So, I wrote the first thing for Balormo's backend tonight. I wanted to do dice rolls, or really RNG (random number generation) broadly, and in this case I wrote the simplest form of it in the TTRPG space: rolling XdY, take the sum.
I did not write an FE for this yet. That's because I want to discuss the way I designed it. Now would be the time to refactor things or change around how it's structured. This is backend proof of concept phase.
For the time being, you can use curl to try it out once you have an account on dev.iddqd.social:
curl -X POST "https://dev.iddqd.social/api/v1/statuses"
-H "Authorization: Bearer REDACTED"
-H "Content-Type: multipart/form-data"
-F "status=Rolling CON for AD&D 2e style"
-F "source=Pleroma FE"
-F "visibility=public"
-F "content_type=text/plain"
-F "balormo[rng][system]=dice_sum"
-F "balormo[rng][denomination]=6"
-F "balormo[rng][quantity]=3"
Unfortunately, Soapbox and Pleroma seem to drop the balormo object in federation. However, quite fortunately, it delivers the Object URL, which does retain that information:
The way I wrote this is you just add more fields to the /api/v1/statuses endpoint and give it extra fields. In this case, the system field can be changed and the pattern matching will pick up on the right one and then generate dice rolls etc in the right fashion. For example, I might write a Shadowrun dice roller that rolls d6s given only a pool value and re-rolls 6s until you don't get anymore.
The reason to bake this into the protocol is so that you can manage the data better and change the way it's displayed in the future. The appended roll text to the status will be put in a <div> with a class on it that's invisible for the FE.
Thoughts on how to improve this before I move on to the FE?
I legit cannot sleep because it's driving me insane
I've been looking at some software at work and the boss suddenly drops a links with the cves (vulnerabilities) it had and.... there was nothing abnormal. A few a year, most of them didn't even affect the edition we will go going for and they were taken care of pretty much before they even appeared on said cve site
I'm feeling like there's a massive misunderstanding about vulnerabilities, how this all works and that the sole presence of them means that it's "bad"
Is this normal for a programmer to not be aware of this?
@coolboymew kind of, CVE's used to be a big deal, now it's academic publishing wankery, so much so that now Linux recently it's own numbering authority, so it can pepper every single bug with a cve in an attempt to make them meaningless over time
Need to do some research, but anyone know off hand which #activitypub implementations support shared inbox with a different hostname? (Or which go out of their way to reject that?)
I'm thinking about vhosting, so it would be possible to switch providers, but obviously if you're hosting 1000 fedi domains on a single server, you'd prefer one shared inbox to 1000.