@prologic@twtxt.net Yeah, it’s not a strong sandbox in jenny’s case, it could still read my SSH private key (in case of an exploit of some sort). But I still like it.

I think my main takeaway is this: Knowing that technologies like Landlock/pledge/unveil exist and knowing that they are very easy to use, will probably nudge me into writing software differently in the future.

jenny was never meant to be sandboxed, so it can’t make great use of it. Future software might be different.

(And this is finally a strong argument for static linking.)

Another example:

$ setpriv \
    --landlock-access fs \
    --landlock-rule path-beneath:execute,read-file:/bin/ls-static \
    --landlock-rule path-beneath:read-dir:/tmp \
    /bin/ls-static /tmp/tmp/xorg.atom

The first argument --landlock-access fs says that nothing is allowed.

--landlock-rule path-beneath:execute,read-file:/bin/ls-static says that reading and executing that file is allowed. It’s a statically linked ls program (not GNU ls).

--landlock-rule path-beneath:read-dir:/tmp says that reading the /tmp directory and everything below it is allowed.

The output of the ls-static program is this line:

─rw─r──r────x 3000 200 07-12 09:19 22'491 │ /tmp/tmp/xorg.atom

It was able to read the directory, see the file, do stat() on it and everything, the little x indicates that getting xattrs also worked.

3000 and 200 are user name and group name – they are shown as numeric, because the program does not have access to /etc/passwd and /etc/group.

Adding --landlock-rule path-beneath:read-file:/etc/passwd, for example, allows resolving users and yields this:

─rw─r──r────x cathy 200 07-12 09:19 22'491 │ /tmp/tmp/xorg.atom

@prologic@twtxt.net Yeah, this really could use a proper definition or a “manifest”. 😅 Many of these ideas are not very wide spread. And I haven’t come across similar projects in all these years.

Let’s take the farbfeld image format as an example again. I think this captures the “spirit” quite well, because this isn’t even about code.

This is the entire farbfeld spec:

farbfeld is a lossless image format which is easy to parse, pipe and compress. It has the following format:

╔════════╤═════════════════════════════════════════════════════════╗
║ Bytes  │ Description                                             ║
╠════════╪═════════════════════════════════════════════════════════╣
║ 8      │ "farbfeld" magic value                                  ║
╟────────┼─────────────────────────────────────────────────────────╢
║ 4      │ 32-Bit BE unsigned integer (width)                      ║
╟────────┼─────────────────────────────────────────────────────────╢
║ 4      │ 32-Bit BE unsigned integer (height)                     ║
╟────────┼─────────────────────────────────────────────────────────╢
║ [2222] │ 4x16-Bit BE unsigned integers [RGBA] / pixel, row-major ║
╚════════╧═════════════════════════════════════════════════════════╝

The RGB-data should be sRGB for best interoperability and not alpha-premultiplied.

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I think these are some of the properties worth mentioning:

• The spec is extremely short. You can read this in under a minute and fully understand it. That alone is gold.
  
• There are no “knobs”: It’s just a single version, it’s not like there’s also an 8-bit color depth version and one for 16-bit and one for extra large images and one that supports layers and so on. This makes it much easier to implement a fully compliant program.
  
• Despite being so simple, it’s useful. I’ve used it in various programs, like my window manager, my status bars, some toy programs like “tuxeyes” (an Xeyes variant), or Advent of Code.
  
• The format does not include compression because it doesn’t need to. Just use something like bzip2 to get file sizes similar to PNG.
  
• It doesn’t cover every use case under the sun, but it does cover the most important ones (imho). They have discussed using something other than RGBA and decided it’s not worth the trouble.
  
• They refrained from adding extra baggage like metadata. It would have needlessly complicated things.

@movq@www.uninformativ.de Yeah that’s why I’m striking this conversation with you 😅 Not only do I respect your opinion quite highly 🤣 But like you say (and I’ve read their philipshpy) it can be a bit “elitism” for sure. I’m genuinely interested in what we think of as software that “doesn’t suck”. Tb be honest I haven’t really put thought to paper myself, but I reckon if I did, I’d have some opinions/ideas…

@eldersnake@we.loveprivacy.club This was an interesting read for sure! 👍 I don’t think it had anything I hadn’t already considered in terms of the ethical/moral points of view. I’m not sure where I stand myself either to be honest. I’ve forced myself to get familiar with the ecosystem and tooling, because in my line of work as a tech lead (staff engineer in sre) you don’t want to be that one guy that ya know 😉 Ethically/Morally though, I’m definitely with the sentiment of this post 😅 Much like the whole Crypto hype yaers back (if y’all remember?!) this is also one of the most energy hungry pieces of “tech” (if you can call it that?) in a while. Then there’s these other issues “stealing people’s work”, “reliance is causing humans to become cognitively weak and neural connections to shrink”, to name a few…

@prologic@twtxt.net I like the last two, on the first three you sent. I looked up “Canarvon Gorge”, and read more about it. Thanks for introducing me to it!

Thanks @bender@twtxt.net! Yeah, so super cute. I couldn’t pet them, though. Despite very curious, they were also very restless.

I persuaded my dad to check out the fireflies with me tonight. He only wanted to go for a short trip, so we came just across a couple hundred of them. Otherwise, the thousands mark would have been exceeded in no time. He was super glad I talked him into that. :-)

It was also my first time to see them over the meadows. Those numbers don’t compare to the ones inside the forest, no question, but we probably saw 60 or so. Haven’t come across them there before, I only heard and read about that.

Note to future-Lyse next year: Leaving at 21:45 seems like a good time. We left earlier and had to wait just a few more minutes for them to come out in masses.

Too bad it’s impossible to share photos or videos. My camera isn’t made for that at all, not even close.

Unless your Terms of use update email looks and reads the same as the one I got yesterday from mastodon.social, I don’t wanna know about it, nor do I agree to it.

@kat@yarn.girlonthemoon.xyz Ooh, I’ve got to bookmark that page. 😃

@aelaraji@aelaraji.com I wish I had the luxury of not reading that junk. 😅 But instead, I have a Mutt hotkey that pipes an HTML mail through elinks … Bah.

@movq@www.uninformativ.de > That guy over there in the corner…

I’m literally sitting in a corner chuckles. I rarely get any emails nowadays. But if I do and it is not plain-text, then my Mutt gets to bark at it and I, just… won’t read it. 🤷🏽‍♂️

@movq@www.uninformativ.de Yeah. :-( But hey, there are at least six of us using mail as it should be™. :-)

I sent the dealer an e-mail about that with all sorts of other issues as well. Let’s see if they fix anything of that some day. Or yet just even read it.

It all started in New York in the early 1980s. Click, now 85, and his friends were sitting at the long bar of the New York Athletic club reading magazine articles about boxing, fencing, judo and wrestling. “One of my mates said, ‘Dude, we don’t do any of those things.’” They had to face it. They were dull. They decided to embrace their dullness.

As a joke, they started The Dull Men’s Club, which involved some very silly, dull activities. They chartered a tour bus but didn’t go anywhere. “We toured the bus. We walked around the outside of the bus a few times. And the driver explained the tyre pressures and turned on the windscreen wipers.”

https://www.theguardian.com/society/2025/jun/09/meet-the-members-of-the-dull-mens-club-some-of-them-would-bore-the-ears-off-you

OpenBSD has the wonderful pledge() and unveil() syscalls:

https://www.youtube.com/watch?v=bXO6nelFt-E

Not only are they super useful (the program itself can drop privileges – like, it can initialize itself, read some files, whatever, and then tell the kernel that it will never do anything like that again; if it does, e.g. by being exploited through a bug, it gets killed by the kernel), but they are also extremely easy to use.

Imagine a server program with a connected socket in file descriptor 0. Before reading any data from the client, the program can do this:

unveil("/var/www/whatever", "r");
unveil(NULL, NULL);
pledge("stdio rpath", NULL);

Done. It’s now limited to reading files from that directory, communicating with the existing socket, stuff like that. But it cannot ever read any other files or exec() into something else.

I can’t wait for the day when we have something like this on Linux. There have been some attempts, but it’s not that easy. And it’s certainly not mainstream, yet.

I need to have a closer look at Linux’s Landlock soon (“soon”), but this is considerably more complicated than pledge()/unveil():

https://landlock.io/

@bender@twtxt.net Both Gopher and Mastodon are a way for me to “babble”. 😅 I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesn’t really work for me. It’s too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (I’m not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons don’t really support following hashtags, which is a must-have for me).

I’ll probably keep reading Fedi stuff, I just won’t post that much, I think.

@prologic@twtxt.net Yeah, it’s difficult, you often don’t get what you’d expect. They also make heavy use of 3rd party libraries. IIUC, for random numbers, they refer to this library. I’ve read many times that the Rust stdlib is intentionally minimalistic (to make it easier to maintain and port and all that).

I’m struggling with this, using 3rd party libs for so many things isn’t really my cup of tea. I’ll probably make my own tiny little “standard library”. It’s silly, but I don’t see any other options. 🤷

@kat@yarn.girlonthemoon.xyz That sounds fun! I’m happy to read an article on how you did that. :-)

@movq@www.uninformativ.de i feel like when i read go code i’m reading some algebra shit where every part is 1-5 letters long and then there’s weird symbols like := and it’s just infinitely harder for me to parse and infer meaning from lol. it’s such a me problem

@prologic@twtxt.net You can read more about the “cryptic” live coding language Punctual in my newsletter

Wanna read something very scary?

Your future doctor is using ChatGPT to pass medical school, so you better start riding a bike and eating healthy now.

😨😨😨

https://infosec.exchange/@duanegran/114531604486731084

@lyse@lyse.isobeef.org I can’t read. 🤦 Yeah, that’s gonna be a problem. I was not yet able to trigger it, though. Maybe they are (like Google) rolling out these changes gradually …

@bender@twtxt.net Basically the way I’m reading this is 1 RPM. This is a rather aggressive rate limit actually. This basically makes Github inaccessible and useless for basically anything unless you’re logged in. You can basically kiss “pursuing” casually, anonymously goodbye.

Imagine if I imposed that kind of rate limit on twtxt.net?! 🤣

@kat@yarn.girlonthemoon.xyz You don’t need to change the directory first in line 11, you can just create the directory, that’s sufficient since you’re having an absolute path.

The echo in line 13 is useless, you can simplify this to: newdir="$WD/$now" If you reversed this line with the previous one, you could make use of the variable in the directory creation: mkdir "$newdir".

In line 16, pull the directory change out of the loop upfront. The loop body doesn’t modify the working directory, so no need to reset it with each cycle. In fact, you could even spare the cd altogether when you simply tell find where to look: find "$basedir" -type f….

I didn’t try it, but if I read the manpage correctly, you should be able to simplify line 19 as well:

-C Change to DIR before performing any operations. This option is order-sensitive, i.e. it affects all options that follow.

Hence, remove the cd and put the -C "$WD" as the first argument to tar. Again, I didn’t try it. Proceed with caution.

Finally, you don’t need to specify the full path to rm in line 21. I bet, /bin is in your PATH. When you removed the previous cd from my last suggestion, the relative path that follows won’t work anymore. So, just use the absolute path that you already have in a variable: rm -rf "$newdir"

I hope you find this tiny review a wee bit useful. :-)

@prologic@twtxt.net I read a little about her. Looks to be a good fit for the seat she is holding. I hope she gets to keep it.

@andros@twtxt.andros.dev Programming is art. You become good at art by practising your art. You learn artistic patterns by being inspired by and reading others art works. The most importance however is that you practise your art.

Nobody want to be a shitty programmer. The question is: Do you do anything not to not be one?
Reading blogs or social media and watching YouTube videos is fun. After them, your code may be a little better, of course. But you need a lot. You need to study! Read good books and study the code of other programmers, for example. Maybe work with a new language, architectures and paradigms. You need break the routine.

If you know Object-oriented programming, you learn functional programming.
If you know Model-View-Controller, you learn Model-View-ViewModel.
If you don’t know anything about architectures, you learn Clean Architecture, Hexagonal Architecture, etc.
If you know Python, you learn Ruby or Go.
If you know Clojure or Lisp… you don’t need to learn anything else. You are already a good programmer. Just kidding. You can learn Elixir or Scala.

Be a good programmer my friend.

happy free comic book day! my store was out of freebies but i got some of my pulls and also a trade of one of my favorite reads last year!

Image

@bender@twtxt.net Mainly the bsd.cafe ones. I like how the minimalist single column profiles look. Image embeds are full width and reading through threads feels nice (as in it doesn’t feel like pealing layers upon layers of a fresh onion).

Confession:

I’ve never found microblogging like twtxt or the Fediverse or any other “modern” social media to be truly fulfilling/satisfying.

The reason is that it is focused so much on people. You follow this or that person, everybody spends time making a nice profile page, the posts are all very “ego-centric”. Seriously, it feels like everybody is on an ego-trip all the time (this is much worse on the Fediverse, not so much here on twtxt).

I miss the days of topic-based forums/groups. A Linux forum here, a forum about programming there, another one about a certain game. Stuff like that. That was really great – and it didn’t even suffer from the need to federate.

Sadly, most of these forums are dead now. Especially the nerds spend a lot of time on the Fediverse now and have abandoned forums almost completely.

On Mastodon, you can follow hashtags, which somewhat emulates a topic-based experience. But it’s not that great and the protocol isn’t meant to be used that way (just read the snac2 docs on this issue). And the concept of “likes” has eliminated lots of the actual user interaction. ☹️

that said, and reading to @sorenpeter@darch.dk and @andros@twtxt.andros.dev I have new thoughts. I assume that this won’t change anyone’s opinions or priorities, so it makes no harm sharing them.

It’s always tempting to use something that already exists (like X, Masto, Bsky, etc.) rather that building anything through effort and disagreement until reaching to something useful and valuable together. A ‘social service’ is only useful if people is using it.

I’ll add that I haven’t lost interest on the ‘hacky’ part of twtxt about developing tools, protocols, and extensions as a community. It’s the appealing part! It’s a nice hobby to have, shared with random people across the world.
But this is not the right way for me, and makes me feel that I’m unwelcome to propose something different (after watching replies to my previous twt). Feels like “If you don’t agree, you are free to leave, we’ll miss you.” Naah, not cool. I’ve lived that many times before, and nowadays I don’t have enough spare time and energy for a hobby like that.

Let’s see what happens next with the micro-community!

@prologic@twtxt.net I’m very sorry but my feelings are similar to @eapl.me@eapl.me . For a long time I thought that Yarn was part of the Twtxt ecosystem, and not that Twtxt is an extension of Yarn. I don’t feel comfortable with what has happened. I didn’t expect this change of direction.
The nice part of Twtxt is that it is read by humans, with a simpler format. It’s the heart of the social network.
I need to think for a little time, but I’m thinking of stopping my involvement in the community.

@thecanine@twtxt.net do you read ed zitron’s newsletter? he writes in depth about how AI is a crock of shit it makes me feel normal for once

@movq@www.uninformativ.de I started with Delphi in school, the book (that we never ever used even once and I also never looked at) taught Pascal. The UI part felt easy at first but prevented me from understanding fundamental stuff like procedures or functions or even begin and end blocks for ifs or loops. For example I always thought that I needed to have a button somewhere, even if hidden. That gave me a handler procedure where I could put code and somehow call it. Two or three years later, a new mate from the parallel class finally told me that this wasn’t necessary and how to do thing better.

You know all too well that back in the day there was not a whole lot of information out there. And the bits that did exist were well hidden. At least from me. Eventually discovering planet-quellcodes.de (I don’t remember if that was the original forum or if that got split off from some other board) via my best schoolmate was like finding the Amber Room. Yeah, reading the ITG book would have been a very good idea for sure. :-)

In hindsight, a console program without the UI overhead might have been better. At least for the very start. Much less things to worry about or get lost.

Hence, I’d recommend to start programming with a console program. As for the language, not sure. But Python is probably a good choice, it doesn’t require a lot of surrounding boilerplate like, say Java or Go. It also does exceptionally well in the principle of least surprise.

@prologic@twtxt.net and the aim, and end result, is that by reading and learning from it you will prepare yourself to nearly completely avoid accidents. Am I right? 🙂

These ideas are dr the two books:

• Drift into Failure: From Hunting Broken Components to Understanding Complex Systems by Sidney Dekker (2011)
  
• Engineering a Safer World by Nancy Leveson (2011)
  

The former I haven’t read. The later I haven’t finished reading 😅

@lyse@lyse.isobeef.org haha, not satire. It is also in Mark Twain’s “Huckleberry Finn” as well:

“If fifteen cows is browsing on a hillside, how many of them eats with their heads pointed the same direction?”

“The whole fifteen, mum.”

@prologic@twtxt.net lovesick by luana vecchio! it’s really brutal and explicit, just super intense all around but super worth the read if you can stomach it. great comic

“Here’s what we do know: After their meeting ended and Vice President Vance left the room, the pope was still alive. We can deduce that he was alive, because he was heard asking an assistant, “Ho appena incontrato il volto del diavolo?” which roughly translates to, “Have I just encountered the face of the devil?” It’s a very common question that has been asked in many languages after encounters with JD Vance.”

I couldn’t help but chuckling a bit while reading.

by commenting out DMs are you giving up on simplicity? See the Metadata extension holding the data inside comments, as the client doesn’t need to show it inside the timeline.

I don’t think that commenting out DMs as we are doing for metadata is giving up on simplicity (it’s a feature already), and it helps to hide unwanted DMs to clients that will take months to add it’s support to something named… an extension.

For some other extensions in https://twtxt.dev/extensions.html (for example the reply-to hash #abcdfeg or the mention @ < example http://example.org/twtxt.txt >) is not a big deal. The twt is still understandable in plain text.
For DM, it’s only interesting for you if you are the recipient, otherwise you see an scrambled message like 1234567890abcdef=. Even if you see it, you’ll need some decryption to read it. I’ve said before that DMs shouldn’t be in the same section that the timeline as it’s confusing.

So my point stands, and as I’ve said before, we are discussing it as a community, so let’s see what other maintainers add to the convo.

@andros@twtxt.andros.dev Haha 🤣 We’ve explored this idea in the past and we decided that it’s actually a good idea to have an “append-only” feed for various reasons. We’ve also explored the idea of using Range requests, but opted instead to just archive/rotate our feeds periodically 😅 There really isn’t much point in having a feed in reverse chronological order, except (maybe?) so a human read view the new twts at the top of the file?! 🤣

@bender@twtxt.net I use it. It’s not the feature I use the most in the fediverse, but I communicate this way with several friends. For example, it’s the main way I talk to the original creator of the twtxt-el repository, the way people greet me for the first time or the way they notify me of some bugs in the software I maintain. I can even tell you that it’s the main way I talk to some maintainers of the Emacs community. If there are any of you reading my words, speak up!
Why not have the same? There are things I want to say to @prologic@twtxt.net in private, why should I have to send him an email or private IRC? Or an public twt.
Of course, here’s a topic we’ve already talked about: what is twtxt for you? For me it will always be a social network, in microblogging format, but an asynchronous way of communicating. And having a tool to control visibility is basic 😄
I look forward to hearing from you @eapl.me@eapl.me !

After reading you, @eapl.me@eapl.me, I’ll tell you my point of view.
In my opinion, a feed does not have to be equivalent to a timeline. A timeline is a representation of the feed adapted to a user. You may not be interested in seeing other people’s threads or DMs. But perhaps they are interested in seeing mentions or DMs directed at them. It is important not to fall into the trap. With that clarification…
I insist, this is my point of view, it is not an absolute truth: I don’t think extensions should be respectful of customers who are no longer maintained.
We cannot have a system that is simple, backwards compatible and extensible all at the same time. We have to give up some of the 3 points. I would not like to give up simplicity because it will then make it harder to maintain the customers who do stay. Therefore, I think it is better to give up backwards compatibility and play with new formulas in the extensions. I don’t think it’s a good idea to make a hash keep so much load: a hashtag, a thread and also a DM.

@prologic@twtxt.net Since you have to check and double check everything it spits out (without providing sources), I don’t find any of this helpful. It’s like someone’s in the room with you and that person is saying random stuff that might or might not be correct. At best, it might spark some new idea in your head and then you follow that idea the traditional way.

Information published on the internet (or anywhere, for that matter) was never guaranteed to be correct. But at least you had a “frame of reference”: “Ah, I read this information about Linux on a blog that usually posts about Windows, so this one single Linux post might not necessarily be correct.” That is completely lost with LLMs. It’s literally all mushed together. 🤷

@prologic@twtxt.net This shi_ is as fun as it is frustrating! 😆 the bot is poking at me from a different ASN now, Alibaba’s.

1. Short term solution: I’ve geo-locked my Timeline instance since I’m the only one using it (and I only do so for reading twts when I’m away from terminal).
   
2. Long term: I took a look at your Caddy WAF but couldn’t figure things out on my own; until then, I’ll be poking at Caddy-Defender, maybe throw in a Crowdsec for lols… #FUN

7k words of docs on deploying a livejournal folk. you absolutely want to read 7 thousand words of me forcing dreamwidth into production shape in docker https://stash.4-walls.net/selfhostdw/

@eapl.me@eapl.me This is one of my concerns too. The moment you post publicly ciphertext, you open yourself up for future attacks on the ciphertext, which you really want to avoid if you can. If you have a read of the Salty.im Spec you’ll note we went to great lengths to protect the user’s privacy as well as their identity and make it incredibly hard to guess at inboxes. It’s still a WIP, but I’d love to see it progressed even further – I truly feel strongly about a purely decentralised messaging ecosystem 👌

Fascinating read on the emerging Model Context Protocol — a new standard for integrating LLMs with agents and tools.

@prologic@twtxt.net you wrote:

“Based on a recent study of the brains of mice I estimated the human brain to have 200B cells/neurons and 50,000T connections.”

What’s the relation between the brains of mice, and the human brain? I am kind of lost trying to make the connection.

I also read that it isn’t 5 watts, but more like 10-20 watts. Still a super tiny consumption, comparing to what it takes to run anything AI.

@movq@www.uninformativ.de Holy crap, that’s really crazy!

Hahaha, you got me. When I read your first sentence I thought you were going to tell about your Wayland experience in comparison to X11. :-D

oh out of boredom yesterday i made my blog available via markdown files too so you can use charmbracelet/glow to read them in your terminal :)

basically i just set up a file directory on a path of my blog, organized the MD files by year, and so in theory you can navigate to that path and choose a folder, then copy a link to a markdown post and run this:

glow -p https://bubblegum.girlonthemoon.xyz/md/2025/2025-03-31%20premature%20reflections%20on%20sudden%20responsibility.md

and then as long as you have glow installed, you can read my posts from the terminal :D it’s so cool

So I re-write this shell alias that I used all the time alias dkv="docker rm" to be a much safer shell function:

dkv() {
  if [[ "$1" == "rm" && -n "$2" ]]; then
    read -r -p "Are you sure you want to delete volume '$2'? [Y/n] " confirm
    confirm=${confirm:-Y}
    if [[ "$confirm" =~ ^[Yy]$ ]]; then
      # Disable history
      set +o history

      # Delete the volume
      docker volume rm "$2"

      # Re-enable history
      set -o history
    else
      echo "Aborted."
    fi
  else
    docker volume "$@"
  fi
}

This is such an interesting reading

Lessons from open source in the Mexican government
https://lwn.net/Articles/1013776/

@arne@uplegger.eu I’m very glad I only rarely have to deal with .docx & Co. And when I have to, 99% is in read mode only. Even though, I don’t think that Markdown is the best choice, I use it on a daily basis. Some things, like links, in reStructuredText are better in my opinion.

Jira just resists to switch to Markdown and forces us to use its silly markup language.

For real typesetting, LaTeX is the way to go. But I very, very rarely do that.

@thecanine@twtxt.net My apologies, mate! :-( As @david@collantes.us pointed out, this was definitely not my intent at all.

For the easter egg hunt, I first looked for a hidden image map link on the pixel dog in the right lower corner itself. Maybe one giant pixel just links to somewhere else, I figured. But I couldn’t find any and then quickly moved on. Hence, I naturally viewed the HTML source. Because where else would be a good hiding place for easter eggs, right?

Next, I noticed the <font> tags. I thought I had read quite some time ago that they are not an HTML5 thing, but wasn’t entirely sure about it. So, I asked the W3C HTML validator. Sure enough. I thought I let you know about the violations. If somebody had found a mistake on my site, I’d love to hear about it, so I could fix it. I’m sorry that my chosen form of report didn’t resonate with you all that well. I reckoned you’ll also find it a bit funny, but I was clearly very wrong on that.

I actually followed the dog cow link to the video, so I ended up on the easter egg. However, I didn’t recognize it as such. ¯_(ツ)_/¯ Oh well.

Regarding my message about the browser quirks: I read your answer that you were arguing against the HTML validator findings. Of course, everybody can do with their sites whatever they likes.

@prologic@twtxt.net @eapl.me@eapl.me I want to highlight another social problem: People don’t read. Paper industry is a bad moment because people don’t pay for books; it does not matter if it is a physical or digital platform. I have this information because I have a good friend who left the industry after publishing a magazine, books and working in an editorial. DRM is a try to give some more money.

Amazing! It is a good tool for reading feeds. What you used to calculate the hash?

Hello, i want to present my new revolution twtxt v3 format - twjson
That’s why you should use it:

1. It’s easy to to parse
   
2. It’s easy to read (in formatted mode :D)
   
3. It used actually \n for newlines, you don’t need unprintable symbols
   
4. Forget about hash collisions because using full hash
   Here is my twjson feed: https://doesnm.p.psf.lt/twjson.json
   And twtxt2json converter: https://doesnm.p.psf.lt/twjson.js

@xuu@txt.sour.is If the unread counter becomes negative, wouldn’t that mean I have that many more read messages? :-D

@bender@twtxt.net You’re spot on, it’s important to not introduce classical bugs!

thanks andros!

instead of adding the new twt at the end of the feed, do it at the beginning
The PHP client did that originally, although I didn’t see a real benefit if you use… a client.
It could help if you read the .txt file through a browser or something. Also, not many clients are prepared to cut the request, and you can’t rely on the file being organized that way, so finally we dropped that feature.

There are 82.108 read statuses, but only 24.421 messages in the cache. In contrast to the cache with the messages, the read statuses are never cleaned up when a feed was unsubscribed from. And the read statuses also contain old style hashes, before we settled on the what we have today. Still a huge difference. Hmm.

Thanks, @movq@www.uninformativ.de!

My backing SQLite database with indices is 8.7 MiB in size right now.

The twtxt cache is 7.6 MiB, it uses Python’s pickle module. And next to it there is a 16.0 MiB second database with all the read statuses for the old tt. Wow, super inefficient, it shouldn’t contain anything else, it’s a giant, pickled {"$hash": {"read": True/False}, …}. What the heck, why is it so big?! O_o

you just haven’t read this yet.

@eapl.me@eapl.me I think the benefits do not outweigh the disadvantages. Clients would have to read and merge the information from 2 txt and a new metadata would have to be added with the address of this file.
Also, it is very easy to filter or ignore it.

Hmmm, when I Ctrl+Left to jump a word left, I get 1;5D in my tt2 message text. My TERM is set to rxvt-unicode-256color. In tt, it works just fine. When I change to TERM=xterm-256color, it also works in tt2. I have to read up on that. Maybe even try to capture these sequences and rewrite them.

i really wanna learn golang it looks fun and capable and i can read it kind of but every time i try it i’m immediately stuck on basic concepts like “what the fuck is a pointer” (this has been explained to me and i still don’t get it). i did have types explained to me as like notes on code which makes sense a bit but i’m mostly lost on basic code concepts

I saw 100% I/O wait in htop today but couldn’t find a process which actually does I/O. Turns out, I/O wait isn’t what it used to be anymore:

https://lwn.net/Articles/989272/

In my case, it was mpd which triggered this:

https://github.com/MusicPlayerDaemon/MPD/issues/2241

mpd doesn’t actually do anything, it just sits there and waits for events. To my understanding, this is similar to something blocking on read(). I’m not quite sure yet if displaying this as I/O wait (or “PSI some io”) is intentional or not – but it sure is confusing.

Image

@eapl.me@eapl.me Good job! I have added these comments:

1. It is only long for humans. Clients can only leave a hyperlink.
   
2. The nickname is just a decoration, only the date that acts as the id and the URL matter. The nick is used for humans reading the feed.
   
3. It can be migrated with a script, if the feed exists.

Are there any clients to read gemini?

@thecanine@twtxt.net It suits your site very well, but I find this font hard to read. In any case, keep on pixeling.

@lyse@lyse.isobeef.org Ha, “imps”, when I read imps, I think of these guys: https://dungeonkeeper.fandom.com/wiki/Imp 😂

idfk where the error came from it just broke one day, maybe from one of my many server crashes which are becoming frequent and UGH i have to fix that too but i have a headache right now so one thing at a time. the error was ‘unexpected end of JSON input’ or something, for a while i thought oh permission error but turns out i can’t read the error that clearly indicated something syntax related (i did double check my env file though)

re reading so NewRAMStorage(…) is just something that setups your storage and initial data.. that can probably live with storage/sqlite. The point is the storage package does not import the implementations of storage.Storage It just defines the contract for things that use that interface. Now storage/sqlite CAN import storage and not have a circle dep.

It kinda works in reverse for import directions. usually you have your root package that imports things from deeper in the directory structures.. but for the case of interfaces it reverses where the deeper can import from parents but parents cannot import from children.

- app < storage
      < storage/sqlite
      < controller < storage
                   < storage/sqlite
 
- sqlite < storage

- storage X storage/sqlite

I really like the proposal and your ideas. I have been reading your articles and several points seem very interesting to me.

@bmallred@staystrong.run I forgot one more effect of edits. If clients remember the read status of massages by hash, an edit will mark the updated message as unread again. To some degree that is even the right behavior, because the message was updated, so the user might want to have a look at the updated version. On the other hand, if it’s just a small typo fix, it’s maybe not worth to tell the user about. But the client doesn’t know, at least not with additional logic.

Having said that, it appears that this only affects me personally, noone else. I don’t know of any other client that saves read statuses. But don’t worry about me, all good. Just keep doing what you’ve done so far. I wanted to mention that only for the sake of completeness. :-)

@prologic@twtxt.net I formed my opinion about this before reading/watching any additional media coverage. And yes, this is extremely bad. These two have no place on the “world stage”. They are deciding on our future. (And I am well aware that my country is heading into a similar direction – unless we stop it.)

I like this syntax, you have my vote, although I’d change it a bit like
#<Alice https://example.com/twtxt.com#2024-12-18T14:18:26+01:00>

Hashes are not a problem on PHP, I dont know why it’s slow to calculate them from your side, but I agree with your points.

BTW, did you have the chance to read my proposal on twtxt 2.0? I shared a few ideas about possible improvements to discuss:
https://text.eapl.mx/a-few-ideas-for-a-next-twtxt-version
https://text.eapl.mx/reply-to-lyse-about-twtxt

I agree. finding good writings on architecture is hard to find. I used to read architecture reviews over on the high scalability blog. i suspect the reason why is that the arch is how the big tech companies can build moats around their bases. I know in AWS world it only goes as far as how to nickle and dime you to death.

I have the books but they don’t grow much more past interview level.

@andros@twtxt.andros.dev Just before the pandemic, we watched Uncle Bob videos once a week in the lunch break. While almost all of my old teammates agreed with his views, I partially found them to be very odd and even counterproductive.

I didn’t come across John Ousterhout or any of his work before, at least not deliberately. So, this document is my first contact.

I only finished the chapter on comments and I totally agree with John so far. This document just manifests to me how weird Bob’s view is on certain subjects.

I always disagreed with the concept of a maximum method length. Sure, generally, shorter functions are probably better, but it always depends. And I’ve certainly seen super short methods that just made the code flow even worse to follow. While “one function should only do one thing” is a nice general rule, I’m 100% in team John with the shown examples. There are cases, where this doesn’t help readability at all. Not even close.

To me, a function always has to justify its existence. Either by reusing it at least at another place or by coming up with dedicated tests for it. But if it is just called once and there are no tests, I almost always decide against it. Personally, I don’t mind longer methods. We just recently had a discussion about that and I lost against two other workmates who are more in Uncle Bob’s camp, they refactored one medium sized method into three very short ones. Luckily, we agree on most other topics.

Lol, what!? The shorter the method, the longer the variables inside? I first thought I misread or the writeup mixed it up. I’ll always do it the other way around.

I’ve been also bitten badly by outdated comments in the past, but Bob must have worked on really terrible projects to end up with such an attitude to dislike comments. Oh well. No doubt, I’ve come across by several orders of magnitude more useless comments, in my experience (autogenerated) JavaDocs fall in the category more frequently than not. So, I know that there are different types of comments. A comment doesn’t automatically mean that it is good and justified.

But I also partially agree with Bob and John and think that a good name has a proper chance to save a comment. Though, when in doubt, I go John’s route and use a shorter name with a comment rather than use a kilometer long identifier. Writing good comments typically takes some time, sometimes much longer than writing the code. It regularly takes me several minutes. It’s a hard art.

I perhaps should read up on John’s work. He seems to be more reasonable and likeminded. :-) Let me continue to complete this document.

This document is the result of a series of discussions between Robert “Uncle Bob” Martin and John Ousterhout, held between September 2024 and February 2025. The text addresses three main topics: method length, comments, and Test Driven Development (TDD).
https://github.com/johnousterhout/aposd-vs-clean-code/blob/main/README.md
This is something to read and reflect on for days.

I read a lot about Clean Code, SOLID, TDD, DDD… now I’m discovering «A Philosophy of Software Design»… but nobody talks about the importance of the project architecture. Do we depend on the framework to do the work for us?
You know I’m a big fan of Clean Architecture, but I feel alone when I share my thoughts on social media or at work.
You have to think outside the framework.

here is my progress so far: https://github.com/eapl-gemugami/twtxt-direct-message-php
The encryption part seems to work, if I decrypt it the message with OpenSSL.
I think it can help you for some key parts not well explained in OpenSSL documentation.

@andros@twtxt.andros.dev reading your spec I wrote a few notes here: https://github.com/eapl-gemugami/twtxt-direct-message-php/blob/main/direct_message_spec.md

@arne@uplegger.eu I haven’t check your repo yet, although you are using sodium, right?

@andros@twtxt.andros.dev Could you share (perhaps in the extension document) the private key for alice?

I want to compare that I can read the encrypted message both from OpenSSL CLI and from the PHP OpenSSL library, following the spec.

@lyse@lyse.isobeef.org I am a big fan of “obvious” math facts that turn out to be wrong. If you want to understand how reusing space actually works, you are mostly stuck reading complexity theory papers right now. Ian wrote a good survey: https://iuuk.mff.cuni.cz/~iwmertz/papers/m23.reusing_space.pdf . It’s written for complexity theorists, but some of will make sense to programmers comfortable with math. Alternatively, I wrote an essay a few years ago explaining one technique, with (math-loving) programmers as the intended audience: https://www.falsifian.org/blog/2021/06/04/catalytic/ .

@falsifian@www.falsifian.org Oh, that’s neat! Interesting how “obviously” isn’t all that obvious at all, even to the contrary. I reckon I have to read up on that subject on the weekend. :-)

I like how Ian’s and your photo complement each other, winter and summer join forces for something special. :-)

Thinking about trying tt. If it really usable i will abandon twtxtdon (service to read twtxt feeds from mastodon client), which currently has only authorization implemented

@prologic@twtxt.net Of course you don’t notice it when yarnd only shows at most the last n messages of a feed. As an example, check out mckinley’s message from 2023-01-09T22:42:37Z. It has “[Scheduled][Scheduled][Scheduled]“… in it. This text in square brackets is repeated numerous times. If you search his feed for closing square bracket followed by an opening square bracket (][) you will find a bunch more of these. It goes without question he never typed that in his feed. My client saves each twt hash I’ve explicitly marked read. A few days ago, I got plenty of apparently years old, yet suddenly unread messages. Each and every single one of them containing this repeated bracketed text thing. The only conclusion is that something messed up the feed again.

The project is a POC (Proof of Concept) that went into production and the company has customers who are using it. The developers had been working for several years, without testing, structure, isolation and so on. The company hired me to transform the project into a real product. There are in my hands 422 python files to transform that they beg me a refactore, architecture and testing. Every developer’s bad dream.
My first step is to read and understand the tree because there are apps inside other apps call each other. I am very determined to work on a new repository.

@eapl.me@eapl.me Yeah, you need some kind of storage for that. But chances are that there’s already a cache in place. Ideally, the client remembers etags or last modified timestamps in order to reduce unnecessary network traffic when fetching feeds over HTTP(S).

A newsreader without read flags would be totally useless to me. But I also do not subscribe to fire hose feeds, so maybe that’s a different story with these. I don’t know.

To me, filtering read messages out and only showing new messages is the obvious solution. No need for notifications in my opinion.

There are different approaches with read flags. Personally, I like to explicitly mark messages read or unread. This way, I can think about something and easily come back later to reply. Of course, marking messages read could also happen automatically. All decent mail clients I’ve used in my life offered even more advanced features, like delayed automatic marking.

All I can say is that I’m super happy with that for years. It works absolutely great for me. The only downside is that I see heaps of new, despite years old messages when a bug causes a feed to be incorrectly updated (https://twtxt.net/twt/tnsuifa). ;-)

I think it is not easy to implement, you need a database. Timeline is an elegant solution: read and sort.

that’s a fair point.

Perhaps, since Twitter in 2006 never implemented read flags, every derivative microblogging system never saw that as an expected feature. This is curious because Twitter started with SMS, where on our phones we can mark messages as read or unread.
I think it all comes from the difference between reading an email (directed to you) vs. reading public posts (like a blog or a ‘wall,’ where you don’t mark posts as read). It’s not necessary to mark it as ‘read’, you just jump over it.

Reading microblogging posts in an email program is not common, I think, and I haven’t really used it, so I cannot say how it works, and whether it would be better for me or not.
However, I’ve used Thunderbird as a feed reader, and I understand the advantages when reading blog posts.

About read flags being simple, well… we just had a discussion this morning about how tracking read messages would require a lot of rethinking for clients such as timeline where no state is stored. Even considering some kind of ‘notification of unread messages or mentions’ is not expected for those minimalist client, so it’s an interesting compromise to think about.

@eapl.me@eapl.me Read flags are so simple, yet powerful in my opinion. I really don’t understand why this is not a thing in most twtxt clients. It’s completely natural in e-mail programs and feed readers, but it hasn’t made the jump over to this domain.

Excellent article where you reflect on why it is important to write in your blog, even knowing that nobody will read it.
https://andysblog.uk/why-blog-if-nobody-reads-it/
At least this article does.

@lyse@lyse.isobeef.org Thanks for sharing. I really enjoyed it. The beginning part about the history of life on Earth was fun to watch having just read Dawkin’s old book The Selfish Geene, and now I want to read more about archaea. The end of the talk about what might be going on on Mars made me a bit hopeful someone will find some good evidence.

@sorenpeter@darch.dk It depends on your requirements. If you just want to put your code somewhere for yourself, simply push it over SSH on a server and call it good. That’s what I do with lots of repos. If you want an additional web UI for read access for the public, cgit comes to mind (a mate uses that). Prologic runs Gitea, which offers heaps more functionality like merge requests.

Reading “Man’s search for meaning” by Viktor E. Frankl

@Prologic@twtxt.net Threema states the findings of that security research are all plugged. Still reading on it. Truth is that my family is difficult to get away from WhatsApp. And yes, I plan to buy them a license key.

@prologic@twtxt.net I’d stumbled upon #FrankenPHP while reading through #Caddy stuff and thought maybe it’s bit overkill for what i need it for but then again, it will be just a “One container in for two out”, that’s win in my book 😆

damn it i got so excited because bleeding cool ran an article with a title like ‘all of DC april solicits so far’ and i did not read the ‘so far’ part and clicked it excitedly hoping to see all the april solicits but they’re out next week or something T__T

@aelaraji@aelaraji.com Reading “The Book Thief” by Markus Zusak

@johanbove@johanbove.info Way to go! ✊ what will you be reading? Got anything planned?

Cancelled Mastodon because the time spent on it could have been used for reading books instead and the level of interaction is not enough to keep me interested.