Mathieu Pasquet: slixmpp v1.11
This new version includes a few new XEP plugins as well as fixes, notably
for some leftover issues in our rust JID code, as well as one for a bug that
caused issues in Home Assistant.

Thanks to everyone who contributed with code, issues, suggestions, and reviews!

Nicoco put in a lot of work in order to get all possible wheels built in CI. We now have manylinux and musl builds of everything doable within codeberg,
published to the codeberg pypi repo, and published on pypi. … ⌘ Read more

I finally have my new (top-secret) twtxt client in a working state. Next comes the deployment, which I hope to finish tonight. Release date: TBD. Stay tuned!

“But all your stuff is MIT licensed! They are allowed to do that!”

Haha. As if they would care. They crawl everything they get their hands on.

Besides, that’s not true, the license states that the copyright notice must be retained. “AI” breaks that. They incorporate my code and my articles in their product and make it appear as if it was their work.

@thecanine@twtxt.net We don’t use Microsoft at work – but similar products of other big companies. They’re all doing the same. The core product gets worse and worse, because they focus so much on vomiting “AI” over everything.

It will die down eventually. I hope.

We use all the Microsoft programs at work - Teams and Outlook especially.

After all kinds of technical problems with Teams, that sometimes go unresolved for over a year, Microsoft shifted their priorities away from fixing things and towards adding an annoying AI Copilot button, that just takes up space and all it does, is loads the website in Teams, so I disabled it. Soon they just add it back, but in a different row of icons, therefore it’s now a different button, you have to disable (I think they added yet another one, to the Teams, on my work phone and I had to disabled that too). Not too long after, the desktop one just enabled itself, because of “an error” and I can disable it, but doing so activates a popup, that begs you to turn it back on, every once in a while. You can’t disable the popup and can only click “Yes” or “Not now” on it. I still keep it disabled, out of principle, but yesterday I noticed yet another Copilot button, this time in the top right corner of my Outlook and this one cannot be disabled, on the business version of Outlook and even on the personal one, it’s only possible to do it through hidden privacy settings, by prohibiting the program from connecting to Microsoft servers, for extra “features”.

There’s people complaining about it online, so it’s clear nobody really wants it, but at this point Microsofts position is that you will have at least one useless AI button on your screen, at any given time, and you will be happy. And yes, their AI sucks and if I absolutely have to use AI for something, there’s already 2 better options, we have access to, at work.

https://smolweb.org/validator/ I have some work to do :P

** To the surprise of literally no one, I’m working on implementing a programming language all my own **
Inspired by conversation at a recent Future of Coding event, I decided I’d write up a little something about the programming language I’ve been working on (for what feels like forever) before I’ve gotten it to a totally shareable state. I have a working interpreter that I’m pretty pleased with, but I don’t yet have an interact … ⌘ Read more

@movq@www.uninformativ.de @prologic@twtxt.net this is extremely concerning and I hope there is enough push back to stop this! The ability to modify apps, is one of the two biggest reasons, I’m still using Android. If they remove that option, I’ll be forced to switch to one of the de-Googled forks.

That might not be a good solution either, because I need banking and identity verification apps on my main device and already had to get a second device for work, which has tighter sideloading restrictions and I would very much not like to be forced into using three Android phones simultaneously, to do what should be possible, with just one.

@prologic@twtxt.net It’s quite similar to how escape sequences work in a terminal. ASCII text is printed as ASCII text and then an escape sequence can make it bold or underline and so on. Other escape sequences allow you to say “the following $n bytes are part of a bitmap image”, and then this gets printed at whatever the current position is (somewhat similar to SIXEL in a terminal).

It’s just that the units are a bit weird, because this is all done in bloody inch. 😅

This is why I love tech from that era.

Write bytes to a parallel port and stuff happens. If it’s just ASCII bytes, then it will print ASCII text. Even the simplest programs can use a printer this way.

With a little bit of ESC/P, you can print images and other fancy stuff. That’s what I did this morning – never worked with ESC/P before, now I can print images. It’s not that hard.

Hayes-compatible modems are similar: Write some AT commands to the serial port and the modem does things. This isn’t even arcane knowledge, it’s explained in the printed manual.

Maybe I’m wearing rose-tinted glasses here, but I think with all this old stuff, you get useful results very quickly and the manuals are usually actually helpful. It’s so much easier to get started and to use this hardware to the full extent. Much less complexity than what we have today, not a ton of libraries and dependencies and SDKs and cloud services and what not.

https://movq.de/v/4bd16cb3c7/tux1.jpg

https://movq.de/v/4bd16cb3c7/tux2.jpg

@lyse@lyse.isobeef.org ooooh! I wish I had that mallet here at work today. So many uses come to mind! 😂

@movq@www.uninformativ.de Oh yeah, once in the quarter to the office is absolutely amazing and luxurious. Thank you teammates and employer! Though, I would already have been on site when these things happened earlier.

Today is my last day of holiday. Back to work again tomorrow. Not looking forward, vacation is just great. So easy to get used to.

We did an experiment at work today: Do I even need to lock my laptop when I’m gone or is nobody able to use it anyway?

It went as expected. 🤣

@kat@yarn.girlonthemoon.xyz yeah it’s pretty terrible these days. Most recent trouble I had was something as simple as installing and setting up the Tailscale client. On literally all my other devices (Linux and Android) that was a cinch, but on Windows…. ohh boy, I had to mess around with reg edits and all sorts of crap and eventually bludgeoned it into working, but it was a bloody pain.

** Make awk rawk **
A friend online recently replied to something I wrote about awk by saying:

[…] it’s a danged shame [awk] didn’t continue to evolve the way Ruby, Python, PHP have evolved over the decades.

I had exactly this thought while working on my slightly unhinged“lets see if I can implement a basic scheme using awk by writing an assembler and VM in awk,” skwak. Which eventually lead me to start noodling on how to layer in some modern niceties into awk, without breaking awk’s portability.
… ⌘ Read more

The XMPP Standards Foundation: The XMPP Newsletter July 2025

Image

XMPP Newsletter Banner

Welcome to the XMPP Newsletter, great to have you here again!
This issue covers the month of July 2025.

Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, please consider saying thanks or helping these project … ⌘ Read more

@prologic@twtxt.net haha yeah for the youtube rules i just copied the first JSON block in your screenshot (i typed it out) and it miraculously worked! yayyy

@kat@yarn.girlonthemoon.xyz Oh sweet! I was gonna say, setting up those rules is a bit “complicated” 🤣 But I’m glad you worked it out! 👌

psst i’ll be at my local event for HTML day!!! i’m very excited but very nervous, i don’t even know what i’ll be working on! but i’ll figure it out…

i wanna work on my fanlisting PHP app but i feel so blocked on it

XMPP Interop Testing: MOAR TESTS!
Ever heard of XMPP Interop Testing? It’s this cool project that helps make sure different XMPP servers can all work
together smoothly. Our XMPP Interop Testing project provides a suite of automated tests that can be integrated into
CI/CD pipelines to verify the compliance and interoperability of XMPP server implementations.

Late last year, we reported that we had secured funding graciously provided by NLnet that allowed
us to massively build out t … ⌘ Read more

In 1996, they came up with the X11 “SECURITY” extension:

https://www.reddit.com/r/linux/comments/4w548u/what_is_up_with_the_x11_security_extension/

This is what could have (eventually) solved the security issues that we’re currently seeing with X11. Those issues are cited as one of the reasons for switching to Wayland.

That extension never took off. The person on reddit wonders why – I think it’s simple: Containers and sandboxes weren’t a thing in 1996. It hardly mattered if X11 was “insecure”. If you could run an X11 client, you probably already had access to the machine and could just do all kinds of other nasty things.

Today, sandboxing is a thing. Today, this matters.

I’ve heard so many times that “X11 is beyond fixable, it’s hopeless.” I don’t believe that. I believe that these problems are solveable with X11 and some devs have said “yeah, we could have kept working on it”. It’s that people don’t want to do it:

Why not extend the X server?

Because for the first time we have a realistic chance of not having to do that.

https://wayland.freedesktop.org/faq.html

I’m not in a position to judge the devs. Maybe the X.Org code really is so bad that you want to run away, screaming in horror. I don’t know.

But all this was a choice. I don’t buy the argument that we never would have gotten rid of things like core fonts.

All the toolkits and programs had to be ported to Wayland. A huge, still unfinished effort. If that was an acceptable thing to do, then it would have been acceptable to make an “X12” that keeps all the good things about X11, remains compatible where feasible, eliminates the problems, and requires some clients to be adjusted. (You could have still made “X11X12” like “XWayland” for actual legacy programs.)

@movq@www.uninformativ.de How many? All of them!

My goodness, what assholes. Reacting based on the User-Agent might just work. For now.

@kat@yarn.girlonthemoon.xyz Just do it 🤣 I do this daily for work. It’s great!

Prosodical Thoughts: Debian repository key change
We have been working on some changes to our Debian/Ubuntu package repository.
If you use our repository to keep up to date with new Prosody packages, you
need to take action before 4th August 2025 to continue receiving updates
smoothly.

The ‘apt’ utility has been moving towards a new format for specifying package
repositories. If you are familiar with putting deb lines in a sources.list
file, [that method is changing](ht … ⌘ Read more

guys oh my god i went to the flea market and i found a WORKING POCKET PC PDA FOR 10 BUCKS. WE ARE SO BACK

Image

@movq@www.uninformativ.de According to this screenshot, KDE still shows good old application icons: https://upload.wikimedia.org/wikipedia/commons/9/94/KDE_Plasma_5.21_Breeze_Twilight_screenshot.png

And GNOME used to have them, too: https://upload.wikimedia.org/wikipedia/commons/9/9f/Gnome-2-22_%284%29.png

I like the looks of your window manager. That’s using Wayland, right? The only thing on this screenshot to critique is all that wasted space of the windows not making use of the full screen!!!1 At least the file browser. 8-)

This drives me nuts when my workmates share their screens. I really don’t get it how people can work like that. You can’t even read the whole line in the IDE or log viewer with all the expanded side bars. And then there’s 200 pixels on the left and another 300 pixels on the right where the desktop wallpaper shows. Gnaa! There’s the other extreme end when somebody shares their ultra wide screen and I just have a “regularish” 16:10 monitor and don’t see shit, because it’s resized way too tiny to fit my width. Good times. :-D

Sorry for going off on a tangent here. :-) Back to your WM: It has the right mix of being subtle and still similar to motif. Probably close to the older Windowses. My memory doesn’t serve me well, but I think they actually got it fairly good in my opinion. Your purple active window title looks killer. It just fits so well. This brown one (https://www.uninformativ.de/blog/postings/2025-07-22/0/leafpads.png) gives me also classic vibes. Awww. We ran some similar brownish color scheme (don’t recall its name) on Win95 or Win98 for some time on the family computer. I remember other people visting us not liking these colors. :-D

working on a new astroJS based site and i hate being shit at web design because like i have the media for it ready (it’s for my fandom creations which are all done and ready to be shared here lol) but i keep agonizing over the design T__T

@kat@yarn.girlonthemoon.xyz Cool! I just got an idea for work tomorrow: Use dmenu to quickly start different SSH tunnels I routinely need.

We finally got a caliper donated for this year’s scout flea market. We didn’t sell it, but kept it ourselves. It will come in very handy every now and then in our material store. For example, I missed having a caliper in the past when sorting our random assortment of screws or measuring the depth of a hole. It’s a wee bit banged up (probably happened during transport) and didn’t come with a box, but the latter is now solved.

The lid and bottom came from a wardrobe back panel I got from a mate, the sides were rocket sticks in their former lives. I found some scrap of felt in our material store and some hinges laying around in the drawers of my own workshop.

Unfortunately, the table saw teared up the plywood veneer fibres badly, even though I put tape around to prevent that. This is the first time it didn’t work. At. All. To cover that up, I painted the box with some decades old tinting paint (price tag says Deutsche Mark, not Euro!) from my paint cabinet. It’s awesome, works absolutely perfectly and doesn’t smell the slightest bit. I reckon, this caliper box is plenty good enough for occasional use at our scout material store.

gomdn: Yet another Static Site Generator
Yet another Static Site Generator (SSG), but this one is mine.

It’s a stupidly simple Go program ( wc says 229 lines), more like a
hack, really, but I don’t need something like Hugo. Most of the real
work is done by the goldmark package, of course. This is mostly just a
wrapper, deciding if something needs to be rebuilt.

I’ve been using a Perl script together with cmark (originally
Markdown.pl) since forever. And before that the old [txt2tags](htt … ⌘ Read more

Status 2025-07-21
Morning, computer! Spending my days off trying to figure things out.
Some of them will occur in this post. I think best when I’m writing,
after all.

I’m back from a short vacation since a couple of weeks. I’m still
going to take a few days off every week for a while. I need the break.
It’s been way too many 12-16 hour workdays. I’m nominally working 80%
(~6 hour days), so I figure I’ve been working a lot for free.

Yeah, well, I like the TKey project to succeed. The ideas behind it
have implicatio … ⌘ Read more

i should work on my PHP project again just so i have an excuse to use htmx

After many weeks and probably at least a hundred hours of research, discussions and in-person viewing, I think I’ve finally come up with my Final Choices (shortlist) of a Hybrid Camper / Caravan that I think will suit my family and that I’ll enjoy (far less work for me to setup and teardown). The one at the top of the list I’m leaning towards os the SWAG SCT16 Family 4B

Image

Another really busy day at work! I woke up a bit late as I am feeling very tired, but I did my workout and 10K steps so it is a win!

I have completed a big work task that I was lowkey procrastinating and now I feel so much better!

Another example:

$ setpriv \
    --landlock-access fs \
    --landlock-rule path-beneath:execute,read-file:/bin/ls-static \
    --landlock-rule path-beneath:read-dir:/tmp \
    /bin/ls-static /tmp/tmp/xorg.atom

The first argument --landlock-access fs says that nothing is allowed.

--landlock-rule path-beneath:execute,read-file:/bin/ls-static says that reading and executing that file is allowed. It’s a statically linked ls program (not GNU ls).

--landlock-rule path-beneath:read-dir:/tmp says that reading the /tmp directory and everything below it is allowed.

The output of the ls-static program is this line:

─rw─r──r────x 3000 200 07-12 09:19 22'491 │ /tmp/tmp/xorg.atom

It was able to read the directory, see the file, do stat() on it and everything, the little x indicates that getting xattrs also worked.

3000 and 200 are user name and group name – they are shown as numeric, because the program does not have access to /etc/passwd and /etc/group.

Adding --landlock-rule path-beneath:read-file:/etc/passwd, for example, allows resolving users and yields this:

─rw─r──r────x cathy 200 07-12 09:19 22'491 │ /tmp/tmp/xorg.atom

PSA: setpriv on Linux supports Landlock.

If this twt goes through, then restricting the filesystem so that jenny can only write to ~/Mail/twt, ~/www/twtxt.txt, ~/.jenny-cache, and /tmp works.

… okay, the SDL backend works if you also set SDL_VIDEODRIVER=wayland.

@movq@www.uninformativ.de Yeah, it’s a shitshow. MS overconfirms all my prejudices constantly.

Ignoring e-mail after lunch works great, though. :-)

Our timetracking is offline for over a week because of reasons. The responsible bunglers are falling by the skin of their teeth: https://lyse.isobeef.org/tmp/timetracking.png

1. The error message neither includes the timeframe nor a link to an announcement article.
   
2. The HTML page needs to download JS in order to display the fucking error message.
   
3. Proper HTTP status codes are clearly only for big losers.
   
4. Despite being down, heaps of resources are still fetched.
   

I find it really fascinating how one can screw up on so many levels. This is developed inhouse, I’m just so glad that we’re not a software engineering company. Oh wait. How embarrassing.

@movq@www.uninformativ.de This is a really good example of “simplicity” but achieves the intent and goals 👌

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I don’t use a screen reader fortunately (actually they’re pretty garbage). So all good 👍 (I juse use full-screen zoom).

@prologic@twtxt.net Yeah, this really could use a proper definition or a “manifest”. 😅 Many of these ideas are not very wide spread. And I haven’t come across similar projects in all these years.

Let’s take the farbfeld image format as an example again. I think this captures the “spirit” quite well, because this isn’t even about code.

This is the entire farbfeld spec:

farbfeld is a lossless image format which is easy to parse, pipe and compress. It has the following format:

╔════════╤═════════════════════════════════════════════════════════╗
║ Bytes  │ Description                                             ║
╠════════╪═════════════════════════════════════════════════════════╣
║ 8      │ "farbfeld" magic value                                  ║
╟────────┼─────────────────────────────────────────────────────────╢
║ 4      │ 32-Bit BE unsigned integer (width)                      ║
╟────────┼─────────────────────────────────────────────────────────╢
║ 4      │ 32-Bit BE unsigned integer (height)                     ║
╟────────┼─────────────────────────────────────────────────────────╢
║ [2222] │ 4x16-Bit BE unsigned integers [RGBA] / pixel, row-major ║
╚════════╧═════════════════════════════════════════════════════════╝

The RGB-data should be sRGB for best interoperability and not alpha-premultiplied.

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I think these are some of the properties worth mentioning:

• The spec is extremely short. You can read this in under a minute and fully understand it. That alone is gold.
  
• There are no “knobs”: It’s just a single version, it’s not like there’s also an 8-bit color depth version and one for 16-bit and one for extra large images and one that supports layers and so on. This makes it much easier to implement a fully compliant program.
  
• Despite being so simple, it’s useful. I’ve used it in various programs, like my window manager, my status bars, some toy programs like “tuxeyes” (an Xeyes variant), or Advent of Code.
  
• The format does not include compression because it doesn’t need to. Just use something like bzip2 to get file sizes similar to PNG.
  
• It doesn’t cover every use case under the sun, but it does cover the most important ones (imho). They have discussed using something other than RGBA and decided it’s not worth the trouble.
  
• They refrained from adding extra baggage like metadata. It would have needlessly complicated things.

Time to work on updating my tilde again after such a long time.

@eldersnake@we.loveprivacy.club This was an interesting read for sure! 👍 I don’t think it had anything I hadn’t already considered in terms of the ethical/moral points of view. I’m not sure where I stand myself either to be honest. I’ve forced myself to get familiar with the ecosystem and tooling, because in my line of work as a tech lead (staff engineer in sre) you don’t want to be that one guy that ya know 😉 Ethically/Morally though, I’m definitely with the sentiment of this post 😅 Much like the whole Crypto hype yaers back (if y’all remember?!) this is also one of the most energy hungry pieces of “tech” (if you can call it that?) in a while. Then there’s these other issues “stealing people’s work”, “reliance is causing humans to become cognitively weak and neural connections to shrink”, to name a few…

In all fairness, GOG says that Forsaken is only supported on Ubuntu 16.04 – not current Arch Linux. If you ask me, this just goes to show that Linux is not a good platform for proprietary binary software.

Is it free software, do you have the source code? Then you’re good to go, things can be patched/updated (that can still be a lot of work). But proprietary binary blobs? Very bad idea.

I bought the “remastered” versions of Grim Fandango and Forsaken on GOG, because they’re super cheap at the moment. Both have native Linux versions.

And both these Linux version crap their pants. 🫤 The bundled SDL2 of Forsaken says it “can’t find a matching GLX visual” and I couldn’t figure out how to fix that. I didn’t spend a lot of time on Grim Fandango.

Both work great in Wine. 🤦

(I do have the original version of Grim Fandango from the 1990ies, but that one does not work so well in Wine. I figured, if it’s so cheap, why not. And I now get to play the english version. 😃 The german dub is pretty damn good, actually, but I always prefer the original these days.)

@lyse@lyse.isobeef.org I have to say, this sounds much worse than our stuff at work. 🫩 (We don’t use any Microsoft services, at least not for core tools.)

I hear you, @movq@www.uninformativ.de! :‘-(

At work, too. For a few weeks now when I try to log into this horrible Outlook web intershit (Because why would they fix the Evolution integration?! It’s cactus for well over a year now. Probably more like two.), it forwards me to the corporate weblogin, I enter my credentials, even do the bloody MFA crap and get redirected back to Outlook. “Loading mailbox…” “Please wait for us to log you out, do not close this window while this process is underway.” Fuck you! I have to delete the cookies for this damn domain each and every fucking time. Otherwise, this goes in circles forever. I tried the game for 15 minutes, no joke.

But wait, there’s more! Why just fuck it up only a little bit? This week I get logged out at the middle of the day. Every. Single. Day. Not even close to eight hours since I started, no. What the hell!? I reckon I just don’t even bother reauthenticating anymore in the arvo. No more e-mails for Lyse after lunch. Fuck it. It’s just distraction, anyway, right?!

@lyse@lyse.isobeef.org

They’re all talks, not real hands-on trainings like you did.

I love listening to good, well-structured talks. Problem is, not everybody is a good speaker and many screw it up. 🥴 I’m certainly not a great speaker, which is why I gravitate more towards “workshops”, in the hopes that people ask questions and discussions arise. Doesn’t always work out. 🤣 At the very least, I almost always have some other person connect to the projector/beamer/screenshare and then they do the stuff – this avoids me being wwwwaaaaaaaaayyyy too fast.

We are usually drowned in stress and tight deadlines, hence events like today are super rare … We used to do it more often until ~10 years ago.

Once a year the security guys organize a really great hacking event, though.

Oh dear, I’d love to participate in that. 🤯 That sounds like a lot of fun. (Why don’t we do this?!)

I did a “lecture”/“workshop” about this at work today. 16-bit DOS, real mode. 💾 Pretty cool and the audience (devs and sysadmins) seemed quite interested. 🥳

• People used the Intel docs to figure out the instruction encodings.
  
• Then they wrote a little DOS program that exits with a return code and they used uhex in DOSBox to do that. Yes, we wrote a COM file manually, no Assembler involved. (Many of them had never used DOS before.)
  
• DEBUG from FreeDOS was used to single-step through the program, showing what it does.
  
• This gets tedious rather quickly, so we switched to SVED from SvarDOS for writing the rest of the program in Assembly language. nasm worked great for us.
  
• At the end, we switched to BIOS calls instead of DOS syscalls to demonstrate that the same binary COM file works on another OS. Also a good opportunity to talk about bootloaders a little bit.
  
• (I think they even understood the basics of segmentation in the end.)
  

The 8086 / 16-bit real-mode DOS is a great platform to explain a lot of the fundamentals without having to deal with OS semantics or executable file formats.

Now that was a lot of fun. 🥳 It’s very rare that we do something like this, sadly. I love doing this kind of low-level stuff.