l2dy
@l2dy.bsky.social
Reposted by l2dy
TypeScript team: rewrites compiler in Go.
Go community: what do you mean your new compiler takes more than a minute to compile? Unacceptable. Dishonorable even. We are so sorry for this sub par experience. Not how we do things around here.
Two days later: WIP 5x speedup.
HN: why pick Go anyway?
Go community: what do you mean your new compiler takes more than a minute to compile? Unacceptable. Dishonorable even. We are so sorry for this sub par experience. Not how we do things around here.
Two days later: WIP 5x speedup.
HN: why pick Go anyway?
cmd/compile: slow escape analysis in large package in the typescript compiler · Issue #72815 · golang/go
Go version go version go1.24.1 linux/amd64 Output of go env in your module/workspace: AR='ar' CC='gcc' CGO_CFLAGS='-O2 -g' CGO_CPPFLAGS='' CGO_CXXFLAGS='-O2 -g' CGO_ENABLED='1' CGO_FFLAGS='-O2 -g' ...
github.com
March 13, 2025 at 12:53 AM
TypeScript team: rewrites compiler in Go.
Go community: what do you mean your new compiler takes more than a minute to compile? Unacceptable. Dishonorable even. We are so sorry for this sub par experience. Not how we do things around here.
Two days later: WIP 5x speedup.
HN: why pick Go anyway?
Go community: what do you mean your new compiler takes more than a minute to compile? Unacceptable. Dishonorable even. We are so sorry for this sub par experience. Not how we do things around here.
Two days later: WIP 5x speedup.
HN: why pick Go anyway?
Reposted by l2dy
Thank you to the go team, and the reporters of this CVE. We are patching this library in our software as we speak, and a release will be out shortly. Keep an eye out.
🚨 x/crypto/ssh: misuse of ServerConfig.PublicKeyCallback may cause authorization bypass
Common API misuse allows attacker to log in with one key, but appear to have logged in with another. Potentially affects services that look up users by key.
Partially mitigated in golang.org/x/crypto@v0.31.0.
Common API misuse allows attacker to log in with one key, but appear to have logged in with another. Potentially affects services that look up users by key.
Partially mitigated in golang.org/x/crypto@v0.31.0.
[security] Vulnerability in golang.org/x/crypto
groups.google.com
December 11, 2024 at 6:14 PM
Thank you to the go team, and the reporters of this CVE. We are patching this library in our software as we speak, and a release will be out shortly. Keep an eye out.
Reposted by l2dy
All y'all are wrong. When working on a host that's been up for 1000 days, that's 1000 miles away, and IPMI has died, "reboot" (and other graceful variants) invites the potential for hanging on stale NFS mounts or whatever. Instead...
for i in s u b
do echo $i > /proc/sysrq-trigger
sleep 1
done
for i in s u b
do echo $i > /proc/sysrq-trigger
sleep 1
done
December 2, 2024 at 2:08 AM
All y'all are wrong. When working on a host that's been up for 1000 days, that's 1000 miles away, and IPMI has died, "reboot" (and other graceful variants) invites the potential for hanging on stale NFS mounts or whatever. Instead...
for i in s u b
do echo $i > /proc/sysrq-trigger
sleep 1
done
for i in s u b
do echo $i > /proc/sysrq-trigger
sleep 1
done
Reposted by l2dy
I had forgotten I had set up gopherwatch.org. Awesome!
It's a service that notifies you any time a new version of a module appears in the Go Checksum Database.
It's a service that notifies you any time a new version of a module appears in the Go Checksum Database.
June 16, 2024 at 2:19 PM
I had forgotten I had set up gopherwatch.org. Awesome!
It's a service that notifies you any time a new version of a module appears in the Go Checksum Database.
It's a service that notifies you any time a new version of a module appears in the Go Checksum Database.
Reposted by l2dy
Trivy 0.52.1 running on age v1.1.1
> Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)
govulncheck v1.1.2
> No vulnerabilities found.
govulncheck is correct. All the vulns reported by the other thing are provably false positives.
Please use govulncheck.
> Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)
govulncheck v1.1.2
> No vulnerabilities found.
govulncheck is correct. All the vulns reported by the other thing are provably false positives.
Please use govulncheck.
June 16, 2024 at 1:21 PM
Trivy 0.52.1 running on age v1.1.1
> Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)
govulncheck v1.1.2
> No vulnerabilities found.
govulncheck is correct. All the vulns reported by the other thing are provably false positives.
Please use govulncheck.
> Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)
govulncheck v1.1.2
> No vulnerabilities found.
govulncheck is correct. All the vulns reported by the other thing are provably false positives.
Please use govulncheck.
Reposted by l2dy
Here’s the bug. Basically just checks the CA Subject, and if it’s Nintendo it trusts the chain. No checking of the public key. Lmao.
github.com/PretendoNetw...
github.com/PretendoNetw...
GitHub - PretendoNetwork/SSSL
Contribute to PretendoNetwork/SSSL development by creating an account on GitHub.
github.com
April 9, 2024 at 11:28 AM
Here’s the bug. Basically just checks the CA Subject, and if it’s Nintendo it trusts the chain. No checking of the public key. Lmao.
github.com/PretendoNetw...
github.com/PretendoNetw...
Reposted by l2dy
Clj-kondo, a linter for #clojure code that sparks joy, turned 5 today!
This was my first commit on 20th of march 2019!
github.com/clj-kondo/cl...
#cljKondo
This was my first commit on 20th of march 2019!
github.com/clj-kondo/cl...
#cljKondo
March 20, 2024 at 9:40 AM
Clj-kondo, a linter for #clojure code that sparks joy, turned 5 today!
This was my first commit on 20th of march 2019!
github.com/clj-kondo/cl...
#cljKondo
This was my first commit on 20th of march 2019!
github.com/clj-kondo/cl...
#cljKondo
Face ID? No.
Mimi ID? YES!
Mimi ID? YES!
March 13, 2024 at 11:46 AM
Face ID? No.
Mimi ID? YES!
Mimi ID? YES!