1. 2

    Submitted with an edited title, after seeing @pushcx’s many modlogs stating “toning down clickbait title”.

    1. 2

      Thank you, good call.

    1. 16

      Cool! And it was thoughtful to include & highlight the disclaimers.

      To deter using QuickServ in production, it runs on port 42069.

      Another good safety technique is to bind only to the loopback interface (127.0.0.1) by default. That means only processes on the same host can connect, which is what you’re mostly doing in development. By requiring an extra arg or config setting to allow access over the network, you make it less likely someone can accidentally run something that can compromise their machine.

      1. 10

        Thanks for the kind words!

        I actually considered only binding to the loopback interface, but in the end decided not to. I wanted to ensure the server is visible to other devices on the local network specifically for the use case of Raspberry Pi projects. I was concerned it would be hard for a user who didn’t know about that configuration option to figure out why they couldn’t see the running server from other devices on the network, so I compromised in favor of more usable defaults over more secure defaults.

        1. 3

          Have you considered also announcing the service via Avahi (mDNS)? That would help with local discovery, no need to mess with IP addresses, just, hostname.local:port.

          1. 2

            I have a sorta-functional prototype of an Airdrop knockoff that announces via mDNS here if that’s of use to anyone: https://gitlab.com/bitemyapp/coilgun

            I’ve been thinking about tightening it up, daemonizing it, and making a systray icon for it.

      1. 4

        Does your blog have an RSS feed? Quite the fun read!

        1. 5

          Thanks! Unfortunately, it does not. It’s just a pile of simple PHP I wrote some time ago. I should implement it, I got that question a few times already.

          1. 4

            Also the “statistics” at the bottom, and the theme switcher! ❤️

          1. 1

            Should be tagged windows I think, since this is pretty specific to MS’s STL and malloc implementations. (And I assume ATL is some Windows thing?)

            There’s not much here … A custom arena allocator is faster than malloc! And sorting strings doesn’t allocate memory so it’s the same speed either way! And the short-string optimization results in less heap allocation!

            1. 1

              I can’t edit the tags, so if you and one more person suggest the tag, it should be applied.

            1. 1

              I have no idea what that is, but it’s awful. It’s got some custom scrolling behaviour that is both super-janky, and goes in the wrong direction, at least on a mac.

              1. 2

                Calling it “awful” based on just the scrolling behaviour seems a bit extreme to me… 😕

                1. 1

                  Well I think interfering with basic standard user interface functionality like scrolling is awful.

                  1. 1

                    Okay, but it seems odd to ascribe malicious intent… I think the more likely explanation is there are a few small bugs that can be fixed, and perhaps they did not test it on macOS. I doubt they want the scrolling to be janky and upside-down, so you could report an issue to let them know.

                2. 1

                  I have no idea what that is

                  I have no idea what it is either. From the title, I assumed it was a web browser written with QML, but it looks as if it’s a very slow UI for a list of links to web pages that talk about QML?

                  @raymii, since you posted this, can you tell us what it is?

                  1. 1

                    A browser indeed. From the GitHub page:

                    Canonic is an experimental QML web browser developed in the Qt framework and licensed under GPL3

                    https://github.com/canonic/canonic

                    The submitted URL is a version compiled to WebAssembly, so, a browser in your browser.

                    1. 1

                      Thanks. Running it in a web browser is a neat trick, but it seems to hit the single origin policy so it can’t actually load any web pages other than the one from the domain serving it.

                1. 2

                  __asm__("# test begin"); - this is a fun one, never seen it before. Great for comparing efficiency!

                  1. 4

                    That was a nice read. Would you mind sharing some pictures of the hardware? (I also have one Alix running m0n0wall)

                    1. 6

                      These release announcements are very insightful, I always enjoy reading about genode. They do severely lack screenshots…

                      1. 1

                        I learned there will be NetBSD live images, awesome!

                        1. 1

                          Could this be merged with https://lobste.rs/s/3nddqb/implementing_form_filling since they both cover new Firefox release features, albeit the latter in more detail.

                          1. 1

                            There is an unofficial Lobster’s reader available for iPad that supports font size adjustments: https://apps.apple.com/us/app/claw-unofficial-lobsters-app/id1531645542

                            It is also open source: https://github.com/twodayslate/claw

                            1. 2

                              Was the person making that not banned from here for misbehaving comments or charging money or the likes?

                              1. 1

                                Seems to have an active (as in, non-banned) account: https://lobste.rs/u/twodayslate

                                I think you’re confusing them with someone else?

                                1. 1

                                  https://github.com/twodayslate/claw/issues/19#issuecomment-876033844

                                  This was the thing I remembered. Not banned, but it did go about money…

                            1. 1

                              We’ve got a “fast lane” user story, which houses urgent bugs. Our PM is great, defers most of the work since none of it is really urgent. Most bugs go through our refinement and planning sessions. Actual urgent issues are discussed in the team, planned/refined if needed and worked on, which results in other work being delayed. In our review that is made clear, and during the sprint stakeholders kept up to date (by our PM).

                              1. 2

                                This was at 0 points, but without a hide or a flag? How is that possible on lobsters, as there is no downvoting?

                                1. 1

                                  Stories receive an implicit upvote from the submitter; they may have clicked the arrow again to remove the upvote.

                                  1. 2

                                    Nope, that didn’t happen. Someone probably doesn’t like my submission. 🤷‍♂️

                                1. 1

                                  Now I’m wondering where other people got a laptop and a monitor for WFH, did you get a coffee machine? :)

                                  1. 3

                                    I’ve got several, but they’re just wooden boxes with the essential parts for development. Most of the applications can work without “hardware”, either by unit tests or by mocking specific sensors or motors.

                                    But for whenever hardware is needed, I have a collection of parts that make up just enough of the coffee machine for software development. Bare motherboard, io board, reasonably safe power supply, screen and a few sensors. Also one brewer with bracket.

                                    The machines are rather large, they draw a lot of power keeping boilers heated and they needa water supply, which is also not available near my pc.

                                    I can’t fit a regular cabinet sized machine at home, I don’t have that kind of space, or better said, don’t want that stuff here.

                                    At work we do have every type or machine available for development, and they’re powered on. Most of the applications are loosely coupled via API’s, either Json over http or XML over a socket, or a custom protocol over a serial line. With a bit of tweaking I can run a user interface on my pc, which connects via a VPN to the actual hardware at work.

                                    But to summarize, we try to make sure every part of the software is contained and tested, which helps enormously with WFH. Yes there are cases when we do need a machine, we can solve that with multiple methods. Last but not least the office (and factory) are open, so I can go in any time I want.

                                    1. 1

                                      Thanks for the detailed answer to a mostly tongue-in-cheek question :)

                                      I’ve hated having work hardware at home as well, that might go well if you have a house with a dedicated office room, not an apartment.

                                      1. 1

                                        My actual coffee maker at home is a simple filter brewer: https://www.moccamaster.eu/coffeemachines/cup-one - brews directly in a cup (no pot). I’m not much of a coffee drinker, one cup a day maybe. No-one else in the house is, so a larger machine would just take up counter space in the kitchen. And this one is super cute as far as coffee makers go

                                  1. 3

                                    I just realized that your username is spelled backwards, I recognize it as a c++ regular, but thought it was something Nordic… Funny, and a great blogpost. I’ve written a few c++17 classes, mostly constexpr capable for volumetric calculations (millilitres, floz), since that is what we use for our application, before that it was all uint8, with descriptive names (not) like amount.. you had to guess if it was millilitres, decilitres, pulses, seconds or whatever… Strong types are so wonderful

                                    1. 1

                                      Thanks! Constexpr is another thing I want to blog about — I made some constexpr value types like that in another project, and had the brainstorm that I could write tests for them inside static_assert statements, and have compile-time unit tests. It’s very fun to type a change in a method and see the test immediately flagged as a compile error in my IDE!

                                    1. 19

                                      Some rough thoughts: I guess I am a bit curmudgeonly about the term “crypto” getting taken over by “cryptocurrency” after several decades of use, it’s a bit galling to cede the term. Though at some point, yeah, it’s a practical reality that’s not worth confusing people over. We’ve seen cryptocurrency promotion get tagged both with crypto and merkle-trees so I’m not really sure expanding to cryptocurrency would change anything; I think all technical communities are going to continue to suffer from promotion for at least a few more years.

                                      Worth discussing, though, maybe someone has more pros or cons? Maybe it’s worth just trying for a year?

                                      1. 6

                                        I’ve renamed the crypto tag to cryptography. There’s strong support for it, it’s cheap, and implicitly ceding a little ground to scammers is a pretty negligible downside.

                                        1. 6

                                          I think the realistic view is that it has become ambiguous and would be regardless of what the new referent that “takes over” is. What are the cons in expanding it to “cryptography” exactly? I don’t see any, only pros.

                                          1. 2

                                            I would rather not have any bitcoin related stuff on the site if possible.

                                            1. 2

                                              Add a cryptocurrency tag, then when used, show a warning like with banned domains and don’t submit the url. Sort of like a fishbait tag. You can add one for business news as well. Preventive moderation of sorts

                                              1. 1

                                                Tbh, I’m pretty appreciative of the similar stance for the ml tag.

                                                On another note, I do kind of wish there was a more general programming-languages or pl-design tag, as a lot of things that get tagged plt aren’t really PL theory, more about PL design etc?

                                                1. 1

                                                  What do you think about this plan:

                                                  1. Add suffix for cryptography
                                                  2. Add cryptocurrency
                                                  3. Hotness mod cryptocurrency of -0.5
                                                  1. 1

                                                    There are technical aspects of cryptocurrencies that are technical, on-topic, insightful (presumably? I don’t read them), and I don’t think it would be fair to apply a hotness downgrade to them.

                                                    The problem is cryptocurrency promotion/spam, which isn’t on-topic at all. Lobsters also gets a fair amount of spam on other topics like cloud wazamabobs we don’t downgrade the entire topic for it.

                                                    1. 2

                                                      If it’s described as a cryptocurrency, then it’s likely already moved into the scam category. There are interesting uses for verifiable append-only ledgers. There are interesting use cases for distributed consensus algorithms. These have nothing to do with cryptocurrencies other than the underlying technology.

                                                      1. 1

                                                        I do happen to agree that at a first approximation all cryptocurrencies are scams, but even a more charitable reading would lead them to fall under the umbrella of “business news” and thus off-topic anyway.

                                                      2. 1

                                                        I thought we use merkle-trees for the technical aspects?

                                                        A downgrade is just a downgrade; e.g. culture tags are downgraded. If the link is good, votes will still rise it to the top.

                                                    2. 1

                                                      I am in favor of expanding the existing tag to cryptography and keeping the implicit ban on cryptocurrency promotion by only keeping the relevant merkle-trees tag.

                                                    1. 1

                                                      So like a const variable in c++?

                                                        1. 4

                                                          “re-legend-able”: You can change the labels (legend) on these keys.

                                                          1. 1

                                                            Did I mess up the spelling? My spellchecker didn’t know the word relegendable, but I suspected it to be a fault of my dictionary for aspell…

                                                            1. 1

                                                              It’s fine. My eye saw “rele-gen-dable”, so I didn’t understand what the word was or how to search the web for it. All the search results were for customizable keycaps… so I tried searching for “relegen” and got more confused, but the word “legend” did appear in those results, then I figured it out.. :)

                                                          1. 1

                                                            If you want to forward jist one applic5 you can do so by adding a line to your docker run command. I have a example here: https://raymii.org/s/tutorials/Running_gnash_on_Ubuntu_20.04.html

                                                            1. 7

                                                              Wait, is applic5 a typo? Or is it shorthand like i18n? If shorthand, did you just make it up? It seems like such an arbitrary spot to split it. Also why not just use “app”.

                                                              Sorry for the 21 questions, but I just woke up and it seemed so funny and out of place to me.

                                                              1. 2

                                                                That was a typo indeed. On mobile, so probably didn’t notice the autocorrect failure. I do understand your confusion with i18n yes.

                                                                1. 1

                                                                  I have never ever seen anyone use that word, so probably something @raymii made up :).