@lyse@lyse.isobeef.org oh yeah i use the CLI sometimes it’s fun af

@kat@yarn.girlonthemoon.xyz Allegedly, there’s at least a CLI for that, yarnc. I neither used nor looked at it, though.

@kat@yarn.girlonthemoon.xyz Using full-blown Cloud services is good for old people like me who don’t want to do on-call duty when a disk fails. 😂 I like sleep! 😂

Jokes aside, I like IaaS as a middle ground. There are IaaS hosters who allow you to spin up VMs as you wish and connect them in a network as you wish. You get direct access to all those Linux boxes and to a layer 2 network, so you can do all the fun networking stuff like BGP, VRRP, IPSec/Wireguard, whatever. And you never have to worry about failing disks, server racks getting full, cable management, all that. 😅

I’m confident that we will always need people who do bare-bones or “low-level” stuff instead of just click some Cloud service. I guess that smaller companies don’t use Cloud services very often (because it’s way too expensive for them).

I saw 100% I/O wait in htop today but couldn’t find a process which actually does I/O. Turns out, I/O wait isn’t what it used to be anymore:

https://lwn.net/Articles/989272/

In my case, it was mpd which triggered this:

https://github.com/MusicPlayerDaemon/MPD/issues/2241

mpd doesn’t actually do anything, it just sits there and waits for events. To my understanding, this is similar to something blocking on read(). I’m not quite sure yet if displaying this as I/O wait (or “PSI some io”) is intentional or not – but it sure is confusing.

Image

my biggest fear of starting to work with servers professionally is realizing that no one uses servers anymore and having to do some cloud bullshit instead

@david@collantes.us You are right! I need to check this problem. Thank you very much!

@eapl.me@eapl.me Good job! I have added these comments:

1. It is only long for humans. Clients can only leave a hyperlink.
   
2. The nickname is just a decoration, only the date that acts as the id and the URL matter. The nick is used for humans reading the feed.
   
3. It can be migrated with a script, if the feed exists.

i love everything pico.sh i wish i had more of a use for their services but the paste service is SUPER handy omg i finally had a reason to use it (to send a friend my unfinished failed marvel API bash program lol) and it’s epic. i love SSH i love TUI apps they are the best

What is twtxt for me? It is a community of users sharing plain text following a specification that can be readable by both humans and machines.

For some it is a microblogging platform, for others it is a social network, others see it as an enhanced RSS feed and a few consider it a hacker’s toy. I use it as a learning platform. And as collateral damage, I’m meeting some very interesting people.

And for you?

I think I should try self-hosting some Mastodon thingy again.

The “export data” feature on the Mastodon instance I’m using seems to be broken. I’ve contacted the admins but we couldn’t find the issue – yet. I don’t want to bother them too much, it’s a free service after all.

But this means that everything I post over there is very, very volatile. It could all be gone in 5 minutes and I’ll have no way to restore it. Hmm.

I have a file with US holidays but I think it’s on my laptop still

Bit of an update, there is now a general licence for all my stuff:

“Unless projects are accompanied by a different license, Creative Commons apply (“BY-NC-ND” for all art featuring the Canine mascot and “BY-NC” for everything else).”

It’s even included on my website, where most of the demand for a clear licence originated from:

In practice this changes nothing, as I was never enforcing anything more than this anyway and given permission for other use too. Now it’s just official that this is the baseline, of what can be done, without having to ask for permission first.

Chapter 1:
Chapter 2:

if you want a different voice let me know which to use: https://rhasspy.github.io/piper-samples/

@lyse@lyse.isobeef.org Ah, yes, a calendar that shows the past $x months is great! I have this as a widget in my bar:

Image

Before that I also used something like cal. It works, but it’s a bit cumbersome.

@eapl.me@eapl.me @bender@twtxt.net @prologic@twtxt.net Not including a photo was a stupid move, sorry. There you go:

Image

This particular one is 95mm wide and 185mm high. Fairly compact.

I can only use it figure out distances to other dates and to do some basic calendar math. I’m not able to actually schedule anything. But I grew up with a month calendar like you have there where all appointments of the entire family was recorded.

By far most of my paper use is drawing random stuff on scratch paper during meetings. :-D

Image

do you mind sharing a picture ?

I can’t find something similar here, but my wife gave this one last year, and I’ve been using it a bit. I’d say it’s useful as you’ve shared.

Image

We also have a shared calendar in the kitchen for family events, and it’s working great.

I got a small desk calendar as advertising gift. It shows three months at once. I’m using this thing since the beginning of this year and I have to say that it turned out to be super useful. I’m happily surprised.

It sits on my desk next to my rightmost monitor. I’ve set it up so that I can see the last, current and next months. Each morning, I advance the “today window” or whatever its proper name is. This gives me a sense of what date we have today and which I will have forgotten half a minute later already. At most. However, it’s easily at hand by turning my head just a few degrees.

With the last month still showing, I had several occasions so far where a date in the past popped up in a meeting. I could easily tell when something happened, how long ago that was. Or how many days or weeks are left until we have to deliver something, etc.

In hindsight, this is absolutely no surprise at all. But I still find it fascinating. I’m now actually wondering why I never had something like that before. How could I live without that thing? Sure, I pulled up a calendar on my computer, ncal -w3 or so. But I always hated the inverted ncal output, necessary for showing week numbers, though. Having a paper calander right next to my screen at all times is sooooo much more handy.

So, do yourself a favor and think about whether such a desk calendar might be useful to you.

The only annoying thing is that the “today window” moves too easily. It slips down by its own. I reckon it wants me to regularly interact with it, so that I memorize the current date.

pls elaborate on a ‘p2p database’, ‘all story’ and ‘Registries’.

My first thought takes me to something like secure-scuttlebutt which it’s painful to sync data using clients, and too slow compared to downloading a text file.

Also I’d like for twtxt to avoid becoming an ActivityPub. Works well but it’s uses too many resources IMO.
https://kingant.net/2025/02/mastodon-the-cost-of-running-my-own-server/

I’m defending being able to self-host your Web client (like you’d do with a Wordpress, twtxt is a micrologging, at the end), instead of federated instances, so in a first thought I’d say Registries have many disadvantages being the first one that someone has to maintain them active.

@prologic@twtxt.net We often turn to a database when we can use a plain text file, such as a CSV. With sed or awk, you can run simple queries without using a database.
Did I get the context right? 😀

Today I learned how to use TestCafé. It is a E2E framework.
I needed it because I wanted to write a script that would launch a browser in the background, log me in with a username and password, and return the cookie value with the token ID. The goal is to perform tests with the token.
https://testcafe.io/

The other day, after a discussion online, we came to the conclusion that using awk+sed+tr could replace much of the development that requires a database. However, using SQLite to have a SQL syntax isn’t a bad idea either. What do you think?

@prologic@twtxt.net oops, I’m sorry to see disagreement leading to draining emotions.

It remind me a bit of the Conclave movie where every part wanted to defend their vision and there is only a winner. If one wins the other loses. Like the political side of many leaders and volunteers representing a broad community. I don’t think that’s the case here. Most of us (in not all) should ‘win’.

I can only add that isn’t nice to listen that ‘my idea and effort’ is not what the rest of the people expect. I personally have a kind of issue with public rejection, but I also like to argue, discuss and even fight a bit. “A gem cannot be polished without friction, nor a man perfected without trials,” they say.
This exercise and belonging to this community also brings me good feelings of smart people trying to solve a human and technical problem, which is insanely difficult to get ‘right’.

I genuinely hope we can understand each other, and even with our different and respectful thoughts on the same thing, we might reach an agreement on what’s the best for most people.

Good vibes to everyone!

@lyse@lyse.isobeef.org deeply honored to be used as an example, when illustrating things that will break! :-D <3

Why not just use registry? It can be personal or hosted by someone like registry.twtxt.org. Just need to be adapt to support hashes

If we don’t keep insisting on simplify and “The beauty of twtxt is, you put one file on your server, done. One.”, then people should just use ActivityPub-based software like Mastodon, PixelFed, etc. which are getting a lot of attention and uses migrating to the fediverse from meta/x here in Denmark over the last couple of months.

@prologic@twtxt.net We can’t agree on this idea because that makes things even more complicated than it already is today. The beauty of twtxt is, you put one file on your server, done. One. Not five million. Granted, there might be archive feeds, so it might be already a bit more, but still faaaaaaar less than one file per message.

Also, you would need to host not your own hash files, but everybody else’s as well you follow. Otherwise, what is that supposed to achieve? If people are already following my feed, they know what hashes I have, so this is to no use of them (unless they want to look up a message from an archive feed and don’t process them). But the far more common scenario is that an unknown hash originates from a feed that they have not subscribed to.

Additionally, yarnd’s URL schema would then also break, because https://twtxt.net/twt/<hash> now becomes https://twtxt.net/user/prologic/<hash>, https://twtxt.net/user/bender/<hash> and so on. To me, that looks like you would only get hashes if they belonged to this particular user. Of course, you could define rules that if there is a /user/ part in the path, then use a different URL, but this complicates things even more.

Sorry, I don’t like that idea.

re reading so NewRAMStorage(…) is just something that setups your storage and initial data.. that can probably live with storage/sqlite. The point is the storage package does not import the implementations of storage.Storage It just defines the contract for things that use that interface. Now storage/sqlite CAN import storage and not have a circle dep.

It kinda works in reverse for import directions. usually you have your root package that imports things from deeper in the directory structures.. but for the case of interfaces it reverses where the deeper can import from parents but parents cannot import from children.

- app < storage
      < storage/sqlite
      < controller < storage
                   < storage/sqlite
 
- sqlite < storage

- storage X storage/sqlite

@xuu@txt.sour.is My layout looks like this:

• storage/
  
  • storage.go: defines a Storage interface
    
  • sqlite.go: implements the Storage interface
    
  • sqlite_test.go: originally had a function to set up a test storage to test the SQLite storage implementation itself: newRAMStorage(testing.T, $initialData) *Storage
    
• controller/
  
  • feeds.go: uses a Storage
    
  • feeds_test.go: here I wanted to reuse the newRAMStorage(…) function
    

I then tried to relocate the newRAMStorage(…) into a

• teststorage/
  
  • storage.go: moved here as NewRAMStorage(…)
    

so that I could just reuse it from both

• storage/
  
  • sqlite_test.go: uses testutils.NewRAMStorage(…)
    
• controller/
  
  • feeds_test.go: uses testutils.NewRamStorage(…)
    

But that results into an import cycle, because the teststorage package imports storage for storage.Storage and the storage package imports testutils for testutils.NewRAMStorage(…) in its test. I’m just screwed. For now, I duplicated it as newRAMStorage(…) in controller/feeds_test.go.

I could put NewRAMStorage(…) in storage/testutils.go, which could be guarded with //go:build testutils. With go test -tags testutils …, in storage/sqlite_test.go could just use NewRAMStorage(…) directly and similarly in controller/feeds_test.go I could call storage.NewRamStorage(…). But I don’t know if I would consider this really elegant.

The more I think about it, the more appealing it sounds. Because I could then also use other test-related stuff across packages without introducing other dedicated test packages. Build some assertions, converters, types etc. directly into the same package, maybe even make them methods of types.

If I went that route, I might do the opposite with the build tag and make it something like !prod instead of testing. Only when building the final binary, I would have to specify the tag to exclude all the non-prod stuff. Hmmm.

it seems to be confused with the subject right next to it.. it works better at the end of the twt string.
Yarn won’t display anything. but the parser does add it to the AST in a way that you can parse it out using twt.Attrs().Get("lang")

https://git.mills.io/yarnsocial/go-lextwt/src/branch/main/ast.go#L1270-L1272

https://git.mills.io/yarnsocial/go-types/src/branch/main/twt.go#L473-L478

Dang it! I ran into import cycles with shared test utilities again. :-( Either I have to copy this function to set up an in-memory test storage across packages or I have to put it in the storage package itself and guard it with a build tag that is only used in tests (otherwise I end up with this function in my production binary as well). I don’t like any of the alternatives. :-(

lang=en @xuu@txt.sour.is gotcha!
From that PR #17 I think it was reverted? We could discuss about metadata later this month, as it seems that I’m the only person using it.

I’ve added a [lang=en] to this twt to see current yarn behaviour.

really? I think I haven’t seen it being used in the wild

For point 1 and others using the metadata tags. we have implemented them in yarnd as [lang=en][meta=data]

it’s been while since I’d stopped #window-manager hopping and just settled with #Herbstluftwm but I’m NGL, the River #Wayland compositor is starting to grow on me… I’m still not sure if it’s just me but something about it feels clean and snappy. The shortcuts in the vanilla/example configuration feel a bit clunky, but then again, it’s just me being used to the same old ones I keep adopting and replicating across WMs. I’ve got 0 energy for ricing so I’ll just roll with the vanilla config as is (maybe add in a short-cut for a launcher but that will be it).

looks good to me!

About alice’s hash, using SHA256, I get 96473b4f or 96473B4F for the last 8 characters. I’ll add it as an implementation example.
The idea of including it besides the follow URL is to avoid calculating it every time we load the file (assuming the client did that correctly), and helps to track replies across the file with a simple search.

Also, watching your example I’m thinking now that instead of {url=96473B4F,id=1} which is ambiguous of which URL we are referring to, it could be something like:
{reply_to=[URL_HASH]_[TWT_ID]} / {reply_to=96473B4F_1}
That way, the ‘full twt ID’ could be 96473B4F_1.

True. Though if the idea turns out to be better.. then community will adopt it.

if you look at the subject for that twt you will see that it uses the extended hash format to include a URL address.

We went up our backyard mountain again right after lunch. The sun peaked through the clouds sometimes. The 6°C felt much, much cooler with the northeast wind. We got lucky, though, it was dead calm at the summit. At least on the southwestern side, which is a few meters lower than the very top to the east. That was shielded absolutely perfectly from the wind (we were extremely surprised), so we sat down on a bench and could really enjoy the sun heating us up. Apart from the haze, the view was really nice.

There were even patches of snow left up top, that was unexpected. Also, somebody created a cool rock art piece on a tree stump. That one rock absolutely looked like a face. Crazy!

Image

Enjoy: https://lyse.isobeef.org/waldspaziergang-2025-03-01/

@prologic@twtxt.net @david@collantes.us Good question, was this on live TV? I think it was? 🤔

@andros@twtxt.andros.dev I don’t see a burst of new twtxt clients popping up. Yeah, the most recent ones are TwtxtReader and twtxt-el. Did I miss one? I agree with @david@collantes.us, looks normal to me. :-)

I’m also working on my rewrite at the moment, but that started… *looking at the git history*… oh wow! O_o Over two years ago! I just implemented jumping to the next/previous unread message.

HeliBoard might be the first one of these fully open source Android keyboards, that doesn’t suck, idk, I’m still in the process of testing it, but I already like it a lot more than any of the ones I used before it.

Setting it up was somewhat clunky, but once you set it all up and dile in the settings, the keyboard itself, feels really great to use.

working on my bookmarks tool, I found out that http(s)://domain.tls is not a valid resource, but http(s)://domain.tls/ is, as you can see here: https://stackoverflow.com/a/2581423

I suppose that internally the wget/curl or whatever client you are using is redirecting it?

@lyse@lyse.isobeef.org Yeah, well, what they want is for us to become hopeless and give up. We should just try. Not wait and … wait.

@lyse@lyse.isobeef.org @david@collantes.us I often think about moving to Mecklenburg-Vorpommern. It’s a long way from home and probably not realistic, but one can dream. 😅

@movq@www.uninformativ.de @david@collantes.us Where can I join you? Building a log cabin in the woods would be dang awesome!

I agree. finding good writings on architecture is hard to find. I used to read architecture reviews over on the high scalability blog. i suspect the reason why is that the arch is how the big tech companies can build moats around their bases. I know in AWS world it only goes as far as how to nickle and dime you to death.

I have the books but they don’t grow much more past interview level.

@andros@twtxt.andros.dev Just before the pandemic, we watched Uncle Bob videos once a week in the lunch break. While almost all of my old teammates agreed with his views, I partially found them to be very odd and even counterproductive.

I didn’t come across John Ousterhout or any of his work before, at least not deliberately. So, this document is my first contact.

I only finished the chapter on comments and I totally agree with John so far. This document just manifests to me how weird Bob’s view is on certain subjects.

I always disagreed with the concept of a maximum method length. Sure, generally, shorter functions are probably better, but it always depends. And I’ve certainly seen super short methods that just made the code flow even worse to follow. While “one function should only do one thing” is a nice general rule, I’m 100% in team John with the shown examples. There are cases, where this doesn’t help readability at all. Not even close.

To me, a function always has to justify its existence. Either by reusing it at least at another place or by coming up with dedicated tests for it. But if it is just called once and there are no tests, I almost always decide against it. Personally, I don’t mind longer methods. We just recently had a discussion about that and I lost against two other workmates who are more in Uncle Bob’s camp, they refactored one medium sized method into three very short ones. Luckily, we agree on most other topics.

Lol, what!? The shorter the method, the longer the variables inside? I first thought I misread or the writeup mixed it up. I’ll always do it the other way around.

I’ve been also bitten badly by outdated comments in the past, but Bob must have worked on really terrible projects to end up with such an attitude to dislike comments. Oh well. No doubt, I’ve come across by several orders of magnitude more useless comments, in my experience (autogenerated) JavaDocs fall in the category more frequently than not. So, I know that there are different types of comments. A comment doesn’t automatically mean that it is good and justified.

But I also partially agree with Bob and John and think that a good name has a proper chance to save a comment. Though, when in doubt, I go John’s route and use a shorter name with a comment rather than use a kilometer long identifier. Writing good comments typically takes some time, sometimes much longer than writing the code. It regularly takes me several minutes. It’s a hard art.

I perhaps should read up on John’s work. He seems to be more reasonable and likeminded. :-) Let me continue to complete this document.

I read a lot about Clean Code, SOLID, TDD, DDD… now I’m discovering «A Philosophy of Software Design»… but nobody talks about the importance of the project architecture. Do we depend on the framework to do the work for us?
You know I’m a big fan of Clean Architecture, but I feel alone when I share my thoughts on social media or at work.
You have to think outside the framework.

@david@collantes.us Yeah. A horrendously wrong but simple solution often outpaces are bit more correct but complex one. Especially if the simple one suggests that oneself doesn’t have to change at all and can just continue along. Wishful thinking.

@bender@twtxt.net And if that rock won’t hit us, there still is a chance in 2038, to get everything shut down. 🤓

I am going to start using this one more, or exclusively, from now on. I need to get used to it, as “quark” will be gone, and “bender”, well, he is kind of tired of getting bent. :-D

@falsifian@www.falsifian.org Neat, I got the principle, so mission accomplished. :-)

I have configured my vim to use a tab width of four. So, I noticed that especially https://www.falsifian.org/blog/2021/06/04/catalytic/reachability_with_stack.cc (but also partially the other C++ file) mixes tabs and spaces for indentation. :-)

oh dang.. i thought i had parsing for !tag from back when someone was using it for his wiki pages.
i guess i left it out. though shouldnt be to hard to add it back in

Short summary of Project2025 and Trump’s plans for the US:

• Abolish the Federal Reserve
  Why? To end what is seen as an unelected, centralized body that exerts too much influence over the economy and monetary policy, replacing it with a more transparent, market-driven approach.

• Implement a national consumption tax
  Why? To replace the current federal income tax system, simplify taxation, and increase government revenue through a broader base that includes all consumers.

• Lower corporate tax rates
  Why? To promote business growth, increase investment, and stimulate job creation by reducing the financial burden on companies.

• Deregulate environmental policies
  Why? To reduce government intervention in the economy, particularly in energy and natural resources sectors, and to foster a more business-friendly environment.

• Restrict abortion access
  Why? To align with conservative pro-life values and overturn or limit abortion rights, seeking to restrict the practice at a federal level.

• Dismantle LGBTQ+ protections
  Why? To roll back protections viewed as promoting LGBTQ+ rights in areas like employment and education, in line with traditional family values.

• Eliminate diversity, equity, and inclusion (DEI) programs
  Why? To end policies that are seen as divisive and to promote a merit-based system that prioritizes individual achievements over group identity.

• Enforce stricter immigration policies, including mass deportations and detentions
  Why? To prioritize border security, reduce illegal immigration, and enforce existing laws more aggressively, as part of a broader strategy to safeguard U.S. sovereignty.

• Eliminate the Department of Education
  Why? To reduce federal control over education and shift responsibilities back to local governments and private sectors, arguing that education decisions should be made closer to the community level.

• Restructure the Department of Justice
  Why? To ensure the department aligns more closely with the administration’s priorities, potentially reducing its scope or focus on areas like civil rights in favor of law-and-order policies.

• Appoint political loyalists to key federal positions
  Why? To ensure that government agencies are headed by individuals who are committed to advancing the administration’s policies, and to reduce the influence of career bureaucrats.

• Develop training programs for appointees to execute reforms effectively
  Why? To ensure that political appointees are equipped with the knowledge and skills necessary to implement the proposed changes quickly and effectively.

• Provide a 180-day transition plan with immediate executive orders
  Why? To ensure that the incoming administration can swiftly implement its agenda and make major changes early in its term without delay.

Do y’all agree with any/all/some of these poliices? Hmmm 🤔

#Project2025 #US #Trump

Very sunny 16°C, heaps of people outside. As soon as we were a bit further into the forest, we had it completely for us. From the foot we thought that the view might be rather good, but up at the summit, it turned out to be very hazy. Oh well. Surprisingly, I found four skyrocket sticks in premium quality. More than after New Year! Also, we came across two deer. It was a very nice two hours walk. No photos, though, sorry.

@eapl.me@eapl.me @andros@twtxt.andros.dev Eureka! It works! https://github.com/upputter/testing-twtxt-dm
PBKDF2_KEY_SIZE = 48 was the turning point! My dirty little crypt.class.php can en- and decrypt, accoridng to the OpenSSL standard and options used in https://twtxt.dev/exts/direct-message.html

I don’t think so, at least the tests I did passed. If you’re pretty sure it’s a bug, please create an issue in the repository with the specific case and I’ll investigate it.
There are 2 buttons to make replicas, one makes a replica in the thread where the twt is located (this is the one that should be used the most, as it serves a thread), the other creates a replica to a specific twt.
I’ll let you know a bit about the status: I’m just now implementing the thread screen. There you can be sure where you are. It’s a bit confusing right now, sorry. I think the client is still in alpha. When I’ve finished what I’m doing, and the direct message system, I’ll freeze development and focus on creating more tests, looking for bugs and making small visual adjustments.

@andros@twtxt.andros.dev is it me or twtxt-el generates a wrong twt hash when I use the [ ↳ Reply to twt ] button?

I’m happy to note that tomorrow is already Friday. However, looking back on the week, I can’t think of anything terribly useful I’ve accomplished. Hard to distinguish it from a plain zero. Again. Hmm. Anyway, looking forward to the weekend.

@bender@twtxt.net Hmmm, does that mean it’s not that popular in the US? 🤔

here is my progress so far: https://github.com/eapl-gemugami/twtxt-direct-message-php
The encryption part seems to work, if I decrypt it the message with OpenSSL.
I think it can help you for some key parts not well explained in OpenSSL documentation.

@andros@twtxt.andros.dev reading your spec I wrote a few notes here: https://github.com/eapl-gemugami/twtxt-direct-message-php/blob/main/direct_message_spec.md

@arne@uplegger.eu I haven’t check your repo yet, although you are using sodium, right?

I thought hCaptcha was getting off the rails. Try making an X account using a VPN service!

I haven’t taken a look into that extension, although I think you could use the OpenSSL library: https://www.php.net/manual/en/function.openssl-encrypt.php

@arne@uplegger.eu I think you want to use the sodium_crypto functions/modules for PHP 🤔🤔

@arne@uplegger.eu Hi! I love that you’re implementing it! Maybe, when we’re both done, we could test the clients by communicating both.
I don’t think I’m going to be able to help you much, my knowledge of OpenSSL and PHP is not as high as I’d like it to be.
Maybe the OpenSSL version uses SHA-1 by default in PHP. Or that the IV is derived together with the key (not generated separately). But I’m not able to answer your questions, sorry.
I’m invoking the commands directly, without any libraries in between. Maybe that would help you?

@arne@uplegger.eu Well, just for my understanding. The command:
echo "Lorem ipsum" | openssl enc -aes-256-cbc -pbkdf2 -iter 100000 -out message.enc -pass file:shared_key.bin
will take the input string from echo to openssl. It then will

1. use the content of shared_key.bin as password
   
2. use PBKDF2 with an iteration of 100000 to generate a encryption key from the given password (shared_key.bin)
   
3. use the PBKDF2 generated key for an aes-256-cbc encryption
   

The final result is encrypted data with the prepended salt (which was generated by runtime), e.g.: Salted__q�;��-�T���"h%��5�� ....

With a dummy script I now can generate a valide shared key within PHP ‘openssl_pkey_derive()’ - identical to OpenSSL.
I also can en-/decrypt salted data within my script, but not with OpenSSL. There are several parameters of PBKDF2 unknown to me.

Question:

1. Is the salt, used by aes-256-cbc and PBKDF2 the same, prepended in the encrypted data?
   
2. Witch algorithm/cipher is used within PBKDF2: sha1, sha256, …?
   
3. What is the desired key length of PBKDF2 (https://www.php.net/manual/en/function.openssl-pbkdf2.php)?
   

To be continued …

oh cool @lyse@lyse.isobeef.org !! and thanks, got rid of that empty line. ATM I’m using twtxt very much in an experimental way, only manual editing or writing my tools. curious to see how it will evolve. #meta #twtxt

Does anybody know a right mouse click save and reduce a screen saver image to a smaller file, say 50KB?
My usual method is slow, place in image program and re-save it smaller.

I used to have a Window’s way to reduce file images from 1MB to 50 KB with right mouse click.

@prologic@twtxt.net I wish getting a static IP and a (more) stable internet connection wasn’t so hard over here. Then I could do proper self-hosting as well. But as it stands, I need some rented VPS.

I could go ahead and just use the VPS for the IP, i.e. forward all traffic through Wireguard to a box here at home. Big downside is that the network connection would be even slower than it already is and my ISP breaks down all the time for a few minutes … it’s just bad overall and much easier/better to rent a VPS. 🫤

hey @lyse@lyse.isobeef.org I’ve seen your mention from uhhmmm 4months ago just now using my crawler -__-’ / curious to know, do you see my mention now? #meta #twtxt

@prologic@twtxt.net I’m speculating, but if I had to guess I’d say it’s probably asking for your user password in order to access some user keyring (or whatever your OS uses to manage user secret credentials) used to safely store your passkeys related data in order to do its passkeys /ME doing air quotes Magic™ … you could try with a different password manager to avoid said scenario.

Also, passkeys UX sucks.

I’m in an article in Quanta Magazine! It’s about the bizarre world of algorithms that re-use memory that’s already full. https://www.quantamagazine.org/catalytic-computing-taps-the-full-power-of-a-full-hard-drive-20250218/ I’m the one with all the snow in the background.

I’m surprised, here you can’t find dial controls anymore. How old are your ovens? The last one my parents had was from the 90s.

I was amazed experimenting with different combinations, for instance instead of 100, using 60 for a minute, 90 for 1:30, and stupid stuff like heating with 11, 22, 55 seconds and so, to make it quicker to type any time.

Yesterday I was doing a lot of research on how #hyperdrive and the #holepunch project work. Would it be possible to use it to make #twtxt an easier gateway for new users? Could we stop using web servers?
My conclusion: We would end up being a #nostr. On the one hand it would become more complex to use, it would force the user to have software installed, and on the other hand the community would need a central proxy to make the routes accessible via HTTP. In other words, it’s not a good idea.
However, it’s an AMAZING technology. I want to start playing with it.

I got promoted today to try using Passkeys on Github.com. Fine 😅 I did that, but I discovered that when you use your Passkey to login, Chrome prompts you for your device’s password (i.e: The password you use to login to your macOS Desktop). Is that intentional? Kind of defeats the point no? I mean sure, now there’s no Password being transmitted, stored or presented to Github.com but still, all an attacker has to do is somehow be on my device and know my login password to my device right? Is that better or worse? 🤔

I’m continuing my tt rewrite in Go and quickly implemented a stack widget for tview. The builtin Pages is similar but way too complicated for my use case. I would have to specify a mandatory name and some additional options for each page. Also, it allows me to randomly jump around between pages using names, but only gives me direct access the first, however, not the last page. Weird. I don’t wanna remember names. All I really need is a classic stack. You open a new fullscreen dialog and maybe another one on top of that. Closing the upper most brings you back to the previous one and so on.

The very first dialog I added is viewing the raw message text. Unlike in @arne@uplegger.eu’s TwtxtReader, I’m not able to include the original timestamp, though. I don’t have it in its original form in the database. :-/

Next up is a URL view.

Added support for uploading images to to #Timeline

Image

What exact feeds are we talking about that uses spaces instead of tabs or the T’s in timestamp?

The project is a POC (Proof of Concept) that went into production and the company has customers who are using it. The developers had been working for several years, without testing, structure, isolation and so on. The company hired me to transform the project into a real product. There are in my hands 422 python files to transform that they beg me a refactore, architecture and testing. Every developer’s bad dream.
My first step is to read and understand the tree because there are apps inside other apps call each other. I am very determined to work on a new repository.

@eapl.me@eapl.me Yeah, you need some kind of storage for that. But chances are that there’s already a cache in place. Ideally, the client remembers etags or last modified timestamps in order to reduce unnecessary network traffic when fetching feeds over HTTP(S).

A newsreader without read flags would be totally useless to me. But I also do not subscribe to fire hose feeds, so maybe that’s a different story with these. I don’t know.

To me, filtering read messages out and only showing new messages is the obvious solution. No need for notifications in my opinion.

There are different approaches with read flags. Personally, I like to explicitly mark messages read or unread. This way, I can think about something and easily come back later to reply. Of course, marking messages read could also happen automatically. All decent mail clients I’ve used in my life offered even more advanced features, like delayed automatic marking.

All I can say is that I’m super happy with that for years. It works absolutely great for me. The only downside is that I see heaps of new, despite years old messages when a bug causes a feed to be incorrectly updated (https://twtxt.net/twt/tnsuifa). ;-)

that’s a fair point.

Perhaps, since Twitter in 2006 never implemented read flags, every derivative microblogging system never saw that as an expected feature. This is curious because Twitter started with SMS, where on our phones we can mark messages as read or unread.
I think it all comes from the difference between reading an email (directed to you) vs. reading public posts (like a blog or a ‘wall,’ where you don’t mark posts as read). It’s not necessary to mark it as ‘read’, you just jump over it.

Reading microblogging posts in an email program is not common, I think, and I haven’t really used it, so I cannot say how it works, and whether it would be better for me or not.
However, I’ve used Thunderbird as a feed reader, and I understand the advantages when reading blog posts.

About read flags being simple, well… we just had a discussion this morning about how tracking read messages would require a lot of rethinking for clients such as timeline where no state is stored. Even considering some kind of ‘notification of unread messages or mentions’ is not expected for those minimalist client, so it’s an interesting compromise to think about.

@mckinley@twtxt.net Yeah, all this JS and HTMX garbage messes up a lot of things which used to work better in the earlier days.

trying to keep it simple but.. perhaps it can be extended to fix timestamp formats like using " " instead of "T"

i made a little twtxt feed fixer for when a feed uses other whitespace instead of tabs.

https://git.mills.io/yarnsocial/go-lextwt/pulls/32

@movq@www.uninformativ.de Yeah, maybe. What browsers are you using again for these two?

@movq@www.uninformativ.de It happens to the best of us :-) On a more serious note: I’m relieved to hear that I’m not the only one who is completely perplexed by his own projects when returning back to them after a short hiatus.

@movq@www.uninformativ.de This time it works! (For the first time). Using mutt, yes, and the config is yours. I’ll contact you later, when I have more data. Some time needed to experiment. Thanks!

@jost@jost.sdfeu.org Hmm, not really, no. Could you share your mutt config? (Are you using mutt?) Feel free to send me an email, if doing this over twtxt doesn’t work (yet). You can find the address on https://www.uninformativ.de/contact.html ✌️

Thanks for your replies to my ‘Hello World’. Seems I can post but not reply myself. Using jenny, who isn’t as gentle as the name suggests ;-) I’ll figure it out.

@sorenpeter@darch.dk It depends on your requirements. If you just want to put your code somewhere for yourself, simply push it over SSH on a server and call it good. That’s what I do with lots of repos. If you want an additional web UI for read access for the public, cgit comes to mind (a mate uses that). Prologic runs Gitea, which offers heaps more functionality like merge requests.

To all my EU friends out there, is it this hard™ to reach a human in European companies that allow, perform or permit silly shenanigans? 🤔 Or is it just US companies? 🤔

For many years I have found Flask to be too basic a tool for modern development. But since I create APIs using Flask with Pydantic to validate the input data, some middlewares for parsing and Blueprint to separate the code into modules… I must admit that I am super comfortable, fast and easy to test.
#flask #python #pydantic

General is “peoples”. Our community want replies and reactions minimum. Currently used Telegram+Matrix (most on Telegram and me from bridge)

yes it is! although, I’ve only used it to send files and links back and fourth between devices xD none of my relatives wanted to give it a try, which is kinda fair enough (I wouldn’t use WhatsApp if they asked) xD

OpenAI Says It Has Evidence DeepSeek Used Its Model To Train Competitor
OpenAI says it has evidence suggesting Chinese AI startup DeepSeek used its proprietary models to train a competing open-source system through “distillation,” a technique where smaller models learn from larger ones’ outputs.

The San Francisco-based company, along with partner Microsoft, blocked suspected DeepSeek accounts from accessing … ⌘ Read more

Hey, I like this simple Web game:
https://wordswithrobots.isotropic.us

2 players Codenames vs (or along) gpt-4o-mini

anyway friends i went to the met yesterday and i have apparently been before but i was a little kid so i don’t remember. i took the chance to finally clean up and use my mediagoblin instance. here’s a collection https://remix.girlonthemoon.xyz/u/accendio/collection/2025-met/

You can use php-fpm via php_fastcgi in #Caddy

No no! I’m talking about twtxt’s own branding. It’s currently horizontal text. Is the image you’re sharing a logo that’s being used? 😯

What is clean architecture? That’s a good question.

You think of a pattern for ordering code with good decisions isolating technologies (you can change the web framework or database without break the business logic), easy to test (you only test interfaces and use cases), sharing code between frameworks (entities and use cases), scalability, modulations and standardizing names. Clean architecture is not perfect, it has a learning curve and some abstraction in each technology. You can even find rejection with yours colleagues.
I have a good article on this topic.
https://programadorwebvalencia.com/implementando-arquitectura-limpia-en-python/
#python

I share a simple API template with Clean Architecture using #flask and #fastapi
https://git.andros.dev/andros/api-template-with-clean-architecture
#cleancode #cleanarchitecture