sneakyninjapants @ sneakyninjapants @sh.itjust.works

Posts

0

Comments

95

Joined

2 yr. ago

Telegram's server side software is closed source, owned and ran by them exclusively so they really have no room to talk. WhatsApp doesn't even have OSS clients so they're even worse in that regard

Here's one I have saved in my shell aliases.

    
nscript() {
    local name="${1:-nscript-$(printf '%s' $(echo "$RANDOM" | md5sum) | cut -c 1-10)}"
    echo -e "#!/usr/bin/env bash\n#set -Eeuxo pipefail\nset -e" > ./"$name".sh && chmod +x ./"$name".sh && hx ./"$name".sh
}
alias nsh='nscript'

  

Admittedly much more complicated than necessary, but it's pretty full featured. first line constructs a filename for the new script from a generated 10 character random hash and prepends "nscript" and a user provided name.

The second line writes out the shebang and a few oft used bash flags, makes the file executable and opens in in my editor (Helix in my case).

The third line is just a shortened alias for the function.

Thanks for the correction. A full month is much more problematic.

Thanks, SUSE completely slipped my mind

How does the xz incident impacts the average user ?

It doesn't.

Average person:

• not running Debian sid, Fedora nightly, Arch, OpenSUSE Tumbleweed, or tbh any flavour of Linux. (Arch reportedly unafffected)
• ssh service not exposed publicly

The malicious code was discovered within a day or two a month of upload iirc and presumably very few people were affected by this. There's more to it but it's technical and not directly relevant to your question.

For the average person it has no practical impact. For those involved with or interested in software supply chain security, it's a big deal.

Edit:
Corrections:

• OpenSUSE Tumbleweed was affected; Arch received malicious package but due to how it is implemented did not result in compromised SSH service.
• Affected package was out in the wild for about a month, suggesting many more affected systems before malicious package was discovered and rolled back.

Seems he's revealing that he is either Bruce Wayne or Bane. As they're the only two to ever escape from the pit; historically speaking.

Probably not exactly what you're looking for, but for my personal use I just set up a repo in my git forge (gitea in my case) with a bunch of markdown files in various folders and a Hugo theme.

Every time I want to update a document I can click the link at the bottom of the "Wiki" page and edit it in Gitea's WYSIWYG editor. Similar process if I want to make a new document. When I save the changes I have a CI job (native to Gitea/Github) that uses Hugo to build the markdown docs into a full website and sync it to a folder on one of my servers where it's picked up by a web server.

Sounds complicated when I type it all out, but the only thing that I can reasonably expect to be a deal breaker is the Hugo software, of which there are archived versions, and even if there wasn't Hugo's input is just markdown, so I can repurpose however I see fit.

You could probably do something similar with other SSG's or even use Github's pages feature, though that does add a failure point if/when they decide to sunset or monetize the feature.

I have a few mechanical keyboard projects that I need to print cases for and a chassis for a compact NAS build that I'm almost done tweaking and need to print eventually. Just functional stuff really

It's because the original image macro that this is based on was about piracy, saying something along the lines of "I bring a certain 'just torrent it' vibe to the conversion that the riaa just doesn't like."

Their reuse of the macro is indirectly an answer or a continuation of it that can be seen as acknowledging the original message.

In addition to the ones listed:

• Matrix client (Element, Shildichat, Fluffy chat, etc.)
• XMPP client (Conversations, Monocles Chat, Blabber, etc.)
• SimpleX Chat
• Briar

None of them are tied to your phone number if that's what you mean by non voip.

Tried ElementX but ran into issues while getting it working with a selfhosted matrix server. After setting up dendrite (matrix server) and sliding-sync server (asynchronous message history syncing; which it requires) I still wasn't able to get past the initial sync screen. Are you hosting your own matrix server, did you use it with a public server, or have you not tried using it yet?

I see now, that makes sense why you are building the image since it was set up that way. I don't know why projects set up the compose file to build the image when they already have a publicly available image to use; it just creates unnecessary friction for people who just want to test out the software. Anyway, using that image should work for you, but feel free to ask if you run into any issues.

Why are you building the image yourself? Not that there's a problem with that necessarily, but it seems a bit wasteful of your resources unless you have a specific reason to do so. There's a docker image (quay.io/invidious/invidious:latest) built by the developers that gets updated pretty frequently. I've been using it for years now and it's been working perfectly fine for me the whole time.

Even if you need something just once, just install it and then uninstall it, takes like 10 seconds.

    
apt install foo && apt remove foo


  

That's essentially what nix-shell -p does. Not a special feature of nix, just nix's way of doing the above.

Actually using it though is pretty convenient; it disappears on its own when I exit the shell. I used it just the other day with nix-shell -p ventoy to install ventoy onto an ssd, I may not need that program again for years. Just used it with audible-cli to download my library and strip the DRM with ffmpeg. Probably won't be needing that for a while either.

The other thing to keep in mind is that since Nix is meant to be declarative, everything goes in a config file, which screams semi-permenant. Having to do that with ventoy and audible-cli would just be pretty inconvenient. That's why it exists; due to how Nix is, you need a subcommand for temporary one-off operations.

They did. Its called airmessage. Has been around for almost 3 years now

Ah you're probably right about the mobile clients. I'm not a mobile watcher really. I can say though that the jellyfin desktop app and jellyfin mpv shim both have skip-intro integration, though I've only tested it with jellyfin MPV shim.

Skip-intro is an unofficial plugin ATM but can vouch that it works decently well. Can't compare it to the Plex implementation since it has been quite a while since I've had Plex deployed.

Just this one https://wallhaven.cc/w/2y2wg6

Have it hard-coded in my config so I'm less likely to faff around with my wallpaper instead of doing something productive. Less cognitive load IMO

East of the West

Wow thanks for mentioning this! I just got the first chapter and it looks to be amazing! I don't know if it's just Image comics style in general or not but the art style reminds me strongly of Brian K. Vaughan and Fiona Staples's Saga as well.

12