tedu

It's been a while and we're overdue for a new release. Not a whole lot has changed, mostly refinements here and there. The same, but better.

There's now a (none) group, which is where posts that don't belong to a group land, instead of being dropped. This improves compat with microblog oriented services. You can't browse the none group yet; the URL just 404s, which actually seems appropriate. I still think different interfaces for different purposes is the way, but this was pretty low effort. Maybe there's one person always posting links and you'd like to see their posts on your cool links aggregator.

I pulled in a few honks from myself.

Tags are now linked at the bottom of each post and viewable on the web, such as /tag/activitypub or /tag/c.

Didn't get to parsing hashtags out of the post body yet, but that's not so urgent. #done.

I've implemented basic support for composite groups (groups of groups). (Formerly named meta groups.) There's a lot of redundancy because of the federated nature of the azoriverse, with similar groups duplicated across multiple servers. Composite groups are a solution, by presenting users with a (somewhat transparent) single group that collects all of the posts.

I've created two groups, metaprog and technoscience, for demo and testing.

This is still preliminary, so federation doesn't quite work yet, but eventually the goal would be that you can follow a composite group, and it will forward activities. Instead of having to individually chase down every new programming group that gets created, you could delegate that the metaprog admin (me) to keep the group list updated.

Some basic federation is now working. I think it probably won't work from Lemmy, ironically, but azorius, honk and mastodon, etc. should be able to follow these groups. (Don't follow from azorius until after updating.)

Mostly bugfixes and some refinements.

• Some performance improvements.
• Newest sort for comments.
• Activity tab shows active threads.
• Add some improved support for compat with Note activities.
• Only accept and serve activities with the correct content type.

There's a few changes in the pipeline to work a little better with mastodon (sigh). It's gone through a few iterations of live testing, but once I think it's stable will release.

Don't want to wait too long, this also has the security fix for activities served with the wrong content type.

A few other tweaks that I may get to, or not.

Minor update. A few refinements and fixes.

• Fix 32 bit support.
• Close database to give the wal file a chance to checkpoint.
• Reply notif links to comment.
• Collapse and expand threads.
• Dedupe posts across groups.

Finally got around to fixing a common annoyance. There's four different groups covering "technology" and the same link gets posted to all of them every time. These are now deduped in the main feed.

New release. Not a lot of changes, mostly bug fixes and some interop improvements. Biggest feature of note is post previews.

There's not a lot happening. I like it.

Based on the Go 1.22 release notes from the Go team (3-Clause BSD License), with many interactive examples added. This blog post is synchronized with the source document as it gets updated.

High pressure, high forces, long lever arms...all of that meant heavy and strong (read: expensive) parts which I was not looking forward to having to fabricate. Instead, I settled on the simpler idea of harnessing the power of compressed gas. Instead of using a high mechanical advantage lever to push a piston, compressed CO2 would be dispensed from a small and inexpensive 12g or 16g cartridge which would then generate the requisite pressure to properly extract espresso. This concept is not actually novel; both an unsuccessful kickstarter and a now-defunct handheld espresso maker (with a fanatical user base) employed this mechanism.

In this write-up, we’ll delve into how, through differential fuzzing, we uncovered a bug in Go’s exp/net HTML’s tokenizer. We’ll show potential XSS implications of this flaw. Additionally, we’ll outline how Google assessed this finding within their VRP program and guide how to engage and employ fuzzing to evaluate your software.