# Twtxt is an open, distributed microblogging platform that # uses human-readable text files, common transport protocols, # and free software. # # Learn more about twtxt at https://github.com/buckket/twtxt # # This is hosted by a Yarn.social pod twtxt.net running yarnd 0.15.1@bc8c6fb 2024-09-22T14:01:04Z go1.23.1 # Learn more about Yarn.social at https://yarn.social # # nick = prologic # url = https://twtxt.net/user/prologic/twtxt.txt # prev = j6bmlgq twtxt.txt/1 # avatar = https://twtxt.net/user/prologic/avatar#gdoicerjkh3nynyxnxawwwkearr4qllkoevtwb3req4hojx5z43q # description = "Problems are Solved by Method" 🇦🇺👨‍💻👨‍🦯🏹♔ 🏓⚯ 👨‍👩‍👧‍👧🛥 -- James Mills (operator of twtxt.net / creator of Yarn.social 🧶) # # following = 66 # # link = CV https://prologic.shortcircuit.net.au/ # link = Github Profile https://github.com/prologic # link = My Projects https://git.mills.io/prologic # link = Salty IM im:prologic@mills.io # link = Yarn.social https://yarn.social/ # # follow = Yarns https://search.twtxt.net/twtxt.txt # follow = abucci https://anthony.buc.ci/user/abucci/twtxt.txt # follow = adi https://twtxt.net/user/adi/twtxt.txt # follow = aelaraji@aelaraji.com https://aelaraji.com/twtxt.txt # follow = akkartik http://akkartik.name/twtxt.txt # follow = anth@a.9srv.net http://a.9srv.net/tw.txt # follow = antonio@twtxt.net https://twtxt.net/user/antonio/twtxt.txt # follow = apptester@twtxt.net https://twtxt.net/user/apptester/twtxt.txt # follow = bender https://twtxt.net/user/bender/twtxt.txt # follow = bmallred@staystrong.run https://staystrong.run/user/bmallred/twtxt.txt # follow = cncf https://feeds.twtxt.net/cncf/twtxt.txt # follow = cuaxolotl@sunshinegardens.org https://sunshinegardens.org/~xj9/twtxt/tw.txt # follow = darch@neotxt.dk https://neotxt.dk/user/darch/twtxt.txt # follow = darren@twtxt.net https://twtxt.net/user/darren/twtxt.txt # follow = david@collantes.us https://collantes.us/twtxt.txt # follow = doesnm@doesnm.p.psf.lt https://doesnm.p.psf.lt/twtxt.txt # follow = eapl.me@eapl.me https://eapl.me/twtxt.txt # follow = eldersnake@we.loveprivacy.club https://we.loveprivacy.club/user/eldersnake/twtxt.txt # follow = falsifian@www.falsifian.org https://www.falsifian.org/twtxt.txt # follow = github_blog https://feeds.twtxt.net/github_blog/twtxt.txt # follow = golang_news https://feeds.twtxt.net/golang_news/twtxt.txt # follow = hacker-news-newest https://feeds.twtxt.net/hacker-news-newest/twtxt.txt # follow = home_datacenter@twtxt.net https://twtxt.net/user/home_datacenter/twtxt.txt # follow = integza@feeds.twtxt.net https://feeds.twtxt.net/integza/twtxt.txt # follow = james@yarn.mills.io https://yarn.mills.io/user/james/twtxt.txt # follow = jmjl@tilde.green https://tilde.green/~jmjl/twtxt.txt # follow = jmjl@tilde.green@tilde.green https://tilde.green/~jmjl/twtxt/twtxt.txt # follow = johanbove@johanbove.info https://johanbove.info/twtxt.txt # follow = justamoment@twtxt.net https://twtxt.net/user/justamoment/twtxt.txt # follow = kt84@twtxt.net https://twtxt.net/user/kt84/twtxt.txt # follow = linux_gizmos https://feeds.twtxt.net/linux_gizmos/twtxt.txt # follow = local_wonders@twtxt.net https://twtxt.net/user/local_wonders/twtxt.txt # follow = lyse https://lyse.isobeef.org/twtxt.txt # follow = lyxal@twtxt.net https://twtxt.net/user/lyxal/twtxt.txt # follow = marcorocco@roccodrom.de https://roccodrom.de/~marco/twtxt.txt # follow = mckinley https://twtxt.net/user/mckinley/twtxt.txt # follow = mckinley@mckinley.cc https://mckinley.cc/twtxt.txt # follow = mearaj@twtxt.net https://twtxt.net/user/mearaj/twtxt.txt # follow = milouse@etienne.pflieger.bzh https://etienne.pflieger.bzh/twtxt.txt # follow = movq https://www.uninformativ.de/twtxt.txt # follow = news@twtxt.net https://twtxt.net/user/news/twtxt.txt # follow = ocdtrekkie@twtxt.net https://twtxt.net/user/ocdtrekkie/twtxt.txt # follow = oevl@twtxt.net https://twtxt.net/user/oevl/twtxt.txt # follow = off_grid_living@twtxt.net https://twtxt.net/user/off_grid_living/twtxt.txt # follow = prologic https://twtxt.net/user/prologic/twtxt.txt # follow = prx@si3t.ch https://si3t.ch/twtxt.txt # follow = quark@ferengi.one https://ferengi.one/twtxt.txt # follow = quite@lublin.se https://lublin.se/twtxt.txt # follow = recipes@twtxt.net https://twtxt.net/user/recipes/twtxt.txt # follow = rocknswap@twtxt.net https://twtxt.net/user/rocknswap/twtxt.txt # follow = saltyim@twtxt.net https://twtxt.net/user/saltyim/twtxt.txt # follow = shreyan@twtxt.net https://twtxt.net/user/shreyan/twtxt.txt # follow = slashdot@feeds.twtxt.net https://feeds.twtxt.net/slashdot/twtxt.txt # follow = sorenpeter@darch.dk http://darch.dk/twtxt.txt # follow = stigatle@yarn.stigatle.no https://yarn.stigatle.no/user/stigatle/twtxt.txt # follow = support@twtxt.net https://twtxt.net/user/support/twtxt.txt # follow = thecanine@twtxt.net https://twtxt.net/user/thecanine/twtxt.txt # follow = thejuicemedia https://feeds.twtxt.net/thejuicemedia/twtxt.txt # follow = thiegui@twtxt.net https://twtxt.net/user/thiegui/twtxt.txt # follow = tiktok https://feeds.twtxt.net/tiktok/twtxt.txt # follow = tkanos@twtxt.net https://twtxt.net/user/tkanos/twtxt.txt # follow = twilightsparkle@twtxt.net https://twtxt.net/user/twilightsparkle/twtxt.txt # follow = unexplained_mysteries https://feeds.twtxt.net/unexplained_mysteries/twtxt.txt # follow = xkcd https://feeds.twtxt.net/xkcd/twtxt.txt # follow = xuu@txt.sour.is https://txt.sour.is/user/xuu/twtxt.txt # follow = yarn_police@twtxt.net https://twtxt.net/user/yarn_police/twtxt.txt 2024-06-14T18:22:17Z (#nef6byq) @ Hehe thanks! 😅 Still gotta sort out some other bugs, but that's tomorrows job 🤞 2024-06-14T18:23:46Z (#2b3o6ba) @ Yup! And the dupe bug is fixed already! 2024-06-14T22:45:29Z (#nef6byq) Yeah all the existing Javascript is a bit broken I'm afraid. Trying to fix this today 🤞 2024-06-15T07:36:15Z I tried to fix some more bugs today, but who knows, I may have made things worse 🤣 2024-06-15T07:58:40Z (#sgufz5q) I hope the bug fixes work as intended 😅 2024-06-15T08:01:09Z (#tcq46vq) @ Sorry about this, if you'd like I can clean your feed up? Hmm? 🧐 2024-06-15T08:03:42Z (#xia2p5q) @ Hello! 2024-06-15T11:36:10Z (#tcq46vq) @ Fine fine 😅 2024-06-15T23:54:16Z (#63ox4na) @ Pretty nice shots 👌 Love the flowers and the landscapes 😍 2024-06-16T10:21:37Z Yes it does! Can you pull main and upgrade? 2024-06-16T10:21:49Z (#szxkq4a) @ Yes it does! Can you pull main and upgrade? 2024-06-16T11:49:11Z (#isajdjq) @ What the hell?! 2024-06-16T13:13:13Z (#isajdjq) @ It is on the "An AI-Generated Candidate Wants to Run For Mayor in Wyoming" /. thread 🧵 2024-06-16T13:14:34Z (#slx7o2a) @ Hmm I _thought_ so too at first, but I hard-refreshed to force any browser cached Javascript to be reloaded and I can't seem to reproduce any funkiness (_so far_) -- But still fixing bugs I find... 2024-06-16T13:15:11Z (#slx7o2a) Like `Ctrl+Enter` used to work as a keyboard shortcut to post, but that's broken. Fixing that next 🤣 2024-06-16T13:16:00Z (#slx7o2a) I just finished fixing the Lightbox media feature that makes clicking on media open them in a modal. Link verification and stripping are broken as well and commented out (_on the list_) 2024-06-16T13:27:29Z @ Testing mentions... via the auto-complete... 2024-06-16T13:28:18Z (#o332tza) Hmm seems to be okay. What's not working? @ ? 2024-06-16T13:32:25Z (#isajdjq) @ hmm indeed 2024-06-16T13:33:00Z (#ivat6aq) This was an example of where I _thought_ the same as you @ 2024-06-16T13:33:28Z (#ivat6aq) Problem is I'm not able to reproduce this so easily hmmm 2024-06-16T13:40:37Z Testing `Ctrl+Enter` to post... 2024-06-16T13:40:46Z (#m6snqrq) It works! 🥳 2024-06-16T14:14:21Z ![](https://twtxt.net/media/tUQy8TAvhfvcMuJVVfyfxL.png) 2024-06-16T14:17:06Z Well I'm off to bed. I've fixed as many broken things as I could find. All in the name of improvements eh? 😅 Here's what I am aware of that's still non-functional/broken:

- Link Verification
- Stripping Tracking Params

Pretty much everything else should be working. If something isn't quite right though, please help me out with a concise repro 🙏 2024-06-16T14:18:04Z [Hypermedia Systems](https://hypermedia.systems/book/contents/) -- **Edit:** I _should_ have said, I plan to read this book... 2024-06-16T15:01:49Z (#lwocxlq) @ Thanks! 2024-06-16T15:02:53Z (#3vizf2q) @ Ahh perfect bug report! 2024-06-17T00:57:54Z (#szxkq4a) @ I will jump on your pod later this evening and do some debugging 🤞 2024-06-17T00:59:25Z (#wbr7vpa) @ Haha 🤣 2024-06-17T14:13:13Z (#3vizf2q) @ I've managed to fix this locally. Rolling out an update to my pod now... 2024-06-17T14:22:19Z (#3vizf2q) So far so good. A lot of the event handlers I was used to all seem to be working. So that's a good sign 🪧 2024-06-17T14:26:30Z (#szxkq4a) @ Hey! 👋 I'm not able to reproduce what you're seeing on your pod. Did you recently update? 🤔 2024-06-17T14:58:34Z (#3vizf2q) @ _phew_ 😅 I mean I did quite some extensive testing locally too 🤣 2024-06-17T15:33:19Z (#q6fhora) @ Yes. `yarnd` fully supports WebFinger just like ActivityPub and Mastodon do. So `@user@domain` mentions are _actually_ looked up. 2024-06-17T16:01:32Z (#q6fhora) @ Yup I can. But as I said, only via DNS delegation. Hmm are you thinking something else? 2024-06-17T16:02:50Z (#p3li7rq) @ Both are already a thing. Hit "Remember me" which persists your sessions for days. Text you entered _should_ be preserved, but now that you mention it, maybe only if you navigate away hmmm lemme check that... 2024-06-17T16:16:55Z (#q6fhora) @ Oh do you mean visually in the UI? 2024-06-17T16:41:55Z (#q6fhora) @ Ahh I see 🧐 What are you proposing here? 🤔 2024-06-17T17:15:44Z (#qzg3eka) @ Isn't the "New Post" box closed by default? 2024-06-17T17:17:10Z (#qzg3eka) Do you the `/conv` view? Tapping on a Yarn? 2024-06-17T17:25:24Z (#qzg3eka) @ Ok 2024-06-17T17:30:02Z (#qzg3eka) https://git.mills.io/yarnsocial/yarn/pulls/1168 2024-06-17T22:41:21Z (#szxkq4a) @ did you happen to customize the theme at all? 2024-06-17T22:51:59Z (#t4dst4a) @ Oh thanks! 🙏 I don't even remember what that commit was 🤣 2024-06-17T22:52:47Z (#cqnn3lq) @ As soon as @'s issue is figured out I think? 🧐 2024-06-17T22:55:12Z (#qzg3eka) @ Merged 👌 2024-06-17T22:56:15Z (#q6fhora) @ We need to design what this will look like and the mechanisms 🧐 2024-06-17T22:57:39Z (#p3li7rq) @ Hmmmm I'm not sure about this... 🧐 Does anyone have any other opinions that know this web/session security better than me? 2024-06-18T00:28:02Z (#szxkq4a) @ Cool! And yeah that's right! 2024-06-18T00:29:18Z (#niu26ya) @ Thanks! I'll check that out later tonight 🤞 2024-06-18T00:31:39Z (#cqnn3lq) @ It's more likely I've done something silly that I can't pin point 🤣 2024-06-18T00:34:08Z (#cqnn3lq) @ Can I see an excerpt of the NGINX logs? 2024-06-18T00:39:10Z (#cqnn3lq) One thing I haven't thought to rule out is the browser itself. When I tried to reproduce, I was using chrome and I wasn't able to reproduce what you were saying from the client perspective. 2024-06-18T01:34:00Z (#cqnn3lq) @ Okay so maybe not a browser thing - just didn't try myself (although I regularly use Chrome and Mobile Safari) 2024-06-18T02:11:15Z (#zp5l27q) @ I can't think of why that might be? The bloody URL of feeds is always a problem and changing the Base IRL of the pod is rather problematic that I never solved. But otherwise hmmm I'm not sure! 2024-06-18T02:13:08Z (#zp5l27q) @ Oh that is super weird 🤔 I am admin on my pod and I always test locally with the admin account hmmm 🧐 2024-06-18T02:13:22Z (#dr4cv3a) @ Yup! 2024-06-18T04:49:40Z (#zp5l27q) @ Yes! It's just a flag and otherwise is stupidly simple. 2024-06-18T12:19:36Z (#zp5l27q) @ You around this late evening at all? 🤔 I want to fix this for you! 2024-06-18T12:35:58Z (#niu26ya) Fixed and being rolled out. Forgot to actually check the preference 🤦‍♂️ 2024-06-18T13:14:42Z (#g3nzjka) @ Working on fixing that now actually 😅 I have to exchange 3 key pieces of information in every request, title, navigation and preference. I'm just refactoring the templating now so I don't have to duplicate this everywhere, just do it once. 2024-06-18T13:24:44Z (#kdvkj3q) @ 😅 2024-06-18T13:25:01Z (#6ooqvpq) @ LOL 😂 2024-06-18T14:08:02Z (#jq6ycwa) @ Looks like it's running `1977cb18 2024-06-17T22:54:51+00:00` 2024-06-18T14:08:35Z (#jq6ycwa) Which is actually only 3 commits behind 😅 2024-06-18T14:20:20Z (#kdvkj3q) This is fixed, improved, tested and rolling out shortly, Including dynamically reflecting the theme too! 2024-06-18T14:23:05Z (#jq6ycwa) @ As am I. @ when you are able, I'd like to take a more active role in helping you get to the bottom of this. SSH, get in there, whatever it takes. I'm a bit perplexed by what's going on for you 😱 2024-06-18T14:32:30Z (#kdvkj3q) @ Yeah I'm just about done! ✔️ 2024-06-18T14:33:29Z @ Btw how are you finding the new and improved UX at all? 🤔 (_this Twt was authored by presing `^n`, then `@` and then `bender` and the rest of this twt, finally `^ENTER`_) 2024-06-18T14:35:24Z (#yy6spta) Keyboard shortcuts:

- `^n` (Ctrl+n) -- Compose new Twt
- `Esc` (Escape) -- Close the composer
- `^t` (Ctrl+t) -- Refresh or navigate to Timeline
- `^m` (Ctrl+m) -- Refresh or navigate to Mentions
- `^d` (Ctrl+d) -- Refresh or navigate to Discover

There are shortcuts for Feeds, Settings and Profile too (_similiarly_)) 2024-06-18T14:41:14Z (#yy6spta) @ If you think the keyboard shortcuts should be by default something else, LMK! Otherwise if interest levels pick up again for `yarnd` and there's enough interest, it _could_ become a user preference. 2024-06-18T14:41:32Z (#yy6spta) @ Also thanks 🙏 2024-06-18T15:37:07Z I'm finding myself more and more now using the web app on mobile 🤔🧐 2024-06-19T02:09:44Z (#wjspsia) @ stressed 😅 how about you? 2024-06-19T02:18:30Z (#quc74da) @ so the Ukraine had to land mines in 1324? 🧐 2024-06-19T03:10:14Z (#4bl7o3q) @ received 2024-06-19T05:25:09Z (#4bl7o3q) @ There is. I'll document this tonight and send it your way! 🤞 2024-06-19T07:56:36Z (#4bl7o3q) Better yet, I'll write some code to do this to make it a whole lot easier to do. Should be ready by tonight 2024-06-19T12:05:26Z (#ima3tfa) @ Hold up wait... You effectively now have a fresh new pod with only yourself? 🤣 Ooops! 2024-06-19T12:05:53Z (#ima3tfa) Are the weird errors gone at least? 😅 2024-06-19T12:11:05Z (#2dprnwq) @ Ahh damn man haha 😝 If you had given me like ~20 more mins (_just got home_) I would have had a fulll backup/restore that would have been "just run this command and move this file here". 😅 2024-06-19T12:11:29Z (#2dprnwq) I'll complete the work anyway, it's just wrapping up existing code and making backups of the database a proper thing. 2024-06-19T12:11:55Z (#fviarca) @ Bahahahaha 🤣 That's sure one fire way of cleaning up house 🏠 2024-06-19T12:18:23Z (#cw2fkoq) @ Oh well, is the pod at least behaving normally now, just like mine? 😅 2024-06-19T12:48:57Z ```
* 8eef4d5d - (HEAD -> main, origin/main) Add DB restore capability and tools/backu-_db.sh script (19 seconds ago) 
```

Oh well 😅 It works wonderfully!

In the event of a database corruption or loss:

```
$ URL=http://10.0.0.164:8000 ./tools/backup_db.sh > db.json
mv db.json data/db.restore.json
yarnd ...
``` 2024-06-19T12:50:06Z (#2w6yh6a) @ So you're still having the exact same problems?! 🤔 And no I don't think the version of the compiler has much to do with this 😢 2024-06-19T12:50:20Z (#2w6yh6a) FWIW `go v1.22.2` here, but I'll upgrade now just to be sure... 2024-06-19T13:14:24Z (#2w6yh6a) Upgraded my Go compiler and I'm still not able to reproduce those 404(s) you're seeing. For clarity, this is what you expect to see in the server logs:

```
DEBU[0163] no subscriptions found for http://10.0.0.164:8000/user/admin/twtxt.txt
[yarnd] 2024/06/19 23:13:23 (10.0.0.164:64888) "POST /post HTTP/1.1" 200 0 8.323709ms
DEBU[0163] reloading templates in debug mode...
[yarnd] 2024/06/19 23:13:23 (10.0.0.164:64888) "GET / HTTP/1.1" 200 18120 87.933208ms
```

for every post there should be a `POST /post ...` followed pretty quickly by a `GET /` 2024-06-19T13:15:32Z (#2w6yh6a) But there should *never ever* be a `GET /post` -- There is no handler/route for that, that *will* indeed 404, really strange you're still seeing this? And what's this login issue? 2024-06-19T13:27:37Z (#2w6yh6a) @ That one was 👌 2024-06-19T13:41:31Z (#2w6yh6a) @ I don't see the subsequent `GET /`, You are right that a `POST /post` does an internal XHR redirect to whatever view you're on to refresh it. 2024-06-19T13:41:52Z (#2w6yh6a) Oh you deleted that last Twt 🤣 2024-06-19T13:42:33Z (#vcpt7gq) @ Holy fuck?! That's unpossible?! 2024-06-19T13:42:59Z (#2w6yh6a) @ LOL all good. Feel free to use https://gist.mills.io 👌 2024-06-19T13:43:19Z (#vcpt7gq) Let's focus on this ☝️ how in da fuq is this happenning?! 2024-06-19T13:44:31Z (#vcpt7gq) There is only one explanation for this... Lemme see... 2024-06-19T13:46:21Z (#vcpt7gq) The only way this is possible is if the `Referrer` is `/post` and not `/` or `/discover` like it should be. Can we confirm/deny this if you inspect the `POST /post` requests? 🤔

See this [code](https://git.mills.io/yarnsocial/yarn/src/commit/8eef4d5dc4e705fa61576304bc3cd75e827d0c00/internal/post_handler.go#L182-L188)

```golang
if htmx.IsHTMX(r) {
 htmx.NewResponse().
 Location(RedirectRefererURL(r, s.config, "/")).
 Write(w)
} else {
 http.Redirect(w, r, RedirectRefererURL(r, s.config, "/"), http.StatusFound)
}
``` 2024-06-19T13:55:23Z (#vcpt7gq) @ I mean on the `POST /post` request itself. That's the `Referer` that's looked up and used as the redirect. 2024-06-19T13:57:42Z (#vcpt7gq) For example, this is what you *should* see: ![](https://twtxt.net/media/YxcYzpNrD4KAAk9NFQDo3g.png) ![](https://twtxt.net/media/cFBGDfjTaQZ2DQL2nwDxg.png) ![](https://twtxt.net/media/QeWuCe8Mpts52brfEJJLxH.png) 2024-06-19T13:58:33Z (#vcpt7gq) The `POST /post` XHR (_that is being run by htmx_) **should never**, **ever** be `Referer: .../post` 🤦‍♂️ 2024-06-19T13:59:06Z (#x7czesa) @ Ahh missed this. Fuck, that's just silliness and not right. wtf?! 2024-06-19T14:01:57Z (#x7czesa) What Browser is this again? Does it happen with any other browser? 2024-06-19T14:04:25Z (#x7czesa) @ Yeah no worries!

You can see here, at least, htmx knows what the current URL is:

```
HX-Current-URL: https://we.loveprivacy.club/conv/vcpt7gq
Referer: https://we.loveprivacy.club/post
```

But the freak'n browser is setting the wrong value for `Referer`. There is simply no way to be on the `/post` endpoint normally anyway. 2024-06-19T14:10:29Z Test 2024-06-19T14:10:36Z (#prvbjla) Test 2024-06-19T14:10:43Z (#prvbjla) Test 2024-06-19T14:12:55Z (#prvbjla) A initial post, reply and conv -> post (_bottom of page_) and nothing 🤔 All 6 requests are `POST /post` followed by a `GET ` where ever I was coming from. Hmmm 🧐 ![](https://twtxt.net/media/Cvh3qvJAzcnawJWf2CZUgQ.png) This is nuts 🌰 2024-06-19T14:20:27Z Can't reproduce with Firefox. 2024-06-19T14:22:14Z Can't reproduce with Iridium either. 2024-06-19T14:22:36Z Why would a Web Browser set the `Referer` header incorrectly?! 🤔 2024-06-19T14:24:25Z Should I just code in a work-around? If the `Referer` is `/post` then consider that total bullshit, and ignore? 🤔 2024-06-19T14:29:43Z (#vxigktq) Okay just pushed:

```
* aa2f3ae9 - (HEAD -> main, origin/main) Workaround for this invalid Referer BS (6 seconds ago) 
``` 2024-06-19T14:30:58Z (#vxigktq) @ Looks legit 👌 2024-06-19T14:34:04Z (#vxigktq) @ Fuck'n hell 🤣 This **has** to be a browser bug! 2024-06-19T14:34:28Z (#vxigktq) What browser and version is this btw? Not sure if you mentioned? 2024-06-19T14:34:40Z (#4glkjtq) @ Test 2024-06-19T14:37:36Z (#vxigktq) @ I just installed `127.0.1 (64-bit)` tonight and tested and it worked just fine. Try upgrading and roll that commit back and see if it still repros? 🤔 I'm almost willing to bet this is a bug 🐛 2024-06-19T14:47:48Z (#ksbvcyq) @ You wouldn't believe it, but I'm pretty sure @ and I found a nasty little bug in Firefox `126.0.1` 🤣 2024-06-19T14:55:30Z (#o5llwca) @ But not me against your pod, so that's even weirder right? 🤔 2024-06-19T14:55:38Z (#vxigktq) @ Good good 👍 2024-06-19T15:01:28Z (#ksbvcyq) @ Oh come now, this isn't the first Browser bug we've seen right? 😅 2024-06-19T15:02:27Z (#o5llwca) @ No worries! Any time 🤗 Sorry it took this long to sort out, I'm not happy about how we did it (_work around et all_) but yeah if that's what we have to do, so be it 🤣 2024-06-19T15:35:10Z [Creator of HTMX Talks HTMX - YouTube](https://www.youtube.com/watch?v=LriHRa9t1fQ) 2024-06-19T15:35:32Z (#ksbvcyq) @ True! Complexity Budget 👌 2024-06-19T15:50:54Z (#ld6wd3q) @ 10s rule? 🤔 2024-06-19T15:58:18Z [Interview with Senior JS Developer 2024 [NEW] - YouTube](https://www.youtube.com/watch?v=aWfYxg-Ypm4) Bahahahahaha 🤣 So funny! 2024-06-19T16:09:41Z (#4ifre5q) @ Haha, sadly no, that is the version number Firefox is up to 🤣 2024-06-20T00:53:01Z (#dqacyjq) Haha yeah that video on htmx sucks is pretty funny really! 🤣 And no it obviously doesn't suck 😅 2024-06-20T00:54:40Z (#aasgvpa) @ Yeah I'm not a fan of all this YouTube / Discord / Twitch studs 🤣 I was more interested in the presentation itself which is also covered by the cook

https://hypermedia.systems/ 2024-06-20T00:58:04Z (#4uuy7za) @ Hmmm god question 🤣 @ Can you tell @ what my Matrix handle is 🤣 2024-06-20T00:58:40Z (#jn45waa) @ Can you get an AI to summarize this 🤣 2024-06-20T01:02:07Z (#n2er4fq) @ I'll buy that argument 👌 2024-06-20T02:08:43Z (#dqacyjq) @ Yeah it's more along the lines of "everything sucks" at least a bit 🤣 2024-06-20T02:13:35Z (#dqacyjq) But what would you prefer if you were rethinking the architectural design of your next web app? A bazillion lines of Javascript™ with all kinds of indirections and acrobatics that are impossible to understand? 🤔 ![](https://twtxt.net/media/tUQy8TAvhfvcMuJVVfyfxL.png) -- Or just write your web application as a normal set of pages in the Hypermedia Driven Application (HDA) style/architecture, than sprinkle a few `hx-*` attributes and get the same user experience? 😅 #htmx 2024-06-20T02:25:49Z (#px274va) @ Hmmm looks like the core idea is to intercept requests, Inspect the `UserAgent` header and respond accordingly. 2024-06-20T02:26:20Z (#px274va) Can we trust the bots not to fake their identity? 🤔 2024-06-20T03:31:47Z (#fiks7lq) @ I do! I think it's prologic:mills.io 2024-06-20T07:49:09Z (#ffuigiq) @ Oh! That's a bug and pure lack of "form validation!" 😅 Thanks for pointing this out, I'll fix this tonight 🤞 2024-06-20T07:50:12Z (#n2er4fq) @ Like a "I'm on a public terminal" type thing? Which has the opposite effect? With some helpful descriptive text? 🤔 2024-06-20T23:12:01Z (#3yxuwza) @ Haha @ exaxrly! 🤣 2024-06-20T23:12:43Z (#px274va) @ me neither 🤦‍♂️ 2024-06-20T23:14:00Z (#n2er4fq) @ I'm so confused now 🤣 2024-06-20T23:14:21Z (#ufyqnka) @ Haha 🤣 2024-06-20T23:15:24Z (#fiks7lq) @ Yeah I will! I don't really use Matrix much tbh 2024-06-21T14:26:32Z (#n2er4fq) @ Specifically:

> I’d rather suggest to enable the checkbox by default

I'm no longer sure between the discussion(s) how this should behave or look like now 🤣 2024-06-21T14:28:24Z (#5zza2eq) It sure would be nice to get out of this "rate race" one day 🤞 2024-06-21T16:07:03Z (#ffuigiq) @ Fixed! 2024-06-21T16:38:50Z Oh boi! 🤦‍♂️ I totally forgot to put this notice up, and the month has flown by so quickly! 😅 Sorry folks! Hope it's not too late! ⏰ for our monthly Yarn.social Online Meetup! 🤞

----

- **Event:** Yarn.social Online Meetup
- **When:** 22nd June 2024 at 12:00pm UTC (midday)
- **Where:** https://meet.mills.io/call/Yarn.social
- **Cadence:** 4th Saturday of every Month

- **Agenda:**

> Anything we want to talk about. Twtxt, Yarn, self hosting, cool stuff you’ve been working on. chit-chat, whatever 😅

#Yarn.social #Meetup 2024-06-21T23:07:18Z (#fhirmeq) @ pretty nice colors there 😍 2024-06-21T23:10:12Z (#n2er4fq) @ Ahh! I can do that, at least the first part. That's trivial! 2024-06-21T23:27:37Z (#n2er4fq) Done 2024-06-22T02:31:21Z Just added support for deleting and editing arbitrary Twt(s) at anypoint in your timeline. Some things to note:

- I'm not really that happy with the code between `PostHandler()` and `DeleteTwtHandler()` anymore 😢 It _really_ needs some major refactoring, and better tests.
- This only works for users (_for now_), no support for Persona(s) / Feeds sorry.

One side-effect I've noticed (_which was always the case_); an Edited Twt whilst preserves the original timestamp, gets appended to your feed at the bottom of the file. This is counter intuitive when you think about editing text files with a text editor, but it does make sense in the way `yarnd` treats feeds as append-only (_I had just forgotten_). I'm not doing anything about this though. 2024-06-22T02:31:45Z (#rgte6zq) Anyone coming to today's meetup? 🤔 2024-06-22T04:23:24Z (#dh2l7ea) @ Let's discuss on the call later today 👌 2024-06-22T04:24:57Z (#rgte6zq) @ Sounds good 👌 2024-06-22T04:27:23Z (#5l2lqta) @ Nothing that isn't already a known side effect. Really it is up to clients to figure this out and have storage or caching mechanisms that can cope with diverging threads. 2024-06-22T12:06:58Z (#zllu75a) @ This is true! (_as we spoke!_) It's okay though, I _think_ we'll eventually solve this as it becomes a thing that annoys us too much 🤣 I like your idea of having some optional, but recommended of handling edits. Like having something like `(#d4acmcq was:zllu75a)` just for an example. Extending the [Subject Extension](https://dev.twtxt.net/doc/twtsubjectextension.html) to support `(#hash [was:])`? 🤔 2024-06-22T14:18:29Z (#csmgr4q) @ I noticed that too. But I couldn't remember whether that was a preexisting behavior or not. So hmmmm 2024-06-22T14:27:30Z (#csmgr4q) @ I can see in the templates that `autofocus="true"` has always been the case (_the template for the postbox has conditional logic_) for Timeline, Discover and Mention views. There are like one or two views where it is set to false. So hmmm I'm not sure wtf I was thinking back then 🤔 How should it behave? 2024-06-22T14:34:19Z (#csmgr4q) @ Done! ✅ 2024-06-22T14:34:37Z (#csmgr4q) Well we're still rebuilding... Give it a few mins 🤣 2024-06-22T14:47:03Z (#csmgr4q) That's a bit better now... But do we want the textarea focused when you toggle the postbox open? 🤔 2024-06-22T14:52:13Z I can't believe I've been writing [Go](https://golang.org) code for over 8 years already 😮 2024-06-22T15:29:50Z (#rgte6zq) @ Well it was good to talk to you briefly! 😍 I'm a gonna have to hit the hay though, It's 1.30am here now 🤣 I guess it was just you/me, but it was an interesting discussion on how we _might_ solve for edits across the Twtxt/yarn ecosystem 🤞 2024-06-22T23:44:10Z (#r7scenq) @ Yeah I haven't heard of it being a huge problem down under, but I've seen the YouTube shows on how bad this is in other parts of the world, like the US. 2024-06-22T23:51:25Z (#2xhcg7a) @ Haha 🤣 2024-06-23T00:00:28Z (#4vgkgvq) @ Okay 👌 2024-06-23T00:36:55Z (#csmgr4q) Should be fixed now. 2024-06-23T01:06:40Z > In case of conflict, consider users over authors over implementors over specifiers over theoretical purity.

— W3C, HTML Design Principles § 3.2 Priority of Constituencies 2024-06-23T01:07:08Z (#vle23sa) Good quote to remember and use in your engineering career 👌 2024-06-23T08:38:17Z (#vle23sa) @ Well it should be 🤣 2024-06-23T08:38:41Z (#vle23sa) I like this quote. I also like a new term I've learned recently called "Complexity Budget". 2024-06-23T09:05:11Z I recently learned that our Australian Liberal National Party, spent 10's of thousands of dollars on a campaign involving flyers posted around the suburbs (_localities_) of our local Greens federal member, Elizabeth Watson Brown. Not only was the material produced by the LNP party, distributed and paid for by the LNP party, full of lies, but they had the audacity to make the "flyers" _appear_ as though they were from the Greens themselves! 🤦‍♂️ wtf?! #Politics #Sucks 2024-06-23T11:59:31Z (#zpv3nxa) @ Why am I not surprised 🤦‍♂️cc @ 2024-06-24T02:11:34Z (#jhw5eoa) @ So you're saying that for example *foo*--bar isn't bolded, but *foo* is? 2024-06-24T02:12:07Z (#jhw5eoa) Well sorry I guess *foo* (`*foo*`) is italics. 2024-06-24T02:15:55Z (#jhw5eoa) Oh I don't think this is a bug! You've used a weird kind of `--` that's been turned into something I've forgotten the name of 🤦‍♂️ a `—` -- Although I still consider this a bug with the Markdown library somewhat, I'll file a bug report upstream. 2024-06-24T02:17:54Z (#io55v5a) @ That's nuts haha 😝 2024-06-24T07:17:16Z So Belong (_out retail mobile phone provider of choice_), who are owned by Telstra want to increase the price of their plans by +40%.

[Telstra](https://telstra.com.au), who own [Belong](https://belong.com.au), have had the following financial earnings over the past 4 years:

- FY2021: NPAT (Net Profit After Tax): +3.4% $1.9B
- FY2022: NPAT (Net Profit After Tax): -4.6% $1.8B
- FY2023: NPAT (Net Profit After Tax): +13.1% $2.1B
- FY2024: NPAT (Net Profit After Tax): +11.4% $1B

> Not sure how this year's results had a +11.4% increase, but only $1B in profits.

#Telstra #Belong #Australia #PriceHikes 2024-06-24T12:32:28Z (#jhw5eoa) @ Well I _think_ it's a bug IMO, but I'll have to file this upstream, unless you can? It should be filed against [this project](github.com/gomarkdown/markdown) -- We still haven't migrated to goldmark 😅 2024-06-24T12:32:48Z (#jhw5eoa) > it is not weird, it is an “mdash”.

Thanks! That's it! 😅 2024-06-24T12:52:09Z (#joo54wq) @ Thank you! 🙏 2024-06-24T16:27:51Z (#4p5siaq) @ Like with no opt-out?! 🤔 😮 2024-06-24T16:28:18Z (#wf53u3q) @ Gotta fix that bug one day 🤣 2024-06-25T02:31:04Z (#s4xitiq) @ So Microsoft can see and report on all your porn and warez 🤣 2024-06-25T02:54:33Z (#4p5siaq) > In particular, we will have Gemini Nano, the smallest version of the Gemini model family, running locally on most modern desktop and laptops with Chrome.

👌 This is good to know! 2024-06-25T08:08:10Z (#vw76w2q) @ That's why we love Yaen.social 🤣 2024-06-25T08:08:36Z (#4p5siaq) @ True 👌 2024-06-25T13:58:58Z (#v3vqhxq) @ Holy crap dude! 😳 That's insane! Well done 👍 2024-06-25T13:59:57Z (#53qbb2a) @ Also holy crap! 💩 2024-06-25T14:52:56Z [prologic/tunesnap: tunesnap is a web application for downloading, extracting and encoding the audio tracks of videos into downloadable audio. - tunesnap - Mills](https://git.mills.io/prologic/tunesnap) 2024-06-25T14:54:13Z (#amokjeq) This was built over a day or so as a tool so i didn't have to keep helping my neighbor with fixing a Bash script I wrote 🤣 It was also an excuse to try [Beer CSS](https://beercss.com) and [htmx](https://htmx.org) for real in anger on a fresh new project 👌 The result has turned out quite nicely! 😍 2024-06-26T02:21:01Z (#ze2epsq) @ That's amazing news for LLMs and efficiency 🥳 2024-06-26T02:24:43Z (#amokjeq) @ Err sorry wrong URL 🤣 It was late 😅 2024-06-26T02:25:50Z (#amokjeq) I'll fix the URL in the repo later but the right URL is: https://tunesnap.mills.io/ 2024-06-26T06:27:39Z (#amokjeq) This has been renamed to https://snaptune.mills.io/ 2024-06-26T11:18:49Z (#pg7rpza) @ can you believe the entire web application is server side driven? 🤣 2024-06-27T01:13:46Z (#joo54wq) @ Cool! This got fixed already 🥳 2024-06-27T02:55:11Z (#5dfuq5a) @ Have you played with [htmx](https://htmx.org) at all? 🤔 2024-06-27T13:27:22Z (#nhhbupa) @ Looks like Tasmania, Australia 🇦🇺 2024-06-27T13:43:22Z (#joo54wq) @ Yes, I'll see if I can pull in the updated dep now... 2024-06-27T13:53:56Z (#joo54wq) I _thuink_ that's sorted out then. Pulled in the latest deps, repro'd locally, bug gone. So twtxt.net will roll out shortly with the new version in a few mins 👌 2024-06-27T14:37:50Z (#v4bbb5q) @ Haha ! 😝 I mean we'll squish any bugs that are reasy enough to fix right? 😅 2024-06-27T15:09:16Z (#nhhbupa) @ It's where I'd love to retire to 🤣 2024-06-27T15:20:19Z (#nhhbupa) @ Why do you think I want to retire there 🤣 2024-06-27T15:44:43Z (#nmanhea) @ Oh that's hilarious! Your Twt didn't parsee and render properly! I _might_ have to think about switching to Goldmark 🤣

```
$ bat https://twtxt.net/twt/nmanhea | jq '.text'
"(#nhhbupa) @ Dunno, maybe you just love [Tasmanian devils](https://en.wikipedia.org/wiki/Tux_(mascot)#Tuz_2009)? 😅"
``` 2024-06-27T15:45:06Z (#nmanhea) But I get what you mean, too bad they're exinct 🤣 2024-06-27T16:12:35Z (#nhhbupa) @ Look forward to it 😅 Just gimme a few years to get past the "expensive school fees" and then we'll think about it 🤣 2024-06-28T06:27:33Z (#ckkcwlq) @ Is that because LadyBird doesn't have Javascript™? 🤔 There are _some_ things that don't currently degrade gracefully. We can improve things such that they do, just have to figure out what makes sense to degrade gracefully and what doesn't... 🤔 2024-06-28T23:05:30Z (#ckkcwlq) @ Ahh I see! 2024-06-29T13:17:07Z (#dro4hgq) @ Anyone here believe in a flat earth? 🌍 hmm? 🧐 2024-06-29T13:47:00Z (#dro4hgq) @ Haha I was just testing y'all 🤣 How nuts is this right? 😅 2024-06-29T13:56:30Z Another day, another web app built 😅 This time [tubeproxy](https://git.mills.io/prologic/tubeproxy), which still needs some tidying up project-wise (_bugger all docs, setup guide, etc_), but so far it works quite nicely. If you're curious, you're welcome to try it out at https://tubeproxy.mills.io -- Although technically this meant for internal use (_as I block Youtube at the network on purpose_).

Additional features I'm thinking about next:

- Add to Plex (_on-demand download, tag and update of the Plex archives_)
- Subscribe (_added to my `ytdl-sub` that subscribes to Youtube channels and stores nicely in Plex_) 2024-06-29T14:00:51Z Can anyone recommend and/or vouch for a Chrome/browser extension that lets me write rewrite rules for arbitrary links on a page? e.g: `s/(www\.)?youtube.com\/watch?v=([^?]+)/tubeproxy.mills.io/play/\1` for example? 🤔 2024-06-30T00:18:06Z (#5phr3la) @ Thank you! 🙏 2024-06-30T00:45:24Z (#5e7iwqa) @ Thanks! 🙏 2024-06-30T10:06:15Z (#24f2qnq) @ What does this do? 🤔 2024-06-30T10:08:11Z (#nduyjiq) @ Thath sounds awful indeed! 😱 2024-06-30T15:18:16Z (#24f2qnq) @ Don't we already have containers though? Linux cgroups alert find toy a level of isolation that is already pretty starting? 2024-06-30T15:29:37Z Anyone know much about MobileCoin? 2024-06-30T15:39:29Z (#ch5vxqq) I guess it's called Sentz now? https://www.sentz.com/learn 2024-06-30T15:39:56Z (#x6dcmka) @ That 3rd one 🤣 2024-06-30T16:10:48Z (#h4oppba) @ Well but Monero is restricted here in Australia 😢 2024-07-03T05:56:47Z (#ze7cu6q) @ To be fair htmx is about 10 years old already and Hypermedia systems over 30 🤣 2024-07-04T03:35:42Z (#borzxxq) @ No but reading a bit of that post:

> Because dynamic behavior is added to the page using normal HTML tags with custom attributes, it is difficult to provide additional security against cross-site scripting (XSS) attacks.

Is complete bullshit. It's like one line of code (if you can call HTML "code") 2024-07-04T13:03:12Z (#ootfqwq) So basically it seems that Cloudflare has enough data that they can do machine learning to figure out whether the traffic behavior and patterns of bots even ones that fake their identity are really bots or not right? 2024-07-04T13:52:23Z (#ootfqwq) Not sure how this can be applied for self hosters? 2024-07-04T14:34:41Z (#pdewrka) @ What I mean is: without using or relying on Cloudflare! 2024-07-04T14:51:39Z (#pdewrka) @ I think it's the massive data analytics and machine learning that allows them to distinguish these fake bots 🤔 2024-07-04T16:28:20Z (#pdewrka) @ Yeah 😅 2024-07-04T16:31:17Z (#vgj5emq) @ wut da fuq?! 2024-07-05T08:14:40Z (#ncrpg7q) By the way, why are they called Tories? 2024-07-05T10:52:29Z (#ncrpg7q) @ Oh my 🤣 2024-07-06T03:44:13Z I just blocked the following ASN(s) from being able to hit `twtxt.net` or `mills.io`:

```
16509 - AMAZON-02
32934 - FACEBOOK
```

Why? Because the Claude Bot web crawler from [facebookexternalhit](https://anthropic.com/) and [Meta](https://meta.com)'s facebookexternalhit web crawler are both behaving badly for pages that have no cache headers. Not sure if this is malicious, an oversight, a bug or me just being stupid and not ensuring every web resource or page had appropriate `Cache` headers? 🤔 In any case, until I hear back from at least facebookexternalhit (_whom I've reached out to_), these ASN(s) will remain entirely blocked.

That is the entirety of Amazon Web Services and Facebook. 2024-07-06T23:51:28Z (#eehqw6a) @ I _think_ @ 's point is that somehow the URL(s) are wrong in the first place? I went to the Wikipedia page, and copied the URL out of the browser to link to [here](https://en.wikipedia.org/wiki/Tories_(British_political_party)) -- Let's see 👈 Already as I'm typing this I see a problem :/ `[here](https://en.wikipedia.org/wiki/Tories_(British_political_party))` 2024-07-06T23:53:45Z (#eehqw6a) I find it interesting too, this is obviously such a problem that Wikipedia have two URLs for this page:

https://en.wikipedia.org/wiki/Tories_(British_political_party)

and

https://en.wikipedia.org/wiki/Tories_(British_political_party 2024-07-06T23:56:26Z (#b6ln3jq) @ It's all a money grabbing scam if you ask me 🤣 2024-07-07T00:03:34Z (#n3u43ka) @ ChatGPT's success rate for me is about what I expect:

> ChatGPT has an extremely broad range of success when it comes to producing functional code — with a success rate ranging from anywhere as poor as 0.66 percent and as good as 89 percent 2024-07-07T00:22:08Z Hey @ 👋 Welcome back! 🤗 2024-07-07T00:32:30Z (#fg6uqfq) @ no picies? 🤔😅 2024-07-07T07:47:29Z (#fg6uqfq) @ Haha! 🤣 Give it a go and we'll see 🤔 2024-07-07T09:33:41Z Finding the technical specifications of older vehicles, say >10 years is rally hard 🤦‍♂️ 2024-07-07T09:55:02Z (#kxeqida) @ Awesome sauce! 🥳 2024-07-07T10:13:18Z (#fg6uqfq) @ Haha 🤣 That's the way! 😅 2024-07-07T14:49:08Z (#ltiywoa) @ When you are trying to determine towing weights and maximums it becomes important to understand the specifications of the engine and chassis. Things like Tow Ball Weight and Gross Mass Vehicle Weight become important factors. 2024-07-08T02:21:45Z (#l74btrq) @ This is precisely the problem: Chrome copies the URL incorrectly -- I wonder what other browsers do this wrong? 🤔 2024-07-08T02:22:02Z (#kznobxa) @ Cool! 👌 2024-07-08T02:24:25Z (#fg6uqfq) @ Very cool! 👌 2024-07-08T02:26:56Z (#isz3ija) @ Nissan Navara ST Dual Cab 4WD 2.5P diesel. 2010 model. Can't find the original specs or owners manual from Nissan on this one 🤔 Can only find bits and pieces (mostly not from Nissan directly 🤦‍♂️) 2024-07-08T09:11:35Z (#3nf7j3q) @ Agaim?! 🤔 2024-07-08T09:12:53Z (#mutsz6q) @ But of course 🤣 2024-07-09T01:44:21Z (#m5m7xpa) @ Bahahahahaha 🤣🤣🤣 2024-07-09T01:45:17Z (#ygfuq5q) @ Disn't we try this decades ago and it was a miserable failure? 🤣 2024-07-09T01:49:00Z (#3nf7j3q) @ Yeah looks like that 😢 Last time it was a bug that got introduced in Bleve. 2024-07-09T07:14:40Z [Fixed Solar Panels for Camping ](https://hardkorr.com/au/solar-panels/caravan-fixed/) 👈 Looks like good option for buying fixed solar panels, mounting brackets and other parts for mounting solar panels to your car's roof rack 👌 2024-07-09T12:55:13Z (#kzjdhia) @ Oh man I completely missed that in the book 🤦‍♂️ No I wasn't aware! 😢 2024-07-09T14:36:06Z (#kzjdhia) @ That's my experience too. But it's good to know there's a standard. Is there a definitive link to this anywhere? 🤔 2024-07-09T14:36:32Z (#lcsilwa) @ Ooor, sorry, don't do PHP, haven't done PHP in some 20+ years 😅 2024-07-10T01:51:24Z (#6sofs4a) @ do you think alcohol and intoxication has something to do with the last time between seeing the gold land and the cheering? 🤣 2024-07-10T02:09:25Z (#zw7ryaq) @ scary just had a little privacy that really is when you're on the Internet, right? 2024-07-10T02:11:05Z (#fza7hea) @ yeah we already have this here in Australia, EV vehicles and your non-EV vehicles. And yes, it's a pain in the arse as the car randomly breaks for things that a normal human driver wouldn't break for just because the low eye detection races a false positive. 2024-07-10T02:12:58Z (#kzjdhia) @ I mean, if there was a standardize easier to read list somewhere we could potentially create a shed Go package that defines these constants, right? 2024-07-10T07:47:05Z (#hf77kna) @ So.. What does this mean? Hmmm 🤔 2024-07-10T14:17:40Z I've been thinking about a new term I've come across whilst reading a book. It's called "Complexity Budget" and I think it has relevant in lots of difficult fields. I specifically think it has a lot of relevant in the Software Industry and organizations in this field. When doing further research on this concept, I was only able find talks on complexity budget in the context of medical care, especially phychiratistic care. In this talk it was describe as, complexity:

- Complexity is confusing
- Complexity is costly
- Complexity kills

When we think of "complexity" in terms of software and software development, we have a sort-of intuitive about this right? We **know** when software has become _too_ complex. We know when an organization has grown in complexity, or even a system. So we have a good intuition of the concept already.

My question to y'all is; how can we concretely think about "Complexity Budget" and define it in terms that can be leveraged and used to control the complexity of software dns ystems? 2024-07-10T23:31:31Z Whoohoo! My HTMX mugs arrived! ![](https://twtxt.net/media/Ei5cPKCEFQy4LhLs5pFtFQ.png) 2024-07-11T02:38:49Z (#nd3mzea) @ this is a bit sad to see girls in tech shutdown and close its doors. 😢 did they run out of money? Or did something else drive this decision? 🤔 2024-07-11T02:43:33Z (#zbwsfwq) @ 

> The new report published Thursday dives into the many types of dark patterns like sneaking, obstruction, nagging, forced action, social proof and others. Sneaking was among the most common dark patterns encountered in the study, referring to the inability to turn off the auto-renewal of subscriptions during the sign-up and purchase process. Eighty-one percent of sites and apps studied used this technique to ensure their subscriptions were renewed automatically. In 70% of cases, the subscription providers didn't provide information on how to cancel a subscription, and 67% failed to provide the date by which a consumer needed to cancel in order to not be charged again 2024-07-11T02:45:52Z (#jmweetq) @ what's this a picture of? 🤔 2024-07-11T02:50:26Z (#ebsmpza) @ but surely it doesn't just come down to an individuals understanding of a piece of software right? I mean, complexity comes from many different things for example, the number of components the number of sub-systems, lines of code, the number of abstractions, even the complexity of those abstractions., etc.. 2024-07-11T05:55:06Z (#mb3p4ra) @ clever use of someone else's app with an up density in stores in an area. 2024-07-11T13:03:37Z @ Oh hey! 👋 2024-07-12T00:33:13Z (#orggmja) @ That's what I'm implying yea! 👌 if we can figure out how to measure complexity, we can figure out how to control complexity and thereby keep software systems and even organizations more simple and easier to manage potentially even more cost-effective. 2024-07-12T00:34:35Z (#7rwp7gq) @ Cool! 👌 I shall have to have a look into these. If you've read both before, perhaps you can share short excerpts or your own thoughts and experiences? 2024-07-12T00:37:20Z (#uepfgma) @ well that depends on what this 2000 lines of coat does right does the 2000 lines of code basically amount to a linear set of instructions with no branching? Or is that 2000 lines of Covid include lots of conditional branching that make understanding what the program does, difficult and hard to maintain? 2024-07-12T00:54:46Z (#4awm25q) @ ![](https://twtxt.net/media/mFpWf6Sj3eFZuHT72R7oQC.png) 2024-07-12T01:08:15Z (#kzjdhia) @ True! 2024-07-12T10:15:14Z (#ebsmpza) This article is worth reading: https://htmx.org/essays/complexity-budget/

Unfortunately, it doesn't go into any concrete specifics or any formal ASOS of measuring and managing complexity budget. 2024-07-12T10:15:58Z (#ebsmpza) This is the whole point of this Yarn where I'm trying to figure out with y'all to see if there might possibly be a way to formally measure and manage complexity, budget of a software, system or organization. 2024-07-12T13:19:54Z [I spent 18 months rebuilding my algorithmic trading platform in Rust. I’m filled with regret. | by Austin Starks | Jun, 2024 | Medium](https://medium.com/@austin-starks/i-spent-18-months-rebuilding-my-algorithmic-trading-in-rust-im-filled-with-regret-d300dcc147e0) 2024-07-12T21:23:03Z (#4awm25q) @ That thing on the top is actually a tent 🤣 2024-07-13T06:50:16Z (#ielhzia) @ Yeah he is 😭

```
2024-07-12T16:52:12-06:00 (#4nlm4ca) Here has been north of 38C all week. Its pretty ick. I would love a bit of rain to cool down.
2024-07-12T16:52:12-06:00 (#4nlm4ca) Here has been north of 38C all week. Its pretty ick. I would love a bit of rain to cool down.
```

I _think_ it's invisible to users of `yarnd` because of the way the cache works 🤣 2024-07-13T08:23:44Z There's a new interesting regression in `yarnd` that's cropped up that results in a `" />` at the end of uploaded/links images. I'm not able to figure this bug out yet 😢 2024-07-13T10:02:35Z (#4tavwgq) @ bisect says last two weeks 🤔 2024-07-13T10:34:41Z (#u66jska) @ I don't think you couldn't have made a better choice myself 👌 2024-07-13T10:35:24Z (#njhluoq) @ Yeah agreed, but there does appear to be a lot of hype around rust for sure 🤣 2024-07-13T13:27:41Z (#4tavwgq) @ Sadly dependency updates 🤦‍♂️ 2024-07-14T04:00:07Z (#436q3aq) @ That's a pretty fun double-base line 👌 2024-07-14T04:55:10Z (#5e6d54a) @ Since I moved all my projects off of Github for a number of reasons, I've also seen a significant decrease in "bug reports", but more so "contributors" too. But... I've always run an up-to-date instance of Gitea at https://git.mills.io where all my projects live. Despite that, it hasn't really seen much use beyond a handful of folk, like y'all here 😢 -- Sadly today, I've had to disable open registration on my Gitea instance, as well as my own Yarn pod (for Twtxt) because of the horrid amount of SPAM you have to deal with and cleanup.

I agree, Email is a giant PITA. I would never ask anyone to send me patches via Email. However on a positive note, I do sometimes get folks reaching out to me on Signal and sometimes Email. Then we form a bit of a relationship, set things up and go from there. That is actually much nicer.

I'm not sure what else we can do? I'm n**NOT** moving back to Github, ever. 2024-07-14T04:55:22Z (#hc262ja) @ What's going on now? 😅 2024-07-14T07:37:36Z (#m6737mq) @ Yeah fair enough! I mean I basisally just say to reach out to me. But I should clarify this too in a bunch of places or consolidate 🤔 2024-07-14T07:38:51Z (#hc262ja) @ Is he dead? 🤔 2024-07-14T07:39:56Z (#kuakstq) @ you meant matrix the movie right not matrix the protocol? 🤣 2024-07-14T07:47:24Z (#5e6d54a) @ Yeah I"m not really sure to be honest what stops people from contributing. Maybe it's a discovery problem too? I'm not sure. Should sit down and see what the contributions have been for some of my projects before and after the migration away from Github? 🤔

> Are we supposed to “forge hop” (as in “distro hop”) all the time, migrate from the most non-shitty hoster to the next? That can’t be the solution.

I sure hope not, that kind of defeats the point of an ecosystem that is suppose to encourage distributed software development and distributed forms of collaboration. Right? 🤔

How do we collectively improve things? 2024-07-14T08:41:36Z (#q4hmq2q) @ looks like spring is well and truly blooming there. 2024-07-15T03:26:56Z (#ielhzia) @ Should
Still work but I had to revert a dependency change that caused a recession in rendering images. 2024-07-15T03:27:59Z (#ielhzia) @ Hmm deleting works for me? 2024-07-15T03:29:15Z (#ielhzia) @ And the "Read More" should only happen if you have that enabled in your user settings hmmm 🤔 2024-07-15T12:50:22Z (#z4ivbfq) @ I'm totally onboard with this idea! 💡 Just like the "slow social" network we've created here. I love it! When do we start? 😅 2024-07-15T13:28:19Z (#z4ivbfq) @ I've been doing this for a long while too, as you know 😅 Not only am I solving my own problems and those of my family, as well as building/supporting Yarn/Twtxt, Salty.im and a few others, but I have a long-term vision of _trying_ to get more folks onboard with the idea of self-hosting 🤣 2024-07-15T13:29:31Z (#tpoazbq) @ Oh so, like, this is a bubble and the AI hype train is going to burst soon™? hmm? 🧐 2024-07-15T13:29:46Z (#jkjmiua) @ Haha 😝 2024-07-15T14:13:36Z (#ebsmpza) @ I don't think I am, either, but I sure as hell am trying to see if there's something here 😅 2024-07-15T14:14:26Z (#flgcrla) @ Test received 👌 2024-07-16T14:07:57Z (#uepfgma) @ I _think_ you're onto something here. I tend to agree that there are different measures of complexity to apply to different things. The only downside I see here is we start to get into the realms of hierarchy and bureaucracy right, as a means to "simplify" the complexity, or abstract it away. I mean we tend to do this in software too, hide the complexity in an abstraction. The problem with this is this also becomes a measure of "complexity" too right and can potentially suffer from a point where it has become "too complex". 2024-07-16T14:24:45Z @ I have a theory as to why your pod was misbehaving too. I _think_ because of the way you were building it `docker build` without any `--build-arg VERSION=` or `--build-arg COMMIT=` there was no version information in the built binary and bundled assets. Therefore cache busting would not work as expected. When introducing htmx and hyperscript to create a UI/UX SPA-like experience, this is when things fell apart a bit for you. I think.... 2024-07-16T15:47:36Z (#smnew7a) @ Don't give up.

What about Signal? I'm had great success with this, friends, family, neighboards. They get it. It works. I don't have to worry about it too much. 2024-07-16T16:12:12Z (#smnew7a) @ I _think_ it's a good choice, better than anything else to be honest. 2024-07-16T16:21:23Z (#gpybp2q) @ Like `yarnd` right? 🤣 2024-07-16T16:22:01Z (#z4ivbfq) @ I agree, slow with decent quality and simplicity would be my thing 💪 2024-07-16T16:48:47Z (#smnew7a) @ Kind of a good perspective really 👌 2024-07-17T01:53:39Z (#c2afqsq) @ Bit like what the suckles folks tried to do right? (Although I never agreed too much with their "ideals" exactly) 2024-07-17T01:59:47Z (#3dpfnpa) @ Thanks 🙇‍♂️ 2024-07-17T21:33:53Z (#raanwfq) @ Same 2024-07-17T21:45:27Z (#22exukq) @ hmmm 2024-07-17T22:39:32Z (#22exukq) @ Yeah I dunno wtf this feed is 🤣 Looks like a gopher feed. Either their client is fucked up, or this is just pure spam 🤔 Anyway found some bugs in `yarnd` that I should fix because of this feed. 2024-07-18T23:21:18Z (#agec3sq) @ you're welcome. 😅 2024-07-18T23:25:46Z (#ojhrg4a) Hmm I thought we blocked this rubbish anonymous gopher feed before? Has it change its location? 🤔 2024-07-18T23:29:11Z (#c2afqsq) @ I couldn't agree more!I have many projects and tools like this that are just "done" 2024-07-19T07:17:55Z (#ojhrg4a) I re-blocked this feed (_if anyone really wants it, please let me know!_) and nuked it from the cache. It's full of garbage AFICT 🤦‍♂️ 2024-07-19T07:37:13Z (#ttjvaya) @ So this is this "Crowdstrike Outage" my wife told me about a few mins ago hmmm 🧐 wtf is going on here? 😅 2024-07-19T11:38:46Z (#ttjvaya) @ Yeah didn't affect us either 2024-07-19T20:41:58Z (#v3tuqra) @ well, it does right but only with special LD flags? 2024-07-19T20:46:07Z (#ttjvaya) @ out of interest what is the self description of crowd strike? What the fuck is it even? 2024-07-19T20:46:51Z (#ttjvaya) @ isn't this why management should never be in charge of fucking technical decisions? 2024-07-19T20:47:42Z (#ghzkkqq) @ what the fuck is Krack anywa? 🤣 sounds like a scam. 2024-07-19T20:56:38Z (#c2afqsq) @ straight up in the first minute I was talking he describes basically the concept of being able to describe your idea a 3 x 5 card. I think that's rather elegant. 2024-07-19T20:56:58Z (#c2afqsq) I assume not necessarily to fit an entire program in a 3 x 5 card though. 2024-07-19T21:02:41Z (#smnew7a) @ The first time I tried matrix I didn't like it either. I tried to join the public room and waited and waited and waited and waited for like 20+ minutes before I could even see anything in the room or even talk in the room! I just find the protocol to be so fucking overcomplicated for what it actually is meant to do. 2024-07-19T21:06:26Z (#jkjmiua) @ do it now. 😅 2024-07-19T21:06:40Z (#l7ek66a) @ glad to still see you around. 🙇‍♂️ 2024-07-19T21:11:12Z (#ooj4evq) @ yeah, according to [this](https://twtxt.net/twt/b3shxmq) article, it stems from what appears to be a global monopoly in the so-called cyber security industry. 2024-07-19T22:16:43Z @ Your pod is behaving much better now right? Any other issues aside from the Edit problem? 🤔 2024-07-19T23:17:49Z (#apiw7uq) @ Yes yes, but so what?! What's like saying the importance of having unit tests... 2024-07-19T23:20:24Z 📣 **NEW:** Added a new feature for pod operators to optionally configure. Compact Front Page.

 ![](https://twtxt.net/media/s52i2AnKEubDerZFTqkqXe.png) 

When enabled will display only one post per feed on the unauthenticated Discover view (_the front page_). 2024-07-19T23:41:26Z (#nwgezha) @ it's amazing that anyone thinks that these so-called instructions in large language models are anything close to what you would consider instructions or even remotely intelligible. 2024-07-19T23:41:56Z Thinking about building infinite scroll for yarn. 2024-07-20T00:09:12Z (#vaozyya) @ to be clear it'll be infinite scroll up until you reach the end of the cache 🤣 2024-07-20T00:09:53Z (#vaozyya) I haven't figured out a way of integrating the couch with the search archive yet... 2024-07-20T08:46:25Z (#vaozyya) @ What about "Click to Load"? 2024-07-20T08:48:04Z (#ttjvaya) @ My god ! 🤦‍♂️ 2024-07-20T22:11:30Z (#vepa7gq) @ Pretty much. One post per feed. 2024-07-20T22:12:42Z (#o53yanq) DuckDuckGo's mobile view does this for example 2024-07-20T22:18:39Z (#smnew7a) @ Messages (formally known as iMessages) has always lacked e2e encryption though and often falls back to using SMS which is worse for security and privacy. -- OTOH this might be all changing for the better with Google lounging for a new standard? 🤔 (Although I do have to wonder: "What's in it for Google?") 2024-07-20T22:42:40Z (#sj2bhjq) Hmmm according to [this](https://proprivacy.com/privacy-service/guides/secure-imessage) you are right! I wonder what kind of crypto they use? 2024-07-21T10:01:21Z (#o53yanq) @ So you neither like "Click to Load" nor "Infinite Scroll" eh? I mean I sort of get it, infinite scroll is kind of annoying as you never really know wtf is going on. Click to Load misses out on "how many pages", "what page you're on", etc. But is it really that bad? 🤔 2024-07-21T12:34:39Z (#o53yanq) @ Heh 😀 This is why we've always implemented features that have differing opinions as either user options, configuration or feature gated 🤣 2024-07-21T12:40:47Z (#o53yanq) @ i'm thinking it's probably worth to try and implement both features as use for configurable preferences just so that we can see what it's like. 🤣 The default, of course would be the regular pagination that exists now. 2024-07-22T13:11:13Z [Some bad code just broke a billion Windows machines - YouTube](https://www.youtube.com/watch?v=4yDm6xNeYas) -- This is a really good accurate and comical take on what happened with this whole Crowdstrike global fuck up. 2024-07-22T14:35:20Z (#lu7gjvq) @ Haha 🤣 I might have liked a few, hell even agreed with you on some 🤣 2024-07-22T14:35:46Z (#ndodcuq) @ Yeah pretty much ooops 🤦‍♂️ 2024-07-23T02:39:49Z (#haiwbdq) @ Who says it's bad stuff or negativity? These are lessons to be learned and things to gain experiences from right? 2024-07-23T02:40:47Z (#pqvv4sa) @ sometimes having the open honest and transparent conversation and discussion is more valuable than anything to be individually gained. 😅 it helps us learn! 2024-07-23T02:46:00Z (#ndodcuq) @ so in other words, their own entire sections of global industries that are using this rubbish crowd, strike antivirus/endpoint detection, piece of crap that are infection effectively in violation of the terms of conditions of the service? 🤔

That's some good sleuth thing that @ 🙇‍♂️ 2024-07-23T02:49:38Z (#43oaqha) @ this reminds me I need to seriously consider exploring the idea of replacing my Plex set up with Jellyfin 2024-07-23T12:20:09Z (#f6727tq) @ This is sadly all too true 🤣 2024-07-24T11:00:03Z Are we over Crowdstrike yet? 🤔🤣 Have We forgotten about it? 😅 2024-07-25T02:26:19Z (#uqxxstq) @ Wer that's a bug! 2024-07-25T02:26:33Z (#uqxxstq) @ What revision are you running? 2024-07-25T02:30:30Z (#l7ek66a) @ can you update to the latest revision in the main branch? 2024-07-25T02:31:06Z (#uqxxstq) @ Please update! 2024-07-25T02:31:55Z (#ug2ndqa) Same hwre 2024-07-25T02:34:37Z (#fhbvv3a) @ Nice to see you still around (even if occasionally) 😅 2024-07-25T02:54:49Z (#uqxxstq) @ I will have a look but I suspect it has something to do with the open nature of the external endpoint. I closed this loophole recently due to other reasons myself. 2024-07-25T02:55:35Z (#uqxxstq) At work right now so will have more concrete details in a few hours from now 2024-07-25T02:57:00Z (#uqxxstq) I also think you may be running a version that had a bug and lacked cleanup of those temp files 2024-07-25T07:47:58Z (#uqxxstq) For example this one that got fixed this year:

```
commit 4304ec7ea3c5df95e0ed82bfa292c9330e342f61
Author: James Mills 
Date: Mon Jan 24 00:10:33 2022 +0000

 Fix bug in DownloadImage() leaking termporary files for external avatar downloads (#746)
``` 2024-07-25T09:45:55Z (#fhbvv3a) @ I'm doing okay 👌 Busy with work as you can imagine, and still tinkering of course whenever I can spare a moment or two! 😅 2024-07-25T09:48:27Z (#ug2ndqa) @ It looks like your some kind of problem with the reverse proxy in front of `yarnd`? 🤔I 'm seeing this error: `incomplete chunked encoding` error(s) ![](https://twtxt.net/media/CYtYtfTcvTzHXdxYFesUcX.png) I don't know anything about this though, tbh I've never seen this before myself 🤔`` 2024-07-25T10:21:17Z (#ug2ndqa) @ Works now! 🥳 2024-07-25T10:21:46Z (#2zjtkea) @ Ahh! Please update to the latest main 🙏 2024-07-25T10:30:30Z (#ug2ndqa) @ I think pods have become exploited over time so I've had to tighten up some feature like the external handler 😢 2024-07-25T10:30:49Z (#2zjtkea) @ Sweet 👌 2024-07-25T10:32:04Z (#2zjtkea) @ Take a backup of the data dir in case I screwed something up 🙏 2024-07-25T10:53:01Z (#2zjtkea) @ Run `make deps`. I use a non-standard (_written in Go_) minify tool 2024-07-25T11:08:18Z (#2zjtkea) @ So `make deps` would have installed some tools in either `$GOPATH/bin` or `$GOBIN`. See which with `go env`. Chuck that in your `$PATH` and you're good to run `make server`. Normally this would be something like:

```
GOBIN=$HOME/go/bin
GOPATH=$HOME/go
export GOPATH GOBIN
...
``` 2024-07-25T11:08:48Z (#2zjtkea) You are reminding me that I should cut a release soon™ so there are binaires you can just "download" and use for the platform of choice 😅 2024-07-25T11:17:49Z (#2zjtkea) @ Note that "Building From Source" is covered in the [docs](https://git.mills.io/yarnsocial/yarn#building-from-source) 2024-07-25T11:25:38Z (#2zjtkea) @ No worries at all! 👌 2024-07-25T11:26:08Z (#2zjtkea) You should have the fancy new SPA-like UI too 😅 (just checked!) 2024-07-25T11:38:16Z (#c7kyxoa) @ Man gotta love that sunset !!! So nice 😊 2024-07-25T12:00:40Z I had a play with [LiveKit Agents Playground: KITT](https://kitt.livekit.io/) and I have to say it's pretty impressive. Not the ChatGPT part of course, but the speech recognition and text to speech synthesis.

> KITT is an AI voice assistant powered by LiveKit Agents, Deepgram, Eleven Labs, and ChatGPT. It is running on LiveKit Playground.

It's too bad it relies on three cloud services, none of which can be run locally (_with the exception of Ollama that you could replace the OpenAI component with_). 2024-07-25T12:56:23Z (#ze3zlba) @ I can see the same errors again hmmm 🧐 @ Did you run out of disk again? 😅 2024-07-25T13:37:22Z Thinking we need to adapt the UI a little bit to something like [this](https://draw.mills.io/#json=2981299105862240,OhjMMMyAL5_oBREM3QAF5Q) 2024-07-25T13:45:28Z (#wbibk2q) ![](https://twtxt.net/media/HzckeTjxTTZvYH8DkMhqkB.png) 2024-07-25T13:49:30Z (#uqxxstq) @ Fuck that script 🤣 you're good! Just follow the [Build from Source](https://git.mills.io/yarnsocial/yarn#building-from-source) docs 😅 2024-07-25T13:53:01Z (#uqxxstq) @ Hopefully it shouldn't 🤞 2024-07-25T13:55:21Z (#uqxxstq) Hopefully you should see traffic die off a bit too as the `/external` endpoint is no longer externally abusable (_get it_) without being an authenticated user -- which became problematic 🤦‍♂️ -- The web is so fucking hostile 🤬 2024-07-25T14:18:05Z (#rbzcmka) @ Oh nothing much 🤣 Just a bunch of folks running really old versions of `yarnd` that were susceptible to abuse on the open web 🤣 2024-07-25T14:20:07Z Hmm remove the cpu limits on this pod, not even sure why I had 'em set tbh, we decided at my day job that setting cpu limits on containers is a bit of a silly idea too. Anyway, pod should be much snappier now 😅 2024-07-25T14:22:11Z (#uqxxstq) @ Hmm that's a bit weird then. Lemme have a poke. 2024-07-25T14:23:32Z (#uqxxstq) Hah 😈

```
prologic@JamessMacStudio
Fri Jul 26 00:22:44
~/Projects/yarnsocial/yarn
 (main) 0
$ sift 'yarnd-avatar-*'
internal/utils.go:666: tf, err := receiveFile(res.Body, "yarnd-avatar-*")
```

@ Don't suppose you can inspect one of those files could you? Kinda wondering if there's some other abuse going on here that I need to plug? 🔌 2024-07-25T14:25:19Z (#uqxxstq) These should be getting cleaned up, but I'm very concerned about the sizes of these 🤔

https://git.mills.io/yarnsocial/yarn/src/commit/983fa87d4ea17f76537e19714ad8a6d19ba9d904/internal/utils.go#L658-L670 2024-07-25T14:27:03Z (#uqxxstq) Do you happen to have the `activitypub` feature turned on btw? In fact could you just list out what features you have enabled please? 🙏 2024-07-25T14:27:52Z (#homd37a) @ That's fucking insane 😱 I know what code-paths is triggering this, but need to confirm a few other things... Some correlation with logs would also help... 2024-07-25T14:28:39Z (#rbzcmka) @ I believe you are correct. 2024-07-25T14:44:18Z (#uqxxstq) @ `sift` is a tool I use for grep/find, etc.

> What would you like to know about the files?

Roughly what their contents are. I've been reviewing the code paths responsible and have found a flaw that needs to be fixed ASAP.

Here's the PR: https://git.mills.io/yarnsocial/yarn/pulls/1169 2024-07-25T14:45:39Z (#homd37a) @ Yeah that should be okay, you get so much crap on the web 🤦‍♂️ 2024-07-25T14:47:58Z (#uqxxstq) @ So... The only way I see this happening at all is if your pod is fetching feeds which have multi-GB sized avatar(s) in their feed metadata. So the PR I linked earlier will plug that flaw. But now I want to confirm that theory. Can I get you to dump your cache to JSON for me and share it with me? 2024-07-25T14:52:08Z (#ze3zlba) @ I'm wondering whether you're having the same issue as @ still? mulit-GB `yarnd-avatar-*1` files piling up in `/tmp/`? 🤔 2024-07-25T14:54:03Z @ / @ My current working theory is that there is an asshole out there that has a feed that both your pods are fetching with a multi-GB avatar URL advertised in their feed's preamble (metadata). I'd love for you both to review this [PR](https://git.mills.io/yarnsocial/yarn/pulls/1169), and once merged, re-roll your pods and dump your respective caches and share with me using https://gist.mills.io/ 2024-07-25T14:55:01Z (#ve43paq) Or if y'all trust my monkey-ass coding skillz I'll just merge and you can do a `git pull` and rebuild 😅 2024-07-25T14:58:28Z (#homd37a) @ Yeah I've had to block entire ASN(s) recently myself from bad actors, mostly bad AI bots actually from Facebook and Caude AI 2024-07-25T15:00:24Z (#ve43paq) I'm going to merge this... 2024-07-25T15:01:52Z (#ve43paq) @ / @ Please `git pull`, rebuild and redeploy.

There is also a shell script in `./tools` called `dump_cache.sh`. Please run this, dump your cache and share it with me. 🙏 2024-07-25T15:03:12Z (#ve43paq) @ The problem is it'll only cause the attack to stop and error out. It won't stop your pod from trying to do this over and over again. That's why I need some help inspecting both your pods for "bad feeds". 2024-07-25T15:03:52Z (#ve43paq) if we can figure out wtf is going on here and my theory is right, we can blacklist that feed, hell even add it to the codebase as an "asshole". 2024-07-25T15:08:46Z (#ybzi67q) @ I _thought_ [Sunday was the hottest day on Earth](https://twtxt.net/twt/cdhmurq) 🤦‍♂️ wtf is wrong with Slashdot these days?! 🤣 2024-07-25T15:10:43Z (#ve43paq) Just thinking out loud here... With that PR merged (_or if you built off that branch_), you _might_ hopefully see new errors popup and we might catch this problematic bad feed in the act? Hmmm 🧐 2024-07-25T15:17:38Z (#ve43paq) @ You want to run `backup_db.sh` and `dump_cache.sh` They pipe JSON to stdout and prompt for your admin password. Example:

```
URL= ADMIN= ./tools/dump_cache.sh > cache.json
``` 2024-07-25T15:18:28Z (#ve43paq) But just have a look at the `yarnd` server logs too. Any new interesting errors? 🤔 No more multi-GB tmp files? 🤔 2024-07-25T15:22:51Z (#ve43paq) @ Ta. I hope my theory is right 😅 2024-07-25T15:27:58Z (#ve43paq) @ Thank you! 🙏 2024-07-25T15:31:30Z (#ve43paq) Ooof

```
$ jq '.Feeds | keys[]' cache.json | wc -l
4402
```

If you both don't mind dropping your caches. I would recommend it. Settings -> Poderator Settings -> Refresh cache. 2024-07-25T15:31:58Z (#ve43paq) That was also a source of abuse that also got plugged (_being able to fill up the cache with garbage data_) 2024-07-25T15:37:47Z (#ve43paq) @ The one you sent is fine. I'm inspecting it now. I'm just saying, do yourself a favor and nuke your pod's garbage cache 🤣 It'll rebuild automatically in a much more prestine state. 2024-07-25T15:53:12Z Hmmm 🧐

```
for url in $(jq -r '.Twters[].avatar' cache.json | sed '/^$/d' | grep -v -E '(twtxt.net|anthony.buc.ci|yarn.stigatle.no|yarn.mills.io)' | sort -u); do echo "$url $(curl -I -s -o /dev/null -w '%header{content-length}' "$url")"; done
...
```

😅 Let's see... 🤔 2024-07-25T15:54:45Z @ / @ Any interesting errors pop up in the server logs since the the flaw got fixed (_unbounded `receieveFile()`_)? 🤔 2024-07-25T16:22:09Z (#qv5sgja) @ Hmm I can see your twts on my pod now 🤔 2024-07-25T16:23:28Z (#2rxkcca) @ Seems to be okay now hmmm 2024-07-25T16:28:25Z (#2rxkcca) @ Oh 🤣 Well my IP is a known subnet and static, so if you need to know what it is, Email me 😅 2024-07-25T16:28:53Z (#2rxkcca) Out of interest, are you able to block whole ASN(s)? I blocked the entirely of teh AWS and Facebook ASN(s) recently. 2024-07-25T16:30:08Z Anyway, I'm gonna have to go to bed... We'll continue this on the weekend. Still trying to hunt down some kind of suspected mult-GB avatar using @ 's pod's cache:

```
$ (echo "URL Bytes"; sort -n -k 2 -r < avatars.txt | head) | column -t
URL Bytes
https://birkbak.neocities.org/avatar.jpg 667640
https://darch.neocities.org/avatar.png 652960
http://darch.dk/avatar.png 603210
https://social.naln1.ca/media/0c4f65a4be32ff3caf54efb60166a8c965cc6ac7c30a0efd1e51c307b087f47b.png 327947
...
```

But so far nothing much... Still running the search... 2024-07-25T16:32:49Z (#2rxkcca) @ no problems 👌 one problem solved at least 🤣 2024-07-25T16:34:23Z (#4ljpfuq) @ Thanks! Sooo cold 🥶 2024-07-25T16:35:21Z (#rdeh4dq) @ No worries! All in the name of better reliability and security 😅 2024-07-25T23:21:33Z Hmmm something happened last night at ~3am (AEST) that decrased traffic to my pod quite considerably... Hmmm? Anyone have any ideas? 💡 ![](https://twtxt.net/media/7XgdMPoJpDR9itntiBeQjH.png) ![](https://twtxt.net/media/MdhD9p5nSaSe4jdk6zu4oR.png) 2024-07-26T00:01:45Z (#2qczosq) @ Hehe 🤣 2024-07-26T02:43:44Z (#2rxkcca) FWIW I'm still trying to find the the cause of the mult-GB avatars that both @ and @ 's pods were both teying yo download. The flaw has since been fixed in the code but I'm still trying to investigate the source 🤞 2024-07-26T02:45:43Z (#2rxkcca) Also FWIW this is all my fault for writing shitty vulnerable code 🤣 So blame me! I'm sorry 🙏 2024-07-26T11:31:54Z (#kwepmhq) @ Huh? 🤔 2024-07-26T11:54:25Z (#kwepmhq) @ Weird dunno what to say🤣 2024-07-26T12:13:15Z Oh I forgot again 🤦‍♂️ Last Saturday of the month, so if anyone's up for a friendly catch up over video tomorrow? Same time, same place 👌 2024-07-26T21:16:07Z (#bgoecxa) @ This ☝️ 2024-07-26T21:24:25Z (#bbnfuvq) @ I'll fix it tonight Sadly I have to rebuild the index 🤦‍♂️ 2024-07-26T21:34:51Z Cool! Our park has disappeared again this morning! 😱 Also it was cold outside! 🥶 ![](https://twtxt.net/media/gPrFx6Qo5QNimKGQboRRfc.png) 2024-07-27T02:16:18Z (#sy2nsaq) @ it's very muggy in the Table Tennis hall right now I had to take my jacket off 🤣 2024-07-27T02:41:11Z (#yet64mq) @ I heard one of the candidates promised to invest 4,000,000 bitcoin 🤣 2024-07-27T03:07:58Z (#yet64mq) @ Haha 🤣 2024-07-27T13:55:47Z Bit tired myself folks. It's 00:00 here and I'm going to bed 🛌 2024-07-27T23:27:13Z (#4sjwnna) @ Oh gawd 😱 2024-07-28T10:17:47Z (#dxu6n5a) @ ]*}WireGuard (which Tailscale operates and makes management easier) is great!

For an open source alternative to Tailscale, check out Headscale! 👌 2024-07-28T22:17:00Z (#rrjesxa) @ I don't yet primarily because I only have 3 Wireguard peers to manage right now. 2024-07-28T22:20:15Z (#dxu6n5a) @ 😁 2024-07-29T02:52:52Z (#dxu6n5a) @ Nice one! 👌 2024-07-29T06:21:49Z (#vq422aa) @ my understanding is that headscale has to be publicly accessible anyway for all peers to be able to reach it right? 2024-07-29T07:00:33Z (#vq422aa) @ Yeah AFAIK I _think_ it uses STUN to punch holes thorugh CGNAT and any firewalls so it all "just works"™ 😅 2024-07-29T23:55:43Z (#icme3oq) @ maxed out on what resource? 2024-07-30T10:30:08Z (#icme3oq) @ yes but which one? 🤣 2024-07-30T11:39:24Z (#a6qkkfa) @ I'd love to be able to do this! 2024-07-31T09:45:01Z (#ku2sgda) @ It's only the Docker engine itself that consume a bit more memory which is responsible for managing containers on the host. There's also a tiny bit of overhead with containerd too. which acts as the parent and supervisor of the container, but that's pretty small. 2024-07-31T16:03:05Z (#puzgwfa) @ Awww 😍 2024-07-31T16:05:11Z (#himy26a) @ da fuq?! Indeed! 😱 won't be buying a Logitech product ever again!!! 🤦‍♂️ 2024-07-31T23:13:05Z (#r7e74gq) @ That is pretty freak'n cool! 2024-08-01T02:37:01Z (#3yugrla) @ And what client(a) are you using or tried? 🤔 2024-08-01T09:33:19Z (#ynx4fea) @ Oh damn! 🤣 Happy birthday!!! 🥳🥳🥳 2024-08-01T10:10:52Z (#r7e74gq) @ Thinking of publishing this Desktop app and maybe open sourcing it? 🤔 2024-08-01T16:44:12Z (#3yugrla) @ Wait: Why did you need to spin up a new VPS? 🤔 2024-08-01T16:45:25Z (#r7e74gq) @ I can help with nacIS builds 2024-08-01T17:01:24Z Hmmm I'm a little concerned, as I'm seeing quite a few feeds I follow in an error state:

I'm not so concerned with the 15x `context deadline exceeded` but more concerned with:

```
aelaraji@aelaraji.com Unfollow (6 twts, Last fetched 5m ago with error:
dead feed: 403 Forbidden
x4 times.)
```

And:

```
anth@a.9srv.net Unfollow (1 twts, Last fetched 5m ago with error:
Get "http://a.9srv.net/tw.txt": dial tcp 144.202.19.161:80: connect: connection refused
x3733 times.)
```

Hmmm, maybe the stats are a bit off? 🤔 2024-08-01T17:02:10Z (#knoyxnq) @ / @ Your still alive and kick'n right? 😅 2024-08-01T17:57:40Z (#fwlvqmq) @ This reminds me. Should `yarndd` render urls that look like that _might_ be images? 🤔 2024-08-01T18:26:36Z (#pnqtxya) @ Yes yes we do 🤣 So go make one haha 😝 you're pretty good at writing C in small places 💪 2024-08-01T18:32:59Z (#trlxqwq) @ Hmm looks like it's there now? 🤔 2024-08-01T18:33:59Z (#knoyxnq) @ Yeah u think it's just misleading UI/UX 2024-08-01T18:35:03Z (#fwlvqmq) @ Yeah okay 👌 2024-08-01T18:57:18Z (#el52hqq) @ Test received 👋 2024-08-01T23:01:25Z (#3yugrla) @ Oh I was thinking something more silly like the instructions made it hard to run it alongside anything else 😅 2024-08-01T23:04:12Z (#trlxqwq) @ Hmm I have a funny feeling that @anth has blacklisted my server ip range for some reason? I'm getting consistently "connection refused" from my pod, but I can fetch his feed from my desktop. Hmmm? 2024-08-02T00:42:36Z (#jaxyq2a) @ Hmm interesting new feed 🤔 Looks legit too 😅 2024-08-02T00:44:11Z (#zekjk6a) @@grumpygordie.great-site.net Welcome! 👋 Just saw your feed pop up in the crawler 👌 2024-08-02T00:44:36Z (#zekjk6a) @@grumpygordie.great-site.net I think realistically the only thing you're missing is an avatar. 🤣 2024-08-02T00:46:16Z (#7dv3ajq) @@grumpygordie.great-site.net you're not the only one buddy. 🤗 most of us here also don't have generally corporate socials or fesiverse presents. We like it slow 🤣 some coldest the slow social media. 😅 2024-08-02T00:46:39Z (#y3lveaa) @@grumpygordie.great-site.net Welcome! 🥳 2024-08-02T00:47:50Z (#ieg4vmq) @ what the CEO of Clownstrike doesn't have a sense of humor. 🤣 2024-08-02T02:55:14Z (#zekjk6a) Ahh you are right ! I didn't motice 🤦‍♂️ 2024-08-02T06:48:57Z (#knoyxnq) @ Ahh so it's not just me! 😅 2024-08-02T09:47:33Z (#knoyxnq) @ Haha no worries! Glad you're alive and kick'n 🤣 2024-08-02T10:39:36Z (#pqecyfq) @ is there anything else in front of your server or is it just direct? 🤔 2024-08-02T10:43:39Z (#zekjk6a) @ yes it's because of the advertised nickname in the feed. The spec actually doesn't allow this and ysrnd implements the spec pretty closely really.

```
# Nick = Grumpy G.
``` 2024-08-02T10:44:11Z (#luymgva) This ☝️ 2024-08-02T20:12:01Z (#7ru2ora) @ Cool! 😎 2024-08-02T20:12:36Z (#avojk3q) @ my gosh! 😅 I hope @iolfree@tilde.club is okay 👌 2024-08-02T20:15:08Z (#pqecyfq) @ Ahh it _might_ very well be a Clownflare thing as @ eluded to 🤣 One of these days I'm going to get off Clownflare myself, when I do I'll share it with you. My idea is to basically have a cheap VPS like @ has and use Wireguard to tunnel out. The VPS becomes the Reverse Proxy that faces the internet. My home network then has in inbound whatsoever. 2024-08-02T20:16:57Z (#fczuzqa) @ Pretty cool looking huts 🛖 One of those structures kinda looks like the gallows 🤣 2024-08-02T20:37:27Z Big day, hell big weekend! Got Table Tennis 🏓 tournament 🏟️ where I'm the team captain of a team of two young players aged 9 and 10 called Spin Kings 🤣 The competition looks really tough, I'm not really sure how we'll go to be honest, but we'll try out best 😅 2024-08-02T20:44:14Z (#6psdlwq) @ Thank you! 🙏 2024-08-02T20:58:04Z (#7ru2ora) This pod is consistently using ~200MB of memory and ~2-5% of CPU. ![](https://twtxt.net/media/yAb7XixDthg8YHNasVAA85.png) -- I keep trying to make improvements and optimizations as I come across them over time 😅 2024-08-02T20:59:21Z (#7ru2ora) Pretty sure those peaks and troughs are the feed fetchers, which one of these days I'll trry to optimize and smooth out. 😅 2024-08-02T21:22:40Z (#6psdlwq) @ Thanks! 2024-08-02T21:31:12Z FYI: I will be deleting the following 57 inactive (dead?) users on this pod today:

```
henseegeek fundor333 westbam onlyfansreview mabdalrahman retronav crunched deebs tca qwe234 pfefferle razetime kayos marguesto john yale slackjeff kodaira313a denisovich mlctrez jcrawford l3db3tt3r crunch homer mjy testdrive neoboard svendowideit palash k0rr stxh nirmal_kumar jan6 bram frankiem cvshumake qazsx apoorv10 duriny_test heyjude asepaned testest kevin natascha_e papz anvis spammer lonfas kamme dooven aatikakhan enochthec aman justinakers pc dai superyarn
```

If you wish to keep your account/feed, please login immediately. You have ~12 hours from this post (_as I'll be out playing table-tennis 🎾_) 2024-08-02T21:32:52Z (#kai5mba) Interesting stats here. My pod has some ~250 accounts/feeds, of which only ~10 are actually actively used. Just doing some "house cleaning" here, and since the good 'ol days of "oh wow this is cool, new and shiny!", well that's gone, and since then I've turned off open registration, so most of this is just garbage and spam. 😅 2024-08-02T21:33:33Z (#kai5mba) If every Yarn pod had a good ~10 or so friends/family/co-workers/colleagues and we grew Yarn.social one pod at a time, I'd be very happy 😊 2024-08-03T01:29:12Z (#6drn6mq) @ Haha my criteria is being inactive for over two years 🤣 2024-08-03T05:37:33Z (#e3jorla) @ what makes it so great? 🤔 2024-08-03T08:49:50Z (#kai5mba) @ Hehe these are accounts that haven't been used for over 800 days 🤣 2024-08-03T08:50:38Z (#6psdlwq) @ Well we lost all three rounds 🤣 6-1 6-1 7-0 😱 2024-08-03T09:51:58Z (#smnew7a) @ And you thought it would be what exactly? 🤔 This is Meta we're talking about 🤣 2024-08-03T09:52:46Z (#w52tnxa) @ Oh wow that's a nice shot! 👌 Don't think I've ever seen an Owl like this! What species of owl is it? 🤔 2024-08-03T09:53:29Z (#pnqtxya) @ So you gotta write your own TCP/IP stack right? 😅 Did that for an undergrad uni assignment, how hard can it. be 🤣 2024-08-03T10:01:19Z (#pnqtxya) @ Bahahaha 🤣 2024-08-03T10:02:15Z (#smnew7a) @ I _think_ you're mistaking expectations for quality software 🤣 When have you ever seen quality software out of an enterprise? 😅 2024-08-03T12:03:14Z (#w52tnxa) @ Of! It's not real?! 😱 2024-08-03T12:03:48Z (#smnew7a) I've been tricked! 🤣 2024-08-03T20:42:59Z (#vsovozq) Hmm I'm not sure either 🤔 2024-08-03T20:44:32Z (#iztis3a) Hmm like @ 2024-08-03T20:44:59Z (#iztis3a) Yeah okay I can reproduce that weird auto-complete bug 2024-08-03T20:49:51Z (#puxvjcq) Nope none that I can think of 🤔 2024-08-03T20:56:17Z (#iztis3a) @ Shy are those seem like dupes with different hashes? 2024-08-03T20:59:30Z (#iztis3a) Hm mm these are identical in content:

```
$ diff -Ndru <(bat https://twtxt.net/twt/7hraijq | jq -r '.text') <(bat https://twtxt.net/twt/ta6uu5q | jq -r '.text') | wc -l
0
``` 2024-08-03T21:02:33Z (#iztis3a) What da actual fuq?! They have the same timestamp too!

```
$ bat https://twtxt.net/twt/7hraijq | jq '.created'
"2024-08-03T19:30:00+02:00"
$ bat https://twtxt.net/twt/ta6uu5q | jq '.created'
"2024-08-03T19:30:00+02:00"
```

And the same Twter (URI) 2024-08-03T21:03:28Z (#iztis3a) @ (_ahh auto-complete is broken only on Mobile?_) @ is our hashing reached a point where it's broken and needs to be dumped? 🤔 2024-08-03T21:06:13Z (#iztis3a) Yeah, this looks like a hash collision to me right? Same twt, same timestamp, same twter, produces two different hashes? I'm not even sure how da fuq this is even possible?

```
$ diff <(bat https://twtxt.net/twt/7hraijq | jq '.') <(bat https://twtxt.net/twt/ta6uu5q | jq '.')
10c10
< "hash": "7hraijq",
---
> "hash": "ta6uu5q",
``` 2024-08-03T21:13:24Z (#iztis3a) In fact I cannot produce eitehr of these hashes:

```
$ pbpaste | ./yarnc hash -u https://lyse.isobeef.org/twtxt.txt -t 2024-08-03T19:30:00+02:00 -
bsormva
```

What da fuq?!

```
$ bat https://twtxt.net/twt/7hraijq | jq -r '.text' | ./yarnc hash -u https://lyse.isobeef.org/twtxt.txt -t 2024-08-03T19:30:00+02:00 -
bsormva
``` 2024-08-03T21:13:58Z (#iztis3a) @ / @ / @ any ideas wut da fuq is going on here?! 🤣 2024-08-03T21:14:15Z (#iztis3a) Computers aren't meant to give me three different answers 🤣 2024-08-03T21:37:20Z (#iztis3a) A equivalent `yarnc debug ` only sees the 2nd hash ![](https://twtxt.net/media/7c3rEWveU64SAxrXZ6CDYS.png) 2024-08-03T21:37:57Z (#iztis3a) That is this one:

```
ta6uu5q 2024-08-03T19:30:00+02:00 (#puxvjcq) Hmmm, what is going on here? ...
``` 2024-08-03T21:38:50Z (#iztis3a) `bsormva` is not a hash found in @ 's feed at all according to `yarnc debug` which is printing the hash and corresponding Twt per line. 2024-08-03T21:41:28Z (#iztis3a) I can't explain this. I'm leaning towards a peering pod being responsible for producing a different hash, and twtxt.net pulling that in from a peer. But that would only happen if my pod doesn't have the Root Twt ans asked its peers for it. And that implies other pods are producing incorrect/different hashes "somehow". So all of that seems highly unlikely tbh. 2024-08-03T21:41:55Z (#iztis3a) I don't think I'm smart enough to figure this out 😅 2024-08-03T21:43:32Z (#erbrtyq) @ Nah it wasn't me, trust me 🤣 I _actually_ use [Traefik](https://traefik.io/traefik/) for my ingres. 2024-08-03T21:47:34Z As for @ 's odd Twt, I only see one instance of this:

```
2023-01-09T22:42:37Z (#dusjj6a) @ As far as I know, they're still visible in the Web UI. Although, in the mobile app and youtube.com, I believe it tells you that the video isn't available without having to click on it. They don't tell you that in the RSS feed, and I agree; it gets annoying.

If we had a custom feed generator that hooks directly into the YouTube API, I'll bet we could find that information and put "[Scheduled][Scheduled=][Scheduled][Scheduled=][Scheduled][Scheduled=][Scheduled][Scheduled=]" in the title for premieres and remove it when the video is available.
```

And I have no fucking clue how this happened. I can't imagine anything in the `yarnd` codebase would be responsible for this weirdness 🤣 2024-08-03T21:48:13Z (#o2zaxpq) Like what was this meant to be anyway?

```
"[Scheduled][Scheduled=][Scheduled][Scheduled=][Scheduled][Scheduled=][Scheduled][Scheduled=]"
``` 2024-08-03T21:49:54Z The mobile autocomplete bug is something I can reproduce and likely fix soon™ -- I _think_ its happenning because I accidentally nuked this pod's cache the other day (sorry!) 😢 -- But it is also a bug 🐛 2024-08-03T22:11:22Z @ works 2024-08-03T22:12:05Z @@ does not hmmm 2024-08-03T22:12:39Z (#n2e7swq) We'll kind of the backend fixes it or grid to 🤣 2024-08-03T22:13:09Z @@ 2024-08-03T22:24:19Z 👋 At some point over the next day or two I will be deleting the following feeds/accounts:

https://gist.mills.io/prologic/ae61ae2bfba6401e8955a33394fd858b

If anyone spots anything on this list that shouldn't be deleted, please let me know! 🙏 2024-08-03T22:24:37Z (#jvac34a) ```
$ wc -l inactive.txt
152 inactive.txt
``` 2024-08-03T23:24:20Z (#iztis3a) @ LOL 🤣 2024-08-03T23:24:54Z (#thfnzga) @ LOL 🤣 2024-08-03T23:27:53Z (#ixtt4va) @ That's actually all I used it for myself 👌 All those other "bells 'n whistles" are really just Traefik supporting lots of alternate setups and drivers for discovery, etc. 2024-08-04T09:52:30Z (#puxvjcq) @ This is really weird. Do you have an example of this bracketed text? Re peers, I'm aware of all the peers, nothing surprising there. 2024-08-04T09:53:31Z (#jvac34a) @ No problems! Is it stils in the list when I redo this search, it'll be gone 😅 2024-08-04T10:05:47Z (#puxvjcq) Hmm I see it! It's so obvious 🤦‍♂️ I smell an attack of some kind. 2024-08-04T10:08:14Z @ / @ could you both please change your password immediately? I will also work on some other security hardening that I have a hunch about, but will not publicize for now. 2024-08-04T10:11:15Z (#zyfuixq) @ Yes

> How do the feeds look on disk? Do they already contain this bracketed text?

Because the handle just serves the Twtxt file directly. 2024-08-04T11:12:48Z (#puxvjcq) @ Thank you! 🙏 2024-08-04T11:15:05Z (#msrnsya) @ I'm not sure this is a bug to be honest? What possible code could cause this?! 🤔 2024-08-04T11:15:49Z (#gwuk3aa) @ Nice one 🥳 Kooking really good! 👌 2024-08-04T11:20:03Z (#msrnsya) The reason I think this is some kind of attack is based on the repeated content and some of its uniqueness 🤔 This is so uncharacteristic if both victims 🤔 2024-08-04T11:23:04Z (#puxvjcq) @ Holy fucking shit! You're right! You got me out of bed for this one, I spun my local dev instance and entered a Twt with `[foo]` and ended up with `[foo][foo=][foo][foo=]` wut da actual fuq?! 🤔 2024-08-04T11:24:34Z (#puxvjcq) It's also (_expectedly_) in the feed file on disk:

```
2024-08-04T21:22:05+10:00 [foo][foo=][foo][foo=]
``` 2024-08-04T11:34:30Z (#mo6moma) @ I _think_ it's these lines of code: https://git.mills.io/yarnsocial/yarn/src/commit/5101ec240ddb0e5e39809bf8a7b847508b3ac298/internal/feed.go#L162-L166 2024-08-04T12:18:33Z (#mo6moma) @ More on #yarn.social on LiberaChat (IRC) obviously 🙄 2024-08-04T12:19:16Z (#hmwk76a) Scratch that. Bug found! 🐞 2024-08-04T12:45:30Z (#hmwk76a) @ ROFL 🤣 So now you want Twts to be analyzed for secrets, keys and what not before posting and some kind of DLP ?! 😱 Farrrrrkkkkk 🤣 2024-08-04T13:17:56Z (#mo6moma) Fixed! 💪 2024-08-04T13:18:11Z (#mo6moma) Or rather reverted lextwt (_for the time being_) 2024-08-04T13:18:24Z (#mo6moma) Many thanks @ 🙏 2024-08-04T13:22:11Z (#rytjgfq) @ Hmm none whatsoever in the feed they are teh same:

```
2024-08-03T23:24:20Z (#iztis3a) @ LOL 🤣
2024-08-03T23:24:54Z (#thfnzga) @ LOL 🤣
```

However just noticed both of these now render the same again, weird 🤔 2024-08-05T00:07:29Z (#4wkubgq) @ very nice 👌 2024-08-05T00:08:52Z (#rytjgfq) @ you mean to say always show the domain part for mentions even on the same pod? 2024-08-05T00:09:28Z (#mo6moma) @ Yeah @ has a Paul request to fix this already so I'll have a look at that and get that merge soon. 2024-08-05T00:10:57Z (#setnhja) @ Cool! 👌 2024-08-05T00:25:10Z (#lgzrfja) @ Merged! 2024-08-05T00:25:43Z (#rytjgfq) @ Okay, easy enough to do. And I agree ☝️ 2024-08-05T02:25:59Z (#mo6moma) @ [confirmed] 2024-08-05T02:54:50Z (#rytjgfq) Hmmm even this thread is weirdly inconsistent and there should be no reason for it hmmm 🤔 2024-08-06T02:27:46Z (#6rfanja) @ Authelia 2024-08-06T02:29:33Z (#zxcwc7a) @ Thank you! 🙏 2024-08-06T02:31:07Z (#k3rqfxq) @ Samw here 🙄 I hardly ever take much time off 😱 🤦‍♂️ 2024-08-06T02:35:40Z (#js2srhq) @ I do and we (royal asshole we) still use and abuse people's data even today right?! 🤣

Why should or would I want to join that evil fucked ip crowd 😅

To me as a self-hosted enthusiast its noise and wasteful. 2024-08-06T03:24:15Z Okay. The house is properly cleaned up. There are 77 users on this pod, 34 inactive and 12 active. That's a good effort I _think_. Maybe some of those folks that haven't been around for a while, but were pretty decent folks to talk to and interact with may come back. For example @ 😅 2024-08-06T13:52:27Z (#tutjihq) @ He's doing alright 👍 Thanks for ask'n ! 🙇‍♂️ 2024-08-06T14:21:29Z (#tutjihq) @ Oh! 🤔 Hmmm I'd better check the `data` directory. Not sure what happened there 😢 2024-08-06T14:24:40Z (#tutjihq) Fixed! 2024-08-06T22:45:49Z [OTS](https://ots.mills/io) works Soo great! 👌 Juat got my mother to use it to share some creds so I could take over her web hosting needs 🤣 2024-08-06T22:54:31Z (#tutjihq) @ I'll let him know 😅 2024-08-07T02:14:30Z (#t6ojuaq) @ Fuck no it was unintentional 🤣 Oops! Too late to fix now! 2024-08-07T02:14:50Z (#t6ojuaq) https://ots.mills.io 2024-08-08T02:43:06Z (#2sxdowq) @ Is this open source and someyhing you run locally on the machine? 🤔 No Cloud? 2024-08-08T02:44:50Z (#2sxdowq) Hmmm looks like I started the repo and previously found it "interesting" 🤔 ![](https://twtxt.net/media/6THf9BCvwoSSacvwYY3GB4.png) 2024-08-08T05:54:33Z (#2sxdowq) @ oh I see! Yeah, health checks looks like something I wouldn't have any need to run myself or use because most of my background jobs or tasks run in my swarm cluster anyway and I don't really have that many background or cron type jobs in the first place. 2024-08-08T05:55:02Z (#2sxdowq) That's scrutiny is definitely something I wanna look at running. 👌 2024-08-09T07:42:26Z Found out today, that the registrar that I use [Only Domains](https://onlydomains.com)'s AU front door is **DOWN**. That is https://onlydomains.com.au

```
$ host -t A onlydomains.com.au
onlydomains.com.au has address 198.50.252.65

$ curl -v https://onlydomains.com.au/
* Trying 198.50.252.65:443...
* connect to 198.50.252.65 port 443 failed: Connection refused
* Failed to connect to onlydomains.com.au port 443 after 222 ms: Couldn't connect to server
* Closing connection
curl: (7) Failed to connect to onlydomains.com.au port 443 after 222 ms: Couldn't connect to server
``` 2024-08-09T21:07:55Z (#mlq66zq) @ Welcome to Yarn.social 🥳 2024-08-09T21:09:44Z (#5nq6euq) @ Nope we don't! `yarnd` only has a limit (configurable) to prevent abuse really. 2024-08-09T21:13:06Z @ You need an Avatar 😅 2024-08-09T21:28:11Z (#zsz2ewq) @ Well no shit! But not only "agile" but this stupid over-uses thing called "micro services" 🤦‍♂️ 2024-08-09T21:45:58Z (#qncgteq) @ Is saving the password a good idea security-wise? Or do you save/load it from the user's password manager using an API to do so? 🤔 2024-08-09T21:48:48Z (#4ha7jma) Holy moly! 😱 It's still down and has been over night. This has probably been down for longer hmmm 🧐 ![](https://twtxt.net/media/VJpjgw3sjUAB9gQV3JeyiJ.png) 2024-08-09T21:50:37Z (#4ha7jma) @ That ain't the half of it. The worst part is, they (support) don't give a crap, seem to be poorly trained in "incident management" and you can't even tell anyone at the company about this (that cares) 🤦‍♂️

Not only that, but how embarrassing is it for a domain registrar to not be able to get domain management right? Support tell me things like:

> We only have onlydomains.com we don't use onlydomains.com.au

To which I reply:

> No, you are wrong. I've been a very long-term customer and your portal has always been available on both domains. You don't know your own company's history. 2024-08-09T21:51:40Z (#4ha7jma) At this point I'm thinking of migrating away from OnlyDomains and choosing a different registrar. If OnlyDomains can't even do something as simple as maintain their own fucking domain name, how am I supposed to trust them as a service/registrar of my domains?! 🤔 -- Not only that, but recently they've put all their domain prices up too on a bunch of TLD(s). 2024-08-09T21:52:46Z (#qncgteq) @ Ahh cool! 😎 2024-08-09T22:35:43Z (#tm726iq) @ That's awesome! And nice Avatar! 👌 2024-08-09T22:37:02Z (#mlq66zq) @ That was the original idea and motivation! 😅 Still is 👌 2024-08-09T22:40:22Z @ by the way, on the last Saturday of every month, we generally hold a online video call/social meet up, where we just get together and talk about stuff if, you're interested in joining us this month. 2024-08-09T22:56:01Z Anyone recommend a domain registrar, that's only a domain registrar and nothing else? I'm not interesting in Email Hosting, Web Hosting, Parking, or whatever other silly nonsense. Just domain registration, delegation and renewal. 2024-08-09T23:02:05Z (#bwq5y4q) @ How much is this baby earning you? 🤔 2024-08-10T02:08:15Z (#ob7fkla) @ LOL! 🤣 2024-08-10T02:08:34Z (#ob7fkla) Probably not enough to cover the electricity cost, right? 🤣 2024-08-10T04:56:22Z (#vcuiqiq) @ I usually open it up for a 4hr window that works around the multiple time zones 🤞 2024-08-10T04:56:57Z (#zzqls4a) @ Yeah 🤣 2024-08-10T05:06:09Z (#tm726iq) @ Nice! 👌 2024-08-10T05:37:07Z (#fe5sxaa) @ LOL 🤣 Good to see search engines axtually index our content 🥳 2024-08-10T07:18:15Z Whoo @ is back! 🥳 2024-08-10T09:20:13Z (#ihto6ka) @ 

> James your twtxt is way too short…. 

Seriously?! 😅 1024 bytes (1kb) isn't enough?! 😱🤦‍♂️🤣 2024-08-10T09:33:09Z (#ihto6ka) I suppose there's no harm in increasing it to 2kB 🤔 2024-08-10T14:46:15Z (#bwq5y4q) @ Ahh so it's your way of trying to win a small lottery 🤣 2024-08-10T14:48:20Z (#dhdo3hq) @ Yup, definitely VR! 2024-08-10T14:49:23Z (#vbm6riq) @ That's a god one too! 2024-08-10T21:48:40Z (#ihto6ka) @ Setting up a local Apache + PHP server on your Ubuntu laptop is easy as pie 🤣

What do you think the world runs on 😅 Hint: Not Windows 🤣 2024-08-10T21:50:56Z (#s3lyspa) @ Very nice! 👌 I've enjoyed your photos and stories of your trips!

Do you normally take 4-week long vacations all in one go? 2024-08-10T21:52:09Z (#nogtxla) @ I don't have a VR headset yet, but I still view it as one of the most improved pieces of tech. 2024-08-11T02:47:03Z (#l3jniea) @ It's also astonishing how much power these things use and how incredibly inefficient they are 🤣

But seriously though we have come a long way in _some_ machine learning sxiwnde and twxh and we've managed to build ever more powerful and power hungry massively parallel matrix computational hardware 😅 2024-08-11T02:48:59Z (#l3jniea) LLMs though, whilst good at understating the "model" (or shape) of things (not just natural language), are generally still stochastic parrots. 2024-08-11T07:44:53Z (#ehkaxyq) @ cc @ can you help here? 🙏 2024-08-11T08:05:08Z (#o3uieza) @ So tou mean wine? The windows emulator?

You don't need to use wine to run Apache.

It should be installable from the package manager (software center) or whatever it's called. 2024-08-11T10:44:09Z (#s3lyspa) @ Ahh nice! i only get 4 weeks off a year 🙄 2024-08-12T01:40:51Z (#s3lyspa) @ Yeah in Australia it's only 20 paid days of annual leave (paid) 2024-08-12T01:42:21Z (#l3jniea) @ I don't believe so. But then again we'd have to define what cognitive understanding really is 😅 LLM(s) have none. 2024-08-12T03:24:03Z (#kuc5hsq) @ Bahahaha 🤣 I doubt I could write a chess engine now 😅 2024-08-12T03:26:20Z (#l3jniea) @ Can't argue with the some of the feats we've achieved for sure 😅 I think some of the good stuff is in smarter auto completion: summarization and pattern reproduction.

But "intelligent" it ain't 🤣 2024-08-12T07:05:27Z (#jqja6pa) @ Normally you would so something like this on Ubuntu:

```
sudo apt install apache2
```

In fact I highly recommend you follow this guide:

[Install and Configure Apache](https://ubuntu.com/tutorials/install-and-configure-apache#1-overview) 2024-08-12T13:29:34Z [Transparency petition - Whistleblower Justice Fund](https://www.droptheprosecutions.org.au/stopsecrecy) 2024-08-12T15:25:41Z (#ietksxa) @ What's the temp? 🤔 2024-08-12T16:11:29Z (#ietksxa) @ Ooof that's a bit warm 🥵 2024-08-13T07:07:11Z I like how tags like #reading now actually work correctly on Yarn pods 👌 2024-08-13T12:36:43Z (#ah6fzqq) @ You are right. I'll have to fix the later for sure, the finding "reading" in "foo-reading" is probably a behavior of the indexing and search library being used. It probably behaves that way. 2024-08-13T13:17:17Z (#ah6fzqq) @ No bubbles burst 💥 hehe 😝 All good! 👍 I think I was aware of the search results and the lack of interactivity there, artifact of borrowed template code from the search engine 😢 Just need to refactor it to use the same template as the normal timeline, but also support highlights, something it doesn't do now either. 2024-08-13T14:42:20Z (#nlbbcgq) @ And we are surprised why? 🤔 2024-08-13T20:15:48Z (#7lf75ba) This is why you stick to POSIX sh as @ points out 🤣 Prwtry sure this is a "Bashism" right? 2024-08-13T20:18:04Z (#755ufoq) @ Probably used one of the filters? 🤔 2024-08-13T20:18:27Z (#ggdhy4q) @ I'm not looking forward to summer at all 🥵 2024-08-13T20:20:00Z What a glorious morning for a public holiday 💪 What shall I do today? Hmmm 🧐 2024-08-13T20:23:46Z (#s7egwtq) @ It did however rain all night here however 🤣 Perhaps they were right afterall, just wrong on the location? 😅 2024-08-13T20:28:16Z (#7lf75ba) Also, why isn't `shellcheck` being used here? It would have picked this (contrived) example up?

```
bar is referenced but not assigned. [SC2154]
``` 2024-08-13T20:28:50Z (#7lf75ba) I was/am right of course :D

```
In POSIX sh, [[ ]] is undefined. [SC3010]
``` 2024-08-13T20:29:28Z (#7lf75ba) Which once fixed, removing the extra `[` and `]` errors out with `shellcheck` as expected:

```
Invalid number for -eq. Use = to compare as string (or use $var to expand as a variable). [SC2170]
``` 2024-08-13T20:30:32Z (#7lf75ba) And errors out expectedly using `dash` or `ash`, very nice POSIX Sh compliant shells:

```
$ ./foo.sh
./foo.sh: line 5: [: bar: integer expression expected
```

So the lessons here are twofold:

- Always use `shellcheck` to check your shell code
- Never use Bash or rely on Bash(isms). Always prefer POSIX Sh 2024-08-13T21:28:14Z Dear OnlyDomains, part of Team Internet. Do you think you could stop being so incompetent when it comes to Domains, DNS and basic HTTP? I reported this to you on Friday, and you are still arguing with me over Support the legitimatecy of the claims? Seriously?! 😧

```
$ dig @1.1.1.1 +short onlydomains.com.au a
198.50.252.65

$ nc -vvv 198.50.252.65 443
nc: connectx to 198.50.252.65 port 443 (tcp) failed: Connection refused
```

#OnlyDomains 2024-08-13T23:51:55Z (#jqja6pa) @ Normally, in the days when I used to run Linux on the Desktop and used Apache once upon a time, the default configuration would mean files served out of your `public_html` directory in your home directory was the place where the web server looked for to serve files from. This would make something like http://localhost/~your_username work. But it's been a while since I've done any of this myself...`` 2024-08-13T23:53:14Z (#jqja6pa) I mean if you didn't really need PHP (_I suspect you do?_) you _could_ run any 'ol web server in the current directory where you have your site and just serve that straight up locally. 2024-08-14T00:11:10Z (#jqja6pa) @ If you'd like to try something new (_I know I know!_); I just modified your site's file a teeny weeny bit and got it working with [FrankenPHP](https://frankenphp.dev/) a nice little portable web server written in Go that "just works"™ that is able to handle and execute PHP for you and your site basically "just works"™ out of the box locally, run from any directory. ![](https://twtxt.net/media/WXpzWt9ygdnvAKgyeBPh73.png) 2024-08-14T00:18:37Z (#jqja6pa) In fact I recommend this really, it's just less "mucking around" and what we call "zero configuration". 2024-08-14T05:14:12Z (#6g6kyla) @ I don't get it? 🤔 2024-08-14T05:14:45Z (#onmhnua) @ Welcome back! Didn't notice 🤣 2024-08-14T05:15:08Z (#jqja6pa) @ Yeah it seems to be quite easy to operate actually 👌 Love the zero configuration! 2024-08-14T11:29:35Z (#oxbrzjq) @ Yes I feel your pain 🙄 2024-08-14T11:47:46Z (#cuihlra) @ Both. I use it locally. Its basically a linter. 2024-08-14T11:50:06Z (#anhcdsq) @ It's looks like it's basically all-in-one so yeah but simpler to use 👌 2024-08-14T11:53:45Z (#755ufoq) @ A tiny dot you say eh? 🤣 2024-08-14T11:58:38Z (#755ufoq) @ This is basically the problem. Even if you wanted to there generally isn't any state for feeds stored on behalf of the user, in other words, a read status.


> I don’t know how we will handle the resetting of it, after reading…

I thought about it a few times, but I've never really been able to figure out a way of coming up with a viable solution to that. 2024-08-14T12:00:21Z (#j3lnsvq) @ Ahh gotcha! That could be simple enough to work or maybe a different background for the card? 🤔 2024-08-14T12:00:35Z (#cuihlra) @ Yup! 2024-08-14T12:02:55Z (#b242aea) @ See I told y'all 🤣 AI is "artificial incompetence" 🤣 2024-08-14T22:31:13Z (#64ryrzq) @ Yeah this is why I haven't done it yet because I don't know how to build it 🤣 2024-08-15T02:46:36Z (#lk4sz6a) @ Cool! 🥳 2024-08-15T07:33:54Z (#c2xfdkq) @ Hmm Coal -> Heat -> Stream -> Generator -> Electricity -> Resistance -> Heat

You do have an interesting point there 🤔 Seems rather wasteful just to produce some heat 🔥 2024-08-15T21:52:34Z (#c2xfdkq) @ Haha 🤣 2024-08-15T22:00:17Z (#fvliuqa) @ Very cool! 👌 Makes me want to redo the `yarnd` UI using BeerCSS from scratch, but it's an awful lot of work 🙄 2024-08-16T02:36:19Z ~2 years later...

 ![](https://twtxt.net/media/3cba6dDwkFJxv6hNLLZpWd.png) 

Yeah I'm kind of glad they're better at Hardware too and not this (questionable) "social media" thing 🤣 #Mitre10 #Hardware #Social 2024-08-16T05:51:52Z (#6idcjra) @ That is pretty cool! 😎 Reminds me of something I also want to either find or build; a FUSE filesystem or a Go library that acts as a limited cache with maximum time-to-live on files written. Think, caching Youtube videos for [tubeproxy](https://git.mills.io/prologic/tubeproxy) but where storage is always capped at an upper bound. Older items get constantly deleted. 2024-08-16T14:10:58Z (#uozpsdq) @ I'm not really sure what you mean tbh? 🤔 How are buttons misaligned exactly? 2024-08-16T14:12:08Z (#ukk7vjq) @ wtf?! What is this? 🤔 2024-08-16T22:22:19Z (#4lrydfq) @ Personally I use this thing I built called [zs](https://zs.mills.io) 🤣 2024-08-16T22:24:18Z (#ij2x73a) @ Those look like encoding errors. You've likely used characters not supported by the encoding of the document. Easily fixed! 2024-08-16T22:28:21Z (#uozpsdq) @ LOL looks bloody centered to me 🤣 How many pixels off are we talking? 😅 2024-08-16T22:28:48Z (#6idcjra) @ True 2024-08-16T22:29:36Z (#ukk7vjq) All I see is random white noise? Hmmm 🤔 2024-08-17T02:24:07Z (#vauj4tq) @ Or maybe because I block Youtube? 2024-08-17T02:24:50Z (#uozpsdq) @ I'll see if I can start a discussion upstream. 2024-08-17T02:52:42Z My daughter won her first match!!! 🥳 2024-08-17T06:19:05Z (#vjwsqra) @ Yup! 2024-08-17T06:21:16Z (#yhu7nja) @ Oh geez that sounds like an awful phone 🤣 2024-08-17T06:47:20Z (#yhu7nja) @ At least with an iPhone I'm not forced to use anything like Google, Facebook, or TikTok. None of those "things" are ever pre-installed, hidden or otherwise. 2024-08-17T07:36:05Z (#yhu7nja) @ yeah I'm pretty confident in what my iPhone and other Apple devices (Macbook, Mac Studio, iMacs, etc) do and don't do in regards to talking back to Apple over the Internet. I mean, I do DNS filtering at my home network and most of the time I ensure my phone is connected to my VPN so that all DNS traverse through my own network and filters,

Obviously I can't guarantee that it's not making its own DNS requests and sneaking through my filters, I could go and check at my router level, but I'm fairly confident it probably isn't. 2024-08-17T07:40:06Z (#yhu7nja) Last ~24 hours of DNS Requests: ![](https://twtxt.net/media/Y2kgRoNYHujeJLDEafwvvL.png) 2024-08-17T07:41:07Z (#yhu7nja) Some of those `*.apple.com` DNS requests look legit and valid, like itunes (_the App Store_) and push notifications. Need to investigate what some of the other ones are. There are _some_ Apple domains I already block as well that I've figured out over the years. 2024-08-17T07:41:55Z (#yhu7nja) It also helps a lot to a) ensure you turn off all things "iCloud" when you setup your device and b) teach your wife and children the benefits of doing the same and risks of not ensuring you do a) and c) ensuring that you keep doing a & b 🤣 2024-08-17T08:00:35Z Does anyone know what the differences between HTTP/1.1 HTTP/2 and HTTP/3 are? 🤔 2024-08-17T11:31:41Z (#stbebia) @ Cool! 👌 2024-08-18T03:00:24Z (#rjnysia) @ That's my basic understanding too after doing the research.

Do you think yhere'd be any noticeable tangible benefits observed for self hosting? 🤔 2024-08-18T03:37:58Z (#rjnysia) @ Yeah I can see QUIC being a bit "snappier" especially on mobile networks. 2024-08-18T03:47:17Z (#mmpclha) @ Wow! 😱 That's nuts! How did they take over the account? Password leak and no multi factor auth? 2024-08-18T04:06:50Z (#rjnysia) @ That's a 404 🤣 -- Also wouldn't my ingress into my cluster (Traefik) have to support HTTP/3 (QUIC) too? 🤔 How does this even work in practice hmmm🤔 2024-08-18T07:30:36Z (#lcar2mq) @ Haha! 🤣 Teasing the original post makes me realize the true meaning of the word "confluence" 🤣 2024-08-18T13:41:59Z (#2zzqq5q) @ That is super weird 🤔 I don't get what's going on either? 🤔 2024-08-18T13:47:13Z (#2zzqq5q) > Then I realized there's more than one version of "BMP"

🤣 2024-08-18T21:33:54Z (#tjspb2a) @ Off interstate on a work trip at the moment and just got up and it's like 7C 🥶 2024-08-19T16:42:43Z (#cftbyia) @ Yes, why? 🤔 2024-08-19T16:45:54Z (#mmpclha) @ it's always interesting to hear how these things happen. 2024-08-19T21:43:59Z (#sr2ei2a) @ Is the other yarn.mills.io? 2024-08-19T22:20:36Z (#k6d4qhq) Gotta keep up to date 🤣 2024-08-19T22:22:51Z (#cftbyia) @ define hammering? 2024-08-19T23:43:13Z (#cftbyia) @ I've blocked it from this pod for now 🤞Not sure which users are still trying to fetch the non-existent feeds sorry! 2024-08-20T00:45:06Z (#cftbyia) @ Unfoetunately that isn't actually true as it depend on the ingress architecture and networking. 2024-08-20T22:16:35Z (#qdrxwna) @ Getting hot eh? 🥵 2024-08-20T22:17:09Z (#y5jwufq) @ Good goal! 👌 2024-08-20T23:32:45Z (#y7trn4a) @ errors are already reported to users, but they're only visible in the following list. 2024-08-20T23:35:18Z (#w3gfciq) @ Currently internally feeds are marked as "dead" for some known statuses. But yes nothing is automatically done (yet). 2024-08-20T23:36:42Z (#kykleha) @ Hmm let's add it to the switch that marks feeds as "dead" 🙏 2024-08-20T23:51:28Z (#vciyu3q) Haha! 2024-08-21T07:11:14Z (#zvivuba) @ oh oh! There goes the Australian economy 🤣 2024-08-22T02:28:51Z (#fm5kswa) @ If you look at your Following list `yarnd` is continually improving the tools and data available to you especially regarding feed acailabiliry and maybe this helps you manage who/what you follow? 🤔 -- I've certainly found it immediately useful! 2024-08-22T02:30:43Z (#gug36tq) @ It certainly looks like a reasonable approach to me so far 👌 2024-08-22T02:32:58Z (#wibyk4a) @ Hah! 😅 Totally didn't see this coming 🤣 AI and LLM(s) as a "service" posing new security and privacy threats? 🙄 2024-08-22T02:35:31Z (#ueetfya) @ This is why `yarnd` has never implement automatic un-following for this very reason. It's hard (likely impossible) to get 100% right. 2024-08-22T02:37:36Z (#roimzfq) @ Same here! His server is notoriously unreliable but I know he is somewhat active on Twtxt 😅 2024-08-22T02:41:00Z (#tkjafka) @ Hah! Remind me to talk to you about how `yarnd` peers with each pod in its own network to do exactly that. Maybe we could open up the protocol and you could potentially pee with other pods? 2024-08-22T02:42:00Z (#bdvzcuq) @ What drug is that? 2024-08-22T02:46:43Z (#m3z4pjq) @ To be fair I think this needs to evolve anyway. Authoring new "personas" isn't really that wildly used beyond the admin of a pod and even that's really just me 🤣 2024-08-22T10:48:38Z (#fm5kswa) @ No no, I get it. It's just not as simple as _any_ particular solution. Right now I don't even know what the feed's full URI was nor who on this pod (_if at all_) still follows it? I'll bet it's an inactive user right? Gimme the full URI was it was and I'll have a poke at the DB? 🤔 2024-08-22T10:51:09Z (#fm5kswa) I took a guess based on my shell history 🤣

```
prologic@JamessMacStudio
Thu Aug 22 20:50:32
~/Projects/yarnsocial/yarn
 (main) 0
$ ./tools/who_follows.sh 'https://arrakis.netbros.com/user/pedantic/twtxt.txt'
"darch follows https://arrakis.netbros.com/user/pedantic/twtxt.txt and was last seen 625 days ago"
``` 2024-08-22T10:53:11Z (#fm5kswa) @ Btw, as you know, one thing the `yarnd` client has always lacked is some kind of "in-app" notification of sorts. Something to inform the user, "hey, you know what feed you follow, it's looking like it's kind of dead, maybe consider unfollowing it!" 🤣 2024-08-22T11:33:51Z (#dee76ua) @ Hmm I _think_ you've uncovered a bug (_or interesting side effect_) of the crawler in `yarns` (_the search engine_) 😢 2024-08-22T11:43:41Z (#dee76ua) @ Hah! 🤣 Please remind me to try to fix this. Just been looking at the code, nothing is "quick", except to add your domain to an internal blacklist, recompile and redeploy (_uggh_) 2024-08-22T11:57:05Z (#hww2rla) @ Yup! But you should not be seeing any requests from this pod, only the search engine ;'(until I fix it) 😅 2024-08-23T00:49:39Z (#m3z4pjq) @ Yes 🤣 2024-08-23T00:54:04Z (#tkjafka) @ @ You actually only really want the missing root Twt. You could just fetch this from any Yarn pod. There are scripts I built way back when yo do this 😅 2024-08-23T00:56:40Z (#hww2rla) @ No the domain is black listed from this pod at the moment. 2024-08-23T01:01:36Z (#4tlu33q) @ Haha that's what u do 🤣 Can't stand going to see doctors 🙄 (Sorry, I mean GPs) 2024-08-23T02:26:07Z (#gv4zlsa) @ do you think we need to think about any new kind of visualization for these large yarn threads? 🤔 2024-08-23T07:19:19Z (#sxzzrgq) @ Nope. What is it? Why do I want to use it? 🤔 2024-08-23T11:14:21Z (#ox6zjzq) @ That screenshot you posted doesn't load for me? Error 1011? ![](https://twtxt.net/media/5VuUMwWjMqRRUudfHB3ZYU.png) 2024-08-23T11:15:13Z (#kuypemq) @ Oh! 🤔 That's really weird. Why does that error like that? 🤔 2024-08-23T11:58:37Z (#kuypemq) @ What does "hotlinking" even mean? What feature and web server has this? I've never heard of this before till now 😅 2024-08-23T12:02:35Z I just realized, this is the last Saturday of the month. So Yarn.social meetup is up again tomorrow. Same time as last time if anyone is interested/around to join and hang out! 2024-08-23T12:22:31Z (#kuypemq) @ Ahh I see! Interesting 🧐 Would you prefer that clients like `yarnd` prefetch resources liks this, cache them and serve the cached copy? 🤔 2024-08-23T12:46:45Z (#kuypemq) @ Ahh cool! Thank you 🙏 FWIW `yarnd` has a built-in feature similar to this too where an operator (_what we call a poderator_) has to "whitelist" domains that _may_ serve images before it'll render them inline at all (_to prevent abuse_). 2024-08-23T12:47:18Z (#wgcvsxa) @ Would there be any standard way of indicate this behavior at all that you're aware of? Any special way of linking the image? Or something? Hmmm 🧐 2024-08-23T13:19:15Z (#wgcvsxa) @ Me neither. I did a bit of research but couldn't find anything. So if we created something, it'd have to be our own thing I think. 2024-08-23T13:20:08Z (#wgcvsxa) I fully support "small scale" and "slow" here. I think if you're going to be successful at "self hosting" that's kind of the design and architecture you need to go for IMO. 2024-08-23T18:16:05Z (#sxzzrgq) But why? 2024-08-23T21:04:20Z (#umyyr2a) @ Good question! XFCE us a better choice IMO 2024-08-24T01:09:24Z (#pxnl3lq) @ I had to nuke the search engine's database last night due to a bug in a dependency that got fixed, but left me with a corrupted index :/ 2024-08-24T01:12:08Z (#ovehw2q) @ ABV, IBU and EBC? 🤔 2024-08-24T01:18:36Z ⏰ for our monthly Yarn.social Online Meetup! 🤞

----

- **Event:** Yarn.social Online Meetup
- **When:** 24th August 2024 at 12:00pm UTC (_midday_)
- **Where:** https://meet.mills.io/call/Yarn.social
- **Cadence:** 4th Saturday of every Month

- **Agenda:**

> Anything we want to talk about. Twtxt, Yarn, self hosting, cool stuff you’ve been working on. chit-chat, whatever 😅

#Yarn.social #Meetup 2024-08-24T01:46:51Z (#tkjafka) @ Yeah this is a good idea. Opening up the little tiny API that `yarnd` has for "peering" between pods for this reason. It's quite simple really and its _actually_ open publicly, so you can just use the scripts I wrote.

One thing to bare in mind is that Twtxt (_the original spec_) is largely dead, this included the registry. The registry in practise was never really widely used, and suffers from "centralization" -- Which registry do you use? Its for this reason we built a search engine/crawler to help with searching and discovery. Anyway I digress... LMK if you want to go down this path, happy to document it beyond the scripts I wrote. 2024-08-24T13:38:52Z (#7s3jhtq) @ I'm here ! 😅 It's an open window sof ~4 hours, so plenty of time to jump on 🤣 2024-08-24T13:40:33Z (#i4c6ciq) @ I'm mostly talking about [compare twt chain](https://git.mills.io/yarnsocial/yarn/src/branch/main/tools/compare_twt_chains.sh) 2024-08-24T13:45:19Z (#cladbla) @ This is gone though right? 🤔 2024-08-24T15:17:57Z @ Come join me! https://meet.mills.io/call/Yarn.social 2024-08-24T15:35:59Z (#lxacxcq) @ This is fair 😅 Most development with Twtxt / Yarn.socail continues to be "asynchronous" and "slow" in nature 🤣 -- regardless of whether we see you on IRC or not 😅 2024-08-24T15:47:00Z (#r76wbfq) @ All good! 😊 I totally get it 😅 2024-08-25T02:08:59Z (#lay3fja) @ Please do! 😅 2024-08-25T02:23:04Z (#r6rbinq) @ Oh! Wow! 😮 Does anyone know or have any insight as to the arrest of the Telegram CEO (Pavel Durov)? 🤔 #Telegram 2024-08-25T06:03:37Z (#fgthxaq) @ Yeah, they should rotate though, but yes. 2024-08-25T06:08:22Z (#i4c6ciq) @ It's all in this single [Converge()](https://git.mills.io/yarnsocial/yarn/src/commit/4f8a3570cf93dd02d1a4652131a6ac4f3ac22884/internal/cache.go#L1403-L1456) method. Let me see if I can decipher and document wtf is going on here... 2024-08-25T07:24:20Z My 9yr old daughter just made her Git commit today, her first website, setup two-factor authentication and used several credentials (_which I helped her with_) 🤣 -- next lessons: password hygiene/management. 2024-08-25T08:20:33Z (#jfqrjga) @ I certainly am 🤣 I wonder whether she is one of the yontest? 🤔 2024-08-25T08:23:24Z (#fgthxaq) This ☝️ 2024-08-25T08:24:18Z (#p3catra) @ Definately! Next time I'll make sure I announce it a few days in advance. 🙄😅 2024-08-26T05:59:06Z (#ai46x7q) @ it looks like it would kill you. 😅 2024-08-26T05:59:38Z (#x3za76a) @ good morning! Are you wake up that early?! 🤣 2024-08-26T06:00:55Z (#34mpbda) @ we really must invest more time and effort into salty im 🤣 2024-08-26T06:04:46Z (#krlhs5a) @ Hmmm I'll have a look at this today, hopefully. 🤞 Thanks for bringing this up! 🙇‍♂️ 2024-08-26T06:05:28Z (#7xpso7q) @ Yup! 👌 2024-08-26T07:15:47Z (#krlhs5a) @ I've fixed this and pushed a commit to `main`. Will test it on my pod and see how it goes. Basically reporting an error if the feed isn't in the cache and you're unauthenticated (anonymous). 2024-08-26T07:35:01Z (#krlhs5a) Now responds with an error page; but still a `200 OK` which I'm not entirely sure I agree with or am happy with? Hmm ![](https://twtxt.net/media/opFY8r7oPiunhHQMmVE7AE.png) ![](https://twtxt.net/media/hcXBET3et9Z3kZVnGXGpeN.png) 2024-08-26T12:16:36Z (#krlhs5a) I've pushed a slightly improved version of this that will return a HTTP 404 Not Found if the UserAgent is determined to **NOT** be a Browser. 2024-08-26T13:49:08Z (#krlhs5a) @ The problem with this is we just don't know until we try. That's why if the external feed you're looking for isn't found in the cache, it'll try to fetch it in the background. It's a bit of a sucky UX really, but its better than the experience of "waiting, waiting waiting and then timeout". 2024-08-26T13:50:03Z (#krlhs5a) I'm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you're logged in and happen to click on someone's profile that is external to the pod or b) you're anonymous and just clicking through the frontpage (see a) 2024-08-26T15:17:29Z (#krlhs5a) @ Thanks! 😅 2024-08-27T00:16:35Z (#dkjl5pq) @ thank you! 🙇‍♂️ 2024-08-27T00:21:11Z (#ufcopjq) @ It is if he's turned off open profiles 👌 2024-08-27T00:22:57Z (#krlhs5a) @ It's good enough IMO 🤞 2024-08-27T01:03:50Z (#luis3yq) @ to be fair the settings that you can change in the user interface are persisted to the settings YAML file and yes override any environmental command online options. This is always made sense to me because there are subset of settings that can be changed dynamically at runtime without requiring any restart. 2024-08-27T03:24:10Z Wow! My god spammers really try hard song they? 🤣 Geez 🤦‍♂️ ![](https://twtxt.net/media/Ppo72nz8NUJLKFkawxMJF9.png) Do we need to make the captcha harder? 🙄 2024-08-27T03:27:01Z (#uhievva) Like why does spammers even bother?! Don't they realize how fucking futile and useless it is to be abuse something like a support form? I mean clearly nothing is going to come of this, except it's going to be clearly ignored and toss in the bin. 🤣 2024-08-27T07:23:04Z (#r6wlkhq) @ OMG! 😦 What da hell is going on here?! I used to have a friend that came from North Carolina, this is terrible (attacking power grids) 🤬 wtf are these people smoking?! 🚬 2024-08-27T12:36:16Z (#uhievva) This happens again today. This is twice just today alone. Hmm I'm reconsidering this feature entirely, rarely used and if it's just going to be abused by spammer, I don't see the value in it. I'm certainly not going to try to build some kind of "anti-spam" filters or anything, sounds cool, I'd learn a lot, but smells of effort and time I simply don't have 😢 #spam #sucks 2024-08-27T14:04:10Z (#uhievva) Support (_and thus abuse reports_) are now disabled on this pod. There's now a new setting in Settings -> Poderator Settings called "Disable Support". 2024-08-27T14:28:13Z (#krlhs5a) @ This is already in place. It will error, return `404 Feed Not Found` for non-browsers and external feeds are **never** fetched (_unless you are an authenticated/valid user of the pod_) -- I patched that hole a while ago, because I already picked up it was being abused by bots 🤖 2024-08-27T14:33:58Z (#uhievva) @ Did they win though? Did they?! 🤣 2024-08-27T15:43:06Z (#krlhs5a) @ Blah my cache was poisoned 🤦‍♂️ it's fine now! And this is no monger possible to do now. 2024-08-27T15:45:36Z (#krlhs5a) @ Bo worries! If you curl it too it'll return a proper 494 👌 Should make bots go away 🤞 2024-08-27T15:53:50Z (#krlhs5a) It appears to be working to 👌 ![](https://twtxt.net/media/cEgKx6J2JaUm38x8EyUAna.png) silly bots 🙄 2024-08-27T15:59:16Z (#krlhs5a) Hmmm 2024-08-27T16:02:55Z (#krlhs5a) @ You don't actually appear to be running that sha hmmm? 🤔 ![](https://twtxt.net/media/VmMXq2dQNmCXDv7xBTVKud.png) ![](https://twtxt.net/media/F7Gp7Yas34M6jgt9aCBsJL.png) 2024-08-27T16:07:30Z (#krlhs5a) @ Hmmm weird 🤔 2024-08-27T16:09:14Z (#krlhs5a) How did you nuke your cache? 2024-08-27T16:10:56Z (#krlhs5a) @ nuke the cache file before starring 2024-08-27T16:11:31Z (#krlhs5a) But this is super weird, should behave the same as my pod 🤦‍♂️ 2024-08-27T21:47:21Z (#gd2pgsa) @ No worries! 😅 2024-08-27T22:02:39Z (#4hqmipq) Yeah I was afraid of this. Technically can still be abused by "logged in" users. Hmmm

So we really not trust ourselves? 🤣🙄 2024-08-27T22:07:37Z (#nptdbba) @ I mean it's only suppose to do one thing really. What are you thinking here? 2024-08-27T22:52:22Z (#nkku33a) @ Not possible 🤣 2024-08-27T22:52:46Z (#h2iwdiq) Yeah okay. 2024-08-27T22:53:56Z Time for work™, But I quickly hacked together a bit of a better solution here. Rolling it out to my pod so we'll see how it _actually_ goes. Still possible to abuse if you're a logged in user, etc, but at least now we delete the invalid/bad feed afterwards if it a) was not even a `text//plain` content-type or b) it errored out and was a new fetch of a HTTP feed. 2024-08-28T00:53:35Z (#h2iwdiq) @ `https://google.com` has been removed from the cache (_without nuking the entire cache_) @ if you need to selectively do this for some reason, there's a script in the `tools` directory for this:

```
$ ./tools/cache_delete_feed.sh 'https://google.com'
```

Anyway, that's gone. This is much much harder to exploit now, even if you're an authenticated user. 2024-08-28T01:17:30Z (#h2iwdiq) Hmm I see this in the cache again 🤦‍♂️ Not sure how tbh -- Job for me later. 2024-08-28T11:09:23Z (#fiz6iqa) @ Yeah but I found another bug and just squished that. CD pipeline is gonna roll this pod soon™ -- Basically wasn't handling feeds that redirect properly. e.g: https://google.com => https://www.google.com (_though it's not a feed 🤣_) 2024-08-28T11:25:30Z (#fiz6iqa) Now that's rolling out, I _think_ that's it. The only final way I can improve that `/external` endpoint/view is to refactor how it works a bit and add some HTMX magic™ so it has a nice snappy UX to it as it dynamically tries to validate the feed and provide useful feedback to the user, that way I can avoid injecting it into the cache unnecessarily in the first place! 2024-08-28T11:31:02Z @ appreciate it if you find the time to update again 🙏 2024-08-28T19:54:04Z (#t4e5uva) Yeah I wonder too 🤔 2024-08-28T19:57:58Z @ Hey! 👋 2024-08-28T20:05:58Z (#vowtikq) @ No this correctly now responds with:

```
$ curl 'https://twtxt.net/external?uri=https://google.com&nick=lovetocode999'
Feed Not Found
```

After nuking that from my cache. I forgot to nuke my own cache myself because it's quite destructive and takes a few mins to rebuild on my pod 🤣 There's a tool in `tools` for deleting a specific feed from the cache that I've been using. 2024-08-28T20:40:36Z It's a really good time to invest in nVIDIA shares 🤣 2024-08-29T01:40:11Z (#vowtikq) @ Precisely 😅 2024-08-29T01:40:35Z (#vowtikq) That was the only real way I could fix this for the time being without re-factoring the whole UI for the endpoint/page. 2024-08-29T23:25:11Z (#rangvqa) @ Bahahahaha 🤣 2024-08-30T03:49:17Z Uggh it's 33C right now and 60% humidity 🥵 2024-08-30T11:50:02Z (#6n7e3ia) @ Yeah just in spring right now and it's already disgustingly hot 🥵 2024-08-30T12:55:26Z (#6n7e3ia) @ Yeah we're about 3,054.26km from the equator but clearly that's not far enough 🤣 2024-08-30T23:01:46Z (#ensbjgq) @ This is so true! Grandpa used to say this all the time too. Especially about tomatoes 🤣 2024-08-30T23:05:44Z (#h3u2mja) @ probably not with the OpenSSH tools themselves but perhaps with the OpenSSL tools using the same key. 2024-08-31T00:47:47Z (#jjzucsq) @ IMO the problem isn't "Apple"™ the company, per se, it's the complexity and size of the organization. It's large, it's complex, you will have large sets of "people" that follow the "rules" as written without any leeway whatsoever or ability to apply "intent". 2024-08-31T04:18:01Z (#jjzucsq) @ That's also likely 😅 2024-08-31T22:02:11Z (#xbutala) @ Poor little guy 😢 Also eww I hate snakes 🤣 I have a bit of a phobia 😅 2024-08-31T22:08:04Z (#l7jl74q) @ Where was this found? 🤔 What a treasure trove 😅 #Windows #sucks 2024-08-31T22:10:10Z (#usxmrtq) @ No need to apologize! 😌 Yarn / Twtzt is designed to be slow on purpose 🤣 2024-08-31T22:16:10Z Anyone had any intereractions with @ yet? Or are they using a client that doesn't know how to detect clients following them properly? Hmmm 🧐 2024-09-01T00:31:01Z (#ov7b7mq) @ Correct me if I'm wrong, but isn't the EU forcing Apple to support side-loading Apps now on iOS devices? 🤔 2024-09-01T01:54:26Z (#ov7b7mq) @ Well yeah this is true, but as @ and I point out, there are reasons for why this happens at times 🤣 Some of those reasons are not "purposefully malicious" I don't think 🤔 2024-09-01T04:37:09Z (#l7jl74q) @ Hmm wow! 😱 2024-09-01T04:44:43Z (#yqke7sq) @ Yeah okay I didn't notice that 🤦‍♂️ Kind of makes me wonder whether we should do something for the Gopher and Gemini folk here? 🤔 2024-09-01T04:48:53Z (#o7w5rbq) @ thing I am too (happy) that is. If I ever wanted to side load an app I could with my Developer account easily! 2024-09-01T07:33:03Z (#yqke7sq) @ I'm thinking of something like an optional metadata key that could be used as a general motivation endpoint? 2024-09-01T07:33:41Z (#yqke7sq) Similarly an optional subscription endpoint so we can optionally avoid having to pull feeds. 2024-09-01T08:16:28Z (#yqke7sq) @ Something like that, yeah 🤔 2024-09-01T08:18:05Z (#yqke7sq) For HTTP WebSub is a good simple option here and there is this free inline WebSub hub anyone can use. 2024-09-01T08:49:34Z (#iai5vqa) @ Sad, the [search engine](https://search.twtxt.net/search?q=conv:%23n252jtq&s=created&s=_id) doesn't have the full conversation 😢 I _think_ I need to teach `yarns` how to crawl and index archived feeds 🤔 2024-09-01T08:53:02Z (#yqke7sq) @ Yeah your original idea of precent encoding some information about the new follower is probably what we need to think about more. I _think_ it'll also work for Gopher/Gemini folk too right? So essentially new metadata key (_optional_) with some spec for encoding information about the new follower if either a) You don't implement the User-Agent part of the spec or extensions or b)You use a protocol that makes this impossible. 2024-09-01T13:18:18Z (#dikni6q) Good points 🙇‍♂️ 2024-09-02T00:13:50Z (#yvik7dq) @ Hah! 🤣 2024-09-03T00:35:21Z (#4htq7la) @ Good morning! 🥱 2024-09-03T02:34:54Z (#4htq7la) @ Haha 🤣 2024-09-03T02:35:29Z (#2bzyquq) @ I have not hmmm 🤔 2024-09-03T02:36:43Z (#2bzyquq) wut da fuq is this?! 🤣 2024-09-03T02:56:26Z (#jjt7hea) @ AI not living up to its hype?! Shock! Horror! 😱🤣 #AI 2024-09-03T12:01:07Z (#2bzyquq) @ Ita disgusting 🤮 I can't read shit 🤣 2024-09-03T12:35:00Z (#2bzyquq) @ That's just it, "pixelated" fonts are rubbish! 🤣 Imagine being blind for a moment, how well do you think you could read any of the text? 😅 I can't even read it zoomed in! LOL 😝 2024-09-03T12:35:35Z (#2bzyquq) Fonts for me have to be crisp, sharp, without any crooked edges or boxed shapes. It has to be crisp and sharp at all zoom levels! 2024-09-03T12:36:15Z (#2bzyquq) As a reminder, this is how zoomed in I normally am to read anything at all, Try doing this on the website 🤣 ![](https://twtxt.net/media/vWnDLg6oFnFhgtbdv9qbT9.png) 2024-09-03T13:16:01Z (#2hps4lq) @ Yeah that's for sure 👍 I use the Monaco font normally. Been using that for a few years now. 2024-09-03T13:29:20Z [Introduction to JuiceFS | JuiceFS Document Center](https://juicefs.com/docs/community/introduction/) -- Thinking about using JuiceFS to solve a long-running problem I've always had.

- Be able to run services on _any_ node in my cluster and let Docker Swarm pick whatever node it likes (_instead of now where I have to pin some workloads to specific nodes, as that's where their local storage volume is_)
- Manage the scalability of data and growth over time instead of what I do now which is to extend EXT4 filesystems on my Docker Swarm nodes every few years. 2024-09-03T21:54:53Z (#bc2qe4q) @ All totally makes sense actuallly 🤣 2024-09-03T22:12:35Z (#mp6ox4a) @ Interestinf 🤔 Thanks for supporting the work we've done too! Happy to hear improvement suggestions too 👌 2024-09-03T22:20:56Z (#st3wsda) @ Very interesting! 🤔What makes this "offline" first though? 🤔 2024-09-03T23:16:02Z (#bjgavba) @ Hang on a minute!!! 😱

> This rapid growth led some users to encounter the occasional error that would state there were 'Not Enough Resources' to handle requests, as Bluesky engineers scrambled to keep the servers stable under the influx of new sign-ups," 

I thought BlueSky was supposed to be a decentralized social metwork?! 🤦‍♂️ 2024-09-04T01:58:15Z (#bjgavba) @ Yes yes but this is exactly my point! We again have a social network claiming to be "decentralized" only to have " top heavy" instances 🤣 -- Mastodon is the same too 😅 2024-09-04T02:00:11Z (#bjgavba) Is it really that fucking hard to use decentralized, Self-Hosted tech? 🤔 Or do people just not know how? 😢 2024-09-04T11:39:02Z (#5wxzuoa) @ Hehe this is soo true 🤣 And I hate it 😅 2024-09-04T13:06:12Z (#fwgehva) Wow! 😮 That's huge! 2024-09-05T00:54:36Z (#i4fjcia) @ Why is it so hard so you think? 🤔 What's missing to make this an easy choice for folks? 🤔 2024-09-05T01:00:16Z (#m2rq7ma) @ I usually follow anyone and anything, then I unfollow when they turn out to be either not interesting or otherwise 🤣 2024-09-05T01:01:11Z (#kya5oaq) @ Yes sir! 👌 2024-09-05T01:08:51Z (#tkjafka) @ So yes, you would ask a pod about the missing Twt by hash, or whatever. Pods do this already, even though there aren't that many now, so it maybe a bit less effective today. However it's more of a small/tiny "distributed" protocol, you ask _any_ pod.

On registries however, I think a registry is the wrong approach. I see far greater value in feed crawlers and search engines like the (_half baked one_) I built over at https://search.twtxt.net/ 2024-09-05T01:35:01Z (#tkjafka) @ to my knowledge registries were never designed to crawl the Twtxt space. If they did, they would be considered a search engine 🤣 2024-09-05T02:42:30Z (#tkjafka) @ I _think_ I'm missing something in my description. When I say "search engine" I also mean "with a crawler" that is able to self-discover feeds. A registry (_as designed today, or as the spec described_) required users to add their feeds to one or more registries, putting the burden on the user(s). I for example do not bother adding my feed to a registry (_which one would I add it to anyway?_) 2024-09-05T02:43:35Z (#hlnw5ha) @ Jenny hasn't changed the way it computes hashes has it? (`yarnd` certainly hasn't). 2024-09-05T02:44:16Z (#zpdcdla) @ You are however right that registries always had a "search" capability, amost others. 2024-09-05T03:50:12Z (#hlnw5ha) @ I've sort of lost the plot here a bit 🤦‍♂️ What's the problem we're trying to figure out? 🤔 2024-09-05T08:50:06Z (#hlnw5ha) @ Ahh but this is solved now with the new single shot fetch? 2024-09-05T10:52:28Z (#tkjafka) @ You are totally right. The specs are at least "open enough" for us to consider that as an implementation detail. We, and by we I mean @ @ @ @ and others should discuss this in more detail I believe and try to see if we can agree on what we're trying to solve.

> Does yarnd provide an API for finding twts? Is it similar?

No, it doesn't. But `yarns` (_the search engine/crawler wrote_) seems more fitting here. It's been discussed before, the possibility of building a "Twtxt Register v1" compatible API for `yarns`. I _think_ a search engine + crawler + registry (_especially ones that can form a bit of a "distributed network_) are far more useful I _think_ in order to support the _actual_ decentralised Twtxt / Yarn ecosystem (_which is how I prefer to describe it_). 2024-09-05T18:22:53Z (#7cka4ka) @ Do you recall what you were clicking through? 🤦‍♂️ 2024-09-05T18:24:22Z (#hlnw5ha) @ This ☝️ 2024-09-05T18:30:09Z (#6mdqxrq) I see 🤔 Thanks! 2024-09-05T18:30:36Z (#7cka4ka) @ Thanks! 🙇‍♂️ 2024-09-05T18:33:07Z (#bvvcusa) @ Uggh 🥵 That sounds awful and reminds me of our very odd little 3-day heat wave we had last week 😱 2024-09-05T18:34:45Z (#hlnw5ha) @ Yes hit a Twt permalink URI and ask for application/ json 2024-09-05T18:37:49Z (#mfag6sq) @ Haha I aggressively unfollow feds that are like this now 🤣 2024-09-06T02:01:29Z (#csjjd7q) @ I was in bed 🤣 2024-09-06T11:39:35Z (#zamq7qa) @ That sucks 😢 Sorry to hear you didn't sleep well 😴 2024-09-06T11:59:27Z (#hgkqmjq) Interesting 🤔 2024-09-06T21:11:10Z (#bvvcusa) @ Thankfully it's quite cool here so far 👌 2024-09-06T21:18:46Z (#sjcf2jq) @ No you're not the only one. I do this too, I often think about a problem in my head, even imagine the code, sometimes for weeks, hell even months, before I even write a line of code 🧑‍💻 2024-09-06T21:21:12Z (#7q4lzdq) @ Can we please stop this whole "Back to the Office" garbage nonsense?! 😱 If a job **does not** require the physical presence of a person(s) to perform their role, or they are not "customer facing" or in a job that's required to "serve the public", let's just stop this utter nonsense. As much as I want my shares in Cromwell to go up, I really don't care. Let the corporate office buildings burn to the ground for all I care, turn them into cheap housing estates or apartments. Why we ever thought centralizing in once place to live and work is beyond me 🤦‍♂️ 2024-09-06T21:22:24Z (#7q4lzdq) it might have made sense in the days of hose and buggy and smoke signals to centralise everything, but these days we have a globalized interconnected society with fast transport and communications. There is no reason for this model anymore 🤣 2024-09-06T21:25:40Z (#hzbzoja) @ cheers 🍻 2024-09-06T21:59:19Z (#d5ffn2a) @ I can only see a mass exodus of uses fleeing telegram as the service becomes less secure or less privacy focused and basically more shit. 2024-09-07T03:27:25Z Swa this pop up in my Github news feed today 🤔 ![](https://twtxt.net/media/B8SHnDtgaL3YAxjQywWN7P.png) Which links to https://github.com/musingstudio/go-subclub

> A Go (golang) library for interacting with the [sub.club](https://sub.club/) API.

So I got curious and had a peek 👀 

> Let's fund the Fediverse
>> Posting or hosting on the open social networks no longer means you have to do it for free. Developer Preview now available.

And further down:

> Monetize your feeds
>> If you post quality content and you've developed a loyal audience, you should be able to ask your most passionate followers to support you with a premium subscription.
>> 
>> That's a promise not available on the Fediverse ...until now.

Hmmm 🤔 2024-09-07T03:27:43Z (#xhi57fq) What do we think about this? 😅 2024-09-07T03:28:00Z (#xhi57fq) I'll share my opinion on this later 🤣 2024-09-07T07:21:23Z Spent the day performing backups (_hadn't done it in a while 😱_) and wrote a full backup definition internal document that defines my backup process, scope, security, frequency, backup locations, capacity and backup and restoration procedures. Very happy with the doc and the updated (_now fully documented_) plan and scheduled backup frequency (_once per month, which I'll put into my calendar as it's done by hand for now, with tools_). So far backing up ~410GB out of a possible ~12.8TB worth of data in two locations -- I deliberately don't backup everything as much of the data can be re-created (_music, videos, tv shows, etc_). #Backups #Data 2024-09-07T07:21:52Z (#jnifadq) Offline backups currently cost me around ~$2.00 AUD per month. 2024-09-07T07:22:37Z (#kjxvnqq) @ da hell are you replying to?! 🤣 2024-09-07T07:23:07Z (#o53ve2q) @ da fuq?! same here, what did you just reply to?! 🤔 2024-09-07T07:23:41Z (#xhi57fq) @ Please for the love of god, elaborate 😅 2024-09-07T08:07:59Z @ Did you recently change the `url` metdata key of your feed?

```
# url = https://sunshinegardens.org/~xj9/twtxt/tw.txt
```

Was this at one point `# url = https://sunshinegardens.org/users/xj9/twtxt/tw.txt`? 2024-09-07T09:46:27Z (#bawn2ca) @ Sorry but what's a partial hash exactly? 🤔 2024-09-07T11:11:22Z (#eprprha) @ Did you check your pocket? 🤣 2024-09-07T11:13:47Z (#bawn2ca) To be honest, I don't really see "editing" as a problem. I see that as a natural behavior of "forking" in the first place, that just forms a. new sub-tree. What's _really_ problematic here is when a feed author changes the "identity" of their feed and changes the `# url = ` metadata field, which is what I _believe_ @ has just done, though I'm not 100% certain, I'm like 98% sure haha 😝 2024-09-07T11:17:13Z (#bawn2ca) For supporting edits, I was thinking more along the lines of: If a client edits a Twt already published, it _should_ put the hash of the previous Twt. Something like:

```
2024-09-05T13:37:40+00:00 (edit:mp6ox4a) Hello world!
``` 2024-09-07T11:21:06Z (#bawn2ca) After unfollowing and refollowing on the new feed URL, I'm now 100% certain this is what happened for @ 🤣 The _real_ problem is really this:

> How do we identify a feed?

It cannot be the URL, because the author _could_ change where they serve it from. This was as "good" as we could get it, but time and time again this has proven to be problematic for, well, a few folks that change their mind, which frankly should be allowed 😅 2024-09-07T13:08:16Z (#abm363a) @ A Fred changed its url metadata field 🤣 2024-09-07T14:28:03Z (#jcjmqkq) Agreed 2024-09-07T20:49:23Z (#bhoqwja) @ Care to share your thoughts here?

> I don’t know what happened behind the scenes that killed off twtxt (I have a few guesses, though), but the sad truth is that it’s gone. 2024-09-07T22:21:31Z (#bawn2ca) @ I like this idea actually for edits. 2024-09-07T22:25:27Z (#hfzpnma) @ Yes;

> I don’t think twtxt hashes are long enough to prevent spoofing.

The current spec needs to be updated to expand the hash length to 11 characters to avoid hash collisions (_which will happen at some point with 7, if not already_).

The issue isn't dealing with "spoofing", it's about solving how clients in a decentralised model agree on the threading model and identity of a thread. Message ID(s) suffer from the fact that as @ points out, clients have to "obey" this unwritten rule, but they're otherwise just arbitrary. Whereas Twt Hashes (_I didn't come up with the idea originally, some smart fellow in cryptography did_) are content addressable, meaning that clients don't have to agree on anything, they can trust that the hash is a cryptographic representing of the thread they're replying to, no matter what. 2024-09-08T00:16:08Z (#hfzpnma) @ Sorry, trust was the wrong word. Trust as in, you do not have to check with anything or anyone that the hash is valid. You can verify the hash is valid by recomputing the hash from the content of what it points to, etc. 2024-09-08T00:20:55Z (#bawn2ca) @ The problem with the approach Email clients do things is;

- How do you come up with the message/thread id in the first place? I'm pretty sure most clients just use a UUID.
- How do you know what you're replying to if you don't see the message/thread id in the first place?
- How do two different users that don't know each other, but follow the same feed (say /.) make two independent responses forming a thread? What message/thread id do they use? (see above) 2024-09-08T00:22:59Z (#bawn2ca) I _think_ Email Message-Id(s) only ever worked because typically you are exchanging emails with recipients you know and vice versa. It's much easier to cope with the problems above, because you just ensure your client preserves the `Message-Id`. Email is a federated system, but by no means is it "decentralised". You still have to send your email somewhere, not just post it on a website on your own server like Twtxt 😅

There are some subtitles differences like this that makes Message/Thread Id(s) not really that suitable IMO. 2024-09-08T00:29:04Z (#bawn2ca) We _can_ also make use of comments in the feed to build support for detecting/declaring Twts(s) were edited in a feed that are ignored by clients that don't understand the comments. By design clients ignore comments anyway, but the parser we build for `yarnd` (_which I'd love to turn into a C library that others can just import_) can do some interesting things here. @ can probably talk more on this... 2024-09-08T00:54:52Z (#2a5vnyq) @ Haha, easy to demonstrate. I'll start an email thread with myself, then you see if you can join in 🤣 2024-09-08T01:46:46Z (#wsdbfna) @ Join the club! 🤣 How about more days in a weekend?! 😱 Bringon #FourDayWorkWeek !!! 🤣 2024-09-08T01:55:52Z (#liwqpqq) @ Yes, they do 🤣 Implicitly, or threading would never work at all 😅 Nor lookups 🤣 They are used as keys. Think of them like a primary key in a database or index. I totally get where you're coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (_like we do_) and I believe we would just encounter other problems by doing so.

My money is on extending the Twt Subject extension to support more (_optional_) advanced "subjects"; i.e: indicating you edited a Twt you already published in your feed as @ indicated 👌

Then we have a secondary (_bure much rarer_) problem of the "identity" of a feed in the first place. Using the URL you fetch the feed from as @ 's client `tt` seems to do or using the `# url = ` metadata field as every other client does (_according to the spec_) is problematic when you decide to change where you host your feed. In fact the spec says:

> Users are advised to not change the first one of their urls. If they move their feed to a new URL, they should add this new URL as a new url field.

See [Choosing the Feed URL](https://dev.twtxt.net/doc/twthashextension.html) -- This is one of our longest debates and challenges, and I _think_ (_I suspect along with @ _) that the right way to solve this is to use public/private key(s) where you _actually_ have a public key fingerprint as your feed's unique identity that **never** changes. 2024-09-08T02:08:45Z (#wsdbfna) @ My work has this thing called "compressed work", where you can **buy** extra time off (_as much as 4 additional weeks_) per year. It comes out of your pay though, so it's not exactly a 4-day work week but it could be useful, just haven't tired it yet as I'm not entirely sure how it'll affect my net pay 2024-09-08T02:26:40Z On the Subject of Feed Identities; I propose the following:

1. Generate a Private/Public ED25519 key pair
2. Use this key pair to sign your Twtxt feed
3. Use it as your feed's identity in place of `# url =` as `# key = ...`

For example:

```console
$ ssh-keygen -f prologic@twtxt.net
$ ssh-keygen -Y sign -n prologic@twtxt.net -f prologic@twtxt.net twtxt.txt
```

And your feed would looke like:

```
# nick = prologic
# key = SHA256:23OiSfuPC4zT0lVh1Y+XKh+KjP59brhZfxFHIYZkbZs
# sig = twtxt.txt.sig
# prev = j6bmlgq twtxt.txt/1
# avatar = https://twtxt.net/user/prologic/avatar#gdoicerjkh3nynyxnxawwwkearr4qllkoevtwb3req4hojx5z43q
# description = "Problems are Solved by Method" 🇦🇺👨‍💻👨‍🦯🏹♔ 🏓⚯ 👨‍👩‍👧‍👧🛥 -- James Mills (operator of twtxt.net / creator of Yarn.social 🧶)

2024-06-14T18:22:17Z (#nef6byq) @ Hehe thanks! 😅 Still gotta sort out some other bugs, but that's tomorrows job 🤞
...
```

Twt Hash extension would change of course to use a feed's ED25519 public key fingerprint. 2024-09-08T07:44:14Z (#n4omfvq) @ Hmmm interesting idea 🤔 2024-09-08T07:47:33Z (#7lhd5aa) @ Tbey all hate me for stomping on their precious dear twtxt 🤣 2024-09-08T07:48:46Z (#lwzkhea) @ True 👌 2024-09-09T03:23:49Z (#a4nbqpq) @ Hmmm? Care to elaborate? 🤣 2024-09-09T03:44:42Z (#7lhd5aa) @ Sorry haha I didn't mean for it to sound like that 🤣 2024-09-09T03:45:30Z (#7lhd5aa) But in all seriousness I've only ever wanted to improve Twtxt without sacrificing its simplicity too much. 2024-09-09T03:49:03Z (#n4omfvq) @ Peobably not and I wouldn't expect them to either 😅 2024-09-09T12:12:25Z (#n4omfvq) @ WebFinger requires additional setup that whilsts helps to solve the "identity" problem in an "abstract" way, that extra infra that needs to be setup a) isn't trivial and b) hard to support on "shared hosting".

Sharing hosting is also the reason why you can't just use part of a URL really. 2024-09-09T12:13:09Z (#mwbr2ya) @ Holy shit that pod is still alive?! 🤔 2024-09-09T12:17:02Z (#2qn6iaa) @ To answer some of your questions:

> Are SSH signatures standardized and are there robust software libraries that can handle them? We’ll need a library in at least Python and Go to provide verified feed support with the currently used clients.

We already have this. Ed25519 libraries exist for all major languages. Aside from using `ssh-keygen -Y sign` and `ssh-keygen -Y verify`, you can also use the `salty` CLI itself (https://git.mills.io/prologic/salty), and I'm sure there are other command-line tools that _could_ be used too.

> If we all implemented this, every twt hash would suddenly change and every conversation thread we’ve ever had would at least lose its opening post.

Yes. This would happen, so we'd have to make a decision around this, either a) a cut-off point or b) some way to progressively transition. 2024-09-09T14:02:35Z (#fvxcc3q) @ Yes of course it can 😅 Sorry I missed your question on IRC 😢 2024-09-09T14:03:50Z (#fvxcc3q) For example:

```
$ echo 'hello world' | ./salty -i ./test.key -s | ./salty -i ./test.key -v
# signed by: kex1yfzzthmsdlqhgwzafy9zpjze6a0asxf6y552dp4yhvq66a4jje0qxqapvd
hello world
``` 2024-09-09T14:38:37Z (#md4ux5q) @ That bad eh? 😅 2024-09-09T16:07:46Z (#c3ii7gq) @ Ahh yeah sorry about that 🤣 You were getting confused between salty.im and salty. The later of which salty.im _actually_ uses and formed the basis of everything else. It's a simple robust library and command-line tools with good test coverage. The lowest building block 😅 2024-09-09T16:10:25Z (#c3ii7gq) @ ![](https://twtxt.net/media/ibcEpdptdc37Eh8EnzGzcP.png) 

```
$ echo 'hello world' | ./salty -i ./test_ed25519 --ssh-key --sign
``` 2024-09-09T16:10:56Z (#76gkopq) @ Kind of mirrored the `ssh` and `ssh-keygen` utilities. No reason really. 2024-09-09T16:31:52Z (#jceux2q) @ I doubt I'll be able to watch it live 🤣 But by all means, please Yarns all the goodies 😅 2024-09-10T01:33:44Z (#lt573ga) @ Nice hack! 👌 2024-09-10T01:36:12Z (#jceux2q) @ Big photo capability upgrade? 2024-09-10T01:37:29Z (#md4ux5q) @ if you do win the lottery, don't forget to include us so we can all join in and share the things that we like to tinker with instead of this whole rat race. 🤣 2024-09-10T01:48:06Z (#rh6gtwq) @ I personally think that we just go with a magic timestamp approach. It's simpler and easier to implement across the major clients that are still actively developed.

The question is how much time do we give ourselves as we're all a bit time poor and I can't imagine we would do this quickly. 2024-09-10T08:17:54Z (#rh6gtwq) @ No, this is what I want to avoid. For many reasons I stated before, content addressing or hashing is far better here for threading in a decentralized way. 2024-09-10T08:18:43Z (#rh6gtwq) IMO we just have to fix the identity problem and figure out how to detect or support edits. 2024-09-11T05:59:45Z (#3f7eeba) What were the recommended mitigations? 2024-09-11T06:01:26Z (#iweop2a) @ yes I'm less concerned about solving the integrity part of the problem of whether we can trust that the content of a feed is actually written by certain author, however, that's not to say that we shouldn't think about also leveraging keys to be able to do that maybe it's an optional feature? 2024-09-11T06:02:37Z (#oikrdpa) @ that could work too, but that requires a random value, a set of keys and signature verification of the value, which I don't really have a problem with. 2024-09-11T06:03:09Z (#mhtocjq) @ it's not really strictly required if we're just talking about identity though right? If we're talking about encryption then yes I agree rotate and keys becomes very important if you want to have attributes like perfect forward secrecy. 2024-09-11T23:20:21Z (#n4omfvq) @ there is a certain simplicity to that. 😅 2024-09-12T01:50:00Z (#iweop2a) @ yes I agree. 2024-09-12T01:51:28Z (#mhtocjq) @ True 😅 I guess it comes down to our risk appetite and the attack vectors we're trying to solve for 🤔 2024-09-12T01:54:05Z (#wv2ccwq) @ i'll get fucked! The US patent office should ban this immediately. 2024-09-12T02:00:53Z (#wv2ccwq) Ford, the company can honestly go fuck themselves! No one ever asked or even thought to themselves:

> Gee I wish my car would listen to my in-car conversations and serve me ads.

🤬🤦‍♂️ #Ford #Ads 2024-09-12T06:42:58Z (#rh6gtwq) @ how would that work exactly? Does that mean then that every user is required to have a cox side profile? Who maintains cox site? Is it centralized or decentralized can be relied upon? 2024-09-12T21:13:36Z (#sfpgcyq) @ Nice write up! 2024-09-12T21:56:47Z (#h7zeenq) @ Sounds like it would work 👌 Though I've not tried or invested anytime into proofs and claims type things so far 🤔 2024-09-12T22:03:26Z @ What's the keyoxide thingy you wrote/built? 🤔 What's your URI/profile? 🤔 2024-09-13T03:19:35Z (#rh6gtwq) @ Hah interesting 🤔 2024-09-13T11:37:40Z (#xzyxyva) I think so 😅 Thanks$!🙇‍♂️ 2024-09-13T11:43:45Z Out camping with the family this weekend for my birthday 🥳 ![](https://twtxt.net/media/w8A9d9j9D98vEb2besnjN8.png) 2024-09-13T12:12:09Z (#bhnihfq) @ Thanks! 🤗 -- I know it will 🤣 2024-09-14T00:52:03Z (#6shod5q) @ Have you considered https://git.mills.io/yarnsocial/twtxt2html 2024-09-14T00:54:40Z (#bhnihfq) Many thanks! 2024-09-14T21:09:40Z (#6shod5q) There are certainly improvements that can be made to this tool.🤞 2024-09-14T21:13:21Z (#ijwxx7q) @ Aww thanks! 🤗 2024-09-14T23:08:45Z (#ku6lzaa) @ All very good points 👌 by the way, how did you find two pieces of content that hash the same when taking the last N characters of the base32 and coded hash? 2024-09-14T23:12:58Z (#ku6lzaa) @ I think I wrote a very similar program and go myself actually and you're right we do have to change the way we encode hashes. 2024-09-15T01:09:32Z (#ku6lzaa) @ Yeah that's why we made them short 😅 2024-09-15T01:25:57Z (#ku6lzaa) @ 🤣 2024-09-15T04:39:10Z (#pvju5cq) @ One of the nice things I think is that you can almost assuredly trust that the hash is a correct representation of the thread because it was computed via our content, addressing in the first place, so all you need to do yes copy it 👌 2024-09-15T08:21:31Z (#zbkf3oq) @ Thanks! 2024-09-15T09:50:20Z When will the AI hype die down? 2024-09-15T10:01:58Z Even though we're quite a ways from any suburban areas, even with the Internet access via cell towers this poor, using my pod is still very snappy. 👌 ![](https://twtxt.net/media/uH3YLHF5QYa46xrVuQmWXH.png) 2024-09-15T10:04:19Z (#z37gylq) But you know speedtest.net I believe is a bit of a liar and I'm quite sure they do something to make sure the speed test come up good even remote areas the real speed test my actual surfer infrastructure is quite piss poor 🤣 ![](https://twtxt.net/media/iTpnqSHVmpyFgEjULwUQvE.png) 2024-09-15T10:08:07Z (#z37gylq) Amazingly though it seems to be slightly better to VPN in. 🤔 ![](https://twtxt.net/media/VVJ5G4WZSmL5wFjpgB8n6J.png) 2024-09-15T10:15:15Z That's an interesting side effect to the new Discover feature that I added sometime ago that only displays one post per feed. That is when you're not logged in and viewing my pod's front page. You can pretty easily and roughly see what the monthly active view account is just by looking at the pager size. 🤔 2024-09-15T21:43:13Z (#cgcuuba) @ it's definitely your social bubble. 🤣 you need to use twtxt more as your daily driver 🤣 2024-09-15T21:45:12Z (#j7f652q) @ Nice one 👌 2024-09-15T21:45:58Z (#yudn25q) @ Haha same and I'm sick of it! It's ruining innovation in anything else 🤦‍♂️ 2024-09-15T21:47:32Z (#zbkf3oq) @ Thanks mate! 🤗 2024-09-15T21:49:10Z (#yudn25q) @ you're probably right, but by that argument, cryptocurrency should be innate too right? as we no longer hear about that gold awful hype, right? 🤔 2024-09-15T22:16:10Z (#6h655ta) @ Hahahahaha 🤣 Me neither 🤮 2024-09-16T01:25:52Z (#cgcuuba) @ Good man 🤣 I keep getting this bloody AI hype from various news feeds I subscribe to via Twtxt like Slashdot **cough** 🤦‍♂️ 2024-09-16T01:42:05Z (#xfdfp5a) @ Ack 👌 2024-09-16T02:20:40Z (#7d4suba) @ Ahh that's interesting! 🧐 One of my original goals when I started out building [Yarn.social](https://yarn.social/about.html) was to also be a source of news, blogs, and whatever else that could be roughly/easily translated into a Twtxt feed. I'm not sure if others do something similar, but that's why I built [feeds.twtxt.net](https://feeds.twtxt.net), which consumes RSS/Atom and produces Twtxt feeds.

My only desire one day is to build a "Feed Builder" of sorts that allows one to say, for example, construct a Slashdot feed but without AI hype, or as another example, a BBC/ABC feed that's a digest once or twice per day. 2024-09-16T02:21:42Z (#7d4suba) It's useful to know however that such feeds are _actually_ marked as `type=rss` (e.g: https://feeds.twtxt.net/slashdot/twtxt.txt), just as feeds like @ are marked as `type=bot` 2024-09-16T02:22:23Z (#7d4suba) These then become useful in filters like what you see here: ![](https://twtxt.net/media/5LuJBevVXjmCwiscfMNJUA.png) 2024-09-16T02:23:25Z (#j7f652q) @ Looks like that would work according to the patch I just read 👌 2024-09-16T02:24:38Z (#j7f652q) @ It _would_ also be possible to use the search engine here too I _think_ 🤔 i.e: `https://search.twtxt.net` 2024-09-16T11:48:24Z (#yiypmma) @ LOL 😂 2024-09-16T12:28:01Z (#yiypmma) @ Yes, according to the spec we wrote for [Archived Extension](https://dev.twtxt.net/doc/archivefeedsextension.html):

> The second value of prev is a name relative to the base directory of the feed’s URL in url (more specifically, in the URL that the client used to retrieve the feed). In the example above, prev would evaluate to the full URL https://example.com/twtxt-2021-10-18.txt for HTTPS and for Gopher. 2024-09-16T12:28:58Z (#mzvc5bq) @ So what is it about @'s feed that's screwed with your client? (Jenny?) 🤔 Kind of curious now 🤣 2024-09-16T12:29:07Z (#v3lkjca) @ We will fix this soon™ 🔜 2024-09-16T12:29:53Z (#pvju5cq) @ I tend to agree too, I think the focus should be on fixing and supporting Edits first 👌 2024-09-16T12:30:44Z (#j7f652q) @ Bah you're right, that's a mistake and easily fixed 😅 2024-09-16T13:18:59Z (#bwyeqta) @ Haha okay 😅 2024-09-16T13:19:20Z (#subsyjq) @ Meh I lost the plot ages ago 🤣 2024-09-17T02:15:32Z # Summary of WiscKey: Separating Keys from Values in SSD-Conscious Storage

- **Authors**: Lanyue Lu, Thanumalayan Sankaranarayana Pillai, Andrea C. Arpaci-Dusseau, Remzi H. Arpaci-Dusseau
- **Conference**: 14th USENIX Conference on File and Storage Technologies (FAST '16)
- **Key Concept**: WiscKey is a key-value store that separates keys from values to minimize I/O amplification, optimizing performance for SSDs.
- **Performance**: WiscKey outperforms LevelDB and RocksDB in various workloads, achieving up to 111× faster loading and improved random lookup speeds.
- **Design Goals**: Focus on low write/read amplification, SSD optimization, and support for modern features like range queries. 2024-09-17T02:16:54Z (#nx7iioq) The four critical ideas in the design of WiscKey are: 

1. Separation of keys from values, with only keys stored in the LSM-tree and values in a separate log file.
2. Utilization of the parallel random-read characteristic of SSD devices to handle unsorted values during range queries.
3. Implementation of unique crash-consistency techniques to manage the value log efficiently.
4. Optimization of performance by removing the LSM-tree log without sacrificing consistency, reducing system-call overhead from small writes. 2024-09-17T02:17:37Z (#nx7iioq) WiscKey minimizes CPU usage compared to LevelDB by eliminating the log file, which reduces the CPU cost associated with encoding and writing key-value pairs. While LevelDB has higher CPU usage due to its single writer protocol and background compaction using one thread, WiscKey's architecture allows for garbage collection to be decoupled and performed later, minimizing its impact on foreground performance. Consequently, WiscKey generally exhibits lower CPU usage during workloads, except when utilizing multiple background threads for prefetching. 2024-09-17T02:18:03Z (#nx7iioq) WiscKey's approach to handling key-value pairs in SSDs offers several advantages:

1. It minimizes I/O amplification by separating keys and values, allowing for more efficient storage and retrieval.
2. The design leverages the SSD's performance characteristics, utilizing sequential writes and parallel random reads to enhance throughput and reduce latency.
3. WiscKey maintains excellent insert and lookup performance while improving SSD lifespan by reducing the number of erase cycles required. 2024-09-17T02:19:49Z (#nx7iioq) I dunno whether any of this is actually true 🤷‍♂️ The LLM 🤖could have made (hallucinated) this shit up 🤣 2024-09-17T02:29:56Z (#a5ynbiq) @ Gitea is plenty fast for me 👌 Even with a SQLite database 🤣 2024-09-17T02:31:54Z (#o6dsrga) Holy shot! what an old thread 🤣 2024-09-17T02:32:23Z (#vl64hga) @ Seems to have used the hash correctly here 🤣 2024-09-17T02:43:55Z (#kshd6sq) @ Yea I think your idea of inclining url changes in the feed works perfectly as long as folks remember to do so I guess? 🤔 2024-09-17T02:46:46Z (#hvq3nnq) @ It does now as of several weeks ago or so 👌 2024-09-17T02:48:31Z (#wnq5qva) Noting that this scheme cannot support disjoint threads that should be merged together once either party discovers each other 😅 2024-09-17T02:49:34Z (#wnq5qva) This scheme also only support threading off a specific Twt of someone's feed. What if you're not replying to anyone in particular? 2024-09-17T07:06:54Z (#w4chkna) @ You mean the idea of being able to inline `# url = ` changes in your feed?

> Whatever gets used, it would be nice to be able to rotate identities. I like @’s idea for that. 2024-09-17T07:10:27Z @ and @ and possibly @ and even @cuaxolotl -- I'm very curious to understand and hear thoughts, pros and cons or other feelings about introducing the notation of a feed's identify using cryptography? If we were to keep things simple, and use what's commonly available, for example SSH ED25519 keys? using the `ssh-keygen -Y sign` or `ssh-keygen -Y verify` tools already available? Maybe in combination with @ 's idea of generating a random unique ID for your feed, say `# id = ` and signing it with your ED25519 key? 🔑 2024-09-17T12:15:52Z (#uqfouda) @ not really you're really forming a cryptographic chain of twts, that are cryptographically provable by anyone, at least in one direction ). It's called content addressing. Your propose scheme while simple doesn't do this. 2024-09-17T12:18:54Z (#ixeopeq) @ I think I may have lost my original feed because it was written with the old software before Yarn social became a thing. 2024-09-17T13:12:20Z (#v3lkjca) @ We just have to write better clients 🤣 I have figured out how to detect edits FWIW, but haven't gone from R&D phase to an actual design and implementation. But it is possible to detect an edit as well as a similarity score and the matching Twts. 2024-09-17T13:52:54Z (#r4msqlq) @ No that's okay. I happen to agree with you really, I just wanted to get a bit of a vibe on using cryptography in general and the idea of signing feeds. It's not particularly about a problem being solved, just gauging your opinions/thoughts on this 👌 2024-09-17T13:53:48Z (#uqfouda) @ I _think_ if Git can solve the same problem of branching, forking, patching and merging, so can we 🤣 2024-09-17T13:55:06Z (#uqfouda) Ultimately I _think_ we just need to agree on a way to represent an edit and the previous version of a Twt in a way that makes sense. I like one of the ideas presented earlier in some other thread (_god only knows which one haha 😝_); That is: ` (#hash;#originalHash) ` For example. 2024-09-17T13:55:39Z (#uqfouda) It would mean clients that support the TwtSubject and TwtHash extension, _should_ also indicate the previous version of their Twt when editing. 2024-09-17T14:13:10Z (#vpti3aq) @ Btw, I'm also open to ideas for this tool and welcome any contributions 👌 2024-09-17T14:33:57Z (#uqfouda) @ Well at this point I think I'm going to try to combine @'s idea for supporting moving your feed to a different URL and this idea for supporting editing. I'll spec it up and see if what we think from there... 2024-09-17T14:41:40Z One thing that's on my mind over the last few days about all this Twt editing and identity stuff we've been having hot debates over is this...

> I don't really have a problem with editing twts, or someone changing their feed's URL.

Personally I think the folks that do are rightfully pedantic and like a good user experience, which I don't blame 'em. I would expect the same too. Anyway, just wanted to get that out there, I believe we can support editing and identity in a way that is still simple, as long as we bring clients along for the ride with us. The old/legacy original client though will have to remain well, ya know 😅 2024-09-17T14:42:54Z (#w4chkna) @ I like this idea too as a completing solution to the "identify problem":

> Or maybe url changes could somehow be combined with the archive feeds extension? Could the url metadata field be local to each archive file, so that to switch to a new url all you need to do is archive everything you’ve got and start a new file at the new url?

👌 2024-09-17T14:47:55Z (#vuxk6ga) @ Oh! 🤣 For some reason I _thought_ my first feed was lost and gone 🤣 Hahahaha it's been there the whole time 😅 Fuck we write good specs and software 🥳 2024-09-17T15:28:28Z (#vpti3aq) @ I just added support for passing a custom template file via `-T/--template` in case you need a custom template 👌

```
prologic@JamessMacStudio
Wed Sep 18 01:27:29
~/Projects/yarnsocial/twtxt2html
 (main) 130
$ ./twtxt2html --help
Usage: twtxt2html [options] FILE|URL

twtxt2html converts a twtxt feed to a static HTML page
 -d, --debug enable debug logging
 -l, --limit int limit number ot twts (default all) (default -1)
 -n, --noreldate do now show twt relative dates
 -r, --reverse reverse the order of twts (oldest first)
 -T, --template string path to template file
 -t, --title string title of generated page (default "Twtxt Feed")
 -v, --version display version information
pflag: help requested
``` 2024-09-17T15:51:24Z (#omc6ifq) @ If you're talking about me, I'm notorious for typos 🤣 I type too fast, and I think I need a new keyboard, these keys are getting stuck 😅 Either that or I need to take my blowvac to it and clean the dust, skin and muck under the butterfly keys 🎹 2024-09-17T15:55:45Z (#3xpygsq) @ (#3xpygsq) @ I have a slightly different but compatible view:

> What makes twtxt unique is its radical technical simplicity. And that means you have to be a tech-savvy person to appreciate twtxt and that means mass-appeal is pretty much out of the question to begin with. 😅

You see, if you recall my old man ain't all that great with tech these days, though he used to be and that's how I got into it, encouraged as a young lad. Anyway... I built `yarnd` for that purpose, so a) I could use it as my daily driver (_think of it like Jenny/tt but for the web with a little server_) and b) so others _could_ use it too (_admitedly that hasn't been well adopted because reasons_)

Anyway my view is that Yarn/Twtxt is designed to be a slow social media without distraction. I like that a lot. Forget the simplicity for a second, if you think about how we use this, and how damn well fucking effective it is, without all the ads, tracking, god knows what useless-ass features, all the nonsense multi-Megabytes your browser has to download, just to post what you ate for breakfast, I like what we've built 😅 2024-09-17T15:58:58Z (#omc6ifq) At least you took the time to file an issue on a decentralised Git server 💪 Thank you! 🙏 2024-09-17T16:00:21Z (#3mccxdq) @ You will _actually_ find that they work perfectly fine. They just tend to have little value I think. Most of our clients do support them, `jenny, `tt` and `yarnd`...` 2024-09-17T16:00:59Z (#3mccxdq) Just that `yarnd` (_at least_) doesn't support creating such a custom TwtSubject, but it will reply and respect and thread one if one was constructed. 2024-09-17T16:22:38Z (#dwadueq) @ I never implemented UI support for their creation 🤣 2024-09-17T16:24:29Z (#yzg4ura) @ I should put the template that is used by default as a file in the repo. Look at the source for now and you'll see 😅 2024-09-17T16:25:19Z (#5owki3q) @ this is why I don't have a work phone 🤣 2024-09-17T16:36:23Z (#dwadueq) @ Haha 🤣 2024-09-17T16:37:08Z (#5owki3q) @ for oncall? 2024-09-17T21:57:11Z (#sbg7p7a) It _actually_ has treated this as a thread, but it gets a bit weird, because we thread based on the content address of a root twt. 2024-09-17T21:57:46Z (#sbg7p7a) So yeah no, whilst it _technically_ works, neither `jenny` nor `yarnd` support it very well. Only at a very basic level. 2024-09-17T21:58:25Z (#zhvhd5a) @ You are right, whilst it _technically_ works, its not well supported. Too much of the code would have to change to support that, and it's not worth the value. 2024-09-17T21:59:00Z (#ngb3eoq) @ LOL 😂 Thanks! 2024-09-17T22:00:21Z (#hwv7iya) @ It's a good thin `yarnd` makes this user configurable via a preference 🤣 And displays both 😅 2024-09-17T22:01:35Z (#uupimwq) @ aye aye captain 🤣 2024-09-17T22:03:33Z (#5owki3q) @ So basically on-call, but you don't get paid for it? 🤔 2024-09-17T22:04:29Z (#gjhpr5q) @ Okay fair 👌 2024-09-17T22:07:13Z (#y2t2tnq) @ Just as an aside, shouldn't you assume `utf-8` anyway these days if not specified? 🤔 I mean basically everything almost always uses `utf-8` encoding right? 😅 2024-09-17T22:40:01Z (#ngb3eoq) @ All fixed! 🥳 pleasure doing business with y'all. 🤣 2024-09-17T22:41:27Z (#jmceg4a) @ LOL 😂 No worries! 😉 2024-09-18T03:02:09Z (#57nqhuq) @ I admit I find the general "click here to share blah" generally wasteful, useless and unengaging really. Not just Wordle.

I admittedly however, I've been guilty of doing this sometimes myself. 🤦‍♂️ sometimes though I think it's OK to show your achievements. 👌 2024-09-18T03:25:24Z I've been using Codeium too the last week or so ! It's pretty good and like @ said is a pretty desent Junior assistant, it helps me write good docs and the tab completion is amazing!

It of course completely sucks at doing anything "intelligent" or complex, but if you just use it as a fancier auto complete it's actually half way decent 👌 2024-09-18T06:12:46Z (#omc6ifq) @ Sometimes that's the most valuable though! Feedback! 2024-09-18T11:48:19Z (#hg754aq) @ Watch TV at the moment so unsure about "out of the box tools" but there are 3 implementations on the spec page https://dev.twtxt.net/doc/twthashextension.html 2024-09-18T12:14:11Z (#hg754aq) @ Do you mean something like this?

```
$ ./yarnc debug ~/Public/twtxt.txt | tail -n 1
kp4zitq 2024-09-08T02:08:45Z (#wsdbfna) @ My work has this thing called "compressed work", where you can **buy** extra time off (_as much as 4 additional weeks_) per year. It comes out of your pay though, so it's not exactly a 4-day work week but it could be useful, just haven't tired it yet as I'm not entirely sure how it'll affect my net pay
``` 2024-09-18T12:14:57Z (#hg754aq) FWIW the standard UNIX tools for Blake2b are `openssl` and `b2sum` -- Just trying to figure out how to make a shell pipeline again (_if you really want that_); as tools keep changing god damnit 🤣 2024-09-18T12:18:50Z (#hg754aq) It would appear that the `blake2b` 256bit digest algorithm is no longer supported by the `openssl` tool, however `blake2s256` is; I'm not sure why 🤔

```
$ echo -n "https://twtxt.net/user/prologic/twtxt.txt\n2020-07-18T12:39:52Z\nHello World! 😊" | openssl dgst -blake2s256 -binary | base32 | tr -d '=' | tr 'A-Z' 'a-z' | tail -c 7
zq4fgq
```

Obviously produce the wrong hash, which should be `o6dsrga` as indicated by the `yarnc hash` utility:

```
$ yarnc hash -u https://twtxt.net/user/prologic/twtxt.txt -t 2020-07-18T12:39:52Z "Hello World! 😊"
o6dsrga
```

But at least the shell pipeline is "correct". 2024-09-18T12:21:43Z Just experimenting...

```
$ echo -n "https://twtxt.net/user/prologic/twtxt.txt\n2020-07-18T12:39:52Z\nHello World! 😊" | sha256sum | base64 | tr -d '=' | tail -c 12
NWY4MSAgLQo
``` 2024-09-18T12:25:06Z (#7csfpjq) ```
$ echo -n "https://twtxt.net/user/prologic/twtxt.txt\n2020-07-18T12:39:52Z\nHello World! 😊" | sha256sum | base32 | tr -d '=' | tr 'A-Z' 'a-z' | tail -c 12
tdqmjaeawqu
``` 2024-09-18T12:31:13Z (#7csfpjq) ```
$ echo -n "https://twtxt.net/user/prologic/twtxt.txt\n2020-07-18T12:39:52Z\nHello World! 😊" | sha1sum | head -c 11
87fd9b0ae4e
``` 2024-09-18T12:32:06Z (#rssd6sq) @ Add here:

```
* a0826a65 - Add debug sub-command to yarnc (7 weeks ago) 
```

I'd recommend a `git pull && make build` 2024-09-18T12:38:32Z Current Twt Hash spec and probability of hash collision:

The probability of a **Twt Hash collision** depends on the size of the hash and the number of possible values it can take. For the Twt Hash, which uses a **Blake2b 256-bit** hash, Base32 encoding, and takes the **last 7 characters**, the space of possible hash values is significantly reduced.

### Breakdown:

1. **Base32 encoding**: Each character in the Base32 encoding represents 5 bits of information (since \( 2^5 = 32 \)).
2. **7 characters**: With 7 characters, the total number of possible hashes is:
 \[
 32^7 = 3,518,437,208
 \]
 This gives about 3.5 billion possible hash values.

### Probability of Collision:

The probability of a hash collision depends on the **number of hashes generated** and can be estimated using the **Birthday Paradox**. The paradox tells us that collisions are more likely than expected when hashing a large number of items.

The approximate formula for the probability of at least one collision after generating `n` hashes is:
\[
P(\text{collision}) \approx 1 - e^{-\frac{n^2}{2M}}
\]
Where:
- \(n\) is the number of generated Twt Hashes.
- \(M = 32^7 = 3,518,437,208\) is the total number of possible hash values.

For practical purposes, here are some example probabilities for different numbers of hashes (`n`):

- For **1,000 hashes**:
 \[
 P(\text{collision}) \approx 1 - e^{-\frac{1000^2}{2 \cdot 3,518,437,208}} \approx 0.00014 \, \text{(0.014%)}
 \]
- For **10,000 hashes**:
 \[
 P(\text{collision}) \approx 1 - e^{-\frac{10000^2}{2 \cdot 3,518,437,208}} \approx 0.14 \, \text{(14%)}
 \]
- For **100,000 hashes**:
 \[
 P(\text{collision}) \approx 1 - e^{-\frac{100000^2}{2 \cdot 3,518,437,208}} \approx 0.999 \, \text{(99.9%)}
 \]

### Conclusion:

- For small to moderate numbers of hashes (up to around 1,000–10,000), the collision probability is quite low.
- However, as the number of Twts grows (above 100,000), the likelihood of a collision increases significantly due to the relatively small hash space (3.5 billion). 2024-09-18T12:39:08Z (#y2t2tnq) @ Fair 👌 2024-09-18T12:40:21Z (#5owki3q) @ Haha 😝

> What I was referring to in the OP: Sometimes I check the workphone simply out of curiosity. 😂 2024-09-18T12:45:39Z (#rssd6sq) @ Welcome! 🤗 2024-09-18T12:50:49Z (#lryyjla) @ Bloody good question 🙋 God only knows 🤣 2024-09-18T12:52:07Z Taking the last n characters of a base32 encoded hash instead of the first n can be problematic for several reasons:

1. **Hash Structure**: Hashes are typically designed so that their outputs have specific statistical properties. The first few characters often have more entropy or variability, meaning they are less likely to have patterns. The last characters may not maintain this randomness, especially if the encoding method has a tendency to produce less varied endings.

2. **Collision Resistance**: When using hashes, the goal is to minimize the risk of collisions (different inputs producing the same output). By using the first few characters, you leverage the full distribution of the hash. The last characters may not distribute in the same way, potentially increasing the likelihood of collisions.

3. **Encoding Characteristics**: Base32 encoding has a specific structure and padding that might influence the last characters more than the first. If the data being hashed is similar, the last characters may be more similar across different hashes.

4. **Use Cases**: In many applications (like generating unique identifiers), the beginning of the hash is often the most informative and varied. Relying on the end might reduce the uniqueness of generated identifiers, especially if a prefix has a specific context or meaning.

In summary, using the first n characters generally preserves the intended randomness and collision resistance of the hash, making it a safer choice in most cases. 2024-09-18T12:52:53Z (#zaazoeq) I think it was a mistake to take the last n base32 encoded characters of the blake2b 256bit encoded hash value. It should have been the first n. where n is >= 7 2024-09-18T12:54:05Z (#lryyjla) @ My money is on a SHA1SUM hash encoding to keep things **much** simpler:

```
$ echo -n "https://twtxt.net/user/prologic/twtxt.txt\n2020-07-18T12:39:52Z\nHello World! 😊" | sha1sum | head -c 11
87fd9b0ae4e
``` 2024-09-18T13:04:29Z With a SHA1 encoding the probability of a hash collision becomes, at various k (_number of twts_):

```
>>> import math
>>>
>>> def collision_probability(k, bits):
... n = 2 ** bits # Total unique hash values based on the number of bits
... probability = 1 - math.exp(- (k ** 2) / (2 * n))
... return probability * 100 # Return as percentage
...
>>> # Example usage:
>>> k_values = [100000, 1000000, 10000000]
>>> bits = 44 # Number of bits for the hash
>>>
>>> for k in k_values:
... print(f"Probability of collision for {k} hashes with {bits} bits: {collision_probability(k, bits):.4f}%")
...
Probability of collision for 100000 hashes with 44 bits: 0.0284%
Probability of collision for 1000000 hashes with 44 bits: 2.8022%
Probability of collision for 10000000 hashes with 44 bits: 94.1701%
>>> bits = 48
>>> for k in k_values:
... print(f"Probability of collision for {k} hashes with {bits} bits: {collision_probability(k, bits):.4f}%")
...
Probability of collision for 100000 hashes with 48 bits: 0.0018%
Probability of collision for 1000000 hashes with 48 bits: 0.1775%
Probability of collision for 10000000 hashes with 48 bits: 16.2753%
>>> bits = 52
>>> for k in k_values:
... print(f"Probability of collision for {k} hashes with {bits} bits: {collision_probability(k, bits):.4f}%")
...
Probability of collision for 100000 hashes with 52 bits: 0.0001%
Probability of collision for 1000000 hashes with 52 bits: 0.0111%
Probability of collision for 10000000 hashes with 52 bits: 1.1041%
>>>
```

If we adopted this scheme, we could have to increase the no. of characters (_first N_) from `11` to `12` and finally `13` as we approach globally larger enough Twts across the space. I _think_ at least full crawl/scrape it was around ~500k (_maybe_)? https://search.twtxt.net/ says only ~99k 2024-09-18T13:05:51Z (#vqgs4zq) @ Just replace the `echo` with something like `pbpaste` or similar. You'd just need to shell escape things like `"` and such. That's all. Alternatives you can shove the 3 lines into a small file and `cat file.txt | ...` 2024-09-18T13:12:44Z An alternate idea for supporting (_properly_) Twt Edits is to denoate as such and extend the meaning of a Twt Subject (_which would need to be called something better?_); For example, let's say I produced the following Twt:

```
2024-09-18T23:08:00+10:00 Hllo World
```

And my feed's URI is `https://example.com/twtxt.txt`. The hash for this Twt is therefore `229d24612a2`:

```
$ echo -n "https://example.com/twtxt.txt\n2024-09-18T23:08:00+10:00\nHllo World" | sha1sum | head -c 11
229d24612a2
```

You wish to correct your mistake, so you make an amendment to that Twt like so:

```
2024-09-18T23:10:43+10:00 (edit:#229d24612a2) Hello World
```

Which would then have a new Twt hash value of `026d77e03fa`:

```
$ echo -n "https://example.com/twtxt.txt\n2024-09-18T23:10:43+10:00\nHello World" | sha1sum | head -c 11
026d77e03fa
```

Clients would then take this `edit:#229d24612a2` to mean, this Twt is an edit of `229d24612a2` and should be replaced in the client's cache, or indicated as such to the user that this is the intended content. 2024-09-18T13:14:18Z (#5vbi2ea) Likewise we _could_ also support `delete:229d24612a2`, which would indicate to clients that fetch the feed to delete any cached Twt matching the hash `229d24612a2` if the author wishes to "unpublish" that Twt permanently, rather than just deleting the line from the feed (_which does nothing for clients really_). 2024-09-18T13:16:17Z (#5vbi2ea) Finally @ 's idea of updating metadata changes in a feed "inline" where the change happened (_with respect to other Twts in whatever order the file is written in_) is used to drive things like "Oh this feed now has a new URI, let's use that from now on as the feed's identity for the purposes of computing Twt hashes". This could extend to `# nick =` as preferential indicators to clients as well as even other updates such as `# description = ` -- Not just `# url =` 2024-09-18T23:13:21Z (#kdtce4q) @ Hah Welcome back! 😅 2024-09-18T23:13:52Z (#fmqnkea) @ We'll get there soon™ 🔜 2024-09-18T23:25:13Z (#kdtce4q) @ Hah 🤣 2024-09-18T23:29:08Z (#ucgvfmq) @ it would work, you are right, however, it has drawbacks, and I think in the long term would create a new set of problems that we would also then have to solve. 2024-09-19T00:16:23Z (#6y53k7q) @ without supporting dudes properly though you're running into GDP issues and the right to forget. 🤣 we've had pretty lengthy discussions about this in the past years ago as well, but we never came to a conclusion. We're all happy with. 2024-09-19T00:19:33Z (#krhab7q) @ this is where you would need to prove that the editor delete request actually came from that feed author. Hence why integrity is much more important here. 2024-09-19T00:20:15Z (#5vbi2ea) @ you mean my original idea of basically just automatically detecting Twt edits from the client side? 2024-09-19T00:21:46Z (#35dfola) @ wut da fuq?! 🤣 2024-09-19T00:23:24Z (#lryyjla) @ I don't recall where that discussion ended up being though? 2024-09-19T00:27:51Z (#vqgs4zq) @ Mostly because Git uses it 🤣 Known attacks that would affect our use? 🤔 2024-09-19T00:31:00Z (#zaazoeq) @ No u don't sorry. But I tend to agree with you and I think if we continue to use hashes we should keep the remainder in mind as we choose truncation values of N 2024-09-19T00:31:58Z (#tomgw6q) @ NahahahahHa 🤣 So glad I don't use LinkedIn 🤦‍♂️ 2024-09-19T00:37:43Z (#uebsf7a) @ i'm guessing the quotas text should've been emphasized? 2024-09-19T02:59:38Z (#uebsf7a) @ This is the different Markdown parsers being used. Goldmark vs. gomarkdown. We need to switch to Goldmark 😅 2024-09-19T07:08:48Z (#4sczfgq) @ You don't get left behind at all 🤣 It's hyped up so much, it's not even funny anymore. Basically at this point (_so far at least_) I've concluded that all this GenAI / LLM stuff is just a fancy auto-complete and indexing + search reinvented 🤣 2024-09-19T07:09:37Z (#4sczfgq) Plus these so-called "LLM"(s) have a pretty good grasp of the "shape" of language, so they _appear_ to be quite intelligent or produce intelligible response (_when they're actually quite stupid really_). 2024-09-19T07:11:33Z (#2so4tqq) @ I _think_ we never progressed this idea further because we weren't sure how to tell if a hash collision would occur in the first place right? In other words, how does Client A know to expand a hash vs. Client B in a 100% decentralised way? 🤔 2024-09-19T07:13:32Z (#lryyjla) Right I see what you mean @ -- Can you maybe come up with a fully fleshed out proposal for this? 🤔 This will help solve the problem of hash collision that result from the Twt/hash space growing larger over time without us having to change anything about the way we construct hashes in the first place. We just assume spec compliant clients will just dynamically handle this as the space grows. 2024-09-19T07:14:10Z (#5vbi2ea) @ Long while back, I experimented with using similarity algorithms to detect if two Twts were similar enough to be considered an "Edit". 2024-09-19T07:14:59Z (#uebsf7a) @ I don't think this is a lextwt problem tbh. Just the Markdown aprser that `yarnd` currently uses. `twtxt2html` uses Goldmark and appears to behave better 🤣 2024-09-19T07:16:16Z (#vqgs4zq) @ Right I see. Yeah maybe we want to avoid that 🤣 I do kind of tend to agree with @ in another thread that there isn't actually anything wrong with our use of Blake2 at all really, but we may want to consider all our options. 2024-09-19T09:15:14Z (#xghlsva) @ I really don't think we can ignore the last ~3 years and a bit of this threading model working quite well for us as a community across a very diverse set of clients and platforms. We cannot just drop something that "mostly works just fine" for the sake of "simplicity". We have to weight up all the options. There are very real benefits to using content addressing here that really IMO shouldn't be disregarded so lightly that actually provide a lot of implicit value that users of various clients just don't get to see. I'd recommend reading up on the ideas behind content addressing before simply dismissing the Twt Hash spec entirely, it wasn't even written or formalised by me, but I understand how it works quite well 😅 The guy that wrote the spec was (is?) way smarter than I was back then, probably still is now 🤣 2024-09-19T11:30:57Z (#4sczfgq) @ Yeah I'm looking forward to that myself 🤣 It'll be great to see where technology grow to a level of maturity and efficiency where you can run the tools on your own PC or Device and use it for what, so far, I've found it to be somewhat decent at; Auto-Complete, Search and Q&A. 2024-09-19T11:41:33Z Speaking of AI tech (_sorry!_); Just came across this really cool tool built by some engineers at Google™ (_currently completely free to use without any signup_) called [NotebookLM](notebooklm.google.com) 👌 Looks really good for summarizing and talking to document 📃 2024-09-19T12:20:05Z (#xghlsva) @ Witout including the content, it's no longer really "content addressing" now is it? You're essentially only addressing say nick+timestamp or url+timestamp. 2024-09-19T12:20:24Z (#3f36byq) @ Oh ! 🤦‍♂️ 2024-09-19T13:37:33Z (#xghlsva) @ I _really_ thinks articles like [this](https://flyingzumwalt.gitbooks.io/decentralized-web-primer/content/avenues-for-access/lessons/power-of-content-addressing.html) explain the benefits far better than I can. 2024-09-19T13:38:58Z (#xghlsva) For example, without content-addressing, you'd never have been able to find let alone pull up that ~3yr old Twt of me (_my very first_), hell I'd even though I lost my first feed file or it became corrupted or something 🤣 -- If that were the case, it would actually be possible to reconstruct the feed and verify every single Twt against the caches of all of you 🤣 2024-09-19T13:40:22Z (#xghlsva) What is being proposed as a counter to content-addressing is called location-addressing. Two very different approaches, both with pros/cons of course. But a local cannot be verified, the content cannot be be guaranteed to be authenticate in any way, you just have to implicitly trust that the location points to the right thing. 2024-09-19T13:41:17Z (#xghlsva) Location Addressing is fine in smaller or single systems. But when you're talking about large decentralised systems with no single point of control (_kind of the point_) things like independable variable integrity become quite important. 2024-09-19T13:45:29Z Can someone much smarter than me help me figure out a couple of newly discovered deadlocks in `yarnd` that I _think_ have always been there, but only recently uncovered by the Go 1.23 compiler.

https://git.mills.io/yarnsocial/yarn/issues/1175 2024-09-19T13:59:05Z (#hhaeutq) nevermind; I _think_ this might be some changes internally in Go 1.23 and a dependency I needed to update 🤞 2024-09-19T14:02:11Z Can I get someone like maybe @ or @ or even @ -- If you have some spare time -- to test this `yarnd` [PR](https://git.mills.io/yarnsocial/yarn/pulls/1176) that upgrades the Bitcask dependency for its internal database to v2? 🙏

**VERY IMPORTANT** If you do; **Please Please Please** backup your `yarn.db` database first! 😅 Heaven knows I don't want to be responsible for fucking up a production database here or there 🤣 2024-09-19T14:02:44Z (#76qy4ga) e.g: Shutdown `yarnd` and `cp -a yarn.db yarn.db.bak` before testing this PR/branch. 2024-09-19T14:40:28Z (#xghlsva) @ I think we can! 2024-09-20T02:30:40Z (#76qy4ga) @ Sweet thank you! 🙇‍♂️ I'll merge this PR tonight I think. 2024-09-20T02:39:42Z (#3vkiehq) Do you k ow what you clicked on before going back? 2024-09-20T02:42:55Z (#rqkdcfa) @ Sorry could you explain this sifferently? 2024-09-20T02:48:20Z (#fj7dppq) @ Pretry much 👌 2024-09-20T02:51:31Z (#7tz564q) @ I think the order of the lines in a feed don't matter as long as we can guarantee the order of Twts. Clients should already be ordering by Timestamp anyway. 2024-09-20T02:52:43Z (#y6idegq) @ This is why hashes provide that level of integrity. The hash can be verified in the cache or archive as belonging to said feed. 2024-09-20T02:55:58Z (#fj7dppq) The important bits missing from this summary (_devil is in the details_) are two requirements:

- Clients _should_ order Twts by their timestamp.
- Clients *must* validate all `edit` and `delete` requests that the hash being indicated belongs to and came from that feed.
- Client _should_ honour delete requests and delete Twts from their cache/archive. 2024-09-20T03:09:30Z (#ohltkwq) @ this approach also wouldn't work and when that Feed gets archived so you'll be forced to crawl archived feeds at that point. 2024-09-20T03:13:34Z (#rismpkq) @ No that's never a problem because we really only want to "navigate" the web anyway not form threads of xonversation 🤣 2024-09-20T03:16:32Z (#l5452vq) @ I don't think this is true. 2024-09-20T04:35:33Z (#3vkiehq) I'll try to reproduce locally later tonight 2024-09-20T08:52:51Z 👋 Reminder that next Saturday 28th September will be out monthly online meetup! Hope to see some/all of you there 👌 2024-09-20T13:18:24Z (#y6idegq) @ Is t it? You read each Twt and compute its hash. It's a simple O(1) lookup of the hash in that feed or your cache/archive right? 2024-09-20T13:19:11Z (#ce4g4qa) @ Precisely 👌 2024-09-20T13:46:47Z (#y6idegq) @ Am I missing something? 😅 2024-09-20T13:58:36Z (#ohltkwq) @ Hmmm not sure what I was thinking sorry 🤦‍♂️been a long day 😂 2024-09-20T14:12:18Z (#y6idegq) @ Ok 😅 2024-09-20T20:08:58Z (#2niz6hq) @ Very nice! 👍 2024-09-20T20:11:37Z (#zogbtrq) LOL 😂 This:

> anyone could claim that some feed contained a certain message which was then removed again by just creating the hash over the fake message in said feed and invented timestamp themselves

I'd like to see a step-by-step reproduction of this. I don't buy it 🤣

Admittedly `yarnd` had a few implementation security bugs, but I'm not sure this is actually possible, unless I'm missing something? 🤔 2024-09-20T20:14:10Z (#w6f7hpa) @ Do you have specifics about the GRPD law about this?

> Would the GDPR would apply to a one-person client like jenny? I seriously hope not. If someone asks me to delete an email they sent me, I don’t think I have to honour that request, no matter how European they are.

I'm not sure myself now. So let's find out whether parts of the GDPR actually apply to a truly decentralised system? 🤔 2024-09-20T20:15:03Z (#w6f7hpa) @ You make good points though, I made similar arguments about this too back in the day. Twtxt v2 / Yarn.social being at least ~4 years old now 😅 2024-09-20T20:17:24Z (#4so6mga) @ @ Contributions to [search.twtxt.net](https://search.twtxt.net), which runs `yarns` (_not to be confused with `yarnd`_) are always welcome 🤗 -- I don't have as much "spare time" as I used to due to the nature of my job (_Staff Engineer_); but I try to make improvements every now and again 💪 2024-09-20T20:19:50Z (#s4s2r2a) @ @ So a client that has the idea of a cache/archive wouldn't necessarily have to re-check that the Twt being marked as "edited" belongs to that feed or not, the client would already know that for sure. At least this is how `yarnd` works and I'm sure `jenny` can make similar assertions too. 2024-09-20T20:20:18Z (#s4s2r2a) But yes, at the end of the day if the edit request is invalid or cannot be verified, it should be ignored as treated as "malicious". 2024-09-20T20:22:51Z (#rqkdcfa) @ Walk me through this? 🤔 I get what you're saying, but I'm too stupid to be a "hacker" 🤣 2024-09-20T20:24:27Z (#ty5qzpa) @ Thank you! 🙏 2024-09-20T20:25:07Z (#fj7dppq) @ I think not.

> What about edits of edits? Do we want to “chain” edits or does the latest edit simply win?

This gets too complicated if we start to support this kind of nonsense 🤣 2024-09-20T20:26:29Z (#s2bqszq) @ I'm all for dropping `delete` btw, Or at least not making it mandatory, as-in "clients should" rather than "clients must". But yes I agree, let's explore all the possible ways this can be exploited (_if at all_). 2024-09-20T20:29:12Z (#y6idegq) @ Yes you do. You keep both versions in your cache. They have different hashes. So you have Twt A, a client indicates Twt B is an edit of A, your client has already seen A and cached and archived it, now your client fetches B which is indicated of editing A. You cache/archive B as well, but now indicate in your display that B replaces A (_maybe display, link both_) or just display B or whatever. But essentially you now have both, but an indicator of one being an edit of the other.

The right thing to do here of course is to keep A in the "thread" but display B. Why? So the thread/chain doesn't actually break or fork (_forking is a natural consequence of editing, or is it the other way around? 🤔_). 2024-09-20T20:30:57Z (#y6idegq) If OTOH your client doesn't store individual Twts in a cache/archive or some kind of database, then verification becomes quite hard and tedious. However I think of this as an implementation details. The spec should just call out that clients must validate/verify the edit request and the matching hash actually exists in that feed, not how the client should implement that. 2024-09-20T23:12:46Z (#y6idegq) @ This is true. But the client **MUST** supply the original too! Or this doesn't work 😢 2024-09-20T23:12:57Z (#y6idegq) i.e: there must be two versions of the Twt in the feed. 2024-09-20T23:49:05Z (#rqkdcfa) @ Hmmm I'm not sure sure I get what you're getting at here. In order for this to be true, `yarnd` would have to be maliciously fabricating a Twt with the Hash D. 2024-09-21T02:35:20Z And we're back. Sorry about that 😅 2024-09-21T02:37:38Z (#ezhsc5a) For those curious, the archive on this pod had reached around ~22GB in size. I had to suck it down to my more powerful Mac Studio to clean it up and remove a bunch of junk. Then copy all the data back. This is what my local network traffic looked like for the last few hours 😱 ![](https://twtxt.net/media/8YurREYerJm6cnzsJ2Thbh.png) 2024-09-21T02:38:54Z (#ezhsc5a) I've also put up this PR [Add compatible methods for Index to behave as the Archiver (transition) #1177
](https://git.mills.io/yarnsocial/yarn/pulls/1177) that will act as a transition from the old naive archiver to the new bluge-based search/index. I will switch my pod over to this soon to test it before anyone else does. 2024-09-21T02:39:24Z (#naue2rq) @ Haha 😛 Faster? Maybe 🤔 But yeah it's good to have backups! (_that work_) 2024-09-21T02:42:38Z (#ezhsc5a) Really though I only managed to save a few GB, but it's enough for now. ![](https://twtxt.net/media/na9fQGnTSXb2chVKrKDmAo.png) 2024-09-21T03:58:25Z (#p6pu5mq) Well that was bloody awful. This PR bokr my pod for some strange reason I can't figure out why or how 😱 The process just kept getting terminated from something, somewhere (_no panic_). weird. I've reverted this PR for now @ 2024-09-21T03:59:14Z (#rqkdcfa) @ Care to explain how this explicit/attack works for me? 🤣 2024-09-21T04:01:07Z (#266jaka) Yeah I'm curious to find out too beyond just "here say". But regardless of whether we should or shouldn't care about this or should or shouldn't comply. We should IMO. I'd have to build something that horrendously violates someone's rights in another country. 2024-09-21T04:02:32Z (#266jaka) This has specifically come up before in the form of "informal complaints" against `yarnd` because of the way it permanently stores and archives Twts, so even if you decide you changed your mind, or deleted that line out of your feed, if my pod or @ or @ or @ (_or any other handful of pods still around?_) saw the Twt, it'd be permanently archived. 2024-09-21T04:02:58Z (#266jaka) But this is no different to how `jenny` does things with storing every Twt in a Maildir I suppose? 🤔 2024-09-21T04:30:53Z (#rqkdcfa) @ Yes that's true they are only integrity checks. But beyond a malicious pod (ignore yarnd'a gossiping protocol for now) how does what @ presented work exactly? 😅 2024-09-21T06:39:35Z (#ube4gaq) @ What's going on? 2024-09-21T07:19:02Z (#pqst4ea) @ Cool cool 🙇‍♂️ 2024-09-21T07:46:11Z Bahahahaha very clever @ I look forward to reading your report ! 🤣 However...

```
$ yarnc debug https://twtxt.net/user/prologic/twtxt.txt | grep -E '^pqst4ea' | tee | wc -l
0
```

I very quickly proved that Twt was never from me 🤣 2024-09-21T11:46:00Z (#266jaka) @ Thanks for this! 🙏 2024-09-21T11:50:36Z (#br5oska) @ This is one of the reasons why `yarnd` has a couple of settings with some sensible/sane defaults:

> I could already imagine a couple of extreme cases where, somewhere, in this peaceful world one’s exercise of freedom of speech could get them in Real trouble (if not danger) if found out, it wouldn’t necessarily have to involve something to do with Law or legal authorities. So, If someone asks, and maybe fearing fearing for… let’s just say ‘Their well being’, would it heart if a pod just purged their content if it’s serving it publicly (maybe relay the info to other pods) and call it a day? It doesn’t have to be about some law/convention somewhere … 🤷 I know! Too extreme, but I’ve seen news of people who’d gone to jail or got their lives ruined for as little as a silly joke. And it doesn’t even have to be about any of this.

There are two settings:

```
$ ./yarnd --help 2>&1 | grep max-cache
 --max-cache-fetchers int set maximum numnber of fetchers to use for feed cache updates (default 10)
 -I, --max-cache-items int maximum cache items (per feed source) of cached twts in memory (default 150)
 -C, --max-cache-ttl duration maximum cache ttl (time-to-live) of cached twts in memory (default 336h0m0s)
```

So `yarnd` pods by default are designed to only keep Twts around publicly visible on either the anonymous Frontpage or Discover View or your Timeline or the feed's Timeline for up to 2 weeks with a maximum of 150 items, whichever get exceeded first. Any Twts over this are considered "old" and drop off the active cache.

It's a feature that my old man @ was very strongly in support of, as was I back in the day of `yarnd`'s design (_nothing particularly to do with Twtxt per se_) that I've to this day stuck by -- Even though there are _some_ 😉 that have different views on this 🤣 2024-09-21T12:28:20Z Ever wondered what it would cost to self-hosted vs. use the cloud? Well I often doubt myself every time I look at hardware prices, and I know I have to do some hardware refresh soon™ for the Mills DC (_something I don't have a regular plan or budget for_), here's a rough ball park:

The Mills DC has cost me around ~$15k to build and maintain over the last ~10 years or so. Roughly speaking. I've never actually taken a Bill of Materials or anything, but I could if anyone is interested in more specifics.

The equivalent of resources **if** run in the "Cloud" would cost around:

- ~$1,000 for virtual machines
- ~$12000 for storage

So around ~$2,000/month to run.

Keep this in mind anytime anyone ever tries to con you into believing "Cloud is cheaper". It's not. 2024-09-21T12:51:50Z (#v7hpcnq) @ Bahahahahaha 🤣 2024-09-21T12:52:09Z (#pqst4ea) @ Which reply was that? 🤔 2024-09-21T13:20:42Z (#crmwgxq) @ I just saw thes come through! 🙏 Thank you very much, I'll definitely have a read tomorrow! 👌 2024-09-21T13:22:15Z (#senmxza) @ Hmm what you replied to appears to be non-existent: https://twtxt.net/twt/pqst4ea 2024-09-21T13:22:43Z (#senmxza) Do you recall what it was? I blame my maintenance window 🪟 2024-09-21T14:06:43Z (#crmwgxq) I just read the primary spec I'm strongly in support of and it's pretty rock solid for me 👌 💯 2024-09-21T15:04:16Z (#s2dhlvq) @ One of the biggest reasons I don't like the `(replyto:…)` proposal (_location addressing vs. content addressing_) is that you just introduce a similar problem down the track, albeit rarer where if a feed changes its location, your thread's "identifiers" are no longer valid, unless those feed authors maintain strict URL redirects, etc. This potentially has the long-term effect of being rather fragile, as opposed to what we have now where an Edit just really causes a natural fork in the thread, which is how "forking" works in the first place.

I realise this is a bit pret here, and it probably doesn't matter a whole lot at our size. But I'm trying to think way ahead, to a point where Twtxt as a "thing" can continue to work and function decades from now, even with the extensions we've built. We've already proven for example that Twts and threads from ~4 years ago still work and are easily looked up haha 😝 2024-09-21T15:22:18Z (#s2dhlvq) @ Yeah I'll be honest here; I'm not going to be very happy if we go down this "location addressing" route;

- Twt Subjects lose their meaning.
- Twt Subjects cannot be verified without looking up the feed.
 - Which may or may not exist anymore or may change.
- Two persons cannot reply to a Twt independently of each other anymore.

_and probably some other properties we'd stand to lose that I'm forgetting about..._ 2024-09-21T15:35:32Z (#s2dhlvq) I just realized the other big property you lose is:

> What if someone completely changes the content of the root of the thread?

Does the Subject reference the feed and timestamp only or the intent too? 2024-09-21T15:42:26Z (#w6equxa) @ 🤣🤣🤣 2024-09-21T15:45:27Z (#s2dhlvq) @ That's kind a problem though right? 2024-09-21T23:26:41Z (#s2dhlvq) @ I think your scenario doesn't account for clients and their storage. The scenario described only really affects clients that come along later. Even then they would also be able to re-fetch mossing Twts from peers or even a search engine to fill in the gaps. 2024-09-21T23:27:32Z (#s2dhlvq) @ Lins of agree with dealing with this kind of social nonsense which we've all done in the past 🤣 2024-09-21T23:32:38Z (#senmxza) @ We digits it out 🤣 @ 's little hack was good but only temporary 🤣 2024-09-21T23:34:08Z (#q2lkg5a) @ Yes I have, however I'm not counting that because even using "Cloud" is not labor free. 2024-09-22T00:22:18Z I finally decided to do a few experiments with `yarnd` to see how many things would break and how many assumptions there are around the idea of "Content Addressing"; here's where I'm at so far:

- [What breaks](https://gist.mills.io/prologic/d237b22c379c4ae686174d27d8c3371c)

Basically I'm at a point where spending time on this is going to provide very little value, there are assumptions made in the lextwt parser, assumptions made in yarnd, assumptions in the way storage is done and the way threading works and things are looked up. There are far reaching implications to changing the way Twts are identified here to be "location addressed" that I'm quite worried about the amount of effort would be required to change `yarnd` here.

 ![](https://twtxt.net/media/oe8q9AvohseUrpa2nWRiJZ.png) 2024-09-22T01:05:40Z **My Position** on the last few weeks of Twtxt spec discussions:

- We increase the Hash length from `7` to `11`.
- We formalise the [Update Commands](https://git.mills.io/yarnsocial/yarn/pulls/1180) extension.
- We amend the [Twt Hash](https://dev.twtxt.net/doc/twthashextension.html) and [Metadata](https://dev.twtxt.net/doc/metadataextension.html) extension to state:

> Feed authors that wish to change the location of their feed (_once Twts have been published_) **must** append a new `# url = ` comment to their feed to indicate the new location and thus change the "Hashing URI" used for Twts from _that_ point onward.

This has implications of the "order" of a feed, and we should either do one of two things, either:

- Mandate that feeds are append-only.
- Or amend the [Metadata](https://dev.twtxt.net/doc/metadataextension.html) spec with a new field that denotes the order of the feed so clients can make sense of "inline" comments in the feed. -- This would also imply that the default order is (_of course_) append-only. Suggestion: `# direction = [append|prepend]` 2024-09-22T01:11:04Z 👋 Reminder folks of the upcoming Yarn.social monthly online meetup:

I hope to see @ @ @ @ @ and hopefully others too @ @ and anyone else that sees this! 🙏 We're _hopefully_ going to primarily discuss the future of Twtxt and the last few weeks of discussions 🤣

- **Event**: Yarn.social Online Meetup
- **When**: 28th September 2024 at 12:00pm UTC (midday)
- **Where**: [Mills Meet : Yarn.social](https://meet.mills.io/call/Yarn.social)
- **Cadence**: 4th Saturday of every Month

Agenda:

- Let's talk about the upcoming changes to the Twtxt spec(s)
 - See [#xgghhnq](https://twtxt.net/twt/xgghhnq)

#Yarn.social #Meetup 2024-09-22T01:15:04Z (#tbcptaa) @ 👌 2024-09-22T02:53:42Z (#gmxpeya) @ I like Nttfy 👌 I've wanted to replace my use of the Pushover service with this for a while now 🤔 2024-09-22T05:40:56Z (#4r22cna) @ Haha 😝 Nice one! And yes I'm also aware of some collisions too! 2024-09-22T06:26:51Z LOl 😂 Not only have a tried to write up a full [Twtxt v2](https://docs.mills.io/uJXuisaYTRWYDrl8A2jADg?view) specification, I've also written a Bash shell script that implements the new spec 😅 2024-09-22T06:38:08Z (#v7hpcnq) @ No that is absolutely correct. Without cryptographic identities and signatures there is no way to verify authenticity. That is correct. And I don't think we need to necessarily. What I was just showing and proving was that I didn't write that spoofed Twt in the first place, which was only provable at the time of @ short-lived attack 🤣 He essentially forked `yarnd`, hosted it temporarily (_I think locally_) and used it to poison the caches of a few production pods.

Thankfully the gossip protocol used by `yarnd` as part of its "peering" between pods isn't fully trusted, twts are not archived for example into permanent storage. So the moment my pod re-fetched my own feed, the spoofed Twt was obliterated 😅

Eventual consistency 🤣 2024-09-22T07:26:37Z Okay folks, I've spent all day on this today, and I _think_ its in "good enough"™ shape to share:

**Twtxt v2**:

- Specification: https://docs.mills.io/uJXuisaYTRWYDrl8A2jADg?both
- implementation: https://gist.mills.io/prologic/afdec15443da4d7aa898f383f171ec1b

 ![](https://twtxt.net/media/Wb9MtAiQyEkzNQB5dyVvUR.png) 2024-09-22T07:52:37Z (#zqpkfla) Example:


```
$ ./twtxt-v2.sh reply 242561ce02d "Cool! 👌"
Posted twt with hash: b2c938f9838
...
$ ./twtxt-v2.sh timeline
...
prologic@twtxt.net [2024-09-22T07:26:37Z] <242561ce02d> Okay folks, I've spent all day on this today, and I _think_ its in "good enough"™ shape to share:

**Twtxt v2**:

- Specification: https://docs.mills.io/uJXuisaYTRWYDrl8A2jADg?both
- implementation: https://gist.mills.io/prologic/afdec15443da4d7aa898f383f171ec1b

 ![](https://twtxt.net/media/Wb9MtAiQyEkzNQB5dyVvUR.png)
prologic@localhost [2024-09-22T07:51:16Z] Cool! 👌 (reply-to:242561ce02d)
```

 ![](https://twtxt.net/media/3Bj4s25PTZuWCze3JYDbE7.png) 2024-09-22T07:53:38Z (#zqpkfla) It's even sorta/somewhat compatible with our existing feeds (_kind of_) 🤣 -- Bit too stupid to figure out how to write enough correct Bash to make threads display inline nicely in an indented/tree-like fashion, but oh well 😅 2024-09-22T08:10:55Z (#tbcptaa) @ Yeah I think what I'm proposing [here](https://twtxt.net/twt/xgghhnq) is a more pragmatic approach to improvements that will last much longer than our first interaction (~4 years and going strong, but running into minor issues with edit/identify and some collssions_). This scope of changes is much easier to implement for `yarnd` and I suspect `jenny` too. and as indicated in [here](https://twtxt.net/conv/zqpkfla) quite easy to have a reference implementation written in Bash with standard UNIX tools. 2024-09-22T08:18:12Z (#senmxza) @ Yup, this is why you started seeing if you could improve the "trust" of peers right? 😅 2024-09-22T08:50:30Z So I'm a location based system, how exactly do I reply to one of these two Twts from @ ? 🤔

```
2024-09-07T12:55:56Z 🥳 NEW FEED: @
2024-09-07T12:55:56Z 🥳 NEW FEED: @
``` 2024-09-22T09:18:27Z (#tbcptaa) @ Makes sense 👌 I think it's fair to implement any spec changes incrementaly for sure 👌

And yea since yarnd has a store it's a bit easier to support edit / delete actions 😅 2024-09-22T09:19:55Z (#luu7z7q) @ That's what I was afraid of 🤣 2024-09-22T09:21:56Z (#5sdepuq) This is still a draft! Feel free to edit it 👌 2024-09-22T09:35:40Z (#5sdepuq) @ I'm a bit indifferent whether it's at the beginning or end tbh. 2024-09-22T10:13:27Z Let's try this pill for Twtxt v2 (no account required)

http://polljunkie.com/poll/xdgjib/twtxt-v2 2024-09-22T10:19:34Z (#5sdepuq) @ Agreed 2024-09-22T10:20:41Z (#5sdepuq) @ Yes let's make UTF-8 mandatory 👌 2024-09-22T11:54:15Z (#lofbpna) @ Hello! 👋 2024-09-22T12:33:06Z (#senmxza) @ Nice ! 🙏 2024-09-23T00:45:39Z (#w6f7hpa) @ Goos to know! 👌 So as long as we remain decentralized and non-commercial (I assume non/profit works too?) we're good? 2024-09-23T00:55:05Z (#3giwp7a) @ Hmmm not sure sorry 🤔 2024-09-23T00:56:34Z (#zqpkfla) @ No worries! Fell few to contribute to the doc directly I'd you wish 👌 2024-09-23T03:57:12Z Another interesting side effect of changing from content-based addressing to location-based addressing is that switching from 7-byte keys to 2025-character keys for 3.5 million entries would expand the database size from 24.5 MB to about 7.09 GB—an increase of roughly 7.06 GB! 2024-09-23T03:59:21Z (#v6fu7bq) @ I can't see myself personally, increasing the infrastructure and costs to run this pod to support this as we switch over potentially and as things continue to grow in scale. You would never get your infinite search and infinite timeline features that you've always wanted for example and I would have to drastically reduce what is visible or even searchable at any given point in time to much less than what it is today. 2024-09-23T04:05:02Z One of the reasons we wanted to originally use Contant based addressing and short hashes as our threading model was to keep individual Twts short so that they were still readable if you viewed the manually by hand.

With the proposal to switch to location based addressing using a pointer to a feed and a timestamp in that feed you're looking at roughly 2025 characters long because both the HTTP and HTML and even URI specifications do not specify maximum length for URI(s) AFAIK only recommendations. 2024-09-23T04:10:13Z (#rnf234a) So for example, if we would use @ 's feed as an example thread ID here, his feed with a particular timestamp, were already looking at a subject length of 59 bytes +/- a couple of bytes to denote the subject in the Twt itself/ 2024-09-23T04:10:54Z (#rnf234a) Let's say the overhead is always three bytes two parentheses under space. 2024-09-23T04:12:19Z (#rnf234a) With the original specification of 140 character Twt length recommendation. There's only leaves you with about 78 characters worth of anything remotely useful to say in response. 2024-09-23T04:12:59Z (#rnf234a) Thank goodness we relaxed that limit and I've stopped being so Puritan about it but my overall point is we would be significantly increasing the human size as well as the machine size of the identity of threads as well as twts 2024-09-23T04:57:38Z So I whipped up a quick shell [script](https://gist.mills.io/prologic/b3d93498a2604064a9864feac8eebaa5) to demonstrate what I mean by the increase in feed size on average as well as the expected increase in storage and retrieval requirements.

```
$ ./compare.sh
Original file size: 28145 bytes
Modified file size: 70672 bytes
Percentage increase in file size: 151.10%
...
```

 ![](https://twtxt.net/media/jLRStQyH2HkbHsowygF9C6.png) 2024-09-23T06:16:06Z (#luu7z7q) @ 🤣🤣🤣 2024-09-23T06:16:41Z (#hkwmcfq) @ correct 2024-09-23T06:23:40Z Reminder to take the Twtxt (_anonymous_) Poll: http://polljunkie.com/poll/xdgjib/twtxt-v2

Apologies, I can't edit the poll once it's live, so the suggestion on feedback for supporting Markdown will have to be discussed at another time. 2024-09-23T06:30:53Z (#22263za) Comparing a few feeds:

- @ would see an increase of ~20%
- @ would see an increase of ~8%
- @ would see an increase of ~20%
- @ would see an increase of ~15%
- @ would see an increase of ~13%
- @ would see an increase of ~8%
- @ would see an increase of ~9%

Just from a scalability standpoint along I'm not seeing a switch to location-based Twt ids to support threading a good idea here. This is what I meant when I said to @ in a recent call that we open up a new can of worms (_or new set of problems_) by drastically changing the approach, rather than incrementally improving the existing approach we have today (_which has served us well for the past 4 years already_0. 2024-09-23T06:46:26Z Just out of curiosity, I inspected the yarns database (_the search engine//cralwer_) to find the average length of a Twtxt URI:

```
$ inspect-db yarns.db | jq -r '.Value.URL' | awk '{ total += length; count++ } END { if (count > 0) print total / count }'
40.3387
```

Given an RFC3339 UTC timestamp has a length of 20 characters with seconds precision. We're talking about Twt Subject taking up ~63 characters/bytes on average. 2024-09-23T07:58:17Z (#v6fu7bq) So just to be clear, it's not as bad as the OP in this thread, this is just a worst case scenario. With some additional analysis I did today, its closer to around ~5x the memory requirements of my pod, which would roughly go from ~22MB to ~120MB or so, probably a bit more in practise. But this is still a significant increase in memory. The on-disk requirements would also increase by around ~5x as well on average going from ~12GB to about ~60GB at current archive size. 2024-09-23T10:43:00Z (#jgewp6a) @ That's what I want to know 🤣 2024-09-23T10:45:58Z (#f3rakfq) @ No I don't either just say'n 😅 2024-09-23T10:49:44Z (#nxsrmua) @ My proposal is three steps:

- increase the hash length from 7 to 11

Then:

- Add support for changing your feed's location without breaking g threads

Then much later:

- Add formal support for edits 2024-09-23T10:50:52Z (#kp45cma) @ Not sure I'll check 2024-09-23T10:51:42Z (#l3ifp4a) @ Mind sharing your schema? 2024-09-23T10:57:13Z (#rnf234a) @ Tbis was just a representative sample. The real concrete cost here is a ~5x increase in memory consumption for `yarnd` and/or ~5x increase in disk storage. 2024-09-23T11:00:52Z (#xgz5bga) Can someone make the edit? 2024-09-23T11:04:33Z (#t3t6uiq) In fact @ you had quite a lot of good feedback, do you mind collecting them in a task list on the doc somewhere so I can get to em? 🤔 2024-09-23T11:10:21Z (#rnf234a) In fact it depends on how many Twts there are that form part of a thread, if you take a much larger sample size of my own feed for example, it starts to approximate ~1.5x increase in size:

```
$ ./compare.sh https://twtxt.net/user/prologic/twtxt.txt 500
Original file size: 126842 bytes
Modified file size: 317029 bytes
Percentage increase in file size: 149.94%
...
``` 2024-09-23T11:18:58Z (#l3ifp4a) @ And your query to construct a tree? Can you share the full query (_screenshot looks scary 🤣_) -- On another note, SQL and relational databases aren't really that conduces to tree-like structures are they? 🤣 2024-09-23T11:20:27Z Don't forget about the upcoming Yarn.social meetup coming up this Saturday! See [#jjbnvgq](https://twtxt.net/twt/jjbnvgq) for details! Hope to see some/all of y'all there 💪 2024-09-23T11:49:56Z (#nxsrmua) @ Yes I think so. 2024-09-23T12:26:01Z (#v6fu7bq) @ Maybe I misspoke. It's a factor of 5 in the size of the keyspace required. The impact is significantly less for on-disk storage of raw feeds and such, around ~1-1.5x depending on how many replies there are I suppose.

I wasn't very clear; my apologies. If we update the current hash truncation length from 7 to 11. But then still decide anyway to go down this location-based twt identity and threading model then yes, we're talking about twt subjects having a ~5x increase in size on average. Going from 14 characters (11 for the has, 2 for the parens, 1 for the #) to ~63 bytes (average I've worked out of length of URL + Timestamp) + 3 byte overhead for parents and space. 2024-09-23T12:26:33Z (#v6fu7bq) My point is, this is not a small trade-off to make for the sake of simplicity 😅 2024-09-23T13:00:09Z (#l3ifp4a) @ Yeah I _think_ it's one of the reasons why `yarnd`'s cache became so complicated really. I mean it's a bunch of maps and lists that is recalculated every ~5m. I don't know of any better way to do this right now, but maybe one day I'll figure out a better way to represent the same information that is displayed today that works reasonably well. 2024-09-23T13:03:00Z A new thing LLM(s) can't do well. Write patches 🤣 2024-09-23T13:41:11Z (#wi5goca) @ LOl 😂 2024-09-23T15:11:25Z (#7hyulza) @ How violent is the thunderstorm? 🤔 2024-09-23T15:38:17Z (#oub57wa) @ Sad to see you go, disappointed in your choice of X, but respect your decision and choice. I will never cave in myself, even if it means my "circle of friends" remains low. I guess we call 'em internet friends right? 😅 2024-09-24T12:01:26Z (#fbmmama) @ Welcome back 😅 2024-09-24T12:34:31Z (#knryyga) @ Points 2 & 3 aren't really applicable here in the discussion of the threading model really I'm afraid. WebMentions is completely orthogonal to the discussion. Further, no-one that uses Twtxt really uses WebMentions, whilst `yarnd` supports the use of WebMentions, it's very rarely used in practise (_if ever_) -- In fact I should just drop the feature entirely.

The use of WebSub OTOH is **far more** useful and is used by every single `yarnd` pod everywhere (_no that there's that many around these days_) to subscribe to feed updates in ~near real-time _without_ having the poll constantly. 2024-09-24T12:39:32Z (#knryyga) So really your argument is just that switching to a location-based addressing "just makes sense". Why? Without concrete pros/cons of each approach this isn't really a strong argument I'm afraid. In fact I probably need to just sit down and detail the properties of both approaches and the pros/cons of both.

I also don't really buy the argument of simplicity either personally, because I don't technically see it much more difficult to take a `echo -e "\t\t" | sha256sum | base64` as the Twt Subject or concatenating the ` ` -- The "effort" is the same. If we're going to argue that SHA256 or cryptographic hashes are "too complicated" then I'm not really sure how to support that argument. 2024-09-24T12:40:33Z (#knryyga) Location-based addressing is vulnerable to the content changing. If the content changes the "location" is no longer valid. This is a problem if you build systems that rely on this. 2024-09-24T12:42:38Z (#knryyga) With Location-based addressing there is no way to verify that a single Twt _actaully_ came from that feed without actually fetching the feed and checking. That has the effect of always having to rely on fetching the feed and storing a copy of feeds you fetch (_which is okay_), but you're force to do this. You cannot really share individual Twts anymore really like `yarnd` does (_as peering_) because there is no "integrity" to the Twt identified by it's ` `. The identify is meaningless and is only valid as long as you can trust the location and that the location at that point hasn't changed its content. 2024-09-24T12:44:35Z (#knryyga) There is also a ~5x increase cost in memory utilization for any implementations or implementors that use or wish to use in-memory storage (`yarnd` does for example) and equally a 5x increase in on-disk storage as well. This is based on the Twt Hash going from a 13 bytes (content-addressing) to 63 bytes (on average for location-based addressing). There is roughly a ~20-150% increase in the size of individual feeds as well that needs to be taken into consideration (_on the average case_). 2024-09-24T12:45:54Z (#knryyga) And finally the legibility of feeds when viewing them in their raw form are worsened as you go from a Twt Subject of `(#abcdefg12345)` to something like `(https://twtxt.net/user/prologic/twtxt.txt 2024-09-22T07:51:16Z)`. 2024-09-24T12:53:35Z (#knryyga) ![](https://twtxt.net/media/AzUmzTN5YEJdt4VPeeprjB.png) 2024-09-24T12:55:00Z (#j63urka) @ I don't even advocate for reading Twtxt in its raw form in the first place, which is why I'm in favor of continuing to use content-based addressing (hashes) and incremental improve what we already have. IMO the only reason to read a Twtxt file in it's raw form is a) if you're a developer b) new feed author or c) debugging a client issue. 2024-09-24T12:59:36Z 👋 Don't forget to take the [Twtxt v2](http://polljunkie.com/poll/xdgjib/twtxt-v2) poll 🙏 if you haven't done so already (_sorry about the confusing question at the end!_) 2024-09-24T13:00:22Z Don't forget about the upcoming Yarn.social online meetup coming up this Saturday! 😅 See [#jjbnvgq](https://twtxt.net/twt/jjbnvgq) for details! -- Hope to see y'all there 💪 2024-09-24T13:44:14Z (#cu5bdda) @ Like maybe you need to check something, debug a client, or whatever 😅 2024-09-24T14:05:22Z (#t7tf4ia) @ So I obviously happen to agree with you as well. However in so saying, one of my goals was also to bring the simplicity of Twtxt to the Web and for the general "lay person" (_of sorts_). So I eventually found myself building `yarnd`. Has it been successful, well sort of, somewhat (_but that doesn't matter, I like that it's small and niche anyway_).

I agree that the goal of simplicity is a good goal to strive for, which is why I'm actually suggesting we change the Twt identifiers to be a simple SHA256 hash, something that everyone understand and has readily available tools for. I really don't think we should be doing any of this by hand to be honest. But part of the beauty of Twt Subject and Twt Hash(es) in the first place is replying by hand is **much much easier** because you only have a short 7 or 11 character thing to copy/paste in your reply. Switching to something like ` ` with a space in it is going to become a lot harder to copy/paste, because you can't "double click" (_or is it triple click for some?_) to copy/paste to your clipboard/buffer now 🤣

Anyway I digress... On the whole edit thing, I'm actually find if we don't support it at all and don't build a protocol around that. I have zero issues with dropping that as an idea. Why? Because I actually think that clients should be auto-detecting edits anyway. They already can, I've PoC'd this myself, I _think_ it can be done. I haven't (yet), and one of the reasons I've not spent much effort in it is it isn't something that comes up frequently anyway.

Who cares if a thread breaks every now 'n again anyway? 2024-09-24T14:08:16Z (#hkorztq) @ I don't think there's any misunderstand at all. I just treat every lines in a feed as an individual entity. These are stored on their own. 2024-09-24T14:08:36Z (#hkorztq) Also you're right I guess. But still that also requires the author not to change the timestamp too. Hmmm 2024-09-24T14:13:08Z (#hkorztq) Also I'm not even sure I can validly cache, let alone index feeds anymore if we do this, because if the structure of a Twt is cuh that I can no longer trust that an individual Twt's content hasn't been changed at the source, what's the point of caching or indexing individual twts at all? This makes the implementations of `yarnd` and `yarns` (_the search engine, crawlers and indexer_) kind of hard to reason about. 2024-09-24T14:13:56Z (#hkorztq) Unless I"m missing something here 🤔 But a ` ` does not for me identify an individual Twt, it only identifies its location, which may or may not have changed since I last saw a version of it hmmm 🧐 2024-09-24T14:19:19Z (#hkorztq) I think that's one of the worst aspects of the proposed idea of location-based addressing or identity. The fact that Alice reads Twt A and Bob reads Twt A at the same location, but Alice and Bob _could_ have in fact read very different content entirely. It is no longer possible to have consistency in a decentralised way that works properly.

One could argue this is fine, because we're so small and nothing matters, but it's a properly I rely on fairly heavily in `yarnd`, a properly that if lost would have significant impact on how `yarnd` works I think. 🤔 2024-09-24T14:57:54Z Starting a couple of new projects (_geez where do I find the time?!_):

**HomeTunnel:**
> HomeTunnel is a self-hosted solution that combines secure tunneling, proxying, and automation to create your own private cloud. Utilizing Wireguard for VPN, Caddy for reverse proxying, and Traefik for service routing, HomeTunnel allows you to securely expose your home network services (such as Gitea, Poste.io, etc.) to the Internet. With seamless automation and on-demand TLS, HomeTunnel gives you the power to manage your own cloud-like environment with the control and privacy of self-hosting.

**CraneOps:**
> craneops is an open-source operator framework, written in Go, that allows self-hosters to automate the deployment and management of infrastructure and applications. Inspired by Kubernetes operators, CraneOps uses declarative YAML Custom Resource Definitions (CRDs) to manage Docker Swarm deployments on Proxmox VE clusters. 2024-09-24T15:02:22Z Hmm this question has a leading "Yes" in favor of so far with 13 votes:

> Should we formally support edit and deletion requests?


Thanks y'all for voting (_it's all anonymous so I have no idea who's voted for what!_)

If you haven't already had your say, please do so here: http://polljunkie.com/poll/xdgjib/twtxt-v2 -- This is my feeble attempt at trying to ascertain the voice of the greater community with ideas of a Twtxt v2 specification (_which I'm hoping will just be an improved specification of what we largely have already built to date with some small but important improvements 🤞_) 2024-09-24T15:21:44Z (#l3ifp4a) @ Congrats 🙌 2024-09-24T15:22:10Z (#titwila) @ Now increase the indexes on the Twt Subject form 7 bytes to 64 bytes 😈 2024-09-24T16:50:39Z (#7m4i2tq) @ Haha 😝 2024-09-25T01:13:45Z (#a73p7ma) @ CPU cost of calculating hashes are negligible 2024-09-25T02:31:33Z (#rksyfja) @ This is an argument for better clients really and less worry about the "transport" -- the raw Twtxt feed file. 2024-09-25T05:25:47Z (#rksyfja) @ i'm just saying that your argument, better support better clients and worrying less about the actual underlying raw Twtxt feed. so the simplicity argument is a bit weaker here. 2024-09-25T07:39:34Z (#q3ahzlq) @ Thank you I'll have a read 👌 2024-09-26T01:48:55Z Last day to have your say before our monthly online meetup 👋

http://polljunkie.com/poll/xdgjib/twtxt-v2 2024-09-26T02:11:31Z Don't forget about the upcoming Yarn.social monthly online meetup. See #jjbnvgq for details. 2024-09-26T02:24:13Z > "Everything should be made as simple as possible, but not simpler."
– *Albert Einstein* 

> The beauty of simplicity lies in not losing the essence.

#simplicity #Einstein #wisdom 2024-09-26T02:25:29Z (#f4z44fq) @ ha ha yes ideally one day I would love it if Twt hashes referenced at least any yarnd clients were automatically linked. 🤣 2024-09-26T02:26:01Z (#f4z44fq) Also, I'm not editing the original post. 😅 2024-09-26T02:29:17Z > “For every complex problem, there is a solution that is clear, simple, and wrong.”

-- H.L. Mencken 2024-09-26T12:31:10Z (#zct4dhq) @ Staying private until I've matured them a bit more 😅 2024-09-26T12:53:19Z (#zct4dhq) @ Yup! 🤞 2024-09-26T13:20:55Z (#iwpid4q) @ SQLite 2024-09-26T13:22:31Z (#iwpid4q) No reason I haven't switched. I trust Gitea (for now). 2024-09-27T01:53:25Z Last chance to have your say before tomorrow's meetup:

http://polljunkie.com/poll/xdgjib/twtxt-v2 2024-09-27T01:56:43Z (#bqor23a) (#bqor23a) @ 
@ We probably won’t in fairness. i only called it out because discovery is made much harder with Gopher and Gemini. Caching is also impossible too. 2024-09-27T01:55:27Z (#7kvnpaq) @ We probably won't in fairness. I only called it out because discovery is made much harder with Gopher and Gemini. Caching is also impossible too. 2024-09-27T01:58:32Z (#5lcyq4q) @ Context? 2024-09-27T02:00:53Z (#bqor23a) @ Probably not. 2024-09-27T02:01:27Z (#bqor23a) @ What was this in reply to? 🤔 2024-09-27T02:03:48Z (#bqor23a) Hmmm https://twtxt.net/twt/bqor23a => 404 Not Found 🤣 2024-09-27T02:08:53Z @ Re that broken thread `(#bqor23a)`. Its the same one. My pod doesn't have the Root Twt: https://twtxt.net/twt/bqor23a => 404 Not Found.

How in the hell did you even reply to this in the first place? 2024-09-27T02:09:25Z (#63iv33a) Search engine doesn't know about it either: https://search.twtxt.net/twt/bqor23a 2024-09-27T02:12:32Z (#63iv33a) @ Hmm I _think_ I know why...

```
2024-09-27T01:28:53+00:00 (#bqor23a) @ Wait, what!? We're dropping Gemini support!?
```

From @'s feed. I think @ doesn't do threading properly, I've run into this once before. I'm not sure what client they use? 🤔 2024-09-27T02:14:44Z (#63iv33a) Yup confirmed!

```
# url = //sunshinegardens.org/~xjix/twtxt/tw.txt
# url = https://sunshinegardens.org/~xjix/twtxt/tw.txt
# url = gemini://sunshinegardens.org/~xjix/twtxt/tw.txt
```

@ has changed the `url` of their feed (_yet again_) and changed every hash in their feed.

@ is right to call this out. We should drop the reliance on the `# url` metadata field and in fact we should probably just drop this entirely from the spec and go with `# uuid` as the basis of a feed's identity.

Even though this happens very rarely (_feeds moving to new locations_) it more frequently happens with folks that try to serve their feed from Gopher, HTTP and Gemini. 2024-09-27T02:19:26Z (#63iv33a) This is confirmed to be the case:

```
$ for url in gemini://sunshinegardens.org/~xjix/twtxt/tw.txt https://sunshinegardens.org/~xjix/twtxt/tw.txt //sunshinegardens.org/~xjix/twtxt/tw.txt; do yarnc hash -t '2024-09-26T11:09:28-07:00' -u "$url" "if twtxt 2 is dropping gemini support, i will probably move on and spend more time on my gemini social zine protocol instead. i think the direction of the protocol is probably fine, but for me web is a tier 2 publishing channel. if the choice is between gemini and http i'm always going to pick gemini. its been a fun ride, but i guess this is where i get off."; done
fk2af7q
7kvnpaq
bqor23a
``` 2024-09-27T02:20:26Z (#l6lnjoq) @ To be fair, this has never been a problem for folks that have/use stable Feed URI(s) 🤣 2024-09-27T02:24:28Z (#7tusklq) @ Well this is the thing really. Gopher and Gemini are very broken ways to distributed content. Broken in the sense that for Twtxt either support a) caching in any way shape or form b) discovery in any way shape or form.

This is a bit of a problem because if a Feed author complains (_nad they have in the past_) that their Gopher/Gemini feeds are being hit "too hard", well that's really kind of on them for choosing to host their feed on an ill advised protocol thatc cannot possibly support Caching at all.

This is primarily one of the reasons we introduced the idea of a "feed advised refresh interval" that clients **SHOULD** respect.

See: https://dev.twtxt.net/doc/metadataextension.html#refresh

> **refresh**
> This optional field is used by feed authors as a hint to clients to control how often they should fetch or update this feed.
> 
> The value of this field is seconds represented by an integer.
> 
> **NOTE:** An empty, bad, or unparsable value is ignored. 2024-09-27T02:25:12Z (#7tusklq) Note however this doesn't solve the problem of Caching at all. It just works around it and with enough clients fetching a Gopher/Gemini feed, this `# refresh` becomes useless anyway at a certain point of scale. 2024-09-27T02:36:45Z Gemini/Gopher Twtxt feeds account for less than 1% in existence:

```
$ total=$(inspect-db yarns.db | jq -r '.Value.URL' | awk -F'//' '{if ($1 ~ /^https?/) print "http/https:"; else print $1}' | sort | uniq -c | awk '{sum+=$1} END {print sum}'); inspect-db yarns.db | jq -r '.Value.URL' | awk -F'//' '{if ($1 ~ /^https?/) print "http/https:"; else print $1}' | sort | uniq -c | awk -v total="$total" '{printf "%d %s %.2f%%\n", $1, $2, ($1/total)*100}' | sort -r
7 gemini: 0.66%
4 gopher: 0.38%
1046 http/https: 98.96%
``` 2024-09-27T02:51:05Z I _think_ there's a bug in `yarnd` hwoever:

```
$ yarnc debug https://sunshinegardens.org/~xjix/twtxt/tw.txt
...
bqor23a 2024-09-26T11:09:28-07:00 if twtxt 2 is dropping gemini support, i will probably move on and spend more time on my gemini social zine protocol instead. i think the direction of the protocol is probably fine, but for me web is a tier 2 publishing channel. if the choice is between gemini and http i'm always going to pick gemini. its been a fun ride, but i guess this is where i get off.
```

The `yarnc` CLI tool and the [lextwt](https://pkg.go.dev/go.yarn.social/lextwt) parser we use in `yarnd` _correctly_ parses the feed and sets the `Twter.HashingURI` to the latest `# url =` found in the feed. However my pod hasn't picked this up 😢 I follow @ as `https://sunshinegardens.org/~xjix/twtxt/tw.txt` 2024-09-27T02:52:44Z (#r7lpu7a) @ Well as you've pointed out in the past, both protocol suffer from Discovery (_as I've stated as well_) and more often than not, users that publish Twtxt feeds over these protocols tend to just "point into the void" and it's next to impossible to have _any_ kind of "social interaction" (_ignoring personal choices of course, if one's feed is intended for 1-way ..._) 2024-09-27T03:28:27Z (#t2quema) cc @ 2024-09-27T03:45:11Z (#wvucpqa) @ GTFO 🤣 2024-09-27T05:23:54Z Sharing the comments of the poll (_anonymous so I have no idea whom the comments are from_):

> your poll should include questions about markdown. personally i think inline bits like style, links, images are yes. block quotes, code blocks, bullet lists are mid. but tables and footnotes are no.

Yes sorry about this, I wasn't able to change much after publishing the poll 😅 2024-09-27T05:24:32Z (#4ixesla) > I don't know what all the facets mean. E.g. what's the difference between "Integrity" and "Authenticity"?

Yes, I totally get where you're coming from. However after ~22 results, I _think_ y'all have figured out how to rank them appropriately anyway 🤣 2024-09-27T05:24:54Z (#4ixesla) > Not sure what to think about the stack ranking question. I care that it’s a simple text file i can just stick on my server. Security, identity, &c come out of how I manage the server.

See previous. 2024-09-27T05:25:10Z (#4ixesla) > Many of the faces go hand in hand or depend on the selected protocol a feed is published with or client features. I'm pretty sure people interpret different things into these terms.

See previous. Sorry 😞 2024-09-27T05:25:30Z (#4ixesla) > Thank you for all the hard work put into the project.

Thank you to whomever said this! 🙇‍♂️ 2024-09-27T05:25:47Z (#4ixesla) > you've ruined twtxt

Not sure what to say here. 🤔 2024-09-27T05:46:37Z Something @ said on ITC

> 17:42 I should also note in there that it doesn’t address the two things i really want it to: mandate utf-8 (which should be easy to fit in) and something for better @ mentions.

I actually agree with in both counts and it got me thinking... 2024-09-27T05:49:57Z (#itorquq) We:

- Drop `# url=` from the spec.
- We don't adopt `# uuid = ` -- Something @ also mentioned (_see below_)

We instead use the `@nick@domain` to identify your feed in the first place and use that as the identify when calculating Twt hashes ` + + `. Now in an ideal world I also agree, use WebFinger for this and expect that for the most part you'll be doing a WebFinger lookup of `@user@domain` to fetch someone's feed in the first place.

The only problem with WebFinger is should this be mandated or a recommendation? 2024-09-27T06:09:39Z (#vrhhpwa) @ I have no idea to be honest 🤣 I'm actually not really sure how you can ruin something be improving it 🤦‍♂️ 2024-09-27T07:12:25Z (#ecbxzkq) @ Like now? 2024-09-27T07:16:00Z (#bxkm57a) @ I couldn't find any references to this anywhere either. 2024-09-27T07:39:37Z (#fhze2uq) @ Yeah just move your feet. It's totally fine. Don't worry about it. 2024-09-27T07:43:03Z (#lcjcuoq) @ I don't think it does. I think it's completely different to what you're thinking. 2024-09-27T08:39:34Z (#ic5wyvq) @ Fot a sample access log? Which tool are you using? 2024-09-27T09:33:30Z (#mxbbcxq) @ Do you have a sample Caddy log file you can supply? I'll see if we can improve the tool 👌 2024-09-27T10:10:30Z (#pdpuf3a) @ My Salty public key is:

`kex1fhxntuc0av7q48hlfj970ve297dzzghn82wp5cahr9r92y8rlrqqtwp983` 2024-09-27T10:25:20Z (#r7lpu7a) @ It sadly does not it seems. 🤣 Seems like the search engine has come across mentions of your feed via its other two protocols 🤣

```
$ inspect-db yarns.db | jq -r '.Value.URL' | grep 'aelaraji.com'
https://aelaraji.com/test_feed.txt
https://aelaraji.com/twtxt.txt
``` 2024-09-27T10:26:05Z (#a2tmp6a) @ Ooops you _might_ want to re-send that to `james` instead 🤣 2024-09-27T10:27:51Z (#a2tmp6a) Anyway I've setup an alias now 🤣 2024-09-27T10:50:52Z (#d55m4za) @ LOL 😂 Here's one for you:

> You can take IRC out of my cold 🥶 dead 😵 hands 🙌 2024-09-27T10:51:30Z (#33qz3ba) @ Are you sure? Not seen the mail yet... 2024-09-27T10:57:41Z (#vrhhpwa) @ Oh so what you're saying is "we" (royal we) ruined Twtxt 🤣 2024-09-27T11:55:07Z (#i4saivq) @ I don't think I intend to either tbh for `yarnd`. If there was any poorly worded "things", it was just merely pointing out lacking capabilities for caching and discovery. 2024-09-27T11:55:43Z (#5keex5a) @ Still haven't received it. Did you send to `james at mills dot io`? 🤔 2024-09-27T11:57:44Z (#i4saivq) Like really tbh, it's just a matter of abstracting out the "fetching" part of your client. There are _zero_ issues with fetching Gopher/Gemini hosted feeds. They just lack any mechanisms for Discovery and Caching. 2024-09-27T12:42:46Z (#2zo376q) @ Who's Matt Mullenweg? 🤔 2024-09-27T12:45:08Z (#2zo376q) Okay, co-founder of Wordpress and CEO of Automation.

What has the poor guy done? 🤣 2024-09-27T12:45:28Z (#2zo376q) @ Yes but you've got me curious now 😅 2024-09-27T22:53:15Z (#i4saivq) @ Zero _technical_ issues 🤣 I never claims otherwise 😅 2024-09-27T23:00:25Z (#tukxcsq) Well the poll clearly shows:

- ~65/35 in favor of Content Addressing
- ~60/40 in favor of supporting Edit/Delete
- ~70/30 against more cryptograph

And an NPS score of 7/10 🤣 2024-09-27T23:02:31Z (#ecbxzkq) @ Yup you're right, it's s terrible idea 💡 2024-09-27T23:03:20Z (#ecbxzkq) Probably the best idea I've heard/seen si far is @'s idea of a feed having a uuid `# uuid =` (_if present_) otherwise just falling back to the URL you fetched it from and dropping the idea of a feed `# url = ` entirely. 2024-09-27T23:05:09Z (#tukxcsq) @ Do you think we should just detect edits at the client-level then? 🤔 2024-09-27T23:06:18Z (#jjbnvgq) @ It's from 12pm to 4pm UTC so if you can make it at all, that'd be great 👍 2024-09-27T23:17:16Z (#jzbomqa) @ If you have time, could you help me pinpoint this bug? 🐛 2024-09-27T23:46:45Z This Facebook/Meta [story on storing passwords in plain text](https://twtxt.net/twt/35hpjzq) it just wow 😮 -- Like how da fuq does a company, or anyone for that matter in the business of software / technology even do this?! Like at least base64 encode the fuckers right?! (_oh wait 🤦‍♂️_) 2024-09-28T00:14:11Z (#yjv73uq) @ Sorry I didn't make that super clear 🤦‍♂️ Be happy to see you there and some new folks 🙇‍♂️ 2024-09-28T00:15:54Z (#ln2oodq) This is a 1-way feed by the looks 🤣 Maybe someone can figure out how to reach out to this person and see if they're aware and interested in something a bit more "social" (_albeit slow_) 🤣 2024-09-28T00:41:54Z @ The [useragent](https://git.mills.io/yarnsocial/useragent) tool now natively supports the Caddy (JSON) logfile format. 🥳 2024-09-28T00:59:54Z (#ln2oodq) @ I'm not following it, but someone on my pod is 🤣 And yes based on statistical evidence, I doubt you'll see a reply either 🤣 2024-09-28T01:10:58Z (#rqg5cxa) @ We've been doing this for years:

> There are lots of great ideas here! Is there a benefit to putting them all into one document? Seems to me this could more easily be a bunch of separate efforts that can progress at their own pace:

See https://dev.twtxt.net 2024-09-28T01:13:49Z (#rqg5cxa) > Deprecating non-UTC times seems reasonable to me, though.) Having a big long “twtxt v2” document seems less inviting to people looking for something simple. (@ you mentioned an anonymous comment “you’ve ruined twtxt” and while I don’t completely agree with that commenter’s sentiment, I would feel like twtxt had lost something if it moved away from having a super-simple core

See https://yarn.social (especially this section: https://yarn.social/#self-host) -- It really doesn't get much simpler than this 🤣 2024-09-28T01:16:53Z (#rqg5cxa) @ I don't have a problem with continuing the way we have been for the past ~4 years, little extensions and improvements that we try along the way. That has worked quite well 💪 As a blind person myself, I can totally empathise with reading a full (_lots of text_) spec. Even if we decide to combine all the ideas into a full fleshed out v2 spec, it _might_ be worthwhile having a cut-down version that is as simple as it can be a no less. 2024-09-28T01:38:32Z (#rqg5cxa) @ Bahahahahahahaha 🤣

This is why we need "authenticity" 🤣 Yes if you copied my feed's UUID, then you'd end up generating identical hashes to me if we posted at identical times with identical timestamps. Not good 😌

> Also, was the dot after the timestamp intended?

No, sorry. 2024-09-28T01:20:56Z (#rqg5cxa) For example a v2 spec _might_ just simply mandate the following as a starting point:

```
cat < ~/public_html/twtxt.txt
```

And:

- Serve your file with `Content-type: text/plain; charset=utf-8` 2024-09-28T01:39:44Z (#rqg5cxa) @ Yeah I agree with this actually (_introducing too many changes at once is often a bad idead_):

> but IMO that shouldn’t be done at the same time as introducing new untested ideas 2024-09-28T01:41:17Z (#rqg5cxa) > Again, I like this existing simplicity. (I would even argue you don’t need the metadata.)

I argue you do. It's nice to have a "@nick@domain` a feed author prefers to be called by, rather than you just making shit™ up haha 😝

It's also quite nice to have a visual representation of the feed too. description can be optional.

Without this, feeds are a bit too "bland" IMO.` 2024-09-28T01:43:19Z (#rqg5cxa) > That page says “For the best experience your client should also support some of the Twtxt Extensions…” but it is clear you don’t need to. I would like it to stay that way, and publishing a big long spec and calling it “twtxt v2” feels like a departure from that. (I think the content of the document is valuable; I’m just carping about how it’s being presented.)

It's for this reason I'd like to try changing the [Twt Hash](https://dev.twtxt.net/doc/twthashextension.html) extension to use SHA-256 which is a far more common tool available pretty much everywhere. I _think_ the effort involved in "precise threading" (_using content addressing_) becomes much easier to "author" (_note that participating in an existing thread has always been trivial, just copy the Twt Subject in your Twt_). 2024-09-28T01:46:28Z (#ff2lzqq) @ This is sadly where you need two things:

- A `/twtxt.txt.sig` (_detached signauture_)
- Or a way to sign the `# uuid =` with a key that can be verified.

Hmmm and as I write this actually, I _think_ this doesn't work either, because you can still just copy it regardless. Hmmm @ help me out here? How do we prevent "spoofing"? 🤔 2024-09-28T01:52:04Z (#ff2lzqq) I think the only legit way of preventing this kind of "spoofing attack" would be:

> Digitally Sign Twts: Each Twt could be digitally signed using a private key associated with the UUID. The signature would be calculated over the concatenation of the UUID, timestamp, and content. The public key could be published along with the feed so anyone can verify the authenticity of the Twt by checking the signature. This approach ensures that only the true owner of the UUID (and the corresponding private key) can produce valid hashes.

Which leads us to more Cryptography. Something which y'all voted against. 2024-09-28T01:54:10Z (#ff2lzqq) If we want this though (_or some of us do_) I will probably have to make the hard decision here to just fork from Twtxt entirely and define a completely new spec. If we care about the UX we need a few properties (_some of which we have, some of which we don't have and some of which are "weak"_):

- Authenticity
- Integrity
- ~~Precision~~ Versioning

The last one involves _actually_ supporting the notion of "Edits" and "Deletes" IMO more formally. Without this it would be quite hard to support a strong/good UX. Another way to think about this is "Versioned Twts". 2024-09-28T02:01:29Z (#t3t6uiq) @ Thank you! 🙏 2024-09-28T06:25:15Z (#m2ac5qa) @ Oh geez! Is this anywhere near you? 2024-09-28T10:28:41Z (#jjbnvgq) @ Got time now before you head off? 2024-09-28T10:45:15Z **Summary of Discussions** (_as best I can_):

- @ and @ express simplicity. Both Lyse and Sorenpeter support location-based addressing.
- @ believes we should continue to develop ideas and extensions progressively over time like we've always done.
- @ @ and @ would like a better user experience, especially when threads break due to edits, deletions or feed location changes.
- @ would like to see utf-8 mandated, and the threading model remain largely the same as it is today, which is primarily based on the convention of a Twt Subject anyway, Twt Hash(es) just make the threading "more precise". Anth also states that format, client and server specification/recommendations should be kept separate.
- @ @ sorry you two haven't said too much really, so I'm not too sure?

Overall, the 22 votes we've had on the [poll](http://polljunkie.com/poll/btnfxp/twtxt-v2/view) from the community (_if you can call it a community?_) have clearly shown that:

- We continue to support content-based addressing. (65/35)
- We think about formally supporting edits/deletes (60/40)
- We do not increase the use of cryptography (_thworing things like authenticity and identity out the window_) (70/30)

And overall the NPS (_net promoter score_) of "Would I recommend Twtxt to a friend" is a whopping 7/10 (_which is crazy! 🤯_)

Let's have our monthly catch up soon™ (1hr) and discuss together. My own take on the direction we should take at this point is as follows:

- We continue to use hashing for the threading model.
 - We think about changing this to SHA-256 for simplicity.
- We either adopt @'s UUID approach or @ Dynamic URL approach.
- We continue to incrementally/progressively improve things over time as @ suggested.
- We think about mandating utf-8 as @ suggests which makes things so much easier for everyone.
- We further discuss the merits/ideas of supporting formal Edit/Delete requests or other ways to better support this in some way. 2024-09-28T10:56:39Z (#tukxcsq) @ well edits can be detected with either approach really 2024-09-28T13:23:11Z ![](https://twtxt.net/media/ppZ5rNcmjtMxGSydho6nRd.png) 2024-09-28T13:44:42Z (#llaochq) @ The display is very very good 😊 2024-09-28T15:41:14Z `yarnd` and WebSub ![](https://twtxt.net/media/zFZLdhf44agjyveDvvRzYn.png) 2024-09-28T15:44:10Z (#72b676q) And here's a dashy of the no. of notify requests (from WebSub) ![](https://twtxt.net/media/eY9ncZvwLSpvpi9RLyJyJC.png) 2024-09-28T16:00:16Z 👋 Thanks for joining us on our Sept monthly Yarn.social meetup today y'all 🙇‍♂️ We had @ @ @ @ and @ 💪 Nice turn out! (_not all at once of course, as we normally run this over 4 hours as we span many time zones!_)

Things we talked about:

- Decentralised vs. Distributed
- Use of SHA256 for Twt Hash(es)
- We solved Edits! 🥳
- UUID(s) probably won't work! (_susceptible to sppofing_)
- Helped @ write some PHP to process/parse `User-Agent` and service his feed via a custom PHP script 😅
- @ introduced himself 👌
- Talked about Merkle Trees 🌳

Did I miss anything? 🤔 2024-09-28T16:00:38Z Cya y'all again next month (2nd Sat in Oct) 🤞 2024-09-29T01:52:29Z I'm looking to develop a static site for twtxt.dev -- A domain I own and have wanted to use for developer and specification docs for Twtxt.

Can anyone recommend a few Hugo themes you like?

All of the dev.twtxt.net content would move over as well. 2024-09-29T06:06:00Z (#jiewmoq) @ Thanks! I've almost come up with my own theme already 🤣 I _actually_ don't really want to use Hugo at all, I find it too complicated. But it is pretty popular so I _thought_ maybe I'd rip-off a nice theme... Hmmm 🧐

Anyway, What I really normally use for a lot of my static sites is [zs](https://zs.mills.io) 2024-09-29T06:16:05Z (#jiewmoq) Here's what I've got so far... ![](https://twtxt.net/media/3fATLEq6JfYaFSBaDnPBjP.png) ![](https://twtxt.net/media/6DuhkRJ8mRrMt2Ew23k3am.png) 2024-09-29T08:34:54Z (#zrepelq) @ `twt` probably isn't the best client I'm afraid. It doesn't really cache twts by their key (hash) to display threads properly. Jenny however does 👌 2024-09-29T08:35:34Z (#27sm6xa) @ I will have something up soon™ 🤞 2024-09-29T08:53:57Z There we go!

=> [twtxt.dev](https://twtxt.dev/)

🥳 2024-09-29T08:56:53Z (#mkwtgrq) @ Yes! Basically @ points out that if we mandate that authors should retain the original timestamp in their feed when adjusting content, making fixes, etc, that they retain the original timestamp and leave it unaltered. We already do this anyway, we just need to say so.

Now we have a situation where folks participating in a "conversation" (thread) with appropriate clients can automatically detect edits with almost 100% accuracy by mere fact that the next time they fetch a feed that contains an edit, they now see two versions of the Twt with two different hashes, but identical timestamps.

You can use the fetch time to approximate a "version number" and deal with the display (UX) appropriately.

I can't believe I didn't think of this before 🤦‍♂️ 2024-09-29T09:14:20Z (#7wdvhia) @ Pretty nice views 👌 I enjoyed reading this. It was though I were there in the morning walking with you guys up to the summit man those mushrooms really are quite some aren't they? 🙃 2024-09-29T11:28:34Z (#mkwtgrq) @ Yes 👍 2024-09-29T11:28:59Z (#mkwtgrq) @ See @ 's undersanding. Now this had some edge cases that we agreed probably aren't worth solving for. 2024-09-29T11:29:47Z (#k55uu5q) @ Sorry I meant `twet` 🤦‍♂️ 2024-09-29T11:30:23Z (#k55uu5q) @ I think it's a good idea to fork `twet` and continue to improve it. It's an "okay" Twtxt cli client, but it needs a bit more work 👌 2024-09-29T11:46:35Z (#fx6j3qa) @ No 😅 2024-09-29T11:57:31Z (#mkwtgrq) @ Yup. 2024-09-29T11:57:49Z (#mkwtgrq) It's no worse than what we have now, it's better. But yes caveats still apply. 2024-09-29T11:58:19Z (#mkwtgrq) Personally I don't see it as a problem. I didn't even really see edits as a problem either tbh, but this is just an incremental improvement I think. 2024-09-29T12:11:07Z (#7wdvhia) @ Just once I tell ya:

> Ah, 16°C… what dreams are made of! 😍

I'd like it to be a nice cool 16°C here 🤣 2024-09-29T12:27:22Z (#mkwtgrq) @ Hmmm 🤔 Intuitively I say "No they're not the same"; but let me sleep on it 🙏😴 2024-09-30T03:59:25Z (#7wdvhia) @ I see it here hmm 🤔 Dis you accidentally mute your own Twt? 2024-09-30T04:00:00Z (#7wdvhia) ![](https://twtxt.net/media/cJCGmqZMvuVDWhGeZFHVQU.png) 2024-09-30T07:08:31Z Hmm da fuq?! @ ? 2024-09-30T07:09:45Z (#6opozga) Really you stopped 22hrs ago? https://twtxt.net/twt/iaautmq 2024-09-30T11:51:29Z (#fqnexzq) @ No.

> iirc in twtxt v2 it starts prohibited

This is not true. There are no issues supporting fetching feeds via Gemini/Gopher. This is totally fine. What will likely happen is "recommendations" and "drawbacks of using Gemini/Gopher" 2024-09-30T12:01:17Z (#b7nbanq) @ Good point! 👌 I'll make it so 👌 2024-09-30T13:41:20Z (#vkciuzq) @ 👌 2024-09-30T16:17:13Z (#mkwtgrq) @ Maybe you're right: Let's pause this while edit/delete discussions. 2024-10-01T03:10:57Z (#zd4utgq) @ I think this is a rype will fix! 2024-10-01T03:11:58Z (#zd4utgq) @ Agreed 2024-10-01T03:12:17Z (#zd4utgq) Btw anyone can put up PR(s) 🙃 2024-10-01T03:16:26Z (#23226dq) @ Yup! 2024-10-01T04:05:35Z (#vledlqq) 🤣🤣🤣😂🤣😂🤣 2024-10-01T13:37:27Z @ I'd love it if you write up a page for jenny 🙏 at https://twtxt.dev 🤞 2024-10-01T13:37:50Z (#kdjkn5a) Still playing with the style/template and what to include, just keeping it simple for now. 2024-10-01T14:02:20Z (#kdjkn5a) @ I'm open to suggestions. What would you prefer the color scheme to be? 🤔 2024-10-01T14:12:10Z (#kdjkn5a) @ I have no idea what I want to be perfectly honest. This is CSS done from scratch 😅 2024-10-01T14:15:50Z (#kdjkn5a) Let's try that... Pushed a new commit... Give it ~5m to update... 2024-10-01T14:34:35Z (#kdjkn5a) I'm not really sure that is any better hmmm, please help 🙏 2024-10-01T22:49:30Z (#rreyqya) @ hmm? 2024-10-02T02:26:58Z (#4r22cna) @ did we ever spec this up? 2024-10-02T02:27:37Z (#mndz4la) @ at this point, I wouldn't use anything but Signal or Apple messages 😅. 2024-10-02T02:30:18Z (#rreyqya) @ sorry wat?! 🤣 2024-10-02T02:33:54Z I am told through various sources that Iran decided last night to attack Israel with over 200 missile strikes in response to Israel attacking Lebanon. 🤔 2024-10-02T03:03:01Z If we stuck with Blake2b for Twt Hash(es); what do we think we need to reasonably go to in bit length/size?

=> https://gist.mills.io/prologic/194993e7db04498fa0e8d00a528f7be6

e.g: (_turns out @ is right about Blak2b being easy/simple too!_):

```
$ printf "%s\t%s\t%s" "https://example.com/twtxt.txt" "2024-09-29T13:30:00Z" "Hello World!" | b2sum -l 32 -t | awk '{ print $1 }'
7b8b79dd
``` 2024-10-02T08:40:06Z (#336uidq) @ is that the only system is not available on? Are there alternative packages for OpenBSD? 2024-10-02T08:40:59Z (#kdjkn5a) @ I don't think that matters a great deal. I think you should publish your client anyway because I think the direction that will end up taking will hopefully be one that we collectively agree on. 🤞 2024-10-02T08:41:39Z (#yaicyiq) @ sorry to hear about your personal things going on. 🤗 2024-10-02T11:17:24Z (#yaicyiq) @ Oh I hope that is true 🤣 2024-10-02T11:18:41Z (#336uidq) @ Not sure. It might be a slight variant. I'll find out 🙃 2024-10-02T11:20:39Z (#rtt24qq) @ Hmmm 🤔 Where do you put man pages outside of the contest of a package manager? 🤔 2024-10-02T11:28:53Z (#rtt24qq) @ Yea but what about non-root? 2024-10-02T11:41:55Z (#rtt24qq) @ So it should be possible to install man pages in one's home directory👌 2024-10-02T12:18:37Z (#336uidq) @ To be fair it _really_ isn't `sha256sum` vs. `b2sum`. Neither is more complicated than the other. 2024-10-02T12:19:41Z (#maojn6q) @ Curious, is our goal to have readily available tools on every possible system? 🤔 2024-10-02T12:37:58Z (#maojn6q) @ I'm inclined to agree. @ needs a bit of convincing maybe? 🤔 2024-10-02T12:45:33Z (#kv5m3ya) e.g:

```
$ printf "%s\t%s\t%s" "https://example.com/twtxt.txt" "2024-09-29T13:30:00Z" "Hello World!" | sha256sum | awk '{ print $1 }' | xxd -r -p | base64 | head -c 12
UWVFdUXtvoLS
``` 2024-10-02T22:18:35Z (#maojn6q) @ I guess @ 's point is there isn't one that is available as standard on OpenBSD? 😅 2024-10-02T22:19:33Z (#rhgdqmq) @ Good point. 2024-10-02T22:27:13Z (#yaicyiq) @ I _think_ the proposal should be as simple as this:

- Update the [Twt Hash](https://twtxt.dev/exts/twt-hash.html) extension.
- Increase its truncation from 7 to 12

@ is right about quite a few things, and I'd love it if he wrote up the dynamic hash size proposal, but I'm inclined to just increase the length in the first place mostly because my own client `yarnd` doesn't even store the full hashes in the first place 🤦‍♂️ (I thinnk) 2024-10-02T22:31:09Z (#rreyqya) > Build what makes you happy. Let miserable people build the rest 2024-10-02T22:32:33Z (#kv5m3ya) @ Nope not at all. base64 just encodes more bits 2024-10-03T08:17:03Z (#itn6lfa) It's all about the r gage meant ya see 😅 2024-10-03T08:17:24Z (#maojn6q) @ **Ooof** 😢 2024-10-03T13:19:52Z Over the past few days I've been playing around with the latest Chat-GPT, I _think_ the model is called `o1-preview`. I've used it for various tasks from writing documentation, specs, shell scripts, to code (in Go).

The result? Well I can certainly say the model(s) are much better than they used to be, but maybe that isn't so much the models per se, but the sheer processing power at OpenAI's data centers? 🤔

But here's the kicker though... If anyone ever for a moment ever think that these "AI" things are intelligent, or that the marketing and hype is ever remotely close to trying to convince of us this "AGI" (Artificial General Intelligence) or ASI (Artificial Super Intelligence), you are sorely mistaken.

Chat-GPT and basically and any other technology based on Generative-AI (Gen-AI), these pre-trained transformers that use adversarial neural networks and insanely multi-dimensional vector databases to model all sorts of things from human language, programming languages all the way to visual and audible art are (_wait for it_):

**Incredibly stupid!** 🤦‍♂️

They are effectively quite useless for anything but:

- Reproducing patterns (_albieit badly_)
- Search and Retrieval (_in a way that "seems" to be natural_)

And that's about it.

Used as a tool, they're kind of okay, but I wouldn't use Chat-GPT or CoPilot. I'd stick with something more like [Codeium](https://codeium.com/) if you want a bit of a fancier "auto complete". Otherwise, just forget about the whole thing honestly. It doesn't even really save you time. 2024-10-03T14:31:03Z (#m4lgroa) Wow! 😮 He seems to be digging himself into a hole there right? 🤣 2024-10-03T15:05:08Z (#2uuie4a) @ Yes. I _think_ as a fancy autocomplete "tool" it's not too shabby. Beyond that I'm not convinced it saves you time at all.