Lovely sunny day here today. Yesterday it felt like all the gnomes came out of their winter caves. Today pure joy.
Got back from park, and played around a bit with #direct3d and #rust. Got a window up! Found people who have done X11, Wayland and MacOS too. Glad to not be blazing any trails, but didn’t try any of that out.
Decided instead to hack on an old game called Zanthor. Giant castle powered by steam. Want to finish off a few issues with it running on #Python the Third.
In the end I tried out some wasm OpenGL code with Rust. Some folks went to the trouble of writing tutorials doing everything from scratch. There’s another repo that does OpenGL on windows from scratch… but I didn’t get to it.
Next I’d have to figure out how to do portable rust. Where it selects a library to use based on the platform and implements an interface.
I don’t want to fall into the trap of starting without an embedded low memory platform though. Needs to be low mem from the start.
In #python is there a standard for custom commands? (development scripts/tasks)
Like scripts in package.json with JavaScript or Makefile targets, or custom commands in rust (and alias in rust). For development tasks like format, test, make check... and custom dev scripts.
In python with setup.py you could define custom commands. But now?
Doesn't seem to be a standard for this, just a bunch of separate tools. But I would love to know if I'm missing something for custom commands/scripts.
On reflection pyproject.toml scripts isn’t exactly what I’m after. It’s for install time scripts, not development time scripts. Whilst it’s probably fine to use it for development scripts in some cases, not for a library. Because for users of the library we don’t want to install the development scripts. For one package I maintain this will be fine though (I already use the scripts via setuptools for this).
I see how to use tox to run arbitrary commands now. Never knew it was used for that.
Made another #GLSL filter for the smartphone. It is a bit frustrating to take photos with this manipulation because Safari crashes after every shot on my smartphone. OK, it's too much for the device when you push it to the limit.
It has been used to direct funding to critical open source projects.
Designed by security experts, and used successfully, it is probably the best dataset/tool we have to improve and identify projects in need.
In Django it detects valid issues. Dependencies not pinned, token permission issues, no code security scanning tool used, not transparent about security practices used.
They’re doing good work helping to direct funding and make things more secure. They deserve kudos.
I'm not sure what you mean about a screenshot tool? But deps in the build scripts/actions are not pinned. The setup.cfg has dependencies unpinned. requirements files also.
This includes unpinned deps that depend on xz btw. eg. Pillow which pins xz.
It detects a security policy and gives points for it. btw, this isn't a GH specific tool or from them. It supports other systems.
I agree with the tool that Django needs funding to fix real issues. 7.2/10 is not bad or average though.