chamomile

@kid TL;DR: If you have a secret variable in your CI/CD pipeline and it's written to a file that subsequently gets artifacted, anyone who can access that artifact can also read your secret variable.

Feels like a "no shit" moment but I guess I can see how someone could make this mistake in a more complicated setup than the example in the blog.

@remington There are few creators whose videos I will jump to view the instant they drop, and Lemmino is one of them. This is a pretty interesting subject that I haven't heard of, despite it apparently being quite well-known.

Tbh, Sanborn not being confident/experienced with math and cryptography kinda tracks with his apparent surprise that expert cryptographers cracked a Vigenere cipher in a couple days rather than follow an obscure breadcrumb trail that's still unclear, even after knowing the key. For me, K4's enduring mystery prompts comparison to the Zodiac killer ciphers, which ended up being so difficult to unwind not because they were brilliant ciphers devised by a mastermind, but because the author made a bunch of mistakes. Still, at this point it seems likely that Sanborn has checked his work over multiple times, so maybe there really is just some trick that no one has thought of. He's clearly eager for it to be solved, so we may know in the coming decades!

@solitaire @erev Jesus, I had completely forgotten "tits or gtfo." Every now and then I get hit with a reminder of how much more pervasive that kind of thing was as little as 10-20 years ago and it throws me for a loop.

@shadow @V0ldek > What I’d really like to find is something like a pihole for search, where you have your blocklist, cache of things you’ve searched already (your own mini search engine?), and then a fallback engine (DDG, bing, Google, whatever) for things it doesn’t already know.

I think SearXNG sort of fulfills this, from what I've heard? It's more or less a self-hosted search engine that can combine indexes from various other engines, and I presume that means you can set your own rules and filters and such. There are public instances as well.

@agressivelyPassive You should still clean your kitchen though, that's my point.

@agressivelyPassive @technom That's a self-fulfilling prophecy, IMO. Well-structured commit histories with clear descriptions can be a godsend for spelunking through old code and trying to work out why a change was made. That is the actual point, after all - the Linux kernel project, which is what git was originally built to manage, is fastidious about this. Most projects don't need that level of hygiene, but they can still benefit from taking lessons from it.

To that end, sure, git can be arcane at the best of times and a lot of the tools aren't strictly necessary, but they're very useful for managing that history.

@SubArcticTundra Because the flavor goes into the water! That's why soup broth tastes good. Try chopping up half an onion, boiling for 10 minutes in a pot with enough water to cover them, then taste the water.

@UrLogicFails I feel oddly mixed about PH's response to these bills. I share their opposition to these laws, but their proposed solution effectively requires locked-down device attestation ala the Chrome proposal from a few months ago, which would... also be very bad. I don't want a world where I can't control my own web browser any more than one where I need to dox myself to view porn.

@OneRedFox This is a depressing read, and it's yet more of the same. There's no funding for measures that actually help people, and the people working to ensure that's the case are happy to capitalize on the resulting friction for propaganda.

@crashdoom I'm generally very wary about any sort of automated system that can ban or limit accounts without human input. Perhaps an alternative system to give moderators time to respond would be something that limits accounts that are reported by multiple local users in a short time period? That does have the potential for abuse as well and I think we should carefully consider the avenues for it, but at our community's scale it seems feasible to me.

@baggins I'm afraid I'm not familiar, but that does sound good!