@movq@www.uninformativ.de I’m thinking of something like an optional metadata key that could be used as a general motivation endpoint?
@bender@twtxt.net thing I am too (happy) that is. If I ever wanted to side load an app I could with my Developer account easily!
@movq@www.uninformativ.de Yeah okay I didn’t notice that 🤦♂️ Kind of makes me wonder whether we should do something for the Gopher and Gemini folk here? 🤔
@movq@www.uninformativ.de Hmm wow! 😱
@aelaraji@aelaraji.com Well yeah this is true, but as @bender@twtxt.net and I point out, there are reasons for why this happens at times 🤣 Some of those reasons are not “purposefully malicious” I don’t think 🤔
@aelaraji@aelaraji.com Correct me if I’m wrong, but isn’t the EU forcing Apple to support side-loading Apps now on iOS devices? 🤔
Anyone had any intereractions with @cuaxolotl@sunshinegardens.org yet? Or are they using a client that doesn’t know how to detect clients following them properly? Hmmm 🧐
@falsifian@www.falsifian.org No need to apologize! 😌 Yarn / Twtzt is designed to be slow on purpose 🤣
@movq@www.uninformativ.de Where was this found? 🤔 What a treasure trove 😅 #Windows #sucks
@lyse@lyse.isobeef.org Poor little guy 😢 Also eww I hate snakes 🤣 I have a bit of a phobia 😅
@bender@twtxt.net That’s also likely 😅
@slashdot@feeds.twtxt.net IMO the problem isn’t “Apple”™ the company, per se, it’s the complexity and size of the organization. It’s large, it’s complex, you will have large sets of “people” that follow the “rules” as written without any leeway whatsoever or ability to apply “intent”.
@quark@ferengi.one probably not with the OpenSSH tools themselves but perhaps with the OpenSSL tools using the same key.
@off_grid_living@twtxt.net This is so true! Grandpa used to say this all the time too. Especially about tomatoes 🤣
@movq@www.uninformativ.de Yeah we’re about 3,054.26km from the equator but clearly that’s not far enough 🤣
@bender@twtxt.net Yeah just in spring right now and it’s already disgustingly hot 🥵
Uggh it’s 33C right now and 60% humidity 🥵
@quark@ferengi.one Bahahahaha 🤣
That was the only real way I could fix this for the time being without re-factoring the whole UI for the endpoint/page.
@abucci@anthony.buc.ci Precisely 😅
It’s a really good time to invest in nVIDIA shares 🤣
@abucci@anthony.buc.ci No this correctly now responds with:
$ curl 'https://twtxt.net/external?uri=https://google.com&nick=lovetocode999'
Feed Not Found
After nuking that from my cache. I forgot to nuke my own cache myself because it’s quite destructive and takes a few mins to rebuild on my pod 🤣 There’s a tool in tools for deleting a specific feed from the cache that I’ve been using.
Yeah I wonder too 🤔
@abucci@anthony.buc.ci appreciate it if you find the time to update again 🙏
Now that’s rolling out, I think that’s it. The only final way I can improve that /external endpoint/view is to refactor how it works a bit and add some HTMX magic™ so it has a nice snappy UX to it as it dynamically tries to validate the feed and provide useful feedback to the user, that way I can avoid injecting it into the cache unnecessarily in the first place!
@bender@twtxt.net Yeah but I found another bug and just squished that. CD pipeline is gonna roll this pod soon™ – Basically wasn’t handling feeds that redirect properly. e.g: https://google.com => https://www.google.com (though it’s not a feed 🤣)
Hmm I see this in the cache again 🤦♂️ Not sure how tbh – Job for me later.
@bender@twtxt.net https://google.com has been removed from the cache (without nuking the entire cache) @abucci@anthony.buc.ci if you need to selectively do this for some reason, there’s a script in the tools directory for this:
$ ./tools/cache_delete_feed.sh 'https://google.com'
Anyway, that’s gone. This is much much harder to exploit now, even if you’re an authenticated user.
Time for work™, But I quickly hacked together a bit of a better solution here. Rolling it out to my pod so we’ll see how it actually goes. Still possible to abuse if you’re a logged in user, etc, but at least now we delete the invalid/bad feed afterwards if it a) was not even a text//plain content-type or b) it errored out and was a new fetch of a HTTP feed.
Yeah okay.
@bender@twtxt.net Not possible 🤣
/external matching a particular pattern (like this damn lovetocode999 nick) would do the job. Given the potential for abuse of that endpoint, having more moderation control over what it can do is probably a good idea.
@abucci@anthony.buc.ci I mean it’s only suppose to do one thing really. What are you thinking here?
Yeah I was afraid of this. Technically can still be abused by “logged in” users. Hmmm
So we really not trust ourselves? 🤣🙄
@abucci@anthony.buc.ci No worries! 😅
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
But this is super weird, should behave the same as my pod 🤦♂️
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci nuke the cache file before starring
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
How did you nuke your cache?
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci Hmmm weird 🤔
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci You don’t actually appear to be running that sha hmmm? 🤔 
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
Hmmm
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
It appears to be working to 👌 
silly bots 🙄
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci Bo worries! If you curl it too it’ll return a proper 494 👌 Should make bots go away 🤞
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci Blah my cache was poisoned 🤦♂️ it’s fine now! And this is no monger possible to do now.
@bender@twtxt.net Did they win though? Did they?! 🤣
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci This is already in place. It will error, return 404 Feed Not Found for non-browsers and external feeds are never fetched (unless you are an authenticated/valid user of the pod) – I patched that hole a while ago, because I already picked up it was being abused by bots 🤖
Support (and thus abuse reports) are now disabled on this pod. There’s now a new setting in Settings -> Poderator Settings called “Disable Support”.
This happens again today. This is twice just today alone. Hmm I’m reconsidering this feature entirely, rarely used and if it’s just going to be abused by spammer, I don’t see the value in it. I’m certainly not going to try to build some kind of “anti-spam” filters or anything, sounds cool, I’d learn a lot, but smells of effort and time I simply don’t have 😢 #spam #sucks
@slashdot@feeds.twtxt.net OMG! 😦 What da hell is going on here?! I used to have a friend that came from North Carolina, this is terrible (attacking power grids) 🤬 wtf are these people smoking?! 🚬
Like why does spammers even bother?! Don’t they realize how fucking futile and useless it is to be abuse something like a support form? I mean clearly nothing is going to come of this, except it’s going to be clearly ignored and toss in the bin. 🤣
Wow! My god spammers really try hard song they? 🤣 Geez 🤦♂️ 
Do we need to make the captcha harder? 🙄
@lyse@lyse.isobeef.org to be fair the settings that you can change in the user interface are persisted to the settings YAML file and yes override any environmental command online options. This is always made sense to me because there are subset of settings that can be changed dynamically at runtime without requiring any restart.
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci It’s good enough IMO 🤞
@aelaraji@aelaraji.com It is if he’s turned off open profiles 👌
yarnd --help currently says (for me):
@lyse@lyse.isobeef.org thank you! 🙇♂️
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@quark@ferengi.one Thanks! 😅
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
I’m happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you’re logged in and happen to click on someone’s profile that is external to the pod or b) you’re anonymous and just clicking through the frontpage (see a)
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@bender@twtxt.net The problem with this is we just don’t know until we try. That’s why if the external feed you’re looking for isn’t found in the cache, it’ll try to fetch it in the background. It’s a bit of a sucky UX really, but its better than the experience of “waiting, waiting waiting and then timeout”.
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
I’ve pushed a slightly improved version of this that will return a HTTP 404 Not Found if the UserAgent is determined to NOT be a Browser.
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
Now responds with an error page; but still a 200 OK which I’m not entirely sure I agree with or am happy with? Hmm 
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci I’ve fixed this and pushed a commit to main. Will test it on my pod and see how it goes. Basically reporting an error if the feed isn’t in the cache and you’re unauthenticated (anonymous).
@movq@www.uninformativ.de Yup! 👌
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@abucci@anthony.buc.ci Hmmm I’ll have a look at this today, hopefully. 🤞 Thanks for bringing this up! 🙇♂️
@xuu@txt.sour.is we really must invest more time and effort into salty im 🤣
@aelaraji@aelaraji.com good morning! Are you wake up that early?! 🤣
@movq@www.uninformativ.de it looks like it would kill you. 😅
@lyse@lyse.isobeef.org Definately! Next time I’ll make sure I announce it a few days in advance. 🙄😅
This ☝️
@movq@www.uninformativ.de I certainly am 🤣 I wonder whether she is one of the yontest? 🤔
My 9yr old daughter just made her Git commit today, her first website, setup two-factor authentication and used several credentials (which I helped her with) 🤣 – next lessons: password hygiene/management.
yarnd has for "peering" between pods for this reason. It's quite simple really and its actually open publicly, so you can just use the scripts I wrote.
@movq@www.uninformativ.de It’s all in this single Converge() method. Let me see if I can decipher and document wtf is going on here…
@movq@www.uninformativ.de Yeah, they should rotate though, but yes.
@hacker-news-newest@feeds.twtxt.net Oh! Wow! 😮 Does anyone know or have any insight as to the arrest of the Telegram CEO (Pavel Durov)? 🤔 #Telegram
@aelaraji@aelaraji.com Please do! 😅
@movq@www.uninformativ.de All good! 😊 I totally get it 😅
@movq@www.uninformativ.de This is fair 😅 Most development with Twtxt / Yarn.socail continues to be “asynchronous” and “slow” in nature 🤣 – regardless of whether we see you on IRC or not 😅
@<falsifian https://www.falsifian.org/twtxt.txt>, then it will look in https://www.falsifian.org/twtxt.txt for a twt with hash tkjafka. Maybe even do this recursively until there are no new references anymore. This process could include explicitly querying some user-configurable Yarn pods as well. 🤔
@movq@www.uninformativ.de This is gone though right? 🤔
yarnd has for "peering" between pods for this reason. It's quite simple really and its actually open publicly, so you can just use the scripts I wrote.
@bender@twtxt.net I’m mostly talking about compare twt chain
@lyse@lyse.isobeef.org I’m here ! 😅 It’s an open window sof ~4 hours, so plenty of time to jump on 🤣
@falsifian@www.falsifian.org Yeah this is a good idea. Opening up the little tiny API that yarnd has for “peering” between pods for this reason. It’s quite simple really and its actually open publicly, so you can just use the scripts I wrote.
One thing to bare in mind is that Twtxt (the original spec) is largely dead, this included the registry. The registry in practise was never really widely used, and suffers from “centralization” – Which registry do you use? Its for this reason we built a search engine/crawler to help with searching and discovery. Anyway I digress… LMK if you want to go down this path, happy to document it beyond the scripts I wrote.
⏰ for our monthly Yarn.social Online Meetup! 🤞
Event: Yarn.social Online Meetup
When: 24th August 2024 at 12:00pm UTC (midday)
Cadence: 4th Saturday of every Month
Agenda:
Anything we want to talk about. Twtxt, Yarn, self hosting, cool stuff you’ve been working on. chit-chat, whatever 😅
@bender@twtxt.net ABV, IBU and EBC? 🤔
@aelaraji@aelaraji.com I had to nuke the search engine’s database last night due to a bug in a dependency that got fixed, but left me with a corrupted index :/
@bender@twtxt.net Good question! XFCE us a better choice IMO
But why?
I fully support “small scale” and “slow” here. I think if you’re going to be successful at “self hosting” that’s kind of the design and architecture you need to go for IMO.
@aelaraji@aelaraji.com Me neither. I did a bit of research but couldn’t find anything. So if we created something, it’d have to be our own thing I think.
@aelaraji@aelaraji.com Would there be any standard way of indicate this behavior at all that you’re aware of? Any special way of linking the image? Or something? Hmmm 🧐
@aelaraji@aelaraji.com Ahh cool! Thank you 🙏 FWIW yarnd has a built-in feature similar to this too where an operator (what we call a poderator) has to “whitelist” domains that may serve images before it’ll render them inline at all (to prevent abuse).
@aelaraji@aelaraji.com Ahh I see! Interesting 🧐 Would you prefer that clients like yarnd prefetch resources liks this, cache them and serve the cached copy? 🤔
I just realized, this is the last Saturday of the month. So Yarn.social meetup is up again tomorrow. Same time as last time if anyone is interested/around to join and hang out!
@aelaraji@aelaraji.com What does “hotlinking” even mean? What feature and web server has this? I’ve never heard of this before till now 😅
@aelaraji@aelaraji.com Oh! 🤔 That’s really weird. Why does that error like that? 🤔
@aelaraji@aelaraji.com That screenshot you posted doesn’t load for me? Error 1011? 
@tkanos@twtxt.net Nope. What is it? Why do I want to use it? 🤔
@bender@twtxt.net do you think we need to think about any new kind of visualization for these large yarn threads? 🤔
@bender@twtxt.net Haha that’s what u do 🤣 Can’t stand going to see doctors 🙄 (Sorry, I mean GPs)
yarns (the search engine) 😢
@bender@twtxt.net No the domain is black listed from this pod at the moment.
@falsifian@www.falsifian.org @movq@www.uninformativ.de You actually only really want the missing root Twt. You could just fetch this from any Yarn pod. There are scripts I built way back when yo do this 😅