Mon, May 9, 2022Automating Minecraft on Replit
Replcraft is a library that allows you to automate parts of your base on a Minecraft server using code, directly from a repl. Replcraft allows you to get and place blocks, check for entities, move and craft items, read redstone, and more. This tutorial will cover a number of small projects you can build using Replcraft. If you'd be interested in joining an official Replit community Minecraft server, seeing more Minecraft-related content in the future, or you just want to leave general feedback, you can do so by commenting on this repl. Getting started Before you begin, you'll need a Replit account and a Minecraft account. To get started, fork the Replcraft template and join a Minecraft server running the Replcraft plugin. Next, create a special structure made up of a frame of iron blocks:
Wed, May 4, 2022Announcing Replit Ventures 2022
Apply to RV1 here Today, we are excited to announce Replit Ventures 2022 (aka RV1), and this year, we have huge news for our community: we are 10x’ing the program! Last year, we piloted the first Replit Ventures, and the results were enormous: 400+ applications in one week 6 teams selected $2,000 in Bitcoin or USD per selected team
Fri, Apr 22, 2022Winning projects of MadeWithReplit
Whats #MadeWithReplit? MadeWithReplit was our first ever ReplCon hackathon! Participants had the chance to win amazing cash prizes, share their work with the world, and hone their coding skills. We wanted this hackathon to celebrate and inspire our community members. As such, the prizes were $10k total, but making friends along the way and the pride of sharing inspired projects were priceless bonuses as well. Even more, there was no theme, so replers could code with unbounded creativity! Read on to check out our winning submissions! Honorable mentions Most Replity: ReplCraft
Mon, Apr 18, 2022How Do You Do, Fellow Teachers?
Hi everyone! I'm David Morgan (@LessonHacker), I'm stepping into the Teacher + Customer Success role and am ridiculously excited to be working at Replit and being part of this amazing community. I have been working as a secondary school Computer Science teacher in the UK for the best part of two decades, and am passionate about making CompSci education frictionless and accessible for all. I'm sure I had more hair on my noggin when I started teaching though… but, rather than blather on about myself, I thought that, by way of introduction and to show off my teacher-cred, I'd start off by showing you my favourite thing about Replit for teaching programming. Collaborate for the Win I don't think there's enough love given to the way that Replit multiplayer also allows collabotative communication between many users. As a teacher I find this sort of thing invaluable, and it's one of the big differentiators that makes Replit more powerful than any other IDE because you can collaborate on code exactly the same way you'd work on something like a Google Doc. Multiplayer is the superpower of Repls, and Teams for Edu turns multiplayer on by default.
Sun, Apr 17, 2022Your New Replit Profile
You may have noticed that the "My Repls" and "profile" pages look different. We decided to combine these surfaces into one unified page. The new profiles are fresh, more social, and more customizable than ever before. Go take a second and customize your profile! Add links, a banner, and pin your favorite Repl. What changed? We combined the My Repls and profile pages Live presence
- Sun, Apr 17, 2022
QLTY SZN 1
A commitment to quality One of our competitive advantages is making bets on technologies before the rest of the market catches on. One such bet we've made is on CodeMirror. We switched our editor from a proven but stagnant technology, Monaco, and towards CodeMirror. We know we made the right decision because: We can now make changes, most importantly bug fixes, much more quickly. The new search panel we were able to build is much better than the version that shipped with Monaco. The new editor's improved performance is already showing up in better user onboarding success. CodeMirror's extensibility will enable us to ship one of the most most long-awaited features: Themes!
Wed, Mar 30, 2022We Built a Search Engine
For the past few months, we have been building a Replit-native search engine. It is remarkably powerful, and we are really excited for you all to try it out. We believe that you should be able to find anything on Replit in less than 30 seconds. This might sound simple, but when you have 100 million+ Repls, it becomes complicated. :) When you search for something on Replit today, you'll see a page with relevant results from the following categories: Repls Templates Code (yes, code)
Mon, Mar 28, 2022Build a Speech-to-Text App with AssemblyAI on Replit
Transcription, or speech-to-text (STT), is a very helpful feature for various use cases, from AI assistants to video captioning. You can use it to create immersive virtual experiences and accessible interfaces unlike ever before. It’s no wonder STT-driven apps and services are in high demand. In this article, you’ll learn how to implement STT functionality in your own app with ease using AssemblyAI. Its API provides simple access to advanced AI models that can transcribe your audio or video files and even real-time streams. You’ll use AssemblyAI together with React, Next.js, and Replit to build a simple app for transcribing uploaded files. You can follow along with the repl here. What Is AssemblyAI Before diving in, take a moment to get to know AssemblyAI and its vast feature set. On top of both real-time and async transcription, AssemblyAI API provides many features related to general audio intelligence:
Fri, Mar 25, 2022Build Your Own Livestreaming Service with api.video
With the recent shift in the popularity of remote work environments, the demand for livestreaming services has increased. Even prior to the shift, many global companies have used livestreaming services for their organization’s all-hands meetings. api.video provides APIs and SDKs that make it easier to build your own livestreaming service and host it on your website. Additionally, they also provide solutions for uploading videos, encoding videos, video delivery, and video analytics. Here are some of the specific features of api.video: You can securely upload and store videos from your own user interface to api.video. The video can then be shared worldwide via their responsive video player. They also support progressive uploads that let you simultaneously upload large videos. You can customize your video player by choosing a video player theme, adding your own thumbnail image, and adding your own logo. You can create your own livestreaming service, which can either be done by using their API/SDK or by using their User Interface (i.e., you won’t have to code). You can access stats and analytics about your videos to learn more about your users and their engagement. Some of the use cases for api.video include:
Tue, Mar 22, 2022Making a Real-Time Chat App with Supabase on Replit
Firebase is arguably the most popular backend as a service (BaaS) offering. It’s created by Google and comes with almost everything you’d need to create a great app, including a database, file storage, user authentication, and real-time communication. However, it’s closed source, meaning all your and your users’ data is under Google’s control. That’s where Supabase can help. Supabase is an open source Firebase alternative that aims to provide a similar set of functionalities and development experience, without controlling your data. In this article, you’ll learn how to use Supabase together with Replit, a cloud-based IDE, to create a real-time chat app. You’ll see how powerful and versatile both Supabase and Replit are and how you can use them to create an amazing app in no time. You can follow along with the tutorial using this repl. How the Chat App Works Before diving into the code, let’s talk about the stack and how the chat works.
Mon, Mar 21, 2022Operating Principles
Mission first Computers are the most powerful tools to exist in the history of humanity. Sadly most people are mere consumers of these machines. Only a relative few–the professional software developer–can use this superpower to its fullest extent. It’s creating an unbalanced world where there are programmers, and then there are those who are programmed. The situation is analogous to literacy before the printing press, where only the powerful had access to books and written communication. The invention of the printing press led to democratic, scientific, and industrial revolutions, but it took about a century from creation to revolution, which meant that an entire generation of people had to grow up with new skills, outlooks, and ways of learning and communicating. Replit exists to enable the next billion software creators. Our bet is that if more people can it’s easier to create software more people would want to do it. If more people code, more people will be able to independently create and generate wealth on the internet, regardless of their background. If we’re successful, anyone who's willing to learn and generate good ideas will be wealthy. Advancing our mission is not only a business imperative—it’s also a moral one. Anything that distracts us from our mission will be ruthlessly cut. Think radical When we first put coding in the browser, people said it was stupid, and that nobody wanted what we were building. When we made coding multiplayer, they said no one would want to work this way. When we said we said learning and building is one and the same, no one wanted to fund us; they said we’re not focused enough. Every step of the way, we’ve questioned norms, we’ve taken contrarian technology bets that paid off years in the future, and we’ve hired people no one wanted to hire who are now industry leaders. We’re going to keep doing it especially when people tell us it sounds crazy.
Wed, Mar 16, 2022Reasons Not to Join Replit
We want the people at Replit to really love working here (we do!). To help you make an informed decision about whether that would be the case for you, we challenged ourselves to come up with a list of reasons someone wouldn’t want to join our team. We hope it’ll help you learn more about the way we work together and whether that’s the way you’d be excited to work, too. 1. You don’t think the internet should be an open platform Replit’s mission is to bring the next billion software creators online. To realize that mission, we need to be a place where all kinds of people, with all kinds of backgrounds, experiences, ideologies, and values are warmly welcomed.
Wed, Mar 16, 2022Escaping Dirty Pipe (a.k.a. CVE-2022-0847), mostly unscathed
You may have heard that there was a very critical Linux kernel vulnerability making the rounds. As with all important enough vulnerabilities, this one has a catchy name: Dirty Pipe (no logo, though). This blogpost attempts to explain how that vulnerability impacted Replit. The good news is that as far as we know, there weren't any successful exploitations of it! That article linked above has the full explanation and is definitely worth the read because it narrates the journey from discovery to fix. In case you're in a hurry, the short description of that vulnerability is that it allowed any user to temporarily overwrite any file in the filesystem, without requiring any write permissions to do so. Temporarily because it didn't actually change the file, just the in-memory page cache, so if the kernel was under any sort of memory pressure, those changes would go away. There were a few more restrictions (mostly about the position, alignment, and length of the write), but other than that this allowed the attacker to make all sorts of very scary modifications to the system. Notably, the proof-of-concept code allowed any user to open a root shell by overwriting a setuid binary that had privileges to "become" root by the mere act of invoking it. The moment our "security advocate" (in reality it's just one of our platform engineers in a funny disguise until we hire a full-time security engineer) realized that this was such a serious bug, we immediately tried the proof-of-concept code. And we were delighted that it didn't work! We very recently enabled the no new privs bit that negated the effects of the setuid bit, so the user was greeted with a normal shell instead of a root shell. This meant that the scariest part of this exploit (escalation of privileges) was not possible in our system. Furthermore, the container has a very limited set of capabilities, which meant that even if the root shell would have indeed been possible, the attacker would not have been able to make most changes to the system. Hooray for defense in depth! Our initial happiness quickly dissipated, though. Even if the proof-of-concept didn't quite work all the way, it still had an effect: the files were still rewritten. So what's the worse that an attacker could do with that newly found power? Since we use Linux containers (through Docker), that means that the files in the root filesystem are shared in read-only fashion among all the containers in a system. So what if we tried to overwrite an important binary that everybody used (say, /bin/sh)? Turns out that the page cache is shared among containers too, so the modifications were visible to all repls in that one machine! This means that if a malicious user wanted, they could have been able to surreptitiously make changes to the shell, which means that they could make any modifications to any repl that happened to be running in that same machine. Exfiltration of secrets, modification of files, anything. So we needed to patch this ASAP. Fortunately the kernel already had a patch available, so all we needed to do was to make a deployment and wait a bit. We got very lucky here, because this could be a very long battle to get mitigations in place, but the disclosure of this was well-coordinated. We were very happy that this moment was mostly anti-climactic. By the way, if you tried to open any C# repl between 2022-03-09 and 2022-03-11, you might have seen a warning about a kernel bug preventing those repls from running. It turns out that it's a different, unrelated issue. Two different kernel bugs in the same week? What are the odds!? But that's a story for another day.
Wed, Mar 9, 2022Betting on CodeMirror
At Replit, our mission is to bring the next billion software creators online. In order to achieve that ambitious goal, we need to make sure that the experience of writing, running, and sharing code is as seamless as possible. At the heart of that experience is the editor itself. As a result, we dedicate a huge amount of time and energy to improving the stability, performance, and accessibility of our editor. Monaco For years, we had been relying on Monaco to power that experience. Monaco is the open source editor behind VS Code, written and maintained by Microsoft. At the time, the decision to adopt Monaco was an easy one. It was packed full of useful features that helped users navigate and write code quicker, had built in support for a large number of popular languages, and looked familiar to those coming from VS Code and other popular IDEs. These reasons, along with its growing open source community, quickly made Monaco the de-facto way to write code on the web.
- Tue, Mar 8, 2022
Hack Week 2022 Recap
Hey, everyone! I’m sure you all heard about the infamous, annual Replit Hack Week, but what exactly is it? Every year, we come together as a team to brainstorm, hack, and push the limits of our platform to set the tone for the year. During the first Hack Week last year, our team integrated Nix into Replit which transformed how we do infrastructure, packages, and languages. Nix also allows users to configure Replit to suit their needs. In line with our purpose for Hack Week ‘22, the theme for the year is “Community and Extensibility”.