@krinkle@fosstodon.org
@krinkle@fosstodon.org avatar

krinkle

@krinkle@fosstodon.org

Dutch geek from Enschede living in London.

Principal Engineer at Wikimedia Foundation, https://fosstodon.org/@qunit project lead, jQuery Infra (OpenJSF) https://social.lfx.dev/@jquery, W3C Web Performance, ♥️ FLOSS.

Creative interests: linguistics, music, photography. Work interests: performance, web standards, UI design, digital privacy and security.

Avatar photo by Niek Hidding.

#webperf #PHP #mediawiki #wikipedia #qunit #nederlands #music #muziek #fedi22

Formerly at mastodon.technology (2019-2022).

This profile is from a federated server and may be incomplete. Browse more on the original instance.

krinkle, to random
@krinkle@fosstodon.org avatar

My latest modern art instalment.

I call it, "Le Derrière".

krinkle, to Wikipedia
@krinkle@fosstodon.org avatar

Best sentence of the Wikipedia article about temperance activist Carrie Nation:

“Her methods escalated from simple protests to serenading saloon patrons with hymns accompanied by a hand organ, to greeting bartenders with pointed remarks such as, ‘Good morning, destroyer of men’s souls'.”

https://en.wikipedia.org/wiki/Carrie_Nation

via https://juliawise.net/how-bad-is-alcohol/

sammytarling, to random
@sammytarling@wikimedia.social avatar

Most difficult bit of a hackathon project — thinking of a name!!

  • Commons Image Usage (CIU)?
  • Images in Commons Category Usage (ICCU)?

🥴

krinkle,
@krinkle@fosstodon.org avatar

@sammytarling @olea

Ignore if you know already:

Sounds related to
https://glamtools.toolforge.org/glamorous/

And:
https://pageviews.wmcloud.org/mediaviews/?project=commons.wikimedia.org

And:
https://pageviews.wmcloud.org/massviews/

But none quite that... maybe worth improving.. after hacking your own POC?

krinkle, to random
@krinkle@fosstodon.org avatar

Charged thousands of dollars for an empty Amazon S3 buckets?

"""
I opened my bucket for public writes and collected over 10GB of data within less than 30 seconds.
"""

It's like registering a domain previous used by malware. I forget where I read it, but it was something like $huge amounts of Internet web and email traffic are former malware and viruses still diligently trying to seek instructions or deposit data.

via @jonty via @WPalant

https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1

krinkle, to random
@krinkle@fosstodon.org avatar

@zachleat

I wonder if there's a better way to show page weight on leaderboards.

One thing could be to sync their Y-axis so that they're lines on the same base chart (instead of relative to own history only).

Another might be to then invert that axis with bottom the current largest and top the current-smallest. Or... maybe a singlestat number with current size of each and some kind of shared color range (no line/history until click).

Thoughts?

https://www.speedlify.dev/test-runners/

brooke, to random
@brooke@bikeshed.vibber.net avatar

found while searching my photo archives for something else:

https://en.wikipedia.org/wiki/Man_with_Fish

krinkle,
@krinkle@fosstodon.org avatar

@brooke

Clearer photo than the one on-wiki. Wanna upload?

lapcatsoftware, to random
@lapcatsoftware@mastodon.social avatar

I really dislike how Mastodon handles direct messages, as if there were just any other post with replies.

Twitter does this much better. Direct messages are grouped by person, as they should be. On Mastodon, though, it’s difficult to see your message history with a person, and it’s always unclear whether you should reply to an old, possibly unrelated direct message or start a new “thread”, which is more difficult than it should be.

krinkle,
@krinkle@fosstodon.org avatar

@lapcatsoftware @grumpygamer

All that is true, but difficult does not mean impossible.

Mastodon has shipped E2E encryption in its API for ~4 years now (based on Matrix, very similar to libsignal, it claims).

https://github.com/mastodon/mastodon/pull/13820

Future work at

https://github.com/mastodon/mastodon/issues/19565

krinkle,
@krinkle@fosstodon.org avatar

@mp @lapcatsoftware

The point of frustration is that today Mastodon determines recipients of private msg by mentions.

As I understand it, the decision for recipients is decided by the message producer (server, not client), so it seems like it should be possible for a server to genuinely allow you type whatever and send it as plain text over ActivityPub to a single recipient. Afaik there are no fediverse/AP protocol limitations at play.

krinkle,
@krinkle@fosstodon.org avatar

@mp @lapcatsoftware

Some other Fedi software pretend to do the above but within any server handling, like ELK, that seems worse as that makes it seem more safe than it actually is. Any wrong mention...

For Mastodon specifically, I believe they don't want to create a separate UI until E2E is also finished.

https://github.com/mastodon/mastodon/pull/13820

https://github.com/mastodon/mastodon/issues/19565

krinkle, to blogging
@krinkle@fosstodon.org avatar

"""
That accident of history ended up more meaningful to me: while I am most well-known for Stratechery, I am equally proud of the paid newsletter model — services like Substack were based on Stratechery [...]
"""

I had no idea the link was that explicit. Indeed, the linked interview with Substack founder explicitly says they were inspired by Ben Thompson's Stretchery blog.

https://stratechery.com/2024/mkbhds-for-everything/

pixelambacht, to CSS
@pixelambacht@typo.social avatar

Oh, CSS Tricks is back, sorta? https://css-tricks.com/archives/

krinkle,
@krinkle@fosstodon.org avatar

@clovis @pixelambacht

Some details at:

https://chriscoyier.net/2024/02/28/where-im-at-on-the-whole-css-tricks-thing/

krinkle,
@krinkle@fosstodon.org avatar

@pixelambacht @clovis

True. I did also read this more recently from Geoff, linked indirectly from the above:

https://geoffgraham.me/obligatory-reaction-to-my-old-css-tricks-job-re-opening/

molly0xfff, to ArtificialIntelligence
@molly0xfff@hachyderm.io avatar

I spent a long time experimenting with AI before finally writing about it in depth. It can be pretty useful — but is it worth it?

https://www.citationneeded.news/ai-isnt-useless/

krinkle,
@krinkle@fosstodon.org avatar

@molly0xfff

"Hey there, tech enthusiasts and skeptics alike! It's your favorite cryptocurrency critic, Molly White [...]"

I hope that was as fun to record as it was for us to listen to.

Instant classic 🤣. I recommend listening to the podcast version. It's awesome!

I'm gonna have to wipe the spilled tea off my breakfast table now...

kornel, to random
@kornel@mastodon.social avatar

I've set up git commit signing with SSH. It was relatively easy, and did not need any GPG cruft.

https://calebhearth.com/sign-git-with-ssh

krinkle,
@krinkle@fosstodon.org avatar

@kornel @caleb

It looks like that Ruby script in its current form is neither URL escaping, shell arg quoting, nor shell arg escaping.

Of those, quoting and shell escaping seem most urgent so that least you can be sure that whatever is there, stays within the confines of the URL argument to curl, instead of eg running entirely different shell commands. Email addresses can be pretty exotic, and (unlike eg Gerrit/Rietveld/Bugzilla) GitHub makes these hard/unlikely to be seen and reviewed in PRs.

krinkle,
@krinkle@fosstodon.org avatar

@kornel @caleb

The usernames are more likely safe, as you'd see those. Except there is no stability there. I can unlink email from an account anytime, create a new handle, and attach it there. Next time you run the script, a novel username gets used.

If the new account has no commits, that go unnoticed for a while.

Best would be to also URL escape, but if missing foreign/abusive data is fine, you'd def want quoting and shell escaping!

https://readysteadycode.com/howto-execute-shell-commands-with-ruby-backticks

davidbisset, to php
@davidbisset@phpc.social avatar

Is dead?

krinkle,
@krinkle@fosstodon.org avatar

@davidbisset

TIL about https://vkcom.github.io/kphp/

TechConnectify, to random
@TechConnectify@mas.to avatar

OK, this place. I've been pretty heady lately and not very technology-y.

So to make up for it, you can have this picture. As a treat.

krinkle,
@krinkle@fosstodon.org avatar

@TechConnectify

A terrible cable mess, to make one cry, but it also looks like a face that's crying.

This picture is like a Quine. It is a picture of something that makes me feel the very same thing it depicts yet without being semantically equivalent (connecting the dual meaning).

https://en.wikipedia.org/wiki/Quine_(computing)

rauschma, to webdev
@rauschma@fosstodon.org avatar

: The current set of named character references is fixed and will never be changed.
https://github.com/whatwg/html/blob/main/FAQ.md#html-should-add-more-named-character-references

krinkle,
@krinkle@fosstodon.org avatar

@rauschma

Example:
<a href="./?foo;=1&bar;=2&something;=3">

One could and perhaps should encode the ampersand but the reality is that as long as it doesn't match a defined entity, it is gracefully interpreted as a literal by itself. Defining new entities would break that :-)

hayify, to random
@hayify@mastodon.social avatar

Went to a place of accomodation, so you know what that means: i've added a new set of images to Hospitalithings.com https://www.hospitalithings.com/?location=89

krinkle,
@krinkle@fosstodon.org avatar

@hayify

En geen haardroger! Het is wat.

gertvdijk, to random
@gertvdijk@mastodon.social avatar

Lasse Collin in commit message: “The other maintainer suddenly disappeared.” 😆

#jiatan #xz
https://github.com/tukaani-project/xz/commit/77a294d98a9d2d48f7e4ac273711518bf689f5c4

krinkle,
@krinkle@fosstodon.org avatar

@forthy42 @gertvdijk

Evan Boehs gathered some info on name and attempted to triangulate the XZ hacker(s), toward the end of this blog post.

https://boehs.org/node/everything-i-know-about-the-xz-backdoor

Edent, to wordpress
@Edent@mastodon.social avatar

Another lazy question.

I use to write my posts.

Code is written as:

print("hello")

That's automatically converted to:

<pre><code class="language-python">…

I use HighlightJS to do syntax highlighting. But that pulls in lots of JS which I'd rather avoid.

Is there a decent plugin for doing sever-side rendering of code highlighting which doesn't require blocks / Gutenberg?

I know I can try a few out, but I'd like to hear people's personal experiences.

krinkle,
@krinkle@fosstodon.org avatar

@Edent @faffyman

I've been using this WordPress plug-in for many years, based on that same highlight.php library:

https://github.com/westonruter/syntax-highlighting-code-block

Example:

https://timotijhof.net/posts/2022/internet-archive-crawling/

Theming:

https://github.com/Krinkle/timotijhof.net/blob/snapshot-2023-09-04/style.css#L623

krinkle, (edited )
@krinkle@fosstodon.org avatar

@Edent @faffyman

I usually don't use Blocks/Gutenburg, but, I don't use Markdown either. So I don't know how this'll interact with your markdown processor.

I write in the classic HTML mode, where I think it hooks into <pre> and <code>, so if it runs after Markdown, I imagine it might just work?

torgo, to random
@torgo@mastodon.social avatar

Some shots from my day walking around Roppongi in Tokyo: https://pixelfed.social/i/web/post/683140642803507923

krinkle,
@krinkle@fosstodon.org avatar

@torgo

Speaking of cherry blossoms in Japan, you might enjoy this little factoid about how the Japanese have kept records since 800s AD.

https://kottke.org/24/03/0044147-a-graph-with-data-stretch

OWID in turn links to:

http://atmenv.envi.osakafu-u.ac.jp/aono/kyophenotemp4/

lapcatsoftware, to random
@lapcatsoftware@mastodon.social avatar

Chrome’s fetchLater API lets websites phone home even after you’ve closed the browser tab.

Google is always innovating new ways to spy on you.

https://developer.chrome.com/blog/fetch-later-api-origin-trial

krinkle, (edited )
@krinkle@fosstodon.org avatar

@lapcatsoftware

In its current form, I'd say its a fairly small iteration on sendBeacon and has the same "eventually" semantics on failed request or tab close before finish. Not new in that sense, but lets complex code be simpler and lets already simple code become more power/bandwith friendly.

Eg at Wikipedia we collect a small sample of anon stats, but we "simply" debounce it by a few seconds for batch/cancel, and emit from pagehide.

krinkle,
@krinkle@fosstodon.org avatar

@lapcatsoftware

This means on tab switching we needlessly emit beacons, noisy (this applies to logged-in editors when curating/reviewing edits, not much for readers beyond basic server log pageview counts).

fetchLater would allow us to have it be sent naturally only once, without major extra dev investment. That's where the rub is: making tracking the "right" way easy, may encouraging more of it.

But I've not seen companies held back by that historically..

  • All
  • Subscribed
  • Moderated
  • Favorites
  • anitta
  • mdbf
  • magazineikmin
  • Durango
  • Youngstown
  • vwfavf
  • slotface
  • ngwrru68w68
  • khanakhh
  • rosin
  • kavyap
  • thenastyranch
  • PowerRangers
  • DreamBathrooms
  • Leos
  • ethstaker
  • hgfsjryuu7
  • osvaldo12
  • cubers
  • GTA5RPClips
  • modclub
  • InstantRegret
  • everett
  • tacticalgear
  • normalnudes
  • tester
  • cisconetworking
  • provamag3
  • All magazines
    •