Komunitas
feddit.de
Driven through me as Lead Developer, we’ve adopted a Conventional Commits style using convco for conformance check and changelog/release note generating (customized template). feat(auth): Introduce configurable permissions (ticketref) (!MR) We’ve extended allowed/used types of fix and feat to include docs, test, refac, and misc. We explicitly decided against types like @CodeSupreme linked like style, perf, build, ci, chore, revert. Slim number of types has value. build, ci are scoped to misc(proj) or misc(ci). Reverts are of the original type or misc chores with impact - not a disconnected separate type - and indicated in the commit title. We develop in branches, and are free to be messy until we found and implemented a solution at which point we clean up commits to an intentional, documented changeset (using Git interactive rebase with squashing etc). We use a semi-linear history, so once a changeset is approved we rebase and merge with a merge commit - so we only have at most one merged parallel branch in the history tree. The generated changelog only considers merge commits - where the changeset is documented as a whole (same title and description as the merge/review request).
Komunitas
lemmy.dbzer0.com
Unless I’m the one misunderstanding, they aren’t opening a bunch of communities, they’re a mod of [email protected], where they make posts alerting users that new communities have been created. Their posts look weird because they’re using a template that grabs the post title from the community description, so if it says something strange then their post will too, but those aren’t their communities.
Komunitas
lemmy.blackeco.com
So, here’s something that might work. I tested it on my local machine, up to Caddy but without HTTPS, but I’m confident it’ll work once deployed on a server. Prerequisites: Server with Docker and docker-compose installed Ports 80 and 443 open and directed at your server A domain name pointing to your server Setup First, create a folder and download the following files: docker-compose.yml lemmy.hjson nginx_internal.conf and rename it to nginx.conf Then, generate passwords for PostgreSQL and your admin user, store them somewhere safe. Config changes lemmy.hjson You’ll want to change the admin_username, admin_password and site_name to match your primary user’s credentials and the name you want to give your instance. Then, change hostname to match your domain name: if it is sub.domain.tld then it should read hostname: "sub.domain.tld". The base config file does not have proper configuration for the database, so you’ll have to edit the database field as follows with the password you previously created: database: { host: postgres database: "lemmy" user: "lemmy" password: "POSTGRES_PWD" # Change for your password } Additionally, if you want to send emails for registration confirmation and password resets, add the following before the closing } and change to match your email provider configuration. email: { # Hostname and port of the smtp server smtp_server: "SMTP_SERVER" # Login name for smtp server smtp_login: "SMTP_LOGIN" # Password to login to the smtp server smtp_password: "SMTP_PASSWORD" # Address to send emails from, eg "[email protected]" smtp_from_address: "SMTP_LOGIN" # Whether or not smtp connections should use tls. Can be none, tls, or starttls tls_type: "starttls" } docker-compose.yml By default the compose file is meant to build a development version of Lemmy, we will change this by removing the blocks with build and uncomment those with image. Note: think to update the images to 0.18.2 since it fixes some vulnerabilities. Also, since we will use a reverse proxy and I don’t now if your server has a firewall, we should remove the ports blocks which are used to expose the services’ ports on the host. Finally, make sure to change the POSTGRES_PASSWORD field to match the PostgreSQL password you set in lemmy.hjson. It should look something like that: version: "3.7" x-logging: &default-logging driver: "json-file" options: max-size: "50m" max-file: "4" services: proxy: image: nginx:1-alpine volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro,Z restart: always depends_on: - pictrs - lemmy-ui logging: *default-logging lemmy: # use "image" to pull down an already compiled lemmy. make sure to comment out "build". image: dessalines/lemmy:0.18.2 # platform: linux/x86_64 # no arm64 support. uncomment platform if using m1. # use "build" to build your local lemmy server image for development. make sure to comment out "image". # run: docker compose up --build # this hostname is used in nginx reverse proxy and also for lemmy ui to connect to the backend, do not change hostname: lemmy restart: always environment: - RUST_LOG="warn,lemmy_server=debug,lemmy_api=debug,lemmy_api_common=debug,lemmy_api_crud=debug,lemmy_apub=debug,lemmy_db_schema=debug,lemmy_db_views=debug,lemmy_db_views_actor=debug,lemmy_db_views_moderator=debug,lemmy_routes=debug,lemmy_utils=debug,lemmy_websocket=debug" - RUST_BACKTRACE=full volumes: - ./lemmy.hjson:/config/config.hjson:Z depends_on: - postgres - pictrs logging: *default-logging lemmy-ui: # use "image" to pull down an already compiled lemmy-ui. make sure to comment out "build". image: dessalines/lemmy-ui:0.18.2 # platform: linux/x86_64 # no arm64 support. uncomment platform if using m1. # use "build" to build your local lemmy ui image for development. make sure to comment out "image". # run: docker compose up --build # build: # context: ../../lemmy-ui # assuming lemmy-ui is cloned besides lemmy directory # dockerfile: dev.dockerfile environment: # this needs to match the hostname defined in the lemmy service - LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536 # set the outside hostname here - LEMMY_UI_LEMMY_EXTERNAL_HOST=localhost:1236 - LEMMY_UI_HTTPS=false - LEMMY_UI_DEBUG=true depends_on: - lemmy restart: always logging: *default-logging init: true pictrs: image: asonix/pictrs:0.4.0-beta.19 # this needs to match the pictrs url in lemmy.hjson hostname: pictrs # we can set options to pictrs like this, here we set max. image size and forced format for conversion # entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp environment: - PICTRS_OPENTELEMETRY_URL=http://otel:4137 - PICTRS__API_KEY=API_KEY - RUST_LOG=debug - RUST_BACKTRACE=full - PICTRS__MEDIA__VIDEO_CODEC=vp9 - PICTRS__MEDIA__GIF__MAX_WIDTH=256 - PICTRS__MEDIA__GIF__MAX_HEIGHT=256 - PICTRS__MEDIA__GIF__MAX_AREA=65536 - PICTRS__MEDIA__GIF__MAX_FRAME_COUNT=400 user: 991:991 volumes: - ./volumes/pictrs:/mnt:Z restart: always logging: *default-logging postgres: image: postgres:15-alpine # this needs to match the database host in lemmy.hson # Tune your settings via # https://pgtune.leopard.in.ua/#/ # You can use this technique to add them here # https://stackoverflow.com/a/30850095/1655478 hostname: postgres command: [ "postgres", "-c", "session_preload_libraries=auto_explain", "-c", "auto_explain.log_min_duration=5ms", "-c", "auto_explain.log_analyze=true", "-c", "track_activity_query_size=1048576", ] environment: - POSTGRES_USER=lemmy - POSTGRES_PASSWORD=password # Change with your password - POSTGRES_DB=lemmy volumes: - ./volumes/postgres:/var/lib/postgresql/data:Z restart: always logging: *default-logging Reverse-proxy For the final touch, we are going to setup Caddy, a reverse proxy with HTTPS support out of the box. You could use pretty much any reverse proxy you want, but I chose Caddy for its easy setup. First, create a file nammed Caddyfile and write the following in it: sub.domain.tld { reverse_proxy http://proxy:1236 } Make sure to match your actual domain name. Finally, update the docker-compose.yml file to add the following at the end (make sure that it’s correctly tabulated) caddy: image: caddy:2.6.4 restart: unless-stopped ports: - "80:80" - "443:443" - "443:443/udp" depends_on: - proxy volumes: - ./Caddyfile:/etc/caddy/Caddyfile:ro - caddy_data:/data - caddy_config:/config volumes: caddy_data: caddy_config: Launching the instance Before starting the stack, we have a few things left to do: Create the folders for pictrs and postgres to store their data: mkdir -p volumes/postgres volumes/pictrs Change the owner of volumes/pictrs: sudo chown -R 991:991 pictrs Finally, to start everything: docker compose up -d
Komunitas
lemmy.world
Hmm, it’s hard to say whether this should be expected behavior. I think messing with the innerHTML/innerText/textContent of a ‘templated’ HTML node is currently undefined/unspecified behavior unless someone has strong opinions that they can defend here. Are there use cases that you can point to, which point to a desirable behavior here? Or anything that points to clearly-wrong behavior? In any case, I’ve added it to https://perchance.org/known-bugs as something to think about
Komunitas
lemmy.ml
So how do I to install flatpaks? (Install flatpak CLI in the template and use it on the qube?) When I’m doing a Kali template it doesn’t give me all the apps that are present in Kali. And if I want to use Parrot? Or setting a vulnerable system, what is the way of doing VMs in Qube? Do we need to install Qemu on top or using the default system is okay?
Komunitas
slrpnk.net
You still have to give the exec permission to the appimage. True, but this only prevents against stuff executing itself. Mandatory access controls and sandboxes only protect the core system. Like installing packages with root. You put things there privileged, so you know what you run comes from a protected area. Running things from random directories (like ~/Applications which AppimagePool uses) destroys that. Suddenly you rely on an executable home dir, which means any regular software (including appimages which are nearly impossible to sandbox) can write to the area where your programs are. That concept is so broken that it needs to go. I am against flatpak install --user for that reason, because no program should come from an unprivileged directory. The issue especially is if it doesnt follow standards. ~/.local/bin is a standard, and with SELinux confined users you may be able to protect that directory. But random ones like ~/Applications that dont follow any standards, will not work. Maybe no context menu depending on what you mean exactly The “open with” and “create new” things. Actually, Flatpaks cannot create “create new” entries too. I am currently experimenting with these, as it sucks to not be able to “create new Libreoffice writer document”. And the xdg-templates directory doesnt do anything lol, you still need desktop entries. but the rest are fully possible and I do it on a regular basics The concept of an installer is that the app does that on its own. That is pretty bad and the kind of Windows crap we absolutely dont want. But on good operating systems, a privileged package manager does all that. Puts the stuff where it belongs. Flatpak for example links the desktop entry that the app itself contains in a sandboxed directory, to the export directory where the OS sees it. And some portal or whatever deals with the “standard apps” stuff, like that Okular Flatpak will be shown to support opening PDFs. If apps do this on their own that means a single app can mess up your entire system, also malicious. Appimage may have tools, I only tried AppimagePool for curiosity and the experience was pretty bad and incomplete. But the issue is that they were just thrown out there, “here devs, do the same shit you do on Windows, it is totally normal for people to double click an executable, not have any sandboxing, deal with updates on their own, dont have any cryptographic verification, …”. And only afterwards came the managers, the daemons, which cover a part of it. They (could) solve: being privileged, placing apps in not user-writable directories having access to integration locations, that apps should never touch downloading from defined, maintained locations (instead of letting people click on random internet malware ads) running in the background, notifying about updates centrally managing these updates verifying signatures before allowing updates doing the actual update process (instead of deleting a file and placing a new one) And they often dont even do that. There are no signatures, as devs were never told “either you add a signature, or people will not install your app”. So there is zero verification But they dont solve the core issues that are: devs were told they dont need to care about… creating metadata creating a real repository signing their apps using a standardized build system transparently declaring used dependencies (i.e. using a given set of them), thus deduplicating them going through a review process being affected when dependencies are end of life declaring opt-in permissions, so users know if the app is insecure (appimages are impossible to sandbox with bubblewrap, and hard with firejail (which is a setuid binary and had security issues), dont know about nsjail, crabjail, minijail or others) Flatpak is similar to Android. On Android you still have a package manager but the APKs are signed individually, updates just allowed if the signatures match. So you can sideload how you want, it is still secure. And using Obtainium, which is kind of like an AppimagePool, you can get all the apps from independend developers. But they were told they need to follow all these rules, Appimage developers can do whatever they want. Sorry that was long. I see you haven’t changed one bit. Regarding what? XD
Komunitas
kbin.social
Here’s the template! Made it from a screen grab of a video of Fritz from the Cincinnati zoo.
Komunitas
slrpnk.net
With this bat house all the pieces need to be stained, so I had to fabricate all the individual parts first, before I could start assembly (sometimes I make the parts as I go). I started by finding plywood in the specific thicknesses, 1/2 inch and 3/8ths inch. Because I was working with old scrap, I found the straightest sides and measured everything from there. I like to measure six or more different points, use my level as a straight edge to draw the line, check that it’s square, then measure to a couple different spots on that line to make sure it’s in the correct spot. A friend I helped with a project jokingly rewrote the saying as measure twice, cut never, never stop measuring. I used the skillsaw to cut the plywood pieces to size, making sure to keep the blade on the outside of my lines. You could do this with a hand saw but it would take awhile. I then measured the pieces to make sure they were correct. I measured 3" in from the top and sides of the baffles and drew lines parallel to the top and sides. Then I used thos to figure out how to position 1 1/2" diameter circles so their tops and sides were 3" from the edges. I used a hole saw (add that to the list) and the drill press to cut passage holes through the baffles. You can use a hole saw with a screw gun but they holesaws have a lot more friction and leverage so they have a lot more torque than a regular drill bit. That means if they catch hard and don’t want to cut, the screw gun or work can try to spin instead. Using a drill press eliminates one option and gives me better leverage to hold the work by. Next I used the Dremel to cut slots into the plywood for the bats to climb. Later on, I used the skillsaw with the blade mostly retracted instead. Either one seemed fine. You could use a table saw for the same task. Without those, I think you’d have to use a knife or try to score it with a hand saw which would be difficult. This step took a lot of time, you need to do both sides of the baffles, and the inside of the front and back. Next I started the spacers between the baffles. I ignored the instructions to cut a good board lengthwise and just dug up lots of small scraps and sanded them on the belt sander until they were 3/4" on at least one direction (which would be the distance between the baffles). I didn’t worry about getting the length right yet, just made sure there was enough for when I did assembly. To fabricate the two sides, I found a pine board that was the correct width, measured out the angle I think using a little angle measure thing I found in a free stuff pile (you could use a protractor or printed paper template) and cut the diagonal which would become the top using a hand saw. I also cut one horizontally to bring the length down so they matched. I always try to check each board and identify the worst spots so I can put them in the part that gets cut off, if possible. I ran it through a laser cutter at a makerspace for fun, but thats not necessary. Then I cut the side vents. I used a hand saw to cut the horizontal parts of the cutout (the top and bottom), then used a band saw to cut in diagonally from one, curving to level out along what would become the vertical part of the cutout. Then I repeated the process going the other way to get a nice rectangular cutout. You could also do this part using a hand saw to cut lots and lots of horizontal cuts, forming thin fins you can snap off to remove them. Or you could cut the top and bottom with the hand saw and use the Dremel with a cutting wheel to cut the vertical. I cut the roof to length with a hand saw. I stained everything on the inside of the house with water-based stain. Normally I use oil based stain, I think it works better, but it offgasses fumes for awhile and that would be bad for the bats. Normally I put stain on using paper towels, old takeout napkins, etc, but with all the slots cut, I found it was easier to use a brush. Normally I save my brushes for urethane (a friend would grind her teeth if she heard this whole process) because I don’t like cleaning them, but with water based stains they clean up with soap and water. Definitely easier for a beginner. So I guess add paint brushes to the list too. I did the outside with oil-based stain using my usual method. The actual assembly was fairly quick, kind of like building something from a kit because I didn’t have to stop and fabricate parts too much. I stood the two sides on the table, one front-up one front-down. The front-down one I laid a thin line of caulking on. Then took the back plate, faced it front-down, and I lined it up with that edge lined up well with the front-down side. I pre-drilled a hole, changed bits, chamfered the hole using the but, and drove in a screw. I repeated that process down that side. Then I flipped the other side, caulked the back, lined it up, and repeated the process. That was the hard part, especially working solo, trying to keep everything balanced. I flipped it over, put the front plate on to check the fit, and noticed that the sides were angled outwards and wouldn’t have a good fit for the front plate. I grabbed a bar clamp and squeezed them together so until they lined up correctly. Then the fun part. I added some spacers along the inside of the walls, trying to get the best use of the available length. I cut them as necessary and used short screws to attach them to the back. Then I dropped in a baffle, screwed it to the spacers. Picked and cut more spacers, attached them. The next baffle didn’t fit well so I used the belt sander to sand one edge and make it fit. If I hadn’t, it would have caused the sides to spread, and would have acted as a fulcrum if I tried to pull the sides together later. Once it fit I screwed it in place. More spacers, next baffle for a test fit. This one seemed bowed, it didn’t leave enough space for the bats to go between it and the front, so I sanded down the spacers a bit, until it seemed good. Then I put those together. Then I put the front plate on. I actually had to clamp it more to get a good fit because it the sides had still spread. I screwed one side to the front so they lined up well, used the clamps to pull the sides together, and screwed the front to the other side. Then I did the lower front panel the same way.
Komunitas
programming.dev
If it’s one of those things to try to make it easier for the technically challenged but ends up making more advanced techniques difficult or impossible I’m not a fan. In my opinion, the issue in this post is an outlier (although a surprisingly bad one). My experience with blocks (or the “Gutenberg editor”) has only been in creating custom blocks, I can’t speak for using built-in blocks or blocks bundled in plugins. With this context in mind, I’ve really liked this new editor used in conjunction with the “Advanced Custom Fields” plugin. And you can still use those old page builders like Visual Composer/WP Bakery (which I hate) or create templates yourself for each page, this is just another tool. I haven’t dived into it enough yet to see what purpose it serves or problems it aims to solve. I know of a project which is a good example. Very large website, but most of their content is written by non-technical people (regarding the web). They have a small team which makes custom blocks and dictates how they are used by other people when posting new content. I think using blocks helped them to maintain and improve a cohesive design even with so many people editing the website and after considerable years. I wasn’t convinced that trying to take a more advanced product like WordPress and dumbing it down for non-technical use cases was the best idea In that regard I reckon this is a step in the right direction for the WordPress ecosystem (but again, my experience is limited).
Komunitas
lemmy.sdf.org
Shamelessly stolen from the HN thread: Don’t just comment and complain, contact your antitrust authority today: US: https://www.ftc.gov/enforcement/report-antitrust-violation [email protected] EU: https://competition-policy.ec.europa.eu/antitrust/contact_en [email protected] UK: https://www.gov.uk/guidance/tell-the-cma-about-a-competition… [email protected] India: https://www.cci.gov.in/antitrust/ https://www.cci.gov.in/filing/atd Email template: I would like to bring your attention to Google’s recent proposal to add a feature to its Chrome (Chromium family) of browsers called Web Environment Integrity. This provides a mechanism to reinforce Google’s already dominant browser market position by creating a technological control that can be used to nullify a user’s choice of browser, device and operating system. This technology also has the potential for abuse by preventing users from using browser extensions that can enhance security by blocking unwanted and potentially malicious content, as well as browser extensions that help vulnerable users with enhanced accessibility needs, such as color blindness and visual impairment. Google’s dominant, near-monopoly position in the browser market already harms me as a consumer by reducing browser choices and preventing a competitive market for developing new browsers. Allowing Google to include this feature will reduce my browser choices and consolidate the browser market even further, and it is incumbent on [INSERT AUTHORITY HERE] to take action against this abusive behavior.