kraftner

kraftner, 12 days ago

@juliank @keepassxc Thank you for this solution!

kraftner, 28 days ago

@keepassxc Am I right that this won't affect the Ubuntu PPA?

kraftner, 1 month ago

@aardrian Just noticed it is live now. Also on your comment itself: 🔥

kraftner, 1 month ago

@aardrian I really shouldn't try to communicate with emojis. 😀 What I was trying to say is that it hits hard but very much so because it isn't aggressive or condescending but just very clear on the facts of how lacking that post is. They basically set that site on fire themselves. Really painful to watch this whole clusterfuck...

kraftner, 1 month ago

@Edent @jackmcconnell Do you have an example URL where that is the case?

kraftner, 1 month ago

@Edent @jackmcconnell Okay found one: https://shkspr.mobi/blog/2024/04/theatre-review-instructions-for-a-teenage-armageddon/
It seems that you're loading plenty of stuff that shouldn't be there in the frontend, e.g. React.
Have you tried turning of the caching plugin?
Looking at the source it seems that litespeed is bundling stuff together that isn't needed in the frontend and in the course triggers loading the translations and other stuff.

kraftner, 1 month ago

@Edent @jackmcconnell It might still be some kind of conflict between WordPress Core, a plugin and a caching solution.
Can you tell me which plugin you disabled that made it go away?

kraftner, 1 month ago

@Edent @matze You're both kind of right but just keep talking past each other.
If a script uses translatable strings and this script is loaded WP automatically loads translations for that.
Yes this has to be client asset because it happens in JS and not in the backend-generated HTML.
Yes it also shouldn't be here because it has nothing to do with the actual site content.
But it is not the fault of WP core but a plugin. Either the one the script is from, a caching plugin or a combination of those

kraftner, 1 month ago

@Edent @jackmcconnell I see. Looks like you already found the corresponding issue: https://github.com/Automattic/wordpress-activitypub/issues/705
So it is a bug in a plugin.
Just as constructive feedback: The easiest way to badly trigger WP people is to lump WP Core, bad/buggy plugins and Automattic together. 😉

kraftner, 1 month ago

@Edent Ouch. No it does not.
WordPress.org is a FOSS project. Automattic is one of the biggest contributors and maintains a lot (many say too much) control over the open source project.
But they still are distinct things and not making this distinction devalues all the contributions of non-Automattic contributors to WP Core.
You're of course still free to continue ignoring that difference, but I promise you when you're trying to debug a WP issue you'll lose a lot of good will from the get-go! 😉

kraftner, 2 months ago

@alda ...and if you look at the promoted plugins code it is a more bloated and even worse version of the scary-looking PHP code from the article. 💥

kraftner, 2 months ago

@Edent I would be much more worried about the fact that they are obviously storing the password in plaintext... 😬

kraftner, 2 months ago

@erikKroes I assume you are aware of it since it stopped, but just in case you aren't: Some process seems to have gone wrong here, I see countless such messages from you.

kraftner, 2 months ago

@erikKroes No worries, bugs happen, just wanted to let you know in case you weren't aware.

kraftner, 2 months ago

@fabiantodt @davidbisset So basically one could create a demo that isn't actually the plugin from which you launched the demo? This sounds like it is only a matter of time until people start abusing that... 😬

kraftner, 2 months ago

@fabiantodt @davidbisset My primary thought about this is that people could try to demo the premium version to get people hooked on the features. As if the mess with upselling crippled free versions isn't already bad enough. But yeah, probably needs to be countered on a policy level. 😏

kraftner, 3 months ago

@Edent I am not a cryptographer so I am in no position to give any feedback.
What I know though is that you might want to add the reason for hashing to the question since that probably is relevant. Guarding against accidental corruption and duplicate files or malicious hash collision attacks?

kraftner, 3 months ago

@chris @alda @pch I remember vaguely that there was an attempt of modularity for core a very long time ago. Was it somehow related to BuddyPress? Or multsite pre core-merge? Anyone remembers that? All I remember is that it went nowhere like any other major fork or attempt at serious overhaul of core ever since. 😀

kraftner, 3 months ago

@chris @alda @pch I think the original argument in that particular case was that it only brings benefits for devs and potentially confusing new issues for users (dependency hell etc.). And at some point in the past (I got basically this answer when I asked for plugin dependencies at the Q&A of the first WCEU in 2013) this might even been true. But the disadvantages of not adopting modern PHP practices will (some say have already) grow so big some day that this becomes the lesser evil.

kraftner, 3 months ago

@pfefferle Whatever you do: Do not (only) rely on hooks that only trigger when using the standard, internal updating mechanism like https://developer.wordpress.org/reference/hooks/upgrader_process_complete/
There are way too many sites out there that update differently (manual, FTP, composer etc.)
Generally I'd say have an autoloaded option that stores the current version you compare with the current version. On mismatch start migration.
Also be careful to handle downgrades or other broken states and not solely rely on version info in the option

kraftner, 3 months ago

@pfefferle Well it basically is a single "if" comparing a string with an autoloaded option. I'd say the performance impact will be almost impossible to see even in a benchmark. If you've reached that level of performance optimization I really envy your codebase! 😉

kraftner, 2 months ago

@Edent May sound stupid, but have you tried rotating the phone?

kraftner, 2 months ago

@Edent I don't have a screen here to test with my phone, but I've seen that behaviour when sharing a screen via WiFi. But yeah, probably a stupid proposal anyway since you've obviously tried that...I just remember me not realising that for longer than I am proud of with WiFi and rotation lock on... 😂

kraftner, 22 days ago

@matthiasott @bastianallgeier 1 week before my final school exam my teacher called me and asked if I might have some time before the exam to explain my project to him so that he knows what to ask me and doesn't make a fool of himself during the exam. 😁 But he still was a great computer science teacher-always encouraging me during the height of the dot com crisis to still follow my passion. I wouldn't be were I am now without him. So although competence is of course important it isn't everything.