Simon Willison’s Weblog

Subscribe

April 2023

109 posts: 17 entries, 45 links, 19 quotes, 28 beats

April 24, 2023

Rye. Armin Ronacher's take on a Python packaging tool. There are a lot of interesting ideas in this one - it's written in Rust, configured using pyproject.toml and has some very strong opinions, including completely hiding pip from view and insisting you use rye add package instead. Notably, it doesn't use the system Python at all: instead, it downloads a pre-compiled standalone Python from Gregory Szorc's python-build-standalone project - the same approach I used for the Datasette Desktop Electron app.

Armin warns that this is just an exploration, with no guarantees of future maintenance - and even has an issue open titled Should Rye exist?

# 4:02 am / armin-ronacher, packaging, pypi, python, rust, rye

April 25, 2023

The Dual LLM pattern for building AI assistants that can resist prompt injection

I really want an AI assistant: a Large Language Model powered chatbot that can answer questions and perform actions for me based on access to my private data and tools.

[... 2,632 words]

April 26, 2023

The Consumer Financial Protection Bureau (CFPB) supervises, sets rules for, and enforces numerous federal consumer financial laws and guards consumers in the financial marketplace from unfair, deceptive, or abusive acts or practices and from discrimination [...] the fact that the technology used to make a credit decision is too complex, opaque, or new is not a defense for violating these laws.

The Consumer Financial Protection Bureau, PDF

# 12:36 am / ai, ethics, ai-ethics

How prompt injection attacks hijack today’s top-end AI – and it’s really tough to fix. Thomas Claburn interviewed me about prompt injection for the Register. Lots of direct quotes from our phone call in here—we went pretty deep into why it’s such a difficult problem to address.

# 6:04 pm / interviews, security, ai, prompt-engineering, prompt-injection, generative-ai, llms

urllib3 v2.0.0 is now generally available. urllib3 is 12 years old now, and is a common low-level dependency for packages like requests and httpx. The biggest new feature in v2 is a higher-level API: resp = urllib3.request(“GET”, “https://example.com”)—a very welcome addition to the library.

# 10 pm / http, python

April 27, 2023

Release shot-scraper 1.2 — A command-line utility for taking automated screenshots of websites
TIL A few notes on Rye — [Rye](https://github.com/mitsuhiko/rye) is Armin Ronacher's new experimental Python packaging tool. I decided to take it for a test-run.
Release datasette 0.64.3 — An open source multi-tool for exploring and publishing data

GPT-3 token encoder and decoder. I built an Observable notebook with an interface to encode, decode and search through GPT-3 tokens, building on top of a notebook by EJ Fox and Ian Johnson.

# 11:48 pm / projects, ai, observable, gpt-3, openai, llms

April 28, 2023

Trainbot (via) “Trainbot watches a piece of train track, detects passing trains, and stitches together images of them”—check out the site itself too, which shows beautifully stitched panoramas of trains that have recently passed near Jo M’s apartment. Found via the best Hacker News thread I’ve seen in years, “Ask HN: Most interesting tech you built for just yourself?”.

# 2:24 pm / computer-vision, go, hacks, raspberry-pi

TIL The location of the pip cache directory — `pip` uses a cache to avoid downloading packages again:

IF by DeepFloyd Lab (via) New image generation AI model, financially backed by StabilityAI but based on the Google Imagen paper. Claims to be much better at following complex prompts, including being able to generate text! I tried the Colab notebook with “a photograph of raccoon in the woods holding a sign that says ’I will eat your trash’” and it didn’t quite get the text right, see via link for the result.

# 7:34 pm / ai, stable-diffusion, generative-ai

TIL Deno KV — *Initial article: April 28th 2023 - see below for an update*

April 29, 2023

Release openai-to-sqlite 0.3 — Save OpenAI API results to a SQLite database

MLC LLM (via) From MLC, the team that gave us Web LLM and Web Stable Diffusion. “MLC LLM is a universal solution that allows any language model to be deployed natively on a diverse set of hardware backends and native applications”. I installed their iPhone demo from TestFlight this morning and it does indeed provide an offline LLM that runs on my phone. It’s reasonably capable—the underlying model for the app is vicuna-v1-7b, a LLaMA derivative.

# 5:43 pm / iphone, ai, generative-ai, llama, local-llms, llms, mlc

Enriching data with GPT3.5 and SQLite SQL functions

Visit Enriching data with GPT3.5 and SQLite SQL functions

I shipped openai-to-sqlite 0.3 yesterday with a fun new feature: you can now use the command-line tool to enrich data in a SQLite database by running values through an OpenAI model and saving the results, all in a single SQL query.

[... 1,219 words]

MRSK. A new open source web application deployment tool from 37signals, developed to help migrate their Hey webmail app out of the cloud and onto their own managed hardware. The key feature is one that I care about deeply: it enables zero-downtime deploys by running all traffic through a Traefik reverse proxy in a way that allows requests to be paused while a new deployment is going out—so end users get a few seconds delay on their HTTP requests before being served by the replaced application.

# 11:54 pm / 37-signals, deployment, ops, zero-downtime, traefik

April 30, 2023

TIL Social media cards generated with shot-scraper — My [TIL website](https://til.simonwillison.net/) has social media card images to make links shared from it look slightly more interesting when shared on sites like Mastodon and Twitter.
Release s3-credentials 0.15 — A tool for creating credentials for accessing S3 buckets