the really
74 | important part to note here is the keyword declare is used. This keyword
75 | tells TypeScript to not expect any runtime code to exist here, it's purely a type
76 | declaration only.
77 |
declare keyword inside of
80 | regular .ts files. There are many use cases for this, a common one being declaring types
81 | of globals.
82 | 84 |
How Does TypeScript Find Types?
85 |86 | Module resolution is an incredibly complex topic, but it boils down to TypeScript looking 87 | for relevant types in a few places. 88 |
89 |-
90 |
-
91 | Bundled types: Some packages include their own
.d.tsfiles. 92 |
93 | -
94 | DefinitelyTyped: If not, TypeScript looks in
@types/packages in{' '} 95 |node_modules. 96 |
97 | -
98 | Your own project: You can add
.d.tsfiles anywhere in your project 99 | to describe types for JS code, global variables, or even new modules. 100 |
101 | - 102 | Source: If the module resolution algorithm resolves to an actual TypeScript file, 103 | then the types can be read from the original source code anyway. Some packages on NPM 104 | also publish their TypeScript source and allow modern tooling to consume it directly.{' '} 105 | 106 | Ambient declarations are NOT used in either of these scenarios 107 | 108 | . 109 | 110 |
Ambient vs. Regular Declarations
112 |113 | Regular declarations are for code you write and control. 114 |
115 |122 | Ambient declarations are for code that exists elsewhere. 123 |
124 |
130 | The declare keyword tells TypeScript: "This exists at runtime, but you won't
131 | find it here."
132 |
Module vs. Script Declarations
134 |-
135 |
-
136 | Module declarations: Any
.d.tsfile with a top-level{' '} 137 |importorexport. Types are added to the module. 138 |
139 | - 140 | Script (global) declarations: No top-level import/export. Types are added to the 141 | global scope. 142 | 143 |
| File Type | 148 |Example Syntax | 149 |Scope | 150 |
|---|---|---|
| Module | 155 |
156 | export declare function foo(): void;
157 | |
158 | Module only (must be imported) | 159 |
| Script (global) | 162 |
163 | declare function setTimeout(...): number;
164 | 165 | declare function foo(): void;
166 | |
167 | Global (available everywhere) | 168 |
172 | Rule of thumb: An ambient declaration file is global unless it has a top-level 173 | import/export. 174 |
175 |globalThis.
179 | 182 | Why does this distinction exist? TypeScript is old in JavaScript's history - it predates 183 | the modern module system (ESM) and needed to support the "everything is global" style of 184 | early JS. That's why it still supports both module and script (global) declaration files. 185 |
186 |187 | How does TypeScript treat these differently? 188 |
189 |-
190 |
- 191 | Module: Everything you declare is private to that module and must be explicitly 192 | imported by the consumer - just like regular TypeScript/ESM code. 193 | 194 |
-
195 | Script (global): Everything is injected directly into the global scope of every
196 | file in your program. This is how the DOM lib ships types like
window,{' '} 197 |document, and functions likesetTimeout. 198 |
199 |
201 | When would you use each? 202 |
203 |-
204 |
- 205 | Module: For packages, libraries, and almost all modern code. 206 | 207 |
- 208 | Script: For patching browser globals, legacy code, or when you really need to add 209 | something to the global scope. 210 | 211 |
global {'{ ... }'} escape hatch, but that should be reserved for
215 | unavoidable edge-cases.
216 | Declaring Global Types
219 |220 | Suppose you want to add a global variable that your runtime creates, or perhaps a library 221 | you're using doesn't have types for: 222 |
223 |229 | Because this declaration file is NOT a module, this will be accessible everywhere in your 230 | program. 231 |
232 |
233 | What if you wanted to add something to the window object? TypeScript declares
234 | the window variable exists by assigning it to an interface called Window,
235 | which is also declared globally. You can perform{' '}
236 |
237 | Declaration Merging
238 | {' '}
239 | to extend that interface, and tell TypeScript about new properties that exist.
240 |
Declaring modules by name
250 |251 | You can declare a module by its name. As long as the ambient declaration file gets 252 | referenced or included in your build somehow, then TypeScript will make the module 253 | available. 254 |
255 |
263 | This syntax also allows for declaring modules with wildcard matching. We do this in{' '}
264 | @types/bun, since Bun allows for importing .toml and{' '}
265 | .html files.
266 |
Writing Your Own .d.ts Files
280 |Suppose you're using a JS library with no types. Here's how to add them:
281 |-
282 |
-
283 | Create a new
.d.tsfile (you could put this in atypes/{' '} 284 | folder) 285 |
286 |
287 | -
288 |
Write a module declaration:
289 | 290 |291 | {stripIndent` 292 | declare module 'my-lib' { 293 | export function coolFeature(x: string): number; 294 | } 295 | `} 296 | 297 |
298 |
299 | -
300 | Make sure your
tsconfig.jsonincludes the types folder (usually automatic). 301 |
302 |
Compiler contract
304 |305 | Since ambient modules don't contain runtime code, they should be treated like "promises" 306 | or "contracts" that you are making with the compiler. They're like documentation that 307 | TypeScript can understand. Just like documentation for humans, it can get out of sync with 308 | the actual runtime code. A lot of the work I'm doing at Bun is ensuring our type 309 | definitions are up to date with Bun's runtime APIs. 310 |
311 |Conflicts
312 |
313 | While doing research for the pull request mentioned at the beginning, I found a few cases
314 | where the compiler was not able to resolve the types of some of Bun's APIs because we had
315 | declared that certain symbols existed, where they might have already been declared by{' '}
316 |
317 | lib.dom.d.ts
318 | {' '}
319 | (the builtin types that TypeScript provides by default) or things like{' '}
320 | @types/node (the types for Node.js). .
321 |
323 | Avoiding these conflicts is unfortunately not always possible. Bun implements a really 324 | solid best-effort approach to this, but sometimes you just have to get creative. For 325 | example, you might see code like this to "force" TypeScript to use one type over another: 326 |
327 |335 | Bun's types take this a step further by using a clever trick that lets us use the built-in 336 | types if they exist, with a graceful fallback when they don't. 337 |
338 |
339 |
340 | {stripIndent`
341 | declare module "bun" {
342 | namespace __internal {
343 | // \`onabort\` is defined in lib.dom.d.ts, so we can check to see if lib dom is loaded by checking if \`onabort\` is defined
344 | type LibDomIsLoaded = typeof globalThis extends { onabort: any } ? true : false;
345 |
346 | /**
347 | * Helper type for avoiding conflicts in types.
348 | *
349 | * Uses the lib.dom.d.ts definition if it exists, otherwise defines it locally.
350 | *
351 | * This is to avoid type conflicts between lib.dom.d.ts and \@types/bun.
352 | *
353 | * Unfortunately some symbols cannot be defined when both Bun types and lib.dom.d.ts types are loaded,
354 | * and since we can't redeclare the symbol in a way that satisfies both, we need to fallback
355 | * to the type that lib.dom.d.ts provides.
356 | */
357 | type UseLibDomIfAvailable =
358 | LibDomIsLoaded extends true
359 | ? typeof globalThis extends { [K in GlobalThisKeyName]: infer T } // if it is loaded, infer it from \`globalThis\` and use that value
360 | ? T
361 | : Otherwise // Not defined in lib dom (or anywhere else), so no conflict. We can safely use our own definition
362 | : Otherwise; // Lib dom not loaded anyway, so no conflict. We can safely use our own definition
363 | }
364 | }
365 | `}
366 |
367 |
368 |
369 | {stripIndent`
370 | declare var Worker: Bun.__internal.UseLibDomIfAvailable<'Worker', {
371 | new(filename: string, options?: Bun.WorkerOptions): Worker;
372 | }>;
373 | `}
374 |
375 |
376 |
377 | This declares that the Worker runtime value exists, and will use the version
378 | from TypeScript's builtin lib files if they're loaded already in the program, and if not
379 | it will use the version passed as the second argument.
380 |
382 | This trick means we can write types that can exist in many different environments without 383 | worrying about impossible-to-fix conflicts breaking the build. 384 |
385 |386 |
Declaring entire modules as global namespaces
387 |
388 | In Bun, everything importable from the 'bun' module is also available on the
389 | global namespace Bun
390 |
402 | In fact, you can do an equality to check to see that importing the module gives you the 403 | same reference to the global namespace. 404 |
405 |417 | Declaring this in TypeScript uses some strange syntax. You can{' '} 418 | 419 | find the declaration here 420 | 421 | , but it looks like this: 422 |
423 |Let's break it down
433 |-
434 |
-
435 |
We have an import statement, so this file becomes a module.
436 |
437 | -
438 |
439 | We import everything from the
442 |bunmodule and alias to a namespace called{' '} 440 |BunModule441 |
443 | -
444 |
445 | We use the `declare global` block to escape back into global scope, and then use the 446 | funky syntax
448 |export importto re-export the namespace to the global scope 447 |
449 |
451 | This export import syntax a way of saying "re-export this namespace" - except
452 | when declaring on the global scope (inside a declare global {'{ }'} block or
453 | inside a script/global file) the export keyword kind of turns into a namespace declaration
454 | for the global scope.
455 |
457 | Here is the "rest" of @types/bun that piece this all together
458 |
460 |
461 | {stripIndent`
462 | declare module "bun" {
463 | /**
464 | * Creates a new BunFile instance
465 | * @param path - The path to the file
466 | * @returns A new BunFile instance
467 | */
468 | function file(path: string): BunFile;
469 |
470 | interface BunFile {
471 | /* ... */
472 | }
473 | }
474 | `}
475 |
476 |
477 |
478 | {stripIndent`
479 | // You "import" types by using triple-slash references,
480 | // which tell TypeScript to add these declarations to the build.
481 |
482 | ///
486 |
487 |
488 | {stripIndent`
489 | {
490 | "name": "@types/bun",
491 | "version": "1.2.13",
492 | "types": "./index.d.ts",
493 | // ...
494 | }
495 | `}
496 |
497 |
498 |
499 | In previous versions of Bun's types, the Bun global was defined as a variable that
500 | imported the bun module.
501 |
508 | But since this is a runtime value, we have lost all of the types that are exported from
509 | the bun module. For example we can't use Bun.BunFile in our
510 | code.
511 |
513 | In the pull request mentioned at the beginning, I changed previous declaration to use the{' '}
514 | export import syntax which fixed this issue. It means you can now use the Bun
515 | namespace exactly like you'd expect the bun module to behave.
516 |
518 |
Ambient declaration gotchas
519 |-
520 |
-
521 | "Cannot find module" or "type not found" errors: Make sure your{' '}
522 |
.d.tsfile is included in the project (checktsconfig.json's{' '} 523 |include/exclude). 524 |
525 |
526 | - 527 | Conflicts: If two libraries declare the same global, you'll get errors. Prefer 528 | module declarations, and avoid globals unless necessary. 529 | 530 |
Resources
532 |-
533 |
- 534 | 535 | Bun's TypeScript types 536 | 537 | 538 |
- 539 | 540 | TypeScript Handbook: Declaration Files 541 | 542 | 543 |
- 544 | DefinitelyTyped 545 | 546 |
549 | 550 |
551 |
557 |
558 | );
559 | }
560 | }
561 |
--------------------------------------------------------------------------------
/src/blog/Post.ts:
--------------------------------------------------------------------------------
1 | import type {ReactNode} from 'react';
2 |
3 | export abstract class Post {
4 | public abstract readonly name: string;
5 | public abstract readonly slug: string;
6 | public abstract readonly date: Date;
7 | public abstract readonly hidden: boolean;
8 | public abstract readonly excerpt: string;
9 | public abstract readonly keywords: string[];
10 |
11 | public toJSON(): Post.PartialJSON {
12 | return {
13 | name: this.name,
14 | slug: this.slug,
15 | date: this.date.toISOString(),
16 | hidden: this.hidden,
17 | excerpt: this.excerpt,
18 | keywords: this.keywords,
19 | };
20 | }
21 |
22 | public toTinyJSON(): Post.TinyJSON {
23 | return {
24 | name: this.name,
25 | slug: this.slug,
26 | date: this.date.toISOString(),
27 | excerpt: this.excerpt,
28 | };
29 | }
30 |
31 | public abstract render(): ReactNode;
32 | }
33 |
34 | export namespace Post {
35 | export interface PartialJSON {
36 | name: string;
37 | slug: string;
38 | date: string;
39 | hidden: boolean;
40 | excerpt: string;
41 | keywords: string[];
42 | }
43 |
44 | export interface TinyJSON {
45 | name: string;
46 | slug: string;
47 | date: string;
48 | excerpt: string;
49 | }
50 | }
51 |
--------------------------------------------------------------------------------
/src/blog/posts.ts:
--------------------------------------------------------------------------------
1 | import {Mochip} from './2022/01/mochip/mochip';
2 | import {ServerlessDiscordOAuth} from './2022/01/serverless-discord-oauth/serverless-discord-oauth';
3 | import {ZeroKbBlog} from './2022/01/zero-kb-blog/zero-kb-blog';
4 | import {OpenSource} from './2022/03/open-source/open-source';
5 | import {StrictTSConfig} from './2022/08/strict-tsconfig/strict-tsconfig';
6 | import {WTFESM} from './2023/wtf-esm/wtf-esm';
7 | import {AmbientDeclarations} from './2025/ambient-declarations/ambient-declarations';
8 |
9 | export const posts = [
10 | new AmbientDeclarations(),
11 | new WTFESM(),
12 | new OpenSource(),
13 | new Mochip(),
14 | new ZeroKbBlog(),
15 | new ServerlessDiscordOAuth(),
16 | new StrictTSConfig(),
17 | ] as const;
18 |
19 | export function sortPosts(p: typeof posts) {
20 | return [...p].sort((a, b) => {
21 | if (a.date > b.date) {
22 | return -1;
23 | }
24 |
25 | if (a.date < b.date) {
26 | return 1;
27 | }
28 |
29 | return 0;
30 | });
31 | }
32 |
--------------------------------------------------------------------------------
/src/components/blog-footer.tsx:
--------------------------------------------------------------------------------
1 | import {CiGlobe, CiTwitter} from 'react-icons/ci';
2 | import {VscGithubAlt} from 'react-icons/vsc';
3 | import {ExternalLink} from '../components/external-link';
4 |
5 | export const BlogFooter = (
6 |
24 | );
25 |
26 | function FooterLink({href, children}: {href: string; children: React.ReactNode}) {
27 | return (
28 | 552 | Special thanks to the following people for reading revisions and helping with this post: 553 |
554 | Conrad Crawford,{' '} 555 | Cody Miller 556 |
67 |
132 |
153 | {!isActuallyExpanded && (
154 |
168 |
169 |
170 | );
171 | }
172 |
--------------------------------------------------------------------------------
/src/components/external-link.tsx:
--------------------------------------------------------------------------------
1 | import type {ComponentProps} from 'react';
2 |
3 | export function ExternalLink(props: ComponentProps<'a'>) {
4 | return ;
5 | }
6 |
--------------------------------------------------------------------------------
/src/components/message.tsx:
--------------------------------------------------------------------------------
1 | import clsx from 'clsx';
2 | import {motion} from 'framer-motion';
3 | import type {ReactNode} from 'react';
4 | import alistair from '../../public/alistair.jpeg';
5 | import type {DistributedOmit} from '../utils/types';
6 |
7 | export function message(
8 | ...args:
9 | | [key: string, content: ReactNode, className?: string]
10 | | [message: DistributedOmit
68 |
110 |
111 |
69 | {
79 | flushSync(() => {
80 | setIsLockedOpen(x => !x);
81 | });
82 |
83 | button.current?.blur();
84 | }}
85 | initial={didHoverOrFocusOnce ? 'hidden' : 'shown'}
86 | animate={didHoverOrFocusOnce ? 'hidden' : 'shown'}
87 | variants={{
88 | shown: {
89 | opacity: 0,
90 | },
91 | hidden: {
92 | opacity: 1,
93 | },
94 | }}
95 | >
96 | Toggle blog post list
97 |
98 |
108 |
109 | 70 | I try to write every now and then, often about stuff I've recently been working on. 71 | Hover your mouse here to see the list. 72 |
73 | 74 |
99 |
100 | {isLockedOpen && didHoverOrFocusOnce ? (
101 |
107 |
133 | {allPosts.map(post => {
134 | return (
135 |
140 |
151 |
152 |
141 |
147 |
148 | );
149 | })}
150 | 142 | {post.name} 143 |
144 | 145 |{post.excerpt}
146 |{children}
110 |
40 |
47 | );
48 | }
49 |
--------------------------------------------------------------------------------
/src/components/stats.tsx:
--------------------------------------------------------------------------------
1 | import {useMemo} from 'react';
2 | import {useFirstEverLoad, useVisitCounts} from '../hooks/use-first-ever-load';
3 |
4 | export function Stats() {
5 | const [stats] = useFirstEverLoad();
6 | const [visits] = useVisitCounts();
7 |
8 | const firstEverLoadTime = useMemo(() => new Date(stats.time), [stats.time]);
9 |
10 | return (
11 |
41 | {icons[props.variant]}
42 | {props.title &&
44 |
45 | {props.title}
} 43 |{props.children}
46 |
12 |
19 | );
20 | }
21 |
--------------------------------------------------------------------------------
/src/components/syntax-highligher.tsx:
--------------------------------------------------------------------------------
1 | import type {PropsWithChildren} from 'react';
2 | import SyntaxHighlighter from 'react-syntax-highlighter';
3 |
4 | import light from 'react-syntax-highlighter/dist/cjs/styles/hljs/lightfair';
5 | import dark from 'react-syntax-highlighter/dist/cjs/styles/hljs/vs2015';
6 |
7 | import clsx from 'clsx';
8 | import {TbBrandCss3, TbBrandHtml5, TbBrandJavascript, TbBrandTypescript} from 'react-icons/tb';
9 |
10 | const Pre = ({children}: PropsWithChildren) => 13 | You first visited my website on {firstEverLoadTime.toLocaleDateString()} at{' '} 14 | {firstEverLoadTime.toLocaleTimeString()} and on this first visit, you were on the{' '} 15 | {stats.path} page. Since then, you have visited {visits - 1} more times.{' '} 16 | {visits > 1 && 'Thanks for coming back!'} 17 |
18 |{children};
11 |
12 | export function Shell({
13 | children,
14 | hasDollarOnFirstLineOnly,
15 | }: {
16 | readonly children: string;
17 | readonly hasDollarOnFirstLineOnly?: boolean;
18 | }) {
19 | const lines = children.split('\n');
20 |
21 | return (
22 |
23 | {lines.map((line, index) => {
24 | const isFirst = index === 0;
25 |
26 | return (
27 |
37 | {line === '' ?
: line}
38 |
39 | );
40 | })}
41 |
42 | );
43 | }
44 |
45 | function Filename({filename}: {readonly filename: string}) {
46 | const icon = (() => {
47 | switch (true) {
48 | case filename.endsWith('.ts'):
49 | return 63 | {icon} 64 | {filename} 65 |
66 | ); 67 | } 68 | 69 | export function Highlighter({ 70 | children, 71 | language = 'typescript', 72 | filename, 73 | }: { 74 | readonly children: string; 75 | readonly language?: 'typescript' | 'javascript' | 'bash' | 'json' | 'css' | 'html' | 'markdown'; 76 | readonly filename?: string; 77 | }) { 78 | return ( 79 |
80 |
96 | );
97 | }
98 |
--------------------------------------------------------------------------------
/src/fonts/gambarino-regular.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alii/website/9e7e8f5aabf66a628dc36a7f083a1433ac764735/src/fonts/gambarino-regular.ttf
--------------------------------------------------------------------------------
/src/fonts/roobert-variable.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alii/website/9e7e8f5aabf66a628dc36a7f083a1433ac764735/src/fonts/roobert-variable.woff2
--------------------------------------------------------------------------------
/src/globals.css:
--------------------------------------------------------------------------------
1 | @import 'tailwindcss';
2 |
3 | @plugin "@tailwindcss/typography";
4 |
5 | @theme {
6 | --font-serif: var(--next-font-serif), --default-serif-font-family;
7 | --font-sans: var(--next-font-sans), --default-sans-font-family;
8 | --font-mono: var(--next-font-mono), --default-mono-font-family;
9 | }
10 |
11 | body {
12 | @apply overscroll-none bg-[#fefefe] font-sans text-zinc-900 antialiased dark:bg-zinc-950 dark:text-zinc-100;
13 | }
14 |
15 | #__next {
16 | @apply absolute inset-0;
17 | }
18 |
19 | a[href] {
20 | @apply ring-sky-500 focus-visible:ring-[2.5px] focus-visible:outline-none;
21 | }
22 |
--------------------------------------------------------------------------------
/src/hooks/layout.ts:
--------------------------------------------------------------------------------
1 | import {useLayoutEffect} from 'react';
2 |
3 | export const useIsomorphicLayoutEffect = typeof window !== 'undefined' ? useLayoutEffect : () => {};
4 |
--------------------------------------------------------------------------------
/src/hooks/use-did-initial-page-animations.ts:
--------------------------------------------------------------------------------
1 | import {useEffect} from 'react';
2 |
3 | const store = {did: false};
4 |
5 | // This is basically a "did already mount some pages" flag
6 | // which means that if a user is going back and forth between
7 | // pages, we don't want to do the initial page animations
8 | // because it makes them wait unnecessarily
9 | export function useShouldDoInitialPageAnimations() {
10 | useEffect(() => {
11 | store.did = true;
12 | }, []);
13 |
14 | return !store.did;
15 | }
16 |
--------------------------------------------------------------------------------
/src/hooks/use-first-ever-load.ts:
--------------------------------------------------------------------------------
1 | import {useLocalStorage} from 'alistair/hooks';
2 | import {useRouter} from 'next/router';
3 |
4 | export function useFirstEverLoad() {
5 | const router = useRouter();
6 |
7 | return useLocalStorage('user:first-ever-load', () => ({
8 | path: router.pathname,
9 | time: Date.now(),
10 | query: router.query,
11 | }));
12 | }
13 |
14 | export function useVisitCounts() {
15 | return useLocalStorage('user:visit-counts', () => 1);
16 | }
17 |
--------------------------------------------------------------------------------
/src/hooks/use-isomorphic-value.ts:
--------------------------------------------------------------------------------
1 | import {useSyncExternalStore} from 'react';
2 |
3 | const noopsub = () => () => {};
4 | export function useIsomorphicValue
81 | {filename &&
84 | {children}
85 |
86 |
87 |
88 |
89 | {filename &&
92 | {children}
93 |
94 |
95 |
22 |
73 | );
74 | }
75 |
76 | export const getStaticProps: GetStaticProps
23 |
24 | {post.name}
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
48 |
50 | )}
51 |
52 |
67 | {post.render()}
68 |
69 |
70 | {BlogFooter}
71 |
72 |
38 |
42 | cd ../
43 |
44 |
45 |
46 | {post.hidden && (
47 | This post is not listed on the homepage. Please don't share the link
49 |53 | 56 |
57 | 58 |Uh oh...
5 |Apologies, something went wrong there...
6 |
85 |
104 | );
105 |
106 | const stream = await unstable_createNodejsStream(node, {
107 | width: 1200,
108 | height: 630,
109 | fonts: [MONO, SANS_SERIF],
110 | });
111 |
112 | res.setHeader('Content-Type', 'image/png');
113 | res.setHeader('Cache-Control', 'public, max-age=31536000, immutable');
114 | res.statusCode = 200;
115 | res.statusMessage = 'OK';
116 |
117 | stream.pipe(res);
118 | }
119 |
--------------------------------------------------------------------------------
/src/pages/api/ping.ts:
--------------------------------------------------------------------------------
1 | import {api} from '../../server/api';
2 |
3 | export default api({GET: async () => Date.now()});
4 |
--------------------------------------------------------------------------------
/src/pages/api/posts.ts:
--------------------------------------------------------------------------------
1 | import {posts} from '../../blog/posts';
2 | import {api} from '../../server/api';
3 |
4 | const filtered = posts.filter(post => !post.hidden);
5 |
6 | export default api({GET: async () => filtered});
7 |
--------------------------------------------------------------------------------
/src/pages/blog.tsx:
--------------------------------------------------------------------------------
1 | import {motion} from 'framer-motion';
2 | import Link from 'next/link';
3 | import type {ReactNode} from 'react';
4 | import {TbArrowLeft} from 'react-icons/tb';
5 | import {posts, sortPosts} from '../blog/posts';
6 | import {BlogFooter} from '../components/blog-footer';
7 | import {useShouldDoInitialPageAnimations} from '../hooks/use-did-initial-page-animations';
8 |
9 | export default function Blog() {
10 | const shouldAnimate = useShouldDoInitialPageAnimations();
11 |
12 | return (
13 |
89 | {post.name}
90 |
91 |
95 | {post.excerpt}
96 |
97 |
101 | alistair.sh
102 |
103 |
15 |
16 |
alistair.sh/blog
21 | 22 |
19 |
25 | );
26 | }
27 |
28 | const avatar_url = user.avatar
29 | ? `https://cdn.discordapp.com/avatars/${user.id}/${user.avatar}`
30 | : user.discriminator === '0'
31 | ? `https://cdn.discordapp.com/embed/avatars/${(BigInt(user.id) >> BigInt(22)) % BigInt(6)}.png`
32 | : `https://cdn.discordapp.com/embed/avatars/${Number(user.discriminator) % 5}.png`;
33 |
34 | return (
35 | you are not signed in!
20 | 21 | 22 | Log in with Discord ↗ 23 | 24 |
36 | 
37 |
38 |
42 | );
43 | }
44 |
45 | export const getServerSideProps: GetServerSidePropshello, {user.username}!
39 | 40 |clear your cookies to logout!
41 |
6 |
33 | );
34 | }
35 |
--------------------------------------------------------------------------------
/src/pages/experiments/morphing-shapes.tsx:
--------------------------------------------------------------------------------
1 | import {useSearchParams} from 'next/navigation';
2 | import {useEffect, useMemo, useState} from 'react';
3 | import {v4 as uuid} from 'uuid';
4 |
5 | const THEME_COLORS = ['#fc9494', '#94e4fc', '#bffc94', '#ffffff'];
6 | const randomColor = () => THEME_COLORS[Math.floor(Math.random() * THEME_COLORS.length)]!;
7 |
8 | const IS_BROWSER = typeof window !== 'undefined';
9 |
10 | const LIMITS = {
11 | TOP: IS_BROWSER ? window.innerHeight - 50 : 750,
12 | LEFT: IS_BROWSER ? window.innerWidth - 50 : 550,
13 | SCALE: 2,
14 | };
15 |
16 | const randomNumber = (scale: number) => Math.ceil(Math.random() * scale);
17 |
18 | interface BoxState {
19 | top: number;
20 | left: number;
21 | scale: number;
22 | rotation: number;
23 | borderRadius: string;
24 | background: string;
25 | clipped: boolean;
26 | }
27 |
28 | function generateNewState(oldState: PartialThis is a list of random experiments I've built on this website. There's not a lot here
7 | 8 |-
9 |
-
10 | Morphing Shapes
11 |
12 | Animating and shifting divs using just css transitions and JS to initiate them 13 |
14 |
15 |
16 | -
17 | Monzo Dashboard
18 |
19 | Using the Monzo API to display personal account details. Unfortunately, the Monzo API 20 | requires me to manually add users, so if you want access, contact me. 21 |
22 |
23 |
24 | -
25 | Rekordbox History Parser
26 |
27 | Rekordbox exports history in a format not so useful for copy pasting. This is a tiny 28 | tool to fix that 29 |
30 |
31 |
61 |