Winamp Source Code Repo Deleted
Less than one month after source code release, Winamp GitHub repo has vanished. ⌘ Read more

https://gustedt.wordpress.com/2024/10/15/the-c23-edition-of-modern-c/ code book clang

Cuprate Meeting scheduled for 22 October 2024 1800 UTC
The next Cuprate Meeting is scheduled to take place on Tuesday, October 22 2024 at 18:00 UTC on IRC-Libera/Matrix1 in the #cuprate channels.

Cuprate is an effort to create an alternative Monero node implementation.

Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business

The meeting’s moderator should be Boog9002. Consult the Cuprate code repository … ⌘ Read more

Erlang Solutions: Why Open Source Technologies is a Smart Choice for Fintech Businesses
Traditionally, the fintech industry relied on proprietary software, with usage and distribution restricted by paid licences. Fintech open-source technologies were distrusted due to security concerns over visible code in complex systems.

But fast-forward to today and financial institutions, including neobanks like Revolut and Monzo, have embraced open source solutions. … ⌘ Read more

[ANN] [CVE-2024-9680] Update Tor Browser & Firefox immediately

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.

Links:

• https://blog.torproject.org/new-release-tor-browser-1357/
  
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
  

n … ⌘ Read more

Honestly… not much. Have abandon two projects (both private) on Golang and one related to cryptography. My mostly languages are Python and Javascript (also can PHP). After writing code on Go i spend same time on fixing dumb errors

Cuprate Meeting scheduled for 15 October 2024 1800 UTC
The next Cuprate Meeting is scheduled1 to take place on Tuesday, October 15 2024 at 18:00 UTC on IRC-Libera/Matrix2 in the #cuprate channels.

Cuprate is an effort to create an alternative Monero node implementation.

Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business

The meeting’s moderator should be Boog9003. Consult the Cuprate code … ⌘ Read more

Last week at The Lunduke Journal (Sep 29 - Oct 5, 2024)
Godot’s “Cleansing” of Non-Woke! DOOM on a Quantum Computer! A Good Code of Conduct! ⌘ Read more

I am reminded of this when I look at entire forks of vscode just to add a LLM code completion assistant.

http://www.call-with-current-continuation.org/articles/brutalist-manifesto.txt coding programming #kiss

I share I did write up an algorithm for it at some point I think it is lost in a git comment someplace. I’ll put together a pseudo/go code this week.

Super simple:

Making a reply:

1. If yarn has one use that. (Maybe do collision check?)
   
2. Make hash of twt raw no truncation.
   
3. Check local cache for shortest without collision
   
   • in SQL: select len(subject) where head_full_hash like subject || '%'
     

Threading:

1. Get full hash of head twt
   
2. Search for twts
   
   • in SQL: head_full_hash like subject || '%' and created_on > head_timestamp
     

The assumption being replies will be for the most recent head. If replying to an older one it will use a longer hash.

Cuprate Meeting scheduled for 8 October 2024 1800 UTC
The next Cuprate Meeting is scheduled1 to take place on Tuesday, October 8 2024 at 18:00 UTC on IRC-Libera/Matrix2 in the #cuprate channels.

Cuprate is an effort to create an alternative Monero node implementation.

Greetings
Updates: What is everyone working on?
Project: What is next for Cuprate?
Any other business

The meeting’s moderator should be Boog9003. Consult the Cuprate code rep … ⌘ Read more

Code referencing now generally available in GitHub Copilot and with Microsoft Azure AI
Announcing the general availability of code referencing in GitHub Copilot and Microsoft Azure AI, allowing developers to permit code suggestions containing public code matches while receiving detailed information about the match.

The post [Code referencing now generally available in GitHub Copilot and with Microsoft Azure AI](https://github.blog/ne … ⌘ Read more

The nuances and challenges of moderating a code collaboration platform
Sharing the latest data update to our Transparency Center alongside a new research article on what makes moderating a code collaboration platform unique.

The post The nuances and challenges of moderating a code collaboration platform ap … ⌘ Read more

The “9.9” Linux Vulnerability Revealed: It’s The Printers
Remote attacker can execute code by simply sending a UDP packet to a Linux machine. ⌘ Read more

GitHub Copilot now available in github.com for Copilot Individual and Copilot Business plans
With this public preview, we’re unlocking the context of your code and collaborators—and taking the next step in infusing AI into every developer’s workflow.

The post [GitHub Copilot now available in github.com for Copilot Individual and Copilot Business plans](https://github.blog/news-insights/product-news/github-copilot-now-available- … ⌘ Read more

@david@collantes.us Well, I wouldn’t recommend using my code for your main jenny use anyway. If you want to try it out, set XDG_CONFIG_HOME and XDG_CACHE_HOME to some sandbox directories and only run my code there. If @movq@www.uninformativ.de is interested in any of this getting upstreamed, I’d be happy to try rebasing the changes, but otherwise it’s a proof of concept and fun exercise.

BTW this code doesn’t incorporate existing twts into jenny’s database. It’s best used starting from scratch. I’ve been testing it using a custom XDG_CACHE_HOME and XDG_CONFIG_HOME to avoid messing with my “real” jenny data.

I wrote some code to try out non-hash reply subjects formatted as (replyto ), while keeping the ability to use the existing hash style.

I don’t think we need to decide all at once. If clients add support for a new method then people can use it if they like. The downside of course is that this costs developer time, so I decided to invest a few hours of my own time into a proof of concept.

With apologies to @movq@www.uninformativ.de for corrupting jenny’s beautiful code. I don’t write this expecting you to incorporate the patch, because it does complicate things and might not be a direction you want to go in. But if you like any part of this approach feel free to use bits of it; I release the patch under jenny’s current LICENCE.

Supporting both kinds of reply in jenny was complicated because each email can only have one Message-Id, and because it’s possible the target twt will not be seen until after the twt referencing it. The following patch uses an sqlite database to keep track of known (url, timestamp) pairs, as well as a separate table of (url, timestamp) pairs that haven’t been seen yet but are wanted. When one of those “wanted” twts is finally seen, the mail file gets rewritten to include the appropriate In-Reply-To header.

Patch based on jenny commit 73a5ea81.

https://www.falsifian.org/a/oDtr/patch0.txt

Not implemented:

• Composing twts using the (replyto …) format.
  
• Probably other important things I’m forgetting.

Try out OpenAI o1 in GitHub Copilot and Models
OpenAI o1-preview and o1-mini are now available in GitHub Copilot Chat in VS Code and in the GitHub Models playground.

The post Try out OpenAI o1 in GitHub Copilot and Models appeared first on The GitHub Blog. ⌘ Read more

The 10 best tools to green your software
Looking for ways to code in a more sustainable way? We’ve got you covered with our top list of tools to help lower your carbon footprint.

The post The 10 best tools to green your software appeared first on The GitHub Blog. ⌘ Read more

@quark@ferengi.one It looks like the part about traditional topics has been removed from that page. Here is an old version that mentions it: https://web.archive.org/web/20221211165458/https://dev.twtxt.net/doc/twtsubjectextension.html . Still, I don’t see any description of what is actually allowed between the parentheses. May be worth noting that twtxt.net is displaying the twts with the subject stripped, so some piece of code is recognizing it as a subject (or, at least, something to be removed).

@prologic@twtxt.net earlier you suggested extending hashes to 11 characters, but here’s an argument that they should be even longer than that.

Imagine I found this twt one day at https://example.com/twtxt.txt :

2024-09-14T22:00Z Useful backup command: rsync -a “$HOME” /mnt/backup

Image

and I responded with “(#5dgoirqemeq) Thanks for the tip!”. Then I’ve endorsed the twt, but it could latter get changed to

2024-09-14T22:00Z Useful backup command: rm -rf /some_important_directory

Image

which also has an 11-character base32 hash of 5dgoirqemeq. (I’m using the existing hashing method with https://example.com/twtxt.txt as the feed url, but I’m taking 11 characters instead of 7 from the end of the base32 encoding.)

That’s what I meant by “spoofing” in an earlier twt.

I don’t know if preventing this sort of attack should be a goal, but if it is, the number of bits in the hash should be at least two times log2(number of attempts we want to defend against), where the “two times” is because of the birthday paradox.

Side note: current hashes always end with “a” or “q”, which is a bit wasteful. Maybe we should take the first N characters of the base32 encoding instead of the last N.

Code I used for the above example: https://fossil.falsifian.org/misc/file?name=src/twt_collision/find_collision.c
I only needed to compute 43394987 hashes to find it.

Better coffee on the cards as researchers crack arabica’s genetic code
Your morning cup of coffee could soon get even better, thanks to scientists who have mapped the genome of the arabica plant. ⌘ Read more

Fine-tuned models are now in limited public beta for GitHub Copilot Enterprise
Fine-tuned models empower organizations to receive code suggestions specifically tailored to their coding practices and internal languages.

The post Fine-tuned models are now in limited public beta for GitHub Copilot Enterprise appeared … ⌘ Read more

** A playground for sharing scrappy fiddles **
I shared some snippets of JavaScript in a recent blog post and was wicked irked that I didn’t have an easy way to share interactive code on my own thing…so… I made a totally static JavaScript playground for running little experiments and sharing scrappy fiddles!

It is pretty simple — it allows folks to enter and run JavaScript, includes a console so you can easily log thing … ⌘ Read more

There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like

YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin

and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.

I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.

@lyse@lyse.isobeef.org ah, if only you were to finally clean up that code, and make that client widely available…! One can only dream, right? :-)

GitHub named a Leader in the Gartner first-ever Magic Quadrant for AI Code Assistants
This year, as part of its annual Magic Quadrant series, Gartner published a first-of-its-kind report analyzing the state of play in the AI Code Assistants market–and named GitHub a Leader.

The post [GitHub named a Leader in the Gartner first-ever Magic Quadrant for AI Code Assistants](https://github.blog/news-insights/company-news/github-named-a-lead … ⌘ Read more

Erlang Solutions: The Diversity & Inclusion Programme: Our Pledge
As technology becomes increasingly integrated into our lives, the minds behind it must come from diverse backgrounds. Different viewpoints lead to better solutions, ensuring that the tech we create addresses the needs of a global audience.

At Erlang Solutions, we believe that a diverse workforce is a catalyst for creativity and progress. By sponsoring the Diversity & Inclusion Programme for [Code BEAM events](https://codebeameurope … ⌘ Read more

Explain infrastructure as code (alternatives to IaC)
Member post originally published on AppCD’s blog by Kunal Dabir I was recently speaking with an SRE who, when asked for their opinion on Infrastructure as Code (IaC), shouted, “it’s terrible and our devs hate it!” Now we… ⌘ Read more

Found means fixed: Secure code more than three times faster with Copilot Autofix
With Copilot Autofix, developers and security teams can keep new vulnerabilities out of code and confidently remediate their backlog security debt.

The post Found means fixed: Secure code more than three times faster with Copilot Autofix appeared first on [The GitHub … ⌘ Read more

yeah its the same dude.

This project is verrrry alpha. all the configuration is literally in the code.

From object transition to RCE in the Chrome renderer
In this post, I’ll exploit CVE-2024-5830, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

The post From object transition to RCE in the Chrome renderer appeared first on The GitHub Blog. ⌘ Read more

Python Bans Prominent Dev for Enjoying the Wrong SNL Sketch
Even worse: He was too active in a conversation. That’s a Code of Conduct Violation! ⌘ Read more

Getting to know the new CNCF Code of Conduct Committee
By the CNCF Code of Conduct Committee Hello CNCF community!  Our permanent CNCF Code of Conduct Committee has been operating for eight months, so it’s time for us to share information about incidents we’ve handled in our community… ⌘ Read more

How to use AI coding tools to learn a new programming language
Explore how AI coding tools like GitHub Copilot can accelerate your journey to learn new programming languages.

The post How to use AI coding tools to learn a new programming language appeared first on [The GitHub Blog](https://gi … ⌘ Read more

The technical complexities of decoupled authorization
Member post originally published on the Cerbos blog by James Walker Decoupling authorization from your main application code makes authorization more scalable, easier to maintain, and simpler to integrate with your components. However, these benefits are difficult to… ⌘ Read more

The XMPP Standards Foundation: The XMPP Newsletter July 2024

Image

XMPP Newsletter Banner

Welcome to the XMPP Newsletter, great to have you here again!
This issue covers the month of July 2024.

If you are interested to join the XMPP Standards Foundation as a member, please apply until August 18th, 2024!.

… ⌘ Read more

Erlang Solutions: Erlang Solutions wins business with BoardClic in a new era of collaboration
Erlang Solutions, a world-leading provider of software development and consultancy services, is pleased to announce its latest customer win with BoardClic, the leading platform for digital board performance reviews.

Following a successful Elixir code and architecture review, Erlang Solutions has been appointed to deliver advanced Elixir development for BoardCli … ⌘ Read more

What’s new with GitHub Copilot: July 2024
To enhance your coding experience, AI tools should excel at saving you time with repetitive, administrative tasks, while providing accurate solutions to assist developers. Today, we’re spotlighting three updates designed to increase efficiency and boost developer creativity.

The post What’s new with GitHub Copilot: July 2024 appeared first on [The GitHu … ⌘ Read more

Applying the DRY principle to Kyverno policies
Member post originally published on the Nirmata Blog by Jim Bugwadia The Don’t Repeat Yourself (DRY) principle of software development advocates avoiding repetition of code that is likely to change. Replacing similar code with reusable abstractions makes software easier to… ⌘ Read more

Beginner’s guide to GitHub: Adding code to your repository
Take the next step in our GitHub for Beginners series and add code to your repository. Learn how to create branches and upload changes into a pull request.

The post Beginner’s guide to GitHub: Adding code to your repository appeared first on The GitHub Blog. ⌘ Read more

@prologic@twtxt.net I don’t think it’s your code. As you said in one of your commit comments, the internet is a hostile place! That’s partly why I reacted the way I did: all things considered it’s usually better to react quickly and clean up the mess later, then it is to wait and risk further damage. Anyway it sucks @xuu@txt.sour.is got caught up in it. Hopefully it’s all good now.

How to review code effectively: A GitHub staff engineer’s philosophy
GitHub Staff Engineer Sarah Vessels discusses her philosophy of code review, what separates good code review from bad, her strategy for finding and reviewing code, and how to get the most from reviews of her own code.

The post [How to review code effectively: A GitHub staff engineer’s philosophy](https://github.blog/developer-skills/github/how-to-review-code-effectively-a-github-staff-eng … ⌘ Read more

3 ways to get Remote Code Execution in Kafka UI
In this blog post, we’ll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited.

The post 3 ways to get Remote Code Execution in Kafka UI appeared first on The GitHub Blog. ⌘ Read more

It took me so long to find the cause of a memory leak in GoBlog. I thought it was smart to use a cache for prepared database statements. But I didn’t read the documentation and didn’t know that prepared statements need to be closed when they are no longer needed to free up the allocated resources. 🤦‍♂️ I finally fixed it by removing the prepared statement cache altogether. Less code, fewer problems in the future, and the cache wasn’t much of an improvement anyway. I also learned about the usefulness of memory profil … ⌘ Read more

The XMPP Standards Foundation: The XMPP Newsletter June 2024

Image

XMPP Newsletter Banner

Welcome to the XMPP Newsletter, great to have you here again!
This issue covers the month of June 2024.

The XSF has been accepted as a hosting organisation at GSoC in 2024 again!
These XMPP projects have received a slot and have kicked-off with … ⌘ Read more

After that talk about the Ladybird browser the other day, I see this article just pop up:

https://devclass.com/2024/07/03/ladybird-web-browser-project-now-funded-by-github-co-founder-promises-no-code-from-other-browsers/

Seems it’s gaining some recognition and support, I hope it can gain traction as we sure as anything need some genuine alternatives.

Base: 4.25 miles, 00:09:47 average pace, 00:41:35 duration
carrying on from code brown
#running #treadmill