Hacker News new | ask | show | jobs
Show HN: SharePad.io – A collaborative code editor and compiler (sharepad.io)
60 points by yufw 1992 days ago
8 comments
yufw 1992 days ago
Happy New Year!

This is my first web dev side project and it's in early stage. As an interviewer in the tech industry, I often find myself cannot spot that subtle bug in candidates' code during phone screening, so I build this website which lets me do collaborative editing and also run the code. You may find it useful too.

Please help try it out and provide some feedback. No registration is required (because I have yet to implement the user system).

link
thenanyu 1992 days ago
An engineer on my team years ago felt the same as you and built his own solution for us to use during interview, eventually spinning it into a very successful business. Check out coderpad.io if you wanna get some inspiration. They took a similar technical approach as you described, at least for the first versions.
link
yufw 1992 days ago
Thanks, this is really inspiring!
link
petters 1992 days ago
Cool! What is the difference to e.g. repl.it?

Does it run Python locally in the browser or in the cloud?

link
yufw 1992 days ago
It certainly has less feature than repl.it, for example, it does not have interactive repl. It runs in the cloud, in docker containers.
link
aol1306 1992 days ago
Do you have any abuse prevention mechanisms implemented? For instance, preventing users from running infinite loops, consuming too much resources and so on?

I built a similar service as a personal project and I am interested how to properly handle situations like that.

link
yufw 1992 days ago
Yes, currently the execution time is limited to 10s and 10s compilation time for compiled languages. Memory limit is 256M. It runs user code in docker container, I leverage docker for restricting resources, more info at https://docs.docker.com/config/containers/resource_constrain...
link
FrozenVoid 1992 days ago
repl.it requires registration.
link
swimminginlove 1992 days ago
Interesting project!

Any plans to make it open source?

link
petterrasmussen 1992 days ago
I just posted a Show HN for docker-run[1]. It can be used to implement the code running part for a project like this.

[1] https://news.ycombinator.com/item?id=25602894

link
yufw 1992 days ago
No, I don't have plans to open source it currently. I am not sure where open source will take this project to and the source code is a bit messy. I may write about how I built it in the future.
link
maxmcd 1992 days ago
The service can call itself, forever

    import urllib.request
    import json
    import threading

    def do_request():
        data = {"lang":"python", "code": open(__file__).read(), "stdin": ""}
        req = urllib.request.Request(
            "https://www.sharepad.io/run", 
            data=json.dumps(data).encode('utf-8'), 
            headers={
                'Content-Type': 'application/json'
            }
        )

        f = urllib.request.urlopen(req)
        print(f.read().decode('utf-8'))
    x = threading.Thread(target=do_request)
    x.start()
    do_request()
    x.join()
link
yufw 1992 days ago
Oh, I was not aware of this, definitely need to fix this, thanks!
link
yufw 1991 days ago
I disabled access to the VM's public IP from the host. I may eventually need to completely disable the network stack for the containers in the future.
link
dailypeeker 1992 days ago
Does something like this cost a lot? Do you know how much it costs for, say , 10000 executions in each language?
link
yufw 1992 days ago
The cost really depends on the scale. I started out to build and use it as an interview tool and language playground for myself, and I only have a single pretty standard cloud VM.
link
alex-wallish 1992 days ago
How are you handling timeouts and forks? The following to snippets have different results:

#include <stdio.h> int main() { while(1){ fork(); } return 1; }

#include <stdio.h> int main() { while(1){ } return 1; }

The second snippet times out properly, but the first does not.

link
yufw 1992 days ago
I have running time limit on the containers.

The first snippet is a fork bomb and will cause the container to run out of memory before the timeout. It does terminate since I have set a 256M memory limit. However, it is not sending the correct response in this case and the message in the output tab is not updated properly.

Fork works just fine, https://sharepad.io/p/aBn5Oxu

link
alex-wallish 1991 days ago
Nice, i was wandering why the fork bomb didn't give a time out message, but that makes sense.

Are you using websockets to broadcast realtime updates to the clients, as one types, or do you have some other way to achieve that?

link
nulptr 1992 days ago
Some starter code for each language that prints hello world would be nice. ALso, you can look to coderpad.io for other features to add for fun.
link
yufw 1992 days ago
Yes, thanks for the feedback!

I am aware of coderpad.io, I think it is used mainly for remote interview targeting the enterprise market, not sure, will check it out further.

link
alex-wallish 1992 days ago
Pretty cool side project. Are you using Judge0 for code execution?
link
yufw 1992 days ago
No, the code is executed in docker containers hosted on Azure VM.
link
mdaniel 1992 days ago
Apologies for doing this "in public," but the About page has no contact info, nor does your HN profile

You will want to /dev/null the IMDS (https://docs.microsoft.com/en-us/azure/virtual-machines/linu... ); your setup didn't appear immediately exploitable, but I am also not an experienced Azure escape artist: https://sharepad.io/p/whno49w

link
yufw 1992 days ago
Thanks for the security reminder, I have blocked IMDS access, need to learn more about security. I'll also set up email so that I can put in the about page.
link
dmlerner 1992 days ago
I'd love if it also showed the output collaboratively
link
yufw 1992 days ago
Thanks, this is great feedback, will add this feature.
link
smallhands 1992 days ago
this is a very neat tools thanks
link
yufw 1992 days ago
I'm glad you like it.
link