@icing@chaos.social
@icing@chaos.social avatar

icing

@icing@chaos.social

Apache httpd and curl project member, HTTP/2, HTTP/3, Lets Encrypt implementations. Likes to code.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

icing, to random
@icing@chaos.social avatar

With 346 PRs being merged into curl I climbed now to position 11 (decimal) on the all-time author list.

I hope some of them have been useful.😌

xahteiwi, to random
@xahteiwi@mastodon.social avatar

Hot take: major rewrites of large parts of a a complex codebase are almost always a mistake.

icing,
@icing@chaos.social avatar

@xahteiwi Let me add: "if you do not have enough test cases nailing down the expected behaviour."

And: "if your rewrite will not allow existing tests to run, it is not a rewrite."

icing, to random
@icing@chaos.social avatar

Since a (very subjective) third of curl's non-trivial issues seem FTP related, I am adding 'ftp' to the things you can enable tracing for.

Why FTP troubles after all these years? It's a protocol with many sharp edges and servers migrating to TLS and then TLSv1.3 show slightly different behaviour.

https://github.com/curl/curl/pull/13580

jpmens, to random
@jpmens@mastodon.social avatar

I've been at it for a few years, but this is a first for me:

wget curl --silent "<https://api.github.com/repos/....../releases/latest>" | jq -r '.assets[].browser_download_url' | egrep ".tar.bz2$"

Whole list of those which need to be copied out of a PDF ...

wget and curl.

icing,
@icing@chaos.social avatar

@jpmens You monster!😌

icing, to random
@icing@chaos.social avatar

https://simonwillison.net/2024/May/8/slop/

jacqueline, to random
@jacqueline@chaos.social avatar

the thing about c++ is you can do

std::numeric_limits&lt;uint32_t&gt;::max()

and be technically correct, portable, more expressive, etc.

or you can just do

UINT32_MAX

which is probably Wrong and Bad in many ways, but has the strong advantage of not sucking ass

icing,
@icing@chaos.social avatar

@jacqueline But what if the maximum value of an unsigned 32bit number ever changes?😉

icing, to random
@icing@chaos.social avatar

When people say parsing URLs is easy, they are probably convinced that at least parsing IP addresses is easy as well?

You can write 8.8.8.8 as 010.8.8.8 - same thing. But what is then ::ffff:010.8.8.8?

macOS say it is 10.8.8.8 and Linux rejects it as invalid.

All very easy...

icing, to random
@icing@chaos.social avatar

Slides from my curl-up 2024 presentations. The videos are better if you want to understand them, but in case you like better resolution, here they are:

https://eissing.org/curlup-2024/performance/
https://eissing.org/curlup-2024/evolution/

icing, to random
@icing@chaos.social avatar

The curl-up talk (with bad audio but somewhat working subttiles) on how we improved curl's h2 performance: https://youtu.be/4eBAzi7D_WM

icing, to random
@icing@chaos.social avatar

Talking about Evolution in curl over the last 2 years at curl up 2024 in a couple of minutes. Live at twitch channel curlhacker.

icing, to random
@icing@chaos.social avatar

Yep, Stockholm.

bagder, to Skydiving
@bagder@mastodon.social avatar

The rfc6265bis document - the updated spec - is now in draft-14: https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-14.html

It has been in the works for almost a decade by now!

icing,
@icing@chaos.social avatar

@bagder finally people will be able to use cookies!

icing,
@icing@chaos.social avatar

@bagder 400, hu? So that cookies from Santa Claus have a chance to still be there next year?

icing, to random
@icing@chaos.social avatar

If you have an S3 bucket and someone touches it - even when only getting a „403 Access Denied“ - it makes ding on your credit card.😬
https://chaos.social/@jonty/112356533762691820

icing,
@icing@chaos.social avatar

Update: "We agree that customers should not have to pay for unauthorized requests that they did not initiate."

~ Jeff Barr, chief evangelist for AWS at Amazon

https://arstechnica.com/information-technology/2024/04/aws-s3-storage-bucket-with-unlucky-name-nearly-cost-developer-1300/

bagder, to random
@bagder@mastodon.social avatar

How many authors have their contributions in #curl product source code? How many have had their previous work completely removed. Over time.

The first #curl release with code present authored by 200 persons was done in 2015-04-22. In that release, we had already removed all traces of contributions from 20 authors.

In the latest release, 604 authors' code is still present. 171 authors' work have been replaced.

icing,
@icing@chaos.social avatar

@bagder @Ericlaw I believe "removed" is often not correct as well. Often, a line is touched or just moved. Does it then disappear in your stats?

icing, to random
@icing@chaos.social avatar

AI companies claim they are unable to correct false data in LLMs. (I think that is a false claim - it pbly is highly expensive, though.)

This clashes with EU law that information about individuals - if you claim to have it - needs to be accurate. Which seems like a sane thing to me.

https://noyb.eu/en/chatgpt-provides-false-information-about-people-and-openai-cant-correct-it

icing, to random
@icing@chaos.social avatar

I do not trust passkeys, because I seem no longer to be the one controlling the access.

Instead google or apple are.

Sure, they ask me for my face or thumb, but my brain is no longer a vital part of the process.

I can understand that companies might prefer that. The medium failure rate will be much better the more employees you have.

But for me as an individual the failure impact seems catastrophic, or at least unclear how to mitigate.

icing,
@icing@chaos.social avatar

@ljrk I use password protected ssh keys and ssh-add.

icing,
@icing@chaos.social avatar

@mxk @maxheadroom Which password manager do you trust for this? I was once on 1password before they killed local stores. No desire to use cloud storage.

jpmens, to random
@jpmens@mastodon.social avatar

What would drive me bonkers is an interface wich emits

Command Result : No Error

after every damn command.

icing,
@icing@chaos.social avatar

@jpmens
"changepolicy -policy 22 -value 1"
excellent command design!

icing, to random
@icing@chaos.social avatar

"What happened?"
"My CIs started failing..."

"Ah, it was a commit and run!"

isotopp, to random German
@isotopp@chaos.social avatar

MySQL folks take a lot of things for granted that are not present in this form in Postgres, and that may be a bad surprise when you try out "the other system".

MySQL for example has a stable and upwards- and slightly-downwards-compatible on-disk format, mostly. Oracle sometimes forgets how important that is and makes changes, or unannounced changes, and then needs to be corrected, hard, by their development partners and testers.

But in general the following things are true:

icing,
@icing@chaos.social avatar

@isotopp you make that sound as if this was done intentionally.😌

icing, to random
@icing@chaos.social avatar

Annoying day: github dropped new macOS images, defaults to ARM, which has other paths for homebrew, which brings a new python version which refuses pip installs. Ah, and the brew openssl's pkgconfig is broken.

Punch card debugging...

icing, to random
@icing@chaos.social avatar

I‘ll never visit the US again: if you make it past the cavity searchers at immigration, you can meet the legal owners of flame-throwing robot dogs, after which medical services will try to bankrupt you.🙈

https://arstechnica.com/gadgets/2024/04/you-can-now-buy-a-flame-throwing-robot-dog-for-under-10000/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Leos
  • tsrsr
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • hgfsjryuu7
  • Youngstown
  • InstantRegret
  • slotface
  • khanakhh
  • rosin
  • ngwrru68w68
  • kavyap
  • PowerRangers
  • normalnudes
  • tacticalgear
  • cisconetworking
  • everett
  • vwfavf
  • GTA5RPClips
  • osvaldo12
  • Durango
  • mdbf
  • modclub
  • tester
  • cubers
  • ethstaker
  • anitta
  • All magazines
    •