7 posts about #best-practices

An assistant message with 'tool_calls' must be followed by tool messages responding to each 'tool_call_id'

If you're working with APIs like the OpenAI one and you're passing tools to your bots, make sure the results of a tool call are always right next to the tool call message! Otherwise the API will return a 400 response. Heads up! This a recent change in their API (they use to have functions but is now deprecated) and the mandatory order is not mentioned in the official docs!

// It always needs to be like this
[
  { 
    "role": "user", 
    "content": "Tell me the current time", 
    "tools": [{ "name": "current_time", "description": "Gives you the current time" }]
  },
  {
    "role": "assistant",
    "content": "",
    "tool_calls": [{
      "type": "function",
      "id": "d8cdd56d-98e1-4dea-ae3a-2b23",
      "function": { "name": "current_time", "arguments": "{}" }
    }]
  },
  {
    "role": "assistant",
    "content": "Current time is 10:22 AM",
    "tool_call_id": "d8cdd56d-98e1-4dea-ae3a-2b23"
  },
  {
    "role": "system",
    "content": "Just a message after the tool result"
  },
]

Never do this!

[
  { 
    "role": "user", 
    "content": "Tell me the current time", 
    "functions": [{ "name": "current_time", "description": "Gives you the current time" }]
  },
  {
    "role": "assistant",
    "content": "",
    "tool_calls": [{ /* omitted */ }]
  },
  {
    "role": "system",
    "content": "Just a message between the tool call and the tool result"
  },
  {
    "role": "assistant",
    "content": "Current time is 10:22 AM",
    "tool_call_id": "d8cdd56d-98e1-4dea-ae3a-2b23"
  }
]

Use .slugignore to remove files before building on Heroku!

Heroku supports a .slugignore file that works similarly to a .gitignore. Heroku will remove any file referenced in it after checkout and before building a new slug.

https://devcenter.heroku.com/articles/slug-compiler#ignoring-files-with-slugignore

The data from my personal TIL site is now migrated. Here's how I handled URL redirects in Cloudflare

To set up a subdomain redirect with Cloudflare while preserving the request path and parameters, you can use Page Rules.

In the Cloudflare dashboard for your domain, click on the Page Rules link in the Rules section of the main navigation menu on the left of the page.

Click on the Create Page Rule button to start configuring the redirect.

In the If the URL matches field, enter the pattern for the URLs you want to redirect, using a wildcard (*) to capture the path and query string. In this cae, the pattern is:

til.obiefernandez.com/*

Now click on Add a Setting and select Forwarding URL from the dropdown menu.

Select 301 - Permanent Redirect from the Status Code dropdown.

In the Enter destination URL field, enter the URL where you want to redirect your requests to, using the $1 placeholder to preserve the query string.

For example: https://til.magmalabs.io/$2

Click on Save and Deploy to create the Page Rule and enable the redirect.

Upgrade your SSH keys from RSA to ED25519

ssh-rsa is the most common public/private key type, but is widely considered insecure with key lengths lower than 2048 bits. If you created your SSH key using ssh-keygen with default options a while ago, chances are you're using an unsafe key. Furthermore, support for RSA host keys (keys that identify the server you're trying to connect to) is disabled by default since OpenSSH 8.8 and they may consider disabling the algorithm altogether in the future.

But don't worry! Just create a new key for yourself using the most recommended key type available today: ED25519.

ssh-keygen -t ED25519 -a 100 -C "myemail@email.com"

Just make sure you got OpenSSH 6.5 or greater on both ends. Don't forget to install your new key and remove the old one!

What is humans.txt?

I never heard of this until today.

What is humans.txt?

It's an initiative for knowing the people behind a website. It's a TXT file that contains information about the different people who have contributed to building the website.

Examples:

Further reading

THE MEANING AND POWER OF WORDS (ONLINE)

If the interpretation of messages in an oral face-to-face conversation is too subjective —even with clear tones of voice and body language— imagine when communicating through a screen! We have to be assertive AF!   I believe that to be assertive through texts messages we need to consider WRITING RULES such as spelling (correct use of punctuation marks, accents, and capital letters), syntax (the way in which words and the groups they form are combined to express meanings, as well as the relationships established between all these units), and semantics (the meaning and changes in the meaning of words and expressions).   To the point> Semantically speaking, it is important to consider that there are two divisions in this area: denotation and connotation.   The denotation: This is the original or formally accepted expression of the word, this is the word that is formally found in encyclopedic dictionaries and is universally accepted.   Connotation: Connotation is the alternate or secondary form in which a word is used, such as is the case with the word donkey, which in denotative form implies the equine type animal, and in the connotative form the dumb man or person.   Get it? So, we have to be super conscious of the meaning and power of the words we choose when having written conversations. Is like: the connotation of the words OCUPO and NECESITO could be similar, but the correct thing to say, because of the denotation of the words, is NECESITO QUE ME AYUDES ME ACORREGIR ESTE CODIGO.   It is better that way so we don't misunderstand things. And if so, nothing better than talking to eliminate misunderstandings, right? Talking-communicating is the best way to understand each other, the best way to organize ourselves.   It is good to be sincere and direct. But, we must try to be assertive. And, in my opinion, there is a fine line between being assertive, sincere, or direct > and rude. To be assertive the message must get through to the receiver correctly, otherwise, it's not.

momazo

Make your docker images safer!

Use docker scan <your image> to detect vulnerabilities easily! (JUst patch them after!)