hello

  • 46 Posts
  • 43 Comments
Joined vor einem Jahr
cake
Cake day: Jan. 17, 2022

help-circle
rss

My mnemonic is that the higher-level more user-friendly tool (adduser), which is usually the one I want to use, is the one with the more grammatically correct name.


I wish I could see a list of what I have upvoted and downvoted myself. The fact that admins of lemmy (and other AP-compatible) instances can but I can’t is pretty irritating.


It looks to me like both lemmy and lemmygrad are using very similar LetsEncrypt certificates, so I don’t see why any browser would trust one and not the other. Perhaps someone is actually performing an MITM attack?

Probably unrelated, but I just noticed that all .ml domains are currently failing to resolve via google’s 8.8.8.8 including the registrar’s root servers ({a,b,c,d}.ns.ml., which I currently see as 185.21.1{68..71}.1 via cloudflare’s 1.1.1.1 and another server I tried).

Everything else I’ve tried is working; just google is not resolving anything under .ml. ()


via imgur, the above are all non-rectangular alpha-transparency-having themes (or “faces”) used by Panic’s Audion from 1999 to 2004.

There is a sad story about how it almost became iTunes, but because the developers were already in talks with AOL they tried to invite AOL to their Apple meeting and… apparently AOL couldn’t fit it in their busy schedule, so, iTunes was instead based on an inferior player distributed by Casady & Greene called SoundJam which looked like this:

edit: TIL that in 2021 Panic released a stripped-down version of Audion for modern macOS to view these faces”. Unfortunately all of the screenshots in the linked directory appear to be 404 now, but the faces themselves do appear to be downloadable. (Also unfortunately, there still doesn’t appear to be a player that can use them without running a proprietary OS…)



 
fedilink
33


alternative automated plagiarism engine?


howto avoid using npm?
cross-posted from: https://lemmy.ml/post/718565 > I'm writing some javascript (for the web) for the first time in a long time and I am realizing that I would be well served by using a bit of tooling like eslint and standardjs. > > I am reluctantly willing to `apt install nodejs` but I am not willing to use `npm` because of my impression that it is a fractal of yolo `curl | bash` philosophy which will randomly install and automatically run malware or indistinguishable-from-malware garbage I don't want. > > So, my question is: how can I install things like [standardjs](https://standardjs.com/) without using npm? > > Please do not tell me that I should just use npm.
fedilink

cross-posted from: https://feddit.it/post/107967 > Here is the paper: https://arxiv.org/abs/2209.06909 > > Here is tbe code: https://github.com/sebawild/powersort
fedilink




src https://nitter.net/ayko2718/status/1597432454070956032
fedilink
12



the server software is non-free. iiuc it would be easy enough to reverse engineer the protocol from the client software (which is free software) but (last I checked, anyway) the server URLs are not configurable so you would actually need to patch and recompile the client to use a different server.


I’m certainly not recommending snaps, but, it is important to acknowledge the problem they’re trying to solve. “The debian model” means using years-old versions of everything, having a single set of dependency versions every program must share, and giving every package’s control scripts root access while you install it. This paradigm made sense when it was developed 25 years ago but it is far from ideal today.

i still ♥ Debian but there are tons of things I need to use which I can only get from somewhere else, so, “the Debian model” for me nowadays means a stable base system and then lots of software from other distributors (sometimes flatpak or appimage, but also a lot of podman containers of various distros).

What I am almost never willing to do is use 3rd party entries in my apt sources.list file on an actual host system (though I do in containers when necessary) - down that path lies madness.


yeah, I am aware, and I do actually think the xdg portal stuff is generally a good idea for a lot of programs… but the way it works right now sacrifices a lot of usability and doesn’t gain much security.

passing files given as commandline arguments seems like an easy problem to solve, but the linked file situation with SVG is much harder (probably requires a whole new flow for xdg portals where a program can request access to a bunch of files and prompt the user once to allow access to all of them). in the absence of any solution, imo it is silly that they’re shipping inkscape as a snap with strict confinement today.


I’m unsurprised to see lots of good reasons here why not to use them already, and none for why anyone does :)

I imagine the vast majority of snap users are using them only because Ubuntu ships a few things (like firefox) as snaps by default now.

I tried the Inkscape snap recently on an ubuntu system where i needed the latest release, and found that due to its sandboxing security theater (last I heard it is still not difficult break out…) it is impossible to open files from the commandline. And, even worse, when you use the Open command from File menu, it just passes the one file you selected in to the sandbox, so, when you open a file which has references to other files (which is not uncommon with SVG) it is not able to load them! So, I ended up using Inkscape’s AppImage instead.



Friendica-Lemmy federation question
cross-posted from: https://lemmy.ml/post/607806 > This profile: https://forum.friendi.ca/profile/helpers > > Appears on lemmy as a remote community here: https://lemmy.ml/c/helpers@forum.friendi.ca > > ...which i found interesting because so far I've only seen lemmy be able to support remotely subscribing to peertube channels (and remote lemmy communities). > > However, when I put another friendica profile URL like https://forum.friendi.ca/profile/news in to the lemmy search box, it federates it as a remote user instead of a community: https://lemmy.ml/u/news@forum.friendi.ca > > Can anyone explain what is going on here? cc [@nutomic@lemmy.ml](https://lemmy.ml/u/nutomic) [@dessalines@lemmy.ml](https://lemmy.ml/u/dessalines)
fedilink

you could setup a bot to follow your own pixelfed from your mastodon and repeat every post. but, why? if you instead only post your photos to pixelfed and other stuff to mastodon, people get the choice of following either your photos OR your links and microblog posts (as we used to call them over a decade ago when the fediverse was called the federated social web) OR they can follow both. and that way, when someone on friendica or another mastodon replies to your pixelfed post, pixelfed-only users can see their reply, right? (i don’t know, i haven’t actually used pixelfed…)

the feature you’re looking for is called “cross-posting”, and there are many tools that do it, but this is an inferior stopgap solution to the problem of lack of interoperability in the incumbent platforms… which activitypub is attempting to provide a better solution for.

another downside to cross-posting is the lack of deduplication: if i want to just use one thing and follow your mastodon but i also want to see the comments on your pixelfed, i might end up following both and then seeing all of your posts twice.

(NB activitypub is also a technically lacking architecture in many ways… but it is better than cross-posting)

tldr you can post on your mastodon (and/or put in your profile there) “you can also follow my pixelfed (probably using whatever you’re using to read this) if you want to see my photos too”.


The Single Board Computer Database, a comparison website for SBCs and SOMs (formerly known as Board-DB), has relaunched!
cross-posted from: https://lemmy.ml/post/604087 > cross-posted from: https://lemmy.ml/post/604086 > > > Thanks to [@MartijnBraam](https://lemmy.ml/u/MartijnBraam): https://blog.brixit.nl/finding-an-sbc/
fedilink




GPA. GNU Privacy assistant.

what makes you pick this, of all programs? just because it hasn’t had a release in four years?

Skimming the commit log one can see it certainly has had some bugs, and given that it is written in C it is reasonable to assume it has had some security-relevant ones. (eg, i’m not certain but this commit from a few months prior to the latest release looks like it could be fixing an actually exploitable bug?)

Currently there are 13 commits newer than the latest release. From a quick glance none appear to be obviously fixing security bugs (i guess there will be a new release when they next find some) but there are actually as-yet unreleased commits there fixing bugs… such as this one, made two days after the last release, which fixes searching being left-anchored.


in what way(s) specifically do you think he objects to the unix philosophy?

have you read his rebuttal to that claim (point #10 here)?

(disclaimer: i am using systemd on some, but not all, of my gnu/linux systems today… and after years of finding it irritating I am actually coming around to appreciate it.)


i don’t see why the concept of building immutable images using existing distro packages and tools shouldn’t apply equally well to nixos and guix as it does to deb and rpm distros.


the gulf between what should be and what is can be quite large. can you name any software you use which you think is likely to be bug free and/or unlikely to need any updates in the next few years?

but anyway, the discussion was about operating systems


minimal software once corrected to a reasonable extent becomes completely bug free

lmao, [citation needed] - what in the desktop OS space is sufficiently minimal to be “completely bug free”?



imo the author cuts framework too much slack here. there are lots of laptops sold with linux preinstalled and/or certified to have complete hardware compatibility with linux these days; vendors like purism, system76, star labs, and even the giants like lenovo, dell, and HP ship linux-certified laptops now. why can’t framework?!



[what's new](https://docs.python.org/3.11/whatsnew/3.11.html#what-s-new-in-python-3-11)
fedilink




On a computer that is online, you can say apt install --download-only foo to download (and not actually install) the .deb files for foo and its dependencies to the directory /var/cache/apt/archives/. You can then copy them from the online computer to the offline computer, and install them with dpkg -i *deb (assuming the debs are in your current working directory). Note however that apt on the online computer will only download dependencies which aren’t already installed. To force re-downloading of a specific package which is already installed, you can say apt install --reinstall --download-only foo.

Instead of downloading with apt install --download-only you could also find the download paths for individual .deb packages using https://packages.debian.org/foo and then download them using a browser.

You could also copy the contents of /var/lib/apt/lists/ (after running apt update) and the contents of /var/cache/apt/archives/ both to the corresponding locations on the offline computer and, if your sources.list files have the same entries, then you can offline install the things you’ve put in the cache folder using apt instead of dpkg.

Or, if you have lots of disk space, you can create an offline mirror of all (or some) of debian and point your sources.list file at a local file:/// source and then you can use apt like normal but completely offline.