Skip Navigation

canpolat

@ canpolat @programming.dev

Posts
130
Comments
162
Joined
3 yr. ago

  • We put a distributed database in the browser – and made a game of it

    Jump

  • That may be due to "the Hacker News hug". This link had a high score in HN a few hours ago. High traffic may have caused scalability problems.

  • Can we get a community for F#?

    Jump

  • What does "Sessions have been invalidated. You will need to log out and log back in." mean?

    Jump

  • To be honest, I cannot be sure that session invalidation actually worked. I could use the session from the day before as well. But the vulnerability was in lemmy-ui, and people not using the web site directly should be fine, I guess. If you want to be on the safe side, you can log out and log back in. It takes only a few seconds.

  • What does "Sessions have been invalidated. You will need to log out and log back in." mean?

    Jump

  • Where are you seeing this happen?

    It's at the top of the page when you visit programming.dev in a browser. I tried to explain what I know about it in a sibling comment.

  • What does "Sessions have been invalidated. You will need to log out and log back in." mean?

    Jump

  • Here is my understanding:

    Recently, a security vulnerability of Lemmy has been exploited by some malicious actors. This lead to some instances going down. The vulnerability has been fixed with version 0.18.2-rc.1 of lemmy-ui. But due to the way Lemmy issues and uses access tokens, the sessions has been invalidated in the database. So, the admins are recommending the users to log out and log back in if they haven't done so after the upgrade to version 0.18.2-rc.1 of lemmy-ui.

    But I may be wrong. Perhaps others can provide a more accurate description.

  • Documenting commands # or $ before sudo?

    Jump

  • Ok, maybe I misunderstood your question. I though you were proposing # instead of $ sudo and I meant to say that being explicit is better.

  • Anyone else starting to favor Flatpak over native packages?

    Jump

  • That sounds cool. Thanks for the recommendation.

  • Anyone else starting to favor Flatpak over native packages?

    Jump

  • What about the packages that are not available in flatpak? I assume there must be some packages that are only available in certain corners of the internet?

  • Anyone else starting to favor Flatpak over native packages?

    Jump

  • Thanks

  • Anyone else starting to favor Flatpak over native packages?

    Jump

  • Are there any other distros that are flatpak-only?

  • Documenting commands # or $ before sudo?

    Jump

  • I don't work much with Linux systems these days, but I would vote for $ sudo over #. Two reasons:

    1. It's easy to overlook the prompt. That part is basically "some characters before the actual command", so I don't normally pay attention to it.
    2. # is also used for comments. I think it would be confusing to use the same character for two wildly different things.

  • Bot authentication and JWT validation question

    Jump

  • It doesn't look very good, no. It would be good to bring Lemmy to OAut2.1 where the self-contained token with a sensible lifetime is passed in the Authentication header. Currently it's either passed in the URL (GET) or in the model (PUT/POST).

    I have some OAuth experience, but I'm not a Rust developer. So, I thought of offering some help regarding design and testing of an OAuth mechanism, but since I cannot really contribute to implementation, that may not be that much of a help. Also, this kind of a change will break at least some of the existing clients. I don't know if the core team would be willing to make such a change.

  • A command-line Fediverse client that doesn't require a server

    Jump

  • Would love to see a browser based implementation of this.

  • Deleted

    The Caching Antipattern

    Jump

  • Unflushable Cache

    [...] Other implementations, such as hand cranks in memory caches or even caches provided by mainstream frameworks will not expose any cache management tools. This leaves ops with the only option, to restart the service to flush the memory. (Or worse, know enough about the cache implementation to find it’s location on file system and clear it out manually.)

    This is a mistake I have made. It's easy to overlook during development but difficult to handle afterwards if restart is not trivial.

  • Toot toot! Mastodon-powered Blog Comments

    Jump

  • Using Python, How can I create a bot/script that let's me re-post a subreddit's post to Lemmy?

    Jump

  • Cold dark place filled with sadness and despair

    Jump

  • Fixed, thanks

  • Cold dark place filled with sadness and despair

    Jump

  • Thanks. I didn't know that when one adds an image it would override the URL. Even though the post contains the URL, clicking on the title only shows the image. I included the URL in the post body, but it's not as visible, unfortunately.

  • Dutch government starts own Mastodon instance as reaction to the instability of Twitter

    Jump