↳
In-reply-to
»
(#2qn6iaa) @prologic Some criticisms and a possible alternative direction:
⤋ Read More
HTTPS is supposed to do [verification] anyway.
TLS provides verification that nobody is tampering with or snooping on your connection to a server. It doesn’t, for example, verify that a file downloaded from server A is from the same entity as the one from server B.
I was confused by this response for a while, but now I think I understand what you’re getting at. You are pointing out that with signed feeds, I can verify the authenticity of a feed without accessing the original server, whereas with HTTPS I can’t verify a feed unless I download it myself from the origin server. Is that right?
I.e. if the HTTPS origin server is online and I don’t mind taking the time and bandwidth to contact it, then perhaps signed feeds offer no advantage, but if the origin server might not be online, or I want to download a big archive of lots of feeds at once without contacting each server individually, then I need signed feeds.
feed locations [being] URLs gives some flexibility
It does give flexibility, but perhaps we should have made them URIs instead for even more flexibility. Then, you could use a tag URI,
urn:uuid:*, or a regular old URL if you wanted to. The spec seems to indicate that theurltag should be a working URL that clients can use to find a copy of the feed, optionally at multiple locations. I’m not very familiar with IP{F,N}S but if it ensures you own an identifier forever and that identifier points to a current copy of your feed, it could be a great way to fix it on an individual basis without breaking any specs :)
I’m also not very familiar with IPFS or IPNS.
I haven’t been following the other twts about signatures carefully. I just hope whatever you smart people come up with will be backwards-compatible so it still works if I’m too lazy to change how I publish my feed :-)
What’s new in CRI-O 1.31
Project post originally published on Github by Sascha Grunert The CRI-O maintainers are happy and proud to announce that CRI-O v1.31.0 has been released! This brand new version contains a large list of cool new features, bug fixes and smaller… ⌘ Read more
↳
In-reply-to
»
@movq Is there a good way to get jenny to do a one-off fetch of a feed, for when you want to fill in missing parts of a thread? I just added @slashdot to my private follow file just because @prologic keeps responding to the feed :-P and I want to know what he's commenting on even though I don't want to see every new slashdot twt.
⤋ Read More
@prologic@twtxt.net How does yarn.social’s API fix the problem of centralization? I still need to know whose API to use.
Say I see a twt beginning (#hash) and I want to look up the start of the thread. Is the idea that if that twt is hosted by a a yarn.social pod, it is likely to know the thread start, so I should query that particular pod for the hash? But what if no yarn.social pods are involved?
The community seems small enough that a registry server should be able to keep up, and I can have a couple of others as backups. Or I could crawl the list of feeds followed by whoever emitted the twt that prompted my query.
I have successfully used registry servers a little bit, e.g. to find a feed that mentioned a tag I was interested in. Was even thinking of making my own, if I get bored of my too many other projects :-)
DietPi August 2024 News (Version 9.7)
The August 2024 release of DietPi v9.7 brings a series of enhancements, bug fixes, and a major kernel upgrade for devices utilizing the RK3588 SoC. This minor update focuses on improving system stability and user experience, particularly for ODROID and NanoPi devices. DietPi: DietPi is a lightweight and optimized operating system based on Linux, tailored […] ⌘ Read more
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net This does not seem to fix the problem for me, or I’ve done something wrong. I did the following:
- Pull the latest version from
git(I have commit7ad848, same as ontwtxt.netI believe).
make buildandmake install
- Restart
yarnd
- Refresh cache in Poderator Settings
Yet I still see these bogus /external things on my pod when I hit URLs like the one I sent you recently. When I hit such a URL with curl I think it’s giving an error? But in a web browser, the (buggy) response is the same as it was before I updated.
So, this problem is not fixed for me.
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net Aha, now it gives an error. OK I’m updating to this to see if it fixes the issue on my pod! Thank you.
@aelaraji@aelaraji.com didn’t know there was a place to fix them; in here we toss them. Wish it was cheap to ship stuff. I have a couple of decent monitors in the garage that will soon take a trip to the curve…
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net Ah nice, thank you! Do you think this fix is ready for me to test it or do you think I should wait til you poke at it?
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net sounds fair. Let’s see how it works for @abucci@anthony.buc.ci. Speedy fix, that’s awesome! :-)
How to Fix ESLint Violations with AI Assistance
Learn how to use GenAI to fix ESLint violations, without installing Node. ⌘ Read more
There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
↳
In-reply-to
»
(#vciyu3q) @bender I'm not a yarnd user, but automatically unfollowing on 404 doesn't seem right. Besides @lyse's example, I could imagine just accidentally renaming my own twtxt file, or forgetting to push it when I point my DNS to a new web server. I'd rather not lose all my yarnd followers in a situation like that (and hopefully they feel the same).
⤋ Read More
(@anth@a.9srv.net’s feed almost never works, but I keep it because they told me they want to fix their server some time.)
Found means fixed: Secure code more than three times faster with Copilot Autofix
With Copilot Autofix, developers and security teams can keep new vulnerabilities out of code and confidently remediate their backlog security debt.
The post Found means fixed: Secure code more than three times faster with Copilot Autofix appeared first on [The GitHub … ⌘ Read more
iOS 17.6.1 & iPad 17.6.1 Released with Bug Fixes
Another day, another round of system software updates, such is the life of a modern Apple device user in this particular era of the two thousand and twenty fourth summer on planet Earth, Anno Domini. As the globe rotates to register a new day, you will be excited to learn that iOS 17.6.1 and ipadOS … Read More ⌘ Read more
MacOS Sonoma 14.6.1 & Ventura 13.6.9 Released with Bug Fixes
If you feel like you have spent a significant amount of your time updating system software on your Apple devices lately, you’re in for a treat; another round of system software updates! This time around, Apple has released MacOS Sonoma 14.6.1 along with MacOS Ventura 13.6.9 for Macs, complete with bug fixes, just one week … [Read More](https://osxdaily.com/2024/08/08/macos-sonoma-14-6-1-ventura-13-6-9-released … ⌘ Read more
Last week at The Lunduke Journal (July 28 - Aug 3, 2024)
GNOME Bans Saying “Lunduke”. WINE Fixes AOL for Win 3.1 (Seriously). Python 71x Slower Than C. ⌘ Read more
[fixed]
@movq@www.uninformativ.de my bad man. I left off a return in the formatter func. I have a PR to fix waiting on @prologic@twtxt.net
iOS 16.7.9, iPadOS 16.7.9, iOS 15.8.3, & iPadOS 15.8.3 Released with Security Fixes
Apple has issued security updates for prior generation iPhone and iPad models that are not compatible with iOS 17.6 and iPadOS 17.6. Specifically, the new updates are versioned as iOS 16.7.9, iPadOS 16.7.9, iOS 15.8.3, and iPadOS 15.8.3, and include important security fixes making them recommended for all users to install onto compatible devices. iOS … [Read More](htt … ⌘ Read more
MacOS Sonoma 14.6 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.6 for Mac users running the Sonoma operating system. The MacOS Sonoma 14.6 software update primarily focuses on bug fixes and security updates for most Macs, however it does include a nice new feature specifically for the 14″ M3 MacBook Pro series allowing that Mac to support two external displays … [Read More](https://osxdaily.com/2024/07/30/macos-sonoma-14-6-u … ⌘ Read more
MacOS Ventura 13.6.8, MacOS Monterey 12.7.6, Safari 17.6 Released with Security Fixes
Apple has released MacOS Ventura 13.6.8 and MacOS Monterey 12.7.6 with important security fixes for Mac users who are running the Ventura and Monterey operating systems. These updates include the same relevant security patches that are available in Sonoma 14.6. Ventura and Monterey users will also find an update for Safari 17.6 as well. Though … [Read More](https:// … ⌘ Read more
MacOS Sonoma 14.6 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.6 for Mac users running the Sonoma operating system. The MacOS Sonoma 14.6 software update primarily focuses on bug fixes and security updates for most Macs, however it does include a nice new feature specifically for the 14″ M3 MacBook Pro series allowing that Mac to support two external displays … [Read More](https://osxdaily.com/2024/07/30/macos-sonoma-14-6-u … ⌘ Read more
Wine Fixes Bugs in Windows 3.1 Software Running on Linux
Including fixes for AOL (seriously!) and 16-bit Civilization 1. A lot of Windows software runs better under Linux than Windows nowadays. ⌘ Read more
iOS 17.6 & iPad 17.6 Released for iPhone & iPad
Apple has issued software updates for iPhone and iPad, versioned as iOS 17.6 and iPadOS 17.6, respectively. The new software updates include bug fixes and security patches, and do not include any new features or changes to the operating systems. iOS 17.6 and iPadOS 17.6 are now the latest final stable builds of operating systems … Read More ⌘ Read more
Gajim: Gajim 1.9.3
Gajim 1.9.3 fixes an issue with the MS Store installer and brings some improvements. Thank you for all your contributions!
If you had issues starting Gajim from the Microsoft Store, Gajim 1.9.3 should fix these issues.
Thanks to our contributors @nicoco and @mesonium, Gajim received some improvements regarding message Displayed Markers and highlight colors. Furthermore, drag and drop for file transfers has b … ⌘ Read more
Updated Beta 4 of iOS 18 & iPadOS 18 Released
Apple has issued updated 4th beta versions for iOS 18 and iPadOS 18. The new build is 22A5316k. It’s unclear what the purpose of the newly released 4th beta build is, but given it’s small size and quick release, it’s reasonable to assume it’s either a bug fix or security patch. If you have already … Read More ⌘ Read more
@stigatle@yarn.stigatle.no Sweet, thank you! I’ve been shooting myself in the foot over here and want to make sure the situation is getting fixed!
↳
In-reply-to
»
Hack of the day: running
⤋ Read More
watch -n 60 rm -rf /tmp/yarn-avatar-* in a tmux because all of a sudden, without warning, yarnd started throwing hundreds of gigabytes of files with names like yarn-avatar-62582554 into /tmp, which filled up the entire disk and started crashing other services.
@prologic@twtxt.net I’m still getting this crap:
abucci@buc:~/yarnd/yarn$ ls -lh /tmp/yarnd-avatar-*
-rw------- 1 abucci abucci 863M Jul 25 14:19 /tmp/yarnd-avatar-1594499680
-rw------- 1 abucci abucci 7.8G Jul 25 14:19 /tmp/yarnd-avatar-2144295337
-rw------- 1 abucci abucci 9.8G Jul 25 14:19 /tmp/yarnd-avatar-2334738193
-rw------- 1 abucci abucci 10G Jul 25 14:14 /tmp/yarnd-avatar-2494107777
-rw------- 1 abucci abucci 9.5G Jul 25 13:59 /tmp/yarnd-avatar-2619243454
-rw------- 1 abucci abucci 11G Jul 25 14:04 /tmp/yarnd-avatar-2922187513
-rw------- 1 abucci abucci 7.5G Jul 25 14:14 /tmp/yarnd-avatar-349775570
-rw------- 1 abucci abucci 10G Jul 25 14:09 /tmp/yarnd-avatar-3640724243
-rw------- 1 abucci abucci 901M Jul 25 14:19 /tmp/yarnd-avatar-3921595598
-rw------- 1 abucci abucci 9.5G Jul 25 13:59 /tmp/yarnd-avatar-609094539
-rw------- 1 abucci abucci 9.3G Jul 25 14:04 /tmp/yarnd-avatar-755173392
-rw------- 1 abucci abucci 7.9G Jul 25 14:09 /tmp/yarnd-avatar-984061000
Something like 100 Gbytes of this junk has accumulated since I updated and re-started the server. I’m now running the latest version of yarnd, so the update did not fix the problem. Something else is going wrong.
How are temporary files growing to 10 Gbytes in size? The name of the file is “yarn-avatar”, but why would avatars be so large?
Gajim: Gajim 1.9.2
Gajim 1.9.2 brings an important OMEMO encryption fix, native notifications on Windows, usability improvements, and many bugfixes. Thank you for all your contributions!
For some versions now, Windows offers a native notification system, including a notification center for unread notifications, notification settings, etc. If you are running Windows 10 (specifically build 10240) or later versions, Gajim will now use these native notifications.
Thanks to our contributor [@nico … ⌘ Read more
ProcessOne: ejabberd 24.02
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– **
DietPi July 2024 News (Version 9.6)
The July 2024 release of DietPi v9.6 introduces new software, enhancements, and bug fixes to enhance user experience and system performance. This update includes the addition of the IRC bouncer software package soju and several improvements across different devices and features. ⌘ Read more
Fix brew Error “The arm64 architecture is required for this software” on Apple Silicon Mac
If you have used Homebrew to try and install a particular package onto an Apple Silicon Mac and you see an error message stating “The arm64 architecture is required for this software” that prevents the installation of the package, you might be surprised by this error message given that you’re using an Apple Silicon Mac … [Read More](https://osx … ⌘ Read more
It seems like I finally fixed a memory leak in GoBlog yesterday, that sometimes made my blog crashing. How? I used Anthropic’s new Claude 3.5 Sonnet to write me a new HTTP compression middleware that compresses HTTP responses using zstd or gzip when possible. I needed to instruct a few changes and modify some code lines as the initial implementation was wrong, but thereafter, it finally seems to work better than my original implementation that probably leaked some objects anywhere. Claude also helped me to write uni … ⌘ Read more
ProcessOne: ejabberd 24.02
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– **!
The Botz library adds to the already rich and extensible Openfire with the ability to create internal user bots.
In this release, compatbility with Openfire 4.8.0 and later has been resolved. Thank you to Sheldon Robinson for helping us fix that!
Download the la … ⌘ Read more
Gajim: Gajim 1.9.1
Gajim 1.9.1 introduces a menu button, adds improvements for Security Labels, and fixes some bugs. Thank you for all your contributions!
Since Gajim 1.9.0, you can toggle Gajim’s main menu bar by pressing Ctrl+M. In order to have a proper replacement for when the menu bar is hidden, we added a menu button to the top left, which contains all of the menu bar’s items.
If you are using Security Labels ( XEP-0258) with Gajim, you ca … ⌘ Read more
Fix “A software update is required to install macOS in a virtual machine” Error on Mac
Some Mac users who are attempting to install MacOS Sequoia beta into a virtual machine may run into an error message that states “A software update is required to install macOS in a virtual machine.” This error message then gives you three button options to “Learn More” (opens a web link), “Not Now” (cancel), or … [Read More](https://osxdaily.com/2024/ … ⌘ Read more
@prologic@twtxt.net Fix works!
How to Fix iPhone “Charging on Hold” Message
The iPhone has an interesting feature that will temporarily prevent the iPhone battery from charging if the iPhone temperature is not at an appropriate level to safely charge. When this happens, you will see a notification on the iPhone screen stating “Charging on Hold – Charging will resume when iPhone returns to normal temperature.” Most … Read More ⌘ Read more
DietPi June 2024 News (Version 9.5)
DietPi June 2024 News (Version 9.5)
The June 2024 release of DietPi v9.5 introduces exciting new features, significant enhancements, and bug fixes to ensure a more robust and streamlined experience for users of various single-board computers. This version includes the introduction of a new software package, Forgejo, alongside updates tailored to enhance compatibility and performance. ⌘ Read more
sysmond on Mac Using High CPU? Here’s the Likely Reason & How to Fix It
sysmond, which as you may have surmised from the process name, is short for System Monitor Daemon, is part of Activity Monitor. Thus, if you use Activity Monitor to keep a watch on your Mac system resources, processes, CPU usage, Energy use, Disk, Network, and critical to our discussion here – Memory usage, you may … Read More ⌘ Read more
just pushed a quick fix… let me know if it is still dorked up! thanks for calling it out, too!
iOS 17.5.1 & iPadOS 17.5.1 Update Released to Fix Reappearing Deleted Photos Bug
Apple has released a small bug fix update for iPhone and iPad versioned as iOS 17.5.1 and iPadOS 17.5.1. The update specifically aims to fix a very strange bug where deleted photos would randomly reappear on some users devices. Sometimes the photos that reappeared on user devices were deleted many years prior, raising serious questions … [Read More](https://osxdaily.com/ … ⌘ Read more
MacOS Ventura 13.6.7 & macOS Monterey 12.7.5 Updates Available
macOS Ventura 13.6.7, macOS Monterey 12.7.5, and Safari 17.5 are now available as software updates for Mac users who are not running the macOS Sonoma operating system and the just released MacOS Sonoma 14.5 update. macOS Ventura 13.6.7, macOS Monterey 12.7.5, and Safari 17.5 focus on security fixes and are not expected to include any … [Read More](https://osxdaily.com/2024/05/14/macos-ventura-13-6-7-macos- … ⌘ Read more
MacOS Ventura 13.6.7 & macOS Monterey 12.7.5 Updates Available
macOS Ventura 13.6.7 and macOS Monterey 12.7.5 are now available as software updates for Mac users who are not running the macOS Sonoma operating system and the just released MacOS Sonoma 14.5 update. macOS Ventura 13.6.7 and macOS Monterey 12.7.5 focus on security fixes and are not expected to include any significant changes, bug fixes, … [Read More](https://osxdaily.com/2024/05/14/macos-ventura-13-6-7-ma … ⌘ Read more
iOS 16.7.8 & iPadOS 16.7.8 Updates for Older iPhones & iPads Available
Alongside iOS 17.5 and iPadOS 17.5, Apple has also released iOS 16.7.8 and iPadOS 16.7.8 updates for older model iPhone and iPads. iOS 16.7.8 and iPadOS 16.7.8 include security fixes and do not appear to have any other changes. iOS 16.7.8 and iPadOS 16.7.8 are available for iPhone 8, iPhone 8 Plus, iPhone X, iPad … [Read More](https://osxdaily.com/2024/05/14/ios-16-7-8-ipados-16-7-8-upda … ⌘ Read more
DietPi May 2024 News (Version 9.4)
DietPi May 2024 News (Version 9.4)
The May, 2024 release of DietPi v9.4 brings several enhancements, new system images, and crucial bug fixes, ensuring a more stable and efficient experience for users of various single-board computers. ⌘ Read more
iOS 17.5 & iPadOS 17.5 Updates Released with Bug Fixes
iOS 17.5 for iPhone, and iPadOS 17.5 for iPad, have been released by Apple. The new software updates are available with bug fixes, security enhancements, enhancements to Apple News, and a new Pride Radiance wallpaper from Apple to celebrate the LGBTQIA2S++ communities for Pride month. Separately, updates are also available for watchOS 10.5, tvOS 17.5, … [Read More](https://osxdaily.com/2024/05/13/ios-17-5-ipados-17-5-update-download … ⌘ Read more