teleclimber

teleclimber, 2 months ago to random

I've seen a lot of hot takes this weekend about the #xz hack. Most are about how it was a long effort and how it's a supply chain problem, etc... Many are god takes. But...

One thing I haven't seen a single time is: why is a compression library able to hook in to incoming SSH connections?

Is there not a system to sandbox linked libraries? And if not, wouldn't this be worth investigating?

WASM and JS Realms are showing the way here.

teleclimber, 2 months ago to node

Announcement post for #Deno 1.42 talks about Deno 2 as "long anticipated, many times delayed". No kidding!

Still I really appreciate the "DENO_FUTURE=1" env var that removes the deprecated APIs so you can test your code ahead of even a preview release. Nice touch @deno_land .

I just did some prep work for V2 in #Dropserver so I'll def give that a shot. I wonder if they also remove deprecated Typescript types? 🤔

https://fosstodon.org/

teleclimber, 2 months ago to random

Sometimes work on old legacy code feels like

"Ah time to make dinner. Oh wait there is a leak in the kitchen, I better re-roof the house first."

teleclimber, 2 months ago to node

I just released #Dropserver 0.13.1 with a few fixes and tweaks, particularly around the sandbox:

• prepare for #Deno 2.0
• make the CWD the appspace files directory
• clean up inotify leaks when using #bubblewrap

https://github.com/teleclimber/Dropserver/releases/tag/v0.13.1

https://dropserver.org: "An Application Platform for Your Personal Web Services"

baldur, 3 months ago to random

Putting together the blog post collection has meant trying to find old links in the Wayback Machine

One was this one by the legendary Kathy Sierra in 2004. It’s both inspiring and depressing, because we all know what happened in the intervening two decades

“A Computer Book Author’s Manifesto” https://web.archive.org/web/20120118171954/http://www.oreillynet.com/pub/a/oreilly/news/ksmanifesto.html

teleclimber, 3 months ago to node

Blog post: #Dropserver progress update for February (yes, it's a bit late 😬)

Stuff about #lume #ssg Dropserver app, submitting a patch to #browserslist to help it run in #Deno with limited permissions, and more.

https://olivierforget.net/blog/2024/dropserver-progress-february-2024/

teleclimber, 3 months ago to random

#Framework's expansion cards give so much flexibility, sometimes in unexpected ways:

I worked in a family member's office this weekend. Their laptop has the HDMI port on the right side, so the monitor cable sits on the right ready to be plugged in. On my @frameworkcomputer laptop I happen to have the HDMI port on the left.

Instead of trying to snake the stiff short HDMI cable to the left side, I swapped the expansion cards so the HDMI was on the right and plugged in without a fight.

teleclimber, 3 months ago to random

“ If a megacorporation builds a walled garden, it’s to hem us in. If we build a walled garden, it’s to keep them out.”

Great quote! @ben

https://werd.io/2024/gardens-and-power

hongminhee, 3 months ago to fediverse

I've written a #fediverse server framework that implements #ActivityPub in #Deno. There are still many features to document and add, but the basic behavior such as creating and following actors and sending and receiving activities works well. It's also been tested with Mastodon and Misskey. There's also a federated single-user blog in the repository as an example project. If you're interested in building a fediverse server app, take a look at the project! Thanks!

https://github.com/dahlia/fedify

teleclimber, 3 months ago to CSS

#CSS scope selector may make it into #FireFox in the first half of this year:

https://bugzilla.mozilla.org/show_bug.cgi?id=1830512#c3

This is good news for those of us who are eyeing this new capability to write CSS in a sane way without external tools or painful class name conventions. It's already in all Chromium browsers and in Safari Preview.

This explainer by @mia gives a good overview of the idea behind it:

https://css.oddbird.net/scope/explainer/

MDN page:

https://developer.mozilla.org/en-US/docs/Web/CSS/@scope

teleclimber, 3 months ago to programming

I made a contribution to browserslist:

https://github.com/browserslist/browserslist/pull/819

I have been trying to get the Lume static site generator to run inside a #Dropserver sandbox, but I have been running into all kinds of issues: some modules written for #NodeJS assume they have read permissions for the entire disk, and error out when you run them with restrictive permissions. Any project that uses #PostCSS + #autoprefixer (ie most build systems) will hit this.

https://github.com/browserslist/browserslist/issues/813

1/2

teleclimber, 3 months ago to random

The queer.af thing is a reminder that you don't own your domain names any more than you own those songs on iTunes or those movies on Google Play.

kepano, 4 months ago to random

These are all separate vectors:

1. VC vs user-supported
2. Files vs databases
3. Open vs proprietary formats
4. Open vs closed source
5. Extensible vs non-extensible
6. Private vs privacy-invasive

An open source app can be VC-backed, store its data in a proprietary format, have terrible APIs, and include telemetry

robb, 4 months ago to random

Mastodon Webmentions and Privacy https://rknight.me/blog/mastodon-webmentions-and-privacy/

Since reading this post (https://brainbaking.com/post/2023/05/why-i-retired-my-webmention-server/ ) by @jefklak the other day I can't help but think webmentions via Mastodon might not be a good thing from a privacy standpoint.

Very interested to hear more thoughts on this.

alcinnz, 4 months ago (edited 4 months ago) to random

This Guy Has Built an Open Source Search Engine as an Alternative to Google in His Spare Time - Jason Koebler @ 404:
https://www.404media.co/this-guy-is-building-an-open-source-search-engine-in-real-time/ (subscription walled)

Stract seems like a good one to keep an eye on! And to look further into!

matthiasott, 4 months ago to RSS

Citizens of the open web! 💚

Does your website or blog have an #RSS feed? Let me – and my #OwnYourWeb newsletter subscribers – know the URL(s) below.
👇

teleclimber, 4 months ago to Blog

#blog post: #Dropserver Progress Report for January. I talk about the 0.13 release, the general direction I'm heading in, and some other ideas I'm exploring.

https://olivierforget.net/blog/2024/dropserver-progress-january-2024/

#selfhosted #FOSSfriday #indieweb

teleclimber, 4 months ago to vscode

I was looking for #vscode extensions to help write plain #HTML and #CSS and it's disappointing.

There is an extension that suggests class names it finds in your stylesheets when you are writing HTML. Cool. It works. But it's extremely superficial. It only considers individual class names, so it suggests classes that can't apply to that element.

https://marketplace.visualstudio.com/items?itemName=ecmel.vscode-html-css&ssr=false#overview

teleclimber, 4 months ago to random

Speaking of websites without analytics, I put together a quick site describing the Leftovers #Dropserver app:

https://leftovers.olivierforget.net/

I still have more work to do on this app, but at least it has a home now!