like this
Fitik, dandi8, dhhyfddehhfyy4673, Oofnik, KaRunChiy, Chozo, CapitalType and Joaoalberto9009 like this.
Seems like the source code for the backend is not released yet
Leaked US Intelligence Documents Outline Israeli Preparations to Strike Iran
According to CNN, one of the documents reveals that Israel maintains a nuclear weapons arsenal which, for decades, has been an open secret. This is highly controversial, as amendments made to US foreign assistance laws by US Senators Stuart Symington and John Glenn in 1976 make Washington's huge military aid to Israel illegal because Tel Aviv is not a signatory of the Non-Proliferation Treaty. But successive US presidents since Richard Nixon, including Joe Biden most recently, have agreed with their Israeli counterparts to never acknowledge Israel's approximately 90--300 nukes.
Leaked US Intelligence Documents Outline Israeli Preparations to Strike Iran - News From Antiwar.com
Updated 10/19/24 at 9:15pm EDT. Leaked top secret documents from the Pentagon and the National Security Agency (NSA) outline Israeli preparations for a major attack against Iran, CNN reported on Saturday.News From Antiwar.com
Teacher murdered in front of schoolchildren as Lima gripped by crime wave
Peru’s unpopular congress is under pressure to annul a controversial law, dubbed the “pro-organized crime” law, which experts argue weakens the fight against extortion and assassination by no longer classifying them as organized crime, which carries stiffer penalties.Moreover, the law stipulates that to carry out raids on suspected criminals, police and prosecutors must wait for their legal representatives to be present before conducting an operation. In practice, this can mean hours of waiting, allowing suspects to destroy evidence or otherwise frustrate the process.
"A raid is an investigative mechanism that requires surprise," said Solis, adding that the law was instigated by "people in political positions who are being investigated for corruption".
It is perhaps no coincidence that Boluarte -- whose disapproval rating reached a record low of 92% according to the polls this month -- was herself subject to a raid on her home amid allegations swirling around her collection of Rolex watches and luxury jewellery in April.
Teacher murdered in front of schoolchildren as Lima gripped by crime wave
Extortion rackets killed seven people in less than 12 hours in Lima recently, despite a two-month state of emergencyDan Collyns (The Guardian)
Flera svenskar häktade i Finland. Fem personer, fyra män och en kvinna, från Göteborgsområdet har häktats i Finland för narkotikabrott. Alla fyra männen uppges i media tillhöra en kriminell gruppering med bas i Lindome som ligger söder om Göteborg i Mölndals kommun.
How do you deploy in 10 seconds?
cross-posted from: lemmy.world/post/21065836
Hi friends, as promised, I'm back with my second post. I'll be hanging around in the comments for any questions!In this post, I take a look at a typical deployment process, how long each part of it takes, and then I present a simple alternative that I use which is much faster and perfect for hobbit software.
like this
Badabinski likes this.
This is great stuff.
My comment from the peanut gallery today is just that there's no law that CI/CD can't be kept under control and run in ten seconds.
Given the choice between a slow out of control CI/CD mess, or a shell script, I too will take the shell script every time.
But I am living my best life today, and have a simple shell script in my CI/CD pipeline.
Hah. I was just ranting about “modern” deployment pipelines and how ridiculous and complicated they were just to push some code.
I’m a big fan of scripts. Push the button, get the cheese.
For our lower environments we use rsync like the author but skip the pipeline altogether. The servers have a watch script to restart when files are rsynced. We then have a local watch script that rsyncs on file changes.
Relatively instant deploy (2-5s) whenever a file is saved.
I frequently amaze new colleagues when I show them that deploying an update for our backend application is a sub-second affair. Our pipeline keeps track of what git tag was deployed last, diffs between that tag and the new release, and uploads the files to each of the deployment targets. It takes longer for the pipeline agent to spin up from Cold on a Monday morning, than it does to actually deploy.
The core of the application is just php scripts, and those are either immediately up to date whenever the next call is, or swapped out the next time that component finishes a processing cycle.
Docker containers are nice, but nothing beats the cause of a stack trace being fixed, tested and deployed to the acceptance environment within minutes of it arriving.
I mean for a hobby project that no one cares about sure. Otherwise the whole CI/CD process was invented exactly to avoid having devs push untested and untrackable crap on production servers. So once there are more than two people in a team and paying customers with access to a lawyer that's going to be a hard pass.
Anyway the main reason your CI/CD are slow is that you're using $5 workers with 1Gb ram. There's a reason the build is faster on your 12 core/64Gb laptop, the issue is usually not the process, the issue is being cheap on the infrastructure. The only good thing about GitHub CI workers is that they are cheap but performance wise they are garbage.
Charisma Fishing Co Ltd är ett av många shetländska fiskeriföretag som har LHD Ltd som delägare och manager för den fiskebåt de äger och ekonomin i företaget. Formellt har företaget en adress i Lerwick men egentlig hemvist är den lilla ön Whalsay.
Pro-Palestine protesters shut down London's Tower Bridge
cross-posted from: lemmy.ml/post/21598108
cross-posted from: hcommons.social/users/adachika…
Pro-Palestine protesters shut down London's Tower Bridge
(Jerusalem Post, 2024-10-20)jpost.com/diaspora/article-825…
———“Pro-Palestine protesters shut down Tower Bridge in #London on Saturday, shortly after thousands attended a mass protest in Trafalgar Square and Whitehall.”
“… the Met Police stated that the groups had been dispersed and several arrests had been made.”
“A group named Youth Demand claimed to have been part of a coalition that organized the event and shut down the bridge.
“Youth Demand said it demanded that the UK government stop arming Israel…”“The other groups involved were the Palestine Solidarity Campaign, Prayers4Gaza, Palestine Pulse, Thanet 4 Palestine, and Ealing Friends of Palestine.”
@palestine@lemmy.ml
@palestine@a.gup.pe
@israel
#YouthDemand #StopArmingIsrael
Anti-Israel protests in London force Tower Bridge closure
The Met Police stated that several arrests were made.By MATHILDA HELLER (The Jerusalem Post)
Bitwarden Desktop version 2024.10.0 is no longer free software
Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:
You may not use this SDK to develop applications for use with software other
than Bitwarden (including non-compatible implementations of Bitwarden) or to
develop another SDK.This violates freedom 0.
It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.
Desktop version 2024.10.0 is no longer free software · Issue #11611 · bitwarden/clients
Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause: Y...GitHub
like this
Lippy likes this.
Damn, I just switched from Bitwarden to KeepPassXC.
Clearly just in time. Lol.
How different is this to gitlab’s open core model?
That's a really good question that I don't immediately have a satisfying answer to.
There are some differences I can point out though:
- Gitlab has demonstrated its commitment to keep the core of their product, though limited in features, free and open source. As of now, BW's clients cannot even be compiled without the proprietary SDK anymore.
- Gitlab was always a permissive license (MIT) and never attempted to subvert its original license terms
- Gitlab-EE's "closed" core is actually quite open (go read the source code) but still squarely in the proprietary camp because it requires you to have a valid subscription to exercise your freedoms.
Is this a permanent change?
It'd be quite trivial for them to do in technical terms: Either license the SDK as GPL or stop using it in the clients.
I don't see a reason for them to roll it back though. This was decided long ago and they explicitly decided to stray away from the status quo and make it closed source.
The only thing I could see making them revert this would be public pressure. If they lose a sufficient amount of subscribers over this, that might make them reconsider. Honestly though by that time, the cat's out of the bag and all the public goodwill and trust is gone.
It's honestly a bafflingly bad decision from even just a business perspective. I predict they'll lose at least 20% but likely 30-50% of their subscribers to this.
Is the involvement of investors the root of this?
I find that likely. If it stinks, it's usually something stinky's fault.
Are we overreacting as it doesn’t meet our strict definition of foss?
They are attempting to subvert one of the FOSS licenses held in the highest regard. You cannot really be much more anti than this.
An "honest" switch to completely proprietary licenses with a public announcement months prior would have been easier to accept.
Gitlab has demonstrated its commitment to keep the core of their product, though limited in features, free and open source. As of now, BW's clients cannot even be compiled without the proprietary SDK anymore.
None of that makes Bitwarden not open source. Not only that, they specifically state this is a bug which will be addressed.
I would go as far as to say that Bitwarden's main competitive advantage and differentiation is that it's open source. They would be insane to stop that.
None of that makes Bitwarden not open source.
Yes, it does, because it violates its own license GPLv3 by having proprietary build-/runtime dependencies.
If it was under a different, maybe more permissive, open source license, then maybe it would still be open source, but as of right now i likely breaks its own license terms.
Not only that, they specifically state this is a bug which will be addressed.
From what they state, they think that because executables that share internal information via standard protocols does somehow not break GPL3 terms compared to two libraries that share internal state via the standardized C ABI which does. And they seem to not consider that a bug, just the build-time dependency.
Sorry that's my mistake - I should have said "source available", rather than "open source". IMO, being source available is the critical component of a password manager like Bitwarden, and is what I meant when I referred to their main competitive advantage.
They might also choose to be open source and fix this specific issue and return to GPL-compatibility, but remaining source available would seem to be the more critical factor.
So you meant to say:
I would go as far as to say that Bitwarden’s main competitive advantage and differentiation is that it’s source is available.
That is not true, there are a lot of other password management software out there where the client source code is either open source or source available. For instance keyguard: github.com/AChep/keyguard-app?… which is an alternative proprietary bitwarden client, where the source is also available. Also the Proton Pass client is under GPLv3.
I would argue that the main advantage of bitwarden compared to others is that it is open source and has an open source server for self-hosting (vaultwarden). Which of course makes it difficult in terms of business strategy with their VC funding. But maybe becoming a non-profit org and getting money from donors, the strategic funds of EU and other governments, etc. might be an alternative way.
Switching licenses to future versions doesn't invalidate previous versions released under GPL.
I'm not a lawyer but I deal with OSS licenses for work and I don't know if there's ever been a case like this, that I can think of anyway.
Their previous versions, still being under the GPL, would require them to release a change to make it usable on desktops. Again, I'm not a lawyer here but there is a lot of case law behind the GPL and I think the user who made the issue could take them to court to force them to make the change if they don't respond in 30 days.
I would assume so. According to the page Documentation and FAQ,
Why is there no cloud synchronization feature built into KeePassXC?Cloud synchronization with Dropbox, Google Drive, OneDrive, ownCloud, Nextcloud etc. can be easily accomplished by simply storing your KeePassXC database inside your shared cloud folder and letting your synchronization service of choice do the rest. We prefer this approach, because it is simple, not tied to a specific cloud provider and keeps the complexity of our code low.
What does this change for you?
Seems to change nothing for all my devices which is a cheap offering at $10/year.
Ty, exploring alternative tools. I really don't like last pass due to their lax data security and 1 Password for the same reason.
Bitwarden still earns my $10/year.
The direction that the company is taking. Clearly that Bitwarden feels like other open source projects are diverting revenue from them.
That's a small step towards enshittification. They close this part of the software, then another part until slowly it is closed source.
We've seen this move over and over.
Stopping your business with Bitwarden over that issue sends a message that many customers don't find this acceptable. If enough people stop using their service, they have a chance to backtrack. But even then, if they've done it once, they'll try it again.
Your current price is 10$/year now. But the moment a company tries to cull any open source of their project is the moment they try to cash it in.
That's a small step towards enshittification
Going away from opensource model that you built your business over is a pretty big step.
I don't know what the heck you're talking about.
I see overwhelming evidence that they have intentionally made parts of the clients' code proprietary. You can check the client code yourself (for now anyways) and convince yourself of the fact that the bw SDK code is in indeed integrated into the bitwarden clients' code base.
This is the license text of the sdk-internal used in 2024.10.1 (0.1.3): github.com/bitwarden/sdk/blob/…
You can read that license text to convince yourself of the fact that it is absolutely proprietary.
Here is also the CTO and founder of Bitwarden admitting that they have done it and are also attempting to subvert the GPL in using sdk-internal:
github.com/bitwarden/clients/i…
Hi @brjsp,
Thanks for sharing your concerns here. We have been progressing use of our SDK in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.
- the SDK and the client are two separate programs
- code for each program is in separate repositories
- the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3
Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.
(Emphasis mine.)
The fluff about the ability to even build the app is secondary, the primary issue is that the Bitwarden clients are no longer free software. That fact is irrefutable.
That would be an issue if they were not open source. Them making their own SDK proprietary is not a pitchfork issue.
Open source !== Non-proprietary
I would go as far as to say that Bitwarden's main competitive advantage and differentiation is that it's open source. They would be insane to change that.
Well, then it would be nice to hear from them an explanation on why they decided to violate the GPLv3 on their client, by coupling it with proprietary code in a way that disallows building and/or usage without that proprietary component.
They would be insane to change that.
Yes. And i hope that they recover from it soon.
Well, then it would be nice to hear from them an explanation on why they decided to violate the GPLv3
Lucky for you, they provided that explanation:
- This is a bug/mistake.
- Our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.
- We will fix this.
Ok, lets take it step by step:
Thanks for sharing your concerns here. We have been progressing use of our SDK in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.
- the SDK and the client are two separate programs
I think they meant executable here, but that also doesn't matter. If both programs can only be used together and not separate, and one is under GPLv3, then the other needs to be under GPLv3 too.
- code for each program is in separate repositories
How the code is structured doesn't matter, it is about how it is consumed by the end-user, there both programs are delivered together and work together.
- the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3
The way those two programs communicate together, doesn't matter, they only work together and not separate from each other. Both need to be under GPLv3
Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.
Not being able to build a GPLv3 licenses program without a proprietary one, is a build dependency. GPLv3 enforces you to be able to reproduce the code and I am pretty sure that the build tools and dependencies need to be under a GPLv3 compatible license as well.
But all of that still doesn't explain what their goal of introducing the proprietary SDK is. What function will it have in the future? Will open source part be completely independent or not? What features will depend on the close-source part, and which do not? Have they thought about any ethical concerns, that many contributors contributed to their software because it under a GPL license? How are they planning on dealing with the loss of trust, in a project where trust is very important? etc.
What features will depend on the close-source part, and which do not?
There are definitely some terminology issues here.
The SDK is not closed source, you can find the source here: github.com/bitwarden/sdk
It might not be GPL open-source, but it is not closed either.
Other than that, I agree with your points. I don't agree with the kneejerk hysteria from many of the comments - it's one of the worst things about FOSS is how quick people are to anger (I am not referring to you here).
But all of that still doesn’t explain what their goal of introducing the proprietary SDK is.
Let's wait and see before we get out the pitchforks.
The SDK is not closed source, you can find the source here: github.com/bitwarden/sdkIt might not be GPL open-source, but it is not closed either.
Sure. To me "source available" is still closed-source, since looking into it might give companies an attack surface for you to have violated their copyright in the future. Happened with IBM in the past: books.google.de/books?id=gy4EA…
Let’s wait and see before we get out the pitchforks.
Sure. Bitwarden doesn't owe us anything, but it is still sad to see this decision and better clarification and explanation could have alleviated the breaking of the trust here.
It means previous versions remain open, but ownership trumps any license restrictions.
They don't license the code to themselves, they just have it. And if they want to close source it they can.
GPLv3 and copyleft only work to protect against non-owners doing that. CLA means a project is not strongly open source, the company doing that CLA can rugpull at any time.
The fact a project even has a CLA should be extremely suspect, because this is exactly what you would use that for. To ensure you can harvest contributions and none of those contributers will stand in your way when you later burn the bridges and enshittify.
As with all of their services, the back-end is closed-source.
For the purposes of user freedom, it's not that critical as the back-end merely facilitates the storage and synchronisation of encrypted data. This is different from the bitwarden case where they're now including freedom disrespecting code into the most critical part of their software: the clients which handle the unencrypted data.
Fact of the matter remains however that Proton Pass restricts your freedom by not allowing you to self-host it.
If you are fine with not being able to self-host, I'd say it's a good option though. Doubly so if you are already a customer of their other services.
Proton has demonstrated time and time again to act for the benefit of its users in the past decade and I see no incentive for them to stop doing so. I'd estimate a low risk of enshittification for Proton which is high praise for a company of their size.
Also important to note is that they are creating the same license problems in other places.
They broke f-droid builds 3 months ago and try to navigate users to their own repo now. Their own repo ofc not applying foss requirements, because the android app is no longer foss as of 3 months ago. Now the f-droid version is slowly going out of date, which creates a nice security risk for no reason other than their greed.
Apparently they also closed-sourced their "convenient" npm Bitwarden module 2 months ago, using some hard to follow reference to a license file. Previously it was marked GPL3.
@bitwarden bitwarden locked and limited conversation to collaborators
They also locked the thread 16 hours ago (as of writing this comment), with no explanation.
The explanation is the second-to-last comment before it got locked. 🤦
This hysteria is really stupid.
That "explanation" is unsatisfactory and likely wrong: gnu.org/licenses/gpl-faq.html#…
So they either have to license their SDK under a GPLv3 compatible license, or switch the license of their client to a non-GPL one.
Their "explaination" only mentions why they think can do it, but not why they are doing it.
Just tried it, and it seems you can't edit or add items without a premium subscription??
Or am I missing something?
Edit: Apparently only when installing via the Play Store. Very weird decision.
LicenseThe source code is available for personal use only.
That doesn't really seem like an improvement, although do they say they're planning on releasing it under the FSL.
I just tried it out and I'm amazed. It looks and feels just like 1Password, my absolute favorite password manager (before I switched to Bitwarden, because 1Password is proprietary and pretty expensive)
I definitely recommend it
A small script for entering passwords into various windows via rofi, I take passwords from pass.
Example script:
\#!/bin/bash
# Sample file rofi_pass.sh
passwords=$(find /home/fireshell/.password-store/ -type f -name *.gpg)
selected_pass=$(echo -e "$passwords" | awk -F "/" '{printf "%s > %s\n", $5, $6}' | rofi -dmenu -p Pass)
item=$(echo "$selected_pass" | awk '{printf "%s/%s", $1, $3}' | sed 's/\.gpg//g')
data=$(pass show $item)
pass=$(echo -e "$data" | head -n1)
login=$(echo -e "$data" | grep -e "^login: " | sed 's/^login: //g')
xdotool type "$login"
xdotool key Tab
xdotool type "$pass"In
awesome wm I bound a key that calls it like this:awful.key({ modkey}, "p", function () awful.spawn.with_shell("/home/fireshell/Scripts/rofi_pass.sh") end ,
{description = "rofi pass", group = "launcher"}), I turn on the computer, press the key combination and the script works, or I run this script from the terminal (
~/Scripts/rofi_pass.sh), select the password - it works (if necessary, pinentry is called to enter the main password), after that I press the key combination, select the desired entrypassmenu: extremely useful and wonderful dmenu script.
There's an Android app, but it's not being developed any more github.com/android-password-st…
There's an iOS app as well
mssun.github.io/passforios/
They have a list with all the clients and other tools on their website
passwordstore.org/#other
Integration with Android
The GnuPG implementation for Android is called OpenKeychain. To configure it, just go to the "key management" menu and import the previously created secret key. The only drawback of OpenKeychain for me personally is that there is no fingerprint unlocking.
The pass implementation for Android is called android-password-store, or simply APS.
Install and launch APS. Before synchronizing the password store, go to the "Settings" menu. There we will need the following items:
Git server settings. The resulting URL should be the same as that specified on the repository page on github. Authorization type -OpenKeychain.Git utils. In this section, specify the username and email from the gpg key.OpenPGP provider. SelectOpenKeychain.Autofill.
Now you can clone. Select "clone from server" on the main screen, specify the desired location of the repository, check the git settings.
Of course, pass is not that easy to set up. However, this price buys confidence that the tools we use will not one day be declared obsolete, will not change their data format, and will not be left without support.
Licensing the source as GPL doesn't really force the copyright holder (which is 100% BitWarden due to their Contributors Agreement^*, no matter who contributed the code) to do anything - they are absolutely free to release binaries built on the same codebase as proprietary software without any mention of the GPL.
For example if I write a hello world terminal program, release its source code under GPLv3 and then build it and give the built binary to you (and a permission to use it), you cannot force me to give you the source code for that build because I never gave you a GPL licensed binary.
If you were to take my GPLv3 source code and distribute a build of it however, you would have to license your binaries under GPLv3, because that's the terms of the license I provided the source code to you under. Your users would then have the right to request the source code of those binaries from you. And if you released the build under an incompatible license, I (but not the users) could sue you for violating my license.
Their previous versions, still being under the GPL, would require them to release a change to make it usable on desktops.
License violations are usually not resolved by making the violator comply retroactively, just going forward. And it's the copyright holder (so BitWarden themselves) who needs to force the violator to comply.
^* this is the relevant part of the CA:
By submitting a Contribution, you assign to Bitwarden all right, title, and interest in any copyright in the Contribution and you waive any rights, including any moral rights or database rights, that may affect our ownership of the copyright in the Contribution.
It is followed by a workaround license for parts of the world where copyright cannot be given up.
Bitwarden has an export functionality. Export to JSON, import in Keepass, done.
There's KeePassXC if you want Linux support (keepass2 file is compat with XC variant).
In my environment alone they will be loosing upwards of 3,500 dollars yearly, 700,000 if I can convince my boss to dump them for the company as well.
And move to what?
Dump it.
Move to something else.
This is how fuckery starts.
Apparently and according to Bitwardens post here, this is a "packaging bug" and will be resolved.
Update: Bitwarden posted to X this evening to reaffirm that it's a "packaging bug" and that "Bitwarden remains committed to the open source licensing model."
Let's hope this is not just the PR compartment trying to make this look good.
Conflicts haven't been an issue for years, all modern iterations of KeePass (XC, kp2a, DX) support automatically merging in the latest before saving.
I've been using it for years this way across several devices, it's incredibly solid
github.com/bitwarden/clients/i…
We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included. The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds.
github.com/bitwarden/sdk-inter…
Thank you to Bitwarden for relicensing a thing to GPLv3 License!
Proton pass client doesn't currently use a proprietary SDK, but they also haven't made the same blunder as Bitwarden, which they've since fixed, but still not a good look.
On another note - I did export/import all my passwords into proton pass and WOW the speed and UX feels so much better. I'm still sticking with Bitwarden as they've been really good so far, but there's a real good alternative should they ever "turn evil".
5.6 million vacant homes and counting: There is a massive housing crisis brewing in America
5.6 million vacant homes and counting: There is a massive housing crisis brewing in America
America could be in the middle of a major housing crisis, especially in the key metropolitan regions of the country, and there is a need to address and resolve it at the earliest, as things could disrupt the housing market at any time.The Feed (Economic Times)
5.6 million vacant homes and counting: There is a massive housing crisis brewing in America
5.6 million vacant homes and counting: There is a massive housing crisis brewing in America
America could be in the middle of a major housing crisis, especially in the key metropolitan regions of the country, and there is a need to address and resolve it at the earliest, as things could disrupt the housing market at any time.The Feed (Economic Times)
How 1 Software Engineer Outperforms 138 - Lichess Case Study
- YouTube
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.www.youtube.com
US expected to pay up to $20bn into G7 loan for Ukraine
US expected to pay up to $20bn into G7 loan for Ukraine
Washington’s contribution would follow months of wrangling to secure funding before presidential electionFinancial Times
Lightweight Guard Pages For Linux Showing 5x Speed-Up For Memory Mapping Invocations
Userland library functions such as allocators and threading implementations
often require regions of memory to act as 'guard pages' - mappings which,
when accessed, result in a fatal signal being sent to the accessing
process.
The current means by which these are implemented is via a PROT_NONE mmap()
mapping, which provides the required semantics however incur an overhead of
a VMA for each such region.
With a great many processes and threads, this can rapidly add up and incur
a significant memory penalty. It also has the added problem of preventing
merges that might otherwise be permitted.
This series takes a different approach - an idea suggested by Vlasimil
Babka (and before him David Hildenbrand and Jann Horn - perhaps more - the
provenance becomes a little tricky to ascertain after this - please forgive
any omissions!) - rather than locating the guard pages at the VMA layer,
instead placing them in page tables mapping the required ranges.lore.kernel.org/lkml/cover.172…
Lightweight Guard Pages For Linux Showing 5x Speed-Up For Memory Mapping Invocations
Patches posted this week by Oracle's Lorenzo Stoakes are the latest attempt at lightweight guard pages for the Linux kernel.www.phoronix.com
reshared this
Tech Cyborg reshared this.
GitHub - sv1sjp/lemmy-rss-pybot: Lemmy RSS PyBot is a powerful Python bot that reads RSS feeds and posts new articles to your favorite Lemmy communities.
Hello everyone! 🎉
I’ve created an RSS Feed Bot that automates sharing news in Lemmy and Fediverse channels, helping to keep Fediverse users better informed. The bot is written in Python3 and can easily run via Docker Compose.
Hope you find it useful! 🚀
#Lemmy #Fediverse #RSS #Python #Docker #Automation #OpenSource
GitHub - sv1sjp/lemmy-rss-pybot: Lemmy RSS PyBot is a powerful Python bot that reads RSS feeds and posts new articles to your favorite Lemmy communities.
Hello everyone! 🎉
I’ve created an RSS Feed Bot that automates sharing news in Lemmy and Fediverse channels, helping to keep Fediverse users better informed. The bot is written in Python3 and can easily run via Docker Compose.
Hope you find it useful! 🚀
#Lemmy #Fediverse #RSS #Python #Docker #Automation #OpenSource
like this
Joaoalberto9009 likes this.
Good stuff. You can also do the same by talking with bot@rss.ponder.cat, if you don't want to install something separate:
You need a human to see what is actually interesting and what will be interesting to most people.
I've seen communities where hundreds of posts are scrolling by, nobody cares. Because it's not interesting.
And do some comments / recap. I find annoying people just posting link without saying anything. IMHO lemmy is about people opinion not just sharing link.
If you want news links then rss reader, Google news, Flipboard or whatever are what should be used.
Not to say OP didn't do a good work. But Lemmy is better when you are not ending just clicking link to read articles.
So a suggestion would be at minimal to add an AI recap as post comment.
rss reader, Google news, Flipboard
Those do not have votes. That's the main feature of a link aggregator: to get crowdsourced voting on content.
I post a lot, a lot of those articles don't need any comments, usually the article preview is enough for the readers to get a gist of what is going to be discussed in the article.
I have the ActuallyBot up and running again. It was down for a few months for two reasons: 1) it was crashing and I didn’t have time to fix it, and 2) I had the always-on ActuallyBot script running on my kid’s old laptop, and he wanted it back.
So I spent €100 on a little HP mini desktop, and that’s where the ActuallyBot lives now.
I made a few improvements based on things I’ve learned about deployment over the last few months. First, rather than using input() in my Python to manually input credentials for the Mastodon API instance after spinning up the Docker container, I just put the necessary secrets and tokens in an .env file and passed it to the container.1
Second, I know more about Docker, so I added a restart: unless-stopped setting to the docker-compose.yaml file. Now, even if my Python code hits a snag and the container stops, it will restart and continue to post out replies.
However, while I’ve learned quite a bit over the last six months, I’m still capable of doing very stupid things.
For example, I had a very frustrating ~3hrs on Friday trying to get the ActuallyBot to actually work. I kept tweaking the code, reloading the Docker image, and… same problem. Tweak the code again, reload the Docker image, etc.
It turns out, I was skipping the step of building the image, then saving it, then sending it to the remote machine, rebuilding/relaunching, etc. So I spent three hours deploying the same Docker image with the bad code and wondering why it didn’t work.
This actually turned out to be quite productive, for two reasons. First, the troubleshooting process of ruling everything else out first forced me to really understand all the settings of the Ollama container and how Ollama’s API endpoints work. I can now send queries to the Ollama server from anywhere on my LAN and get an LLM response. Neat! I might do something with this later.
Second, it was a painful but necessary lesson that any series of commands that you are running repeatedly and that have to be run in a certain order should be run as a bash script. It’s faster, easier, and you won’t miss any. This is probably DevOps 101, but it’s a lesson I had to learn personally, which is the whole reason I’m doing this nonsense. Humbling, but important!
- Yes, I know I should use Docker Secrets, and I plan to figure that out soon. This is for a machine that lives behind my home firewall and is not exposed to the public internet. ↩︎
peterkrupa.lol/2024/10/20/humb…
#ActuallyBot #bash #Docker #Mastodon #Python
'Horrifying massacre': Israeli attack on Beit Lahiya kills at least 73 Palestinians
An Israeli attack on Beit Lahiya, a town in northern Gaza, killed at least 73 Palestinians on Saturday evening, according to the enclave's government media office. More than 100 others were wounded and several people missing.
Israeli air strikes targeted a multi-floor building and damaged a number of nearby houses, medics in the Gaza Strip reported.
The attack shook the entire western part of the town, and buildings collapsed while people were inside, Al Jazeera reported. Residents were given no warnings to leave their homes.
The government media office said that Israeli forces had bombed overcrowded residential areas in Beit Lahiya, adding that women and children were amongst the casualties.
Snot Flickerman
in reply to asudox • • •like this
Fitik and RandomStickman like this.
noodle (he/him)
in reply to Snot Flickerman • • •like this
Fitik likes this.
reesilva
in reply to Snot Flickerman • • •Fizz
in reply to asudox • • •like this
RandomStickman likes this.
Blaze (he/him)
in reply to asudox • • •like this
KaRunChiy, Fitik and AlexanderESmith like this.
asudox
in reply to Blaze (he/him) • • •like this
Fitik likes this.
P4ulin_Kbana
in reply to asudox • • •jqubed
in reply to P4ulin_Kbana • • •like this
KaRunChiy and Fitik like this.
asudox
in reply to P4ulin_Kbana • • •like this
Fitik likes this.
_NetNomad
in reply to asudox • • •like this
Fitik likes this.
Fitik
in reply to _NetNomad • • •I use TikTok (around a hour a day) and use the Fediverse too(Mbin and Misskey fork), so I guess I am a target audience, so they do touch, pfft
Also there's Pixelfed userbase, I think they would like short form video platform, cause Instagram has it
like this
Fitik likes this.
Voltage
in reply to Fitik • • •UraniumBlazer
in reply to _NetNomad • • •jeffhykin
in reply to UraniumBlazer • • •Yeah I wish there was a way to contribute to the hosting with torrent-like seeding. My phone can seed a torrent, but its not going to host an instance.
1 like = seed for 1 month seems like an interesting model
UraniumBlazer
in reply to jeffhykin • • •Naah I thought about this before and came to the conclusion that this isn't that bright of an idea. Here's why.
Why's video hosting so expensive in the first place? Because it needs a lot of computational power, storage and bandwidth. All three things that a mobile phone does not have. If you make your client's mobile phone do this stuff, then you're going to slow down their phone, make it heat up more, make it degrade faster (because it would be drawing power from the battery) and take up a huge chunk of their bandwidth.
Think of how video calls drain battery really fast. It's just shifting the costs of hosting from the hosting side to the consumer side while making the entire operation a lot more complicated and a lot more inefficient.
Excrubulent
in reply to UraniumBlazer • • •Take out the phone part and allow users to host videos in a decentralised way on their home computers and it's a genuinely good idea though. I have a server running with plenty of storage and reasonable upload speed. I could easily dedicate a terabyte or so, as long as I'm not the sole hoster.
It would be a hell of a lot cheaper than dedicated hosting. The only issue is legal problems when someone is unknowingly hosting abuse material, which is something that happens from time to time on all services like this, and an individual could be done for distribution without the protection big centralised services have. You'd just have to hope mods are on top of it.
Actually something like a debrid service but for peertube might work. You can get huge amounts of storage for cheap because a lot of it is shared, you might ask them to host a huge torrent file, but most torrent files serve multiple users, so the cost is distributed. Peertube could work a similar way if it were more mainstream.
UraniumBlazer
in reply to Excrubulent • • •Sure! Remember though, that you are funding this project using your own money. How much does your server cost? How much does the electricity to run your server cost? You would need Gbps speed internet. How much does that cost?
You would be funding this out of your own pocket. Thank you for doing that! Would there be a thousand more people willing to do this? What happens if you lose your job? What happens to the server?
As you can see, this is not a technological issue, but a funding one. If you can generate funding for this somehow, you have a very viable model! IF you can find the funding.
I am saying that funding this would be difficult. I see people just yapping about FOSS, but not funding it when the time comes.
Excrubulent
in reply to UraniumBlazer • • •What are you talking about? I don't think you understood the concept of decentralised torrent-like hosting.
I'm currently talking to a peertube hoster about server costs, which I may be able to justify to host my own videos plus a little extra to pitch in for others who can't justify the expense. Plenty of professional creators could easily justify it as an exit strategy or backup for youtube.
These conversations are happening, just not with you, presumably because you're just being negative about it and not actually doing something, so why would anyone bother to bring it up with you?
UraniumBlazer
in reply to Excrubulent • • •Ok, good luck on your project. We'll talk when any given peertube project (based on the donation based funding model alone) reaches break even.
I swear I've reviewed the finances about this a million times over. Funding models in their current form just don't work. Content creators getting free hosting from YouTube with huge audiences are struggling to keep themselves afloat. But whatever, good luck on your project I suppose. We really need YouTube's monopoly to end, so ¯\(ツ)/¯
Excrubulent
in reply to UraniumBlazer • • •Excrubulent
in reply to UraniumBlazer • • •lilpatchy2eyes
in reply to _NetNomad • • •like this
Fitik likes this.
pewgar_seemsimandroid
in reply to asudox • • •jetsetdorito
in reply to pewgar_seemsimandroid • • •edric
in reply to asudox • • •JackbyDev
in reply to edric • • •Snot Flickerman
Unknown parent • • •AlexanderESmith
in reply to asudox • • •MrSoup
in reply to asudox • • •MrSoup
Unknown parent • • •Blaze (he/him)
in reply to asudox • • •asudox
in reply to Blaze (he/him) • • •like this
Fitik likes this.
jetsetdorito
in reply to asudox • • •all the activation emails should be out by today
mastodon.social/@dansup/113346…
Voltage
in reply to asudox • • •asudox
in reply to Voltage • • •tomsh
in reply to asudox • • •zerozaku
in reply to asudox • • •JackbyDev
in reply to zerozaku • • •Hugh_Jeggs
Unknown parent • • •/home/pineapplelover
in reply to asudox • • •Could I use my lemm.ee account and connect to it somehow?
Edit: signed up using my lemmy user (user@lemm.ee) I have no idea if this will work or not.
asudox
in reply to /home/pineapplelover • • •/home/pineapplelover
in reply to asudox • • •jagged_circle
Unknown parent • • •DUMBASS
in reply to Hugh_Jeggs • • •*Rocket Racoon AI voice over old Minecraft footage*
I dont like shorts
bad attention span
like no tik tok.
zerozaku
Unknown parent • • •dfyx
in reply to asudox • • •Honestly, this whole thing is a mess... first a countdown, then a website with basically no information and that's only the start.
More than 24 hours after signing up, I finally got an email with just about zero information:
And from some random comment that dansup made on pixelfed I found out that this beta is only for Android. Apparently, iOS will come later and there is no info on a browser-based version. That info should have been on the website. Also, what about selfhosting? This is the fediverse after all...
Classy
in reply to Hugh_Jeggs • • •joel_feila
in reply to asudox • • •Evotech
in reply to joel_feila • • •caseyweederman
in reply to joel_feila • • •AlexanderESmith likes this.
JaggedRobotPubes
in reply to asudox • • •A non-evil, non-corporate tiktok has some huge potential.
I hope it works.