Generating SBOMs for Your Image with BuildKit
Learn how to use BuildKit v0.11 to generate SBOMs so you (and your users) can quickly answer questions about your images and packages. ⌘ Read more
@abucci@anthony.buc.ci So.. The issue is that its showing the password by default? Would making an alias to always include the -c help? We can probably engage Jason with a PR to enable a more hardened approach when desired. I’ve spoken to him before and is generally a pretty open to ideas.
I found this app that was created by the gopass author that does copy by default and has a tui or GUI mode https://github.com/cortex/ripasso
Runtime
⌘ Read more
Runtime
⌘ Read more
Git man page generator: https://git-man-page-generator.lokaltog.net/
Did something chchange with how the discover feed is generated? My pods logout mode now only shows my twts. It used to be all twts from watcher observation like my logged on discover tab. @prologic@twtxt.net
@prologic@twtxt.net see where its used maybe that can help.
https://github.com/sour-is/ev/blob/main/app/peerfinder/http.go#L153
This is an upsert. So I pass a streamID which is like a globally unique id for the object. And then see how the type of the parameter in the function is used to infer the generic type. In the function it will create a new *Info and populate it from the datastore to pass to the function. The func will do its modifications and if it returns a nil error it will commit the changes.
The PA type contract ensures that the type fulfills the Aggregate interface and is a pointer to type at compile time.
↳
In-reply-to
»
@prologic: Reduced refresh interval to 7200 seconds :-)
⤋ Read More
@prologic@twtxt.net I guess that refresh field could be easily replaced with Expires HTTP header (I realize that users on neocities.org cannot control this header, for example). And clients should also respect headers like Last-Modified/If-Modified-Since (304), you’re right about that. P.S. twtwt doens’t have a caching mechanism for now, but I plan to implement it in generic way using HTTP headers.
Erlang Solutions: GraphQL interfaces in MongooseIM 6.0
MongooseIM is a robust, scalable and highly extensible instant messaging server. Recent releases have improved its configurability and opened new use cases, and the latest version 6.0 continues that trend. By introducing the brand new GraphQL API, we made MongooseIM much easier to integrate with external web services. The entry barrier is also lower than ever because of the automatically generated API documentation, interactive web UI, an … ⌘ Read more
Data Point
⌘ Read more
Data Point
⌘ Read more
This is blowing my mind. Real-time music generation with Stable Diffusion: https://www.riffusion.com/
Bunny AI
Bunny.net joined the AI hype and created “Bunny AI” (docs), AI images created on the edge. I tried it out, because it’s currently free during the preview, but somehow I don’t find the generated images aesthetic or I’m just to stupid to write better prompts. I guess the Bunny developers also need some distraction from time to time, because they are working hard on S3 support for Bunny Storage for years already. 🐰 ⌘ Read more
Snikket: Notes on the F-Droid security warning
Snikket Android users who installed the app via F-Droid may receive a warning
from F-Droid telling them that the app has a vulnerability and that they
“recommend uninstalling immediately”. First of all - don’t panic! This is a
over-simplified generic warning that is scary, but the actual situation is
not quite so scary and has an explanation. Here goes…
When an app is developed and ready for release, it must be compiled and built,
to produce the fina … ⌘ Read more
GitHub Copilot is generally available for businesses
GitHub Copilot for Business is officially here with simple license management, organization-wide policy controls, and industry-leading privacy—all for $19 USD per user per month. ⌘ Read more
Gajim: Gajim 1.5.4
Gajim 1.5.4 comes with a reworked file transfer interface, better URL detection, message selection improvements, and many fixes under the hood. Thank you for all your contributions!
Gajim’s interface for sending files has been reworked, and should be much easier to use now. For each file you’re about to send, Gajim will generate a preview. This way, you can avoid sending the wrong file to somebody. Regardless of how you start a file transfer, be it drag and drop, pasting a … ⌘ Read more
RT by @mind_booster: We’ve been challenged $104,750 in matching donations from some very generous donors this year!
https://sfconservancy.org/news/2022/nov/22/2022-fundraiser/
We’ve been challenged $104,750 in matching donations from some very generous donors this year!
My Generation — The Who (Eurobeat Remix)
The journey of your work has never been clearer
In July, we launched the general availability of GitHub Projects, and now we are excited to bring you even more features designed to make it easier to plan and track in the same place you build! ⌘ Read more
Dino: Stateless File Sharing: Source Attachment and Wrap-Up
RecapStateless file sharing (sfs) is a generic file sharing message which, alongside metadata, sends a list of sources where the file can be retrieved from.
It is generic in the sense, that sources can be from different kinds of file transfer methods.
HTTP, Jingle and any other file transfers can be encapsulated with it.
The big idea is that functionality can be implemented for all file transfer methods at once, thanks to … ⌘ Read more
GitHub Enterprise Server 3.7 is now generally available
GitHub Enterprise Server 3.7 is available now, including a single view of code risk, new forking and repository policies, and security enhancements to the management console. ⌘ Read more
All In for Students: expanding the next generation of open source leaders
We are pleased to announce the expansion of All In for Students! All In for Students introduces college students to open source and provides them with the education, technical training and career development to prepare them for a summer internship in tech. ⌘ Read more
Why we’re excited about the Sigstore general availability
The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future. ⌘ Read more
Stable Diffusion in Code (AI Image Generation) - Computerphile ⌘ Read more
GitHub at the 77th United Nations General Assembly
Read about how the GitHub Social Impact, Tech for Social Good and Policy teams participated in the 77th session of the United Nations General Assembly, including events we hosted with the World Health Organization and the UN Development Programme. ⌘ Read more
Gajim: Gajim 1.5.2
Gajim 1.5.2 brings another performance boost, better emojis, improvements for group chat moderators, and many bug fixes. Thank you for all your contributions!
Generating performance profiles for Gajim revealed some bottlenecks in Gajim’s code. After fixing these, switching chats should now feel snappier than before.
Did you know that you can use shortcodes for typing emojis? Typing :+1 for example will ope … ⌘ Read more
How AI Image Generators Work (Stable Diffusion / Dall-E) - Computerphile ⌘ Read more
The Cosmic Voyage motd is honestly one of the coolest terminal experiences I’ve ever had, and it’s almost entirely generic information.
GitHub for Startups is generally available
We’re launching GitHub for Startups to give your startup the tools needed to go from idea to unicorn status on the world’s largest developer platform. ⌘ Read more
“If you don’t make it beautiful, it’s for sure doomed”: putting the Vault in GitHub’s Arctic Code Vault
GitHub this month installed a massive steel vault, etched with striking AI-generated art, deep within an Arctic mountain, finalizing its Arctic Code Vault. This vault contains the 188 reels of hardened archival film which will preserve the 02/02/202 snapshot of every active public GitHub repository for 1,000 years. It also now includes a … ⌘ Read more
數謎謎面產生器 ⌘ Read more
Paul Schaub: Creating a Web-of-Trust Implementation: Accessing Certificate Stores
Currently, I am working on a Web-of-Trust implementation for the OpenPGP library PGPainless. This work is being funded by the awesome NLnet foundation through NGI Assure. Check them out! NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme.
[
⌘ Read more
Physics Safety Tip
⌘ Read more
GitHub Enterprise Server 3.6 is now generally available
GitHub Discussions and Audit Log Streaming, new automation features, and security enhancements are available now in GitHub Enterprise Server 3.6. ⌘ Read more
XMPP Providers: XMPP Providers and blabber.im
Easy Onboarding with Android Chat AppA new version of the Android XMPP chat app
blabber.im has been released.
It provides an easy onboarding.
Passwords are generated automatically and XMPP providers are suggested.
Those suggestions are based on our curated list of XMPP providers.
Glassdrive, Rádio Popular, Atum General: perdoem-me mas com equipas de nomes assim, para mim, o desporto praticado na Volta é um bocado… triste.
Glassdrive, Rádio Popular, Atum General: perdoem-me mas com equipas de nomes assim, para mim, o desporto praticado na Volta é um bocado… triste. ⌘ Read more
↳
In-reply-to
»
Progress! so i have moved into working on aggregates. Which are a grouping of events that replayed on an object set the current state of the object. I came up with this little bit of generic wonder.
⤋ Read More
(cont.)
Just to give some context on some of the components around the code structure.. I wrote this up around an earlier version of aggregate code. This generic bit simplifies things by removing the need of the Crud functions for each aggregate.
Domain ObjectsA domain object can be used as an aggregate by adding the event.AggregateRoot struct and finish implementing event.Aggregate. The AggregateRoot implements logic for adding events after they are either Raised by a command or Appended by the eventstore Load or service ApplyFn methods. It also tracks the uncommitted events that are saved using the eventstore Save method.
type User struct {
Identity string ```json:"identity"`
CreatedAt time.Time
event.AggregateRoot
}
// StreamID for the aggregate when stored or loaded from ES.
func (a *User) StreamID() string {
return "user-" + a.Identity
}
// ApplyEvent to the aggregate state.
func (a *User) ApplyEvent(lis ...event.Event) {
for _, e := range lis {
switch e := e.(type) {
case *UserCreated:
a.Identity = e.Identity
a.CreatedAt = e.EventMeta().CreatedDate
/* ... */
}
}
}
Events are applied to the aggregate. They are defined by adding the event.Meta and implementing the getter/setters for event.Event
type UserCreated struct {
eventMeta event.Meta
Identity string
}
func (c *UserCreated) EventMeta() (m event.Meta) {
if c != nil {
m = c.eventMeta
}
return m
}
func (c *UserCreated) SetEventMeta(m event.Meta) {
if c != nil {
c.eventMeta = m
}
}
With a domain object that implements the event.Aggregate the event store client can load events and apply them using the Load(ctx, agg) method.
// GetUser populates an user from event store.
func (rw *User) GetUser(ctx context.Context, userID string) (*domain.User, error) {
user := &domain.User{Identity: userID}
err := rw.es.Load(ctx, user)
if err != nil {
if err != nil {
if errors.Is(err, eventstore.ErrStreamNotFound) {
return user, ErrNotFound
}
return user, err
}
return nil, err
}
return user, err
}
An OnX command will validate the state of the domain object can have the command performed on it. If it can be applied it raises the event using event.Raise() Otherwise it returns an error.
// OnCreate raises an UserCreated event to create the user.
// Note: The handler will check that the user does not already exsist.
func (a *User) OnCreate(identity string) error {
event.Raise(a, &UserCreated{Identity: identity})
return nil
}
// OnScored will attempt to score a task.
// If the task is not in a Created state it will fail.
func (a *Task) OnScored(taskID string, score int64, attributes Attributes) error {
if a.State != TaskStateCreated {
return fmt.Errorf("task expected created, got %s", a.State)
}
event.Raise(a, &TaskScored{TaskID: taskID, Attributes: attributes, Score: score})
return nil
}
The following functions in the aggregate service can be used to perform creation and updating of aggregates. The Update function will ensure the aggregate exists, where the Create is intended for non-existent aggregates. These can probably be combined into one function.
// Create is used when the stream does not yet exist.
func (rw *User) Create(
ctx context.Context,
identity string,
fn func(*domain.User) error,
) (*domain.User, error) {
session, err := rw.GetUser(ctx, identity)
if err != nil && !errors.Is(err, ErrNotFound) {
return nil, err
}
if err = fn(session); err != nil {
return nil, err
}
_, err = rw.es.Save(ctx, session)
return session, err
}
// Update is used when the stream already exists.
func (rw *User) Update(
ctx context.Context,
identity string,
fn func(*domain.User) error,
) (*domain.User, error) {
session, err := rw.GetUser(ctx, identity)
if err != nil {
return nil, err
}
if err = fn(session); err != nil {
return nil, err
}
_, err = rw.es.Save(ctx, session)
return session, err
}
↳
In-reply-to
»
Hi, I am playing with making an event sourcing database. Its super alpha but I thought I would share since others are talking about databases and such.
⤋ Read More
Progress! so i have moved into working on aggregates. Which are a grouping of events that replayed on an object set the current state of the object. I came up with this little bit of generic wonder.
type PA[T any] interface {
event.Aggregate
*T
}
// Create uses fn to create a new aggregate and store in db.
func Create[A any, T PA[A]](ctx context.Context, es *EventStore, streamID string, fn func(context.Context, T) error) (agg T, err error) {
ctx, span := logz.Span(ctx)
defer span.End()
agg = new(A)
agg.SetStreamID(streamID)
if err = es.Load(ctx, agg); err != nil {
return
}
if err = event.NotExists(agg); err != nil {
return
}
if err = fn(ctx, agg); err != nil {
return
}
var i uint64
if i, err = es.Save(ctx, agg); err != nil {
return
}
span.AddEvent(fmt.Sprint("wrote events = ", i))
return
}
This lets me do something like this:
a, err := es.Create(ctx, r.es, streamID, func(ctx context.Context, agg *domain.SaltyUser) error {
return agg.OnUserRegister(nick, key)
})
I can tell the function the type being modified and returned using the function argument that is passed in. pretty cray cray.
Make Linux look like Star Trek LCARS
That’s one seriously next generation desktop environment right there… ⌘ Read more
↳
In-reply-to
»
Now brace yourself, the tech world stands still for a while: "Stack Overflow is currently offline for maintenance"
⤋ Read More
@prologic@twtxt.net Well, I have to confess that whenever a Stack Overflow post pops up in the search results of my least mistrusted search engine the answer(s) there are spot on and exactly what I’m looking for most of the time. Of course there are the occasional exception, but I’m actually very happy with what I dig up there. Sometimes I need to scroll through a few answes to get what I need, but in general the first answer appearing below the question is fairly good. There are super bad answers, no doubt. But you can tell them apart immediately and just skip them right away.
@movq@www.uninformativ.de @prologic@twtxt.net I tried to think about it once more today, but still no luck yet. However, I reckon that when I try to grasp something in a very focused way, then I imagine how I would loudly read it (but actually don’t) and hear myself. I’m quite certain about that. In more extreme cases I even noticed my lips slightly moving, but not creating any sound. But most of the time I don’t think there’s a voice. The tricky thing is, if I don’t think about how it works in general, I don’t know. And if I try to think about it, it feels like introducing tons of measuring errors. I just found Schrödinger’s cat in my brain.
Planning next to your code – GitHub Projects is now generally available
Today, we are announcing the general availability of the new and improved Projects powered by GitHub Issues. GitHub Projects connects your planning directly to the work your teams are doing in GitHub and flexibly adapts to whatever your team needs at any point. ⌘ Read more
@movq@www.uninformativ.de @mckinley@twtxt.net Yup, some people do. I tried several times to figure out whether I also have some imaginary voice in my head or not. And I can’t really tell. My best bet is that it depends. Generally there is no voice or just a very faint one. For very complex stuff I think my brain plays some audio. But it’s very hard to tell. If I try to think about it, it feels super weird in my head.
Paul Schaub: Creating a Web-of-Trust Implementation: Certify Keys with PGPainless
Currently I am working on a Web-of-Trust implementation for the OpenPGP library PGPainless. This work will be funded by the awesome NLnet foundation through NGI Assure. Check them out! NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme.
[, the simplified version without the URL (#hash) is enough.
The hash tag extension specification is kind of missing the same. However, I’m not sure if that short form is considered supported in general (as opposed to be a special case for subjects only) by the majority of the twtxt/yarn community.
Now the question arises, in order to keep things simple, should we even only allow the simplified twt hash tag for subjects and forbid the long version? This would also save quite a bit of space. The URL is probably not shown anyways in most clients. And if so, clients might rewrite URLs to their own instances. On the other hand, there’s technically nothing wrong with the long version in current parser implementations. And deprecating stuff without very good reason isn’t cool.
Coronavirus: airlines want to return to Hong Kong but city’s chance of regaining status of global aviation hub fading by the day, trade body chief warns
Willie Walsh, director general of the International Air Transport Association, says some carriers have ‘abandoned plans to regain their Hong Kong network for the moment’. ⌘ Read more
Hong Kong PLA garrison to be combat-ready for ‘toughest and most complicated’ situations amid security threats, commander vows
Major General Peng Jingtang makes promise ahead of President Xi Jinping’s attendance at events celebrating 25th anniversary of city’s handover. ⌘ Read more