1. 1

    I prefer this pb :)

    1. 1

      woah this is super cool!

      1. 5

        We happen to be using a fork of it here on the tildeverse: https://ttm.sh

        1. 2

          Oh! Didn’t know that, even though I could have sworn that I read the list of services on tildeverse.org numerous times. My bad. Thanks for pointing this out.

          1. 1

            I was just about to comment that

          1. 1

            wow i agree with all of these things. the pip and 2 vs 3 thing is a huge PITA for someone like me who doesn’t write all that much in python

            1. 3
              1. 1

                what an insidious dark pattern that most apps have fallen into…

                1. 2

                  there’s already discussion in #adventofcode

                  1. 3

                    heh i’m seeing this posted everywhere!

                    even the work chat!

                    1. 2

                      You mean to tell me you don’t feel nostalgia over this and don’t want to share it everyone?

                      1. 2

                        heh that’s not quite what I said, but fair point!

                    1. 2

                      Egyptian brackets all the way

                      1. 2

                        btw, i fixed the link from /ubergeek to /.tilde

                        1. 1

                          I don’t see any buttons on the web interface that would let me fork the repo or edit the wiki. Help?!

                          1. 1

                            oh shoot it’s cause it’s an empty repo.

                          1. 2

                            logger.irc.level 3 is the biggest one for me. super handy!

                            1. 2

                              This looks very interesting.

                              De Vault explicitly name operating systems as target and I have had a lot of annoyance with travis-ci.

                              I will give a try through the free alpha, but the service seems worth of 20 $ a year.

                              1. 2

                                I really appreciate that it’s all open source and self-hostable as well.

                                I dropped the $20 just to support further development on it.

                                1. 1

                                  Yes… and no JavaScript!

                                  It really looks like a service designed for hackers.

                                  1. 1

                                    any ideas on how to submit a form with ctrl+enter without using javascript?

                                    task on sr.ht

                              1. 2

                                I’ve got an account on tildes.net if you would like an invite (which i got from cmccabe originally).

                                I’ve been too busy here (meaning the tildeverse) to even drop by there, but it’s another nice community.

                                1. 1

                                  I’m not playing any at the moment, but I’ve been following the development of tildemush pretty closely.

                                  1. 2
                                    1. 2

                                      Now that’s a lot of cores!

                                      1. 2

                                        I like it but I have no idea about any of the legal repercussions (as I mentioned earlier on irc)

                                        1. 2

                                          Yet another reason that js is Bad.

                                          Javascript is a security hole by design.

                                          I suppose the issue here is that it’s not a problem that affects just firefox.

                                          1. 1

                                            AFAIK it affects all browsers from WHATWG’s members, but in slightly different ways, depending on implementation details.

                                            Firefox was just the one I thought was more interested in protecting users. But I was wrong, they prefer to build safety ports that everyone can admire without giving a shit about the missing walls in their house.

                                            Anyway, I know JS pretty well as my daily job is mostly developing web applications with it (and looking for workarounds to weird bugs in JS frameworks).

                                            JavaScript sucks in many ways.
                                            WebAssembly can make it even worse.

                                            But this are browser problems: had they used Rust instead of JS it would have been exactly the same.

                                          1. 2

                                            So the gist of it is that you brought a flaw in the design of the internet up as a bug on a browser that implements the flawed design? That’s what I read from this.

                                            1. 1

                                              Well, to be precise these bugs are in the design of a Web protocol (HTTP) and a Web standard (JavaScript).
                                              The Internet (which is way more than the Web) is fine.

                                              Anyway yes, I opened a bug report to Firefox as suggested by a Mozilla developers.

                                              Mozilla (like Google, Microsoft and Apple) is a founding member of WHATWG, they write these Living Standards, so they are responsible for those bugs.

                                              Also, be it standard or not, if the users of your application can have their firewalls bypassed through it, its your fault.

                                              And it’s your responsibility to inform the users of the risks you are exposing them to.

                                              Stating that it’s a problem in the standards (that you wrote), without informing them is not what I expected from Mozilla.
                                              This is particularly weird becauae the fixes are technically easy to implement for a browser vendor and AFAIK there is no line in the WHATWG standard imposing Javascript to be opt-out instead of opt-in.
                                              So to be even more precise only the HTTP cache control usagw I described is a problem in the standards: the JS issue is more a hole in the standard.

                                              Indeed that’s why I started informing Mozilla of the attacks in the first place. To fix the Living Standards that follow the implementations you need to fix an implementation first.