- Pretty permalinks for this post:
- https://fireburn.ru/posts/2024-new-pfp
Ooh, what's that, a new profile pic?!
(finally got to updating it on my website. machine learning for avatars is so late 2010s, not trendy rn, besides, a friend drew it for me!)
- Pretty permalinks for this post:
- https://fireburn.ru/posts/farcaster-fiat-papercut
Cryptocurrency-adjacent projects are sometimes inconsistent as fuck.
I tried to register on Farcaster, and tried to use the network creators' official app, Warpcast.
Okay, one needs to pay for storage on the network... but why is the only option to pay on the official app is fiat money?! isn't cryptocurrency supposed to replace fiat money?
Cryptocurrency-adjacent projects are too inconsistent sometimes.
Something must be horribly wrong with me if the first tool I reach for to edit a post is psql
.
I should really design a proper Micropub client designed for editing, incl. editing HTML.
- Pretty permalinks for this post:
- https://fireburn.ru/posts/what-is-ci-to-me
Watching a good video about GitHub Actions by fasterthanli.me got me thinking: What is CI?
To me, CI is a thing that builds my things, runs my tests and deploys my things.
To build and test, I use Nix. To deploy, I copy the software that I've built using Nix to a server and run it (simplified; I actually use NixOS, but it's pretty much equivalent to running a script on a server that installs my software).
Therefore, a build step is a simple nix build
. A deploy step could therefore potentially be a nix run .#deploy
in a clean, semi-isolated environment (deploys are an effect so we can't have a pure environment) that has some sort of secret defined so nobody else can deploy except my CI runner.
Could I potentially create something like this? Maybe. Could I also use it for my own purposes? Also maybe. Would it be secure? ...probably? As long as I do a good job at isolating things and not running untrusted code (such as deploying from branches that I do not control), it should be. I mean, GitHub Actions is attacked by cryptominers occasionally as a result of PRs running CI.
Nix has timeouts, so jobs can't run forever. Also Nix isolates builds from networking, so a cryptominer would be rather useless in such an environment.
Deploy steps are trickier to secure. But on the other hand, you don't really want to deploy from an untrusted branch that you don't even know about, right? One usually deploys from main
, and this simplifies things — you just have to make sure you don't fuck up your main branch. So I guess security becomes a matter of code review. And also keeping your deploy secrets a secret.
I think I should try my hand at this someday.
Scrolling through TikTok, I find some crazy news about Alabama.
Looking at the authorship... thankfully it's The Onion.
Dang, I almost believed it.
- Pretty permalinks for this post:
- https://fireburn.ru/posts/cursed-bloom-filter
Today I realized that a function that always returns true
can technically be considered a bloom filter with a false-positive rate of one. If you're willing to stretch your definition of bloom filter, of course.
The best thing about this bloom filter is its memory usage. It uses zero memory.
TIL that ip rule
supports a uidrange
condition that allows to route traffic for specific users. This is useful in combination with Tailscale exit nodes or other VPNs to allow setting a different default route per-service (you do run your services as separate UIDs, right?)
Somehow I ended up playing with SIMD and I wrote an IPv6 96-bit prefix comparison function that's 250 picoseconds faster than doing lhs.segments()[0..6] == rhs.segments()[0..6]
.
I have no idea what to do with these 250 picoseconds I am saving every time I need to compare 96-bit IPv6 prefixes.
- Pretty permalinks for this post:
- https://fireburn.ru/posts/crates.io-via-nix-idea
while studying cargo index format, I realized a cursed thing: I could probably get this thing working with Nix to fetch crates without using Cargo...
i'm probably reinventing the wheel (the wheel being naersk
), but:
let
# assuming cwd = `git clone github.com/rust-lang/crates.io-index`
fetchCrateVersions = name: builtins.readFile ./${builtins.substring 0 2 name}/${builtins.substring 2 4 name}/${name};
fetchCrateMetadata = name: version: builtins.getAttr version (builtins.listToAttrs (builtins.map (c: { name = c.vers; value = c; }) (builtins.map builtins.fromJSON (builtins.filter (n: n != "") (nixpkgs.lib.strings.splitString "\n" (fetchCrateVersions name))))));
in
# `fetchCrateMetadata`'s output contains `cksum` attribute matching SHA256 hash of the crate, allowing for a fixed-output derivation.
# Using recursive calls of a hypothetical function, all dependencies of a certain crate could be found, and a list for calling `fetchurl` created.
# Creating such a recursive function is an exercise for the reader.
Thus, the entire crates.io registry becomes accessible, and a hypothetical Cargo.lock
file could be used as a starting point to discover dependencies for a project, without the requirement for any sort of hashes.
- Pretty permalinks for this post:
- https://fireburn.ru/posts/brave-sucks
This is your reminder that when switching from Chrome, you should avoid Chromium reskins.
Especially Brave with its hypocrisy around its own shitcoin, BAT, which doesn't allow non-custodial withdrawals (therefore is not even real crypto). Not to mention the widely known homophobic views of its CEO.
...also brave sucks for me as a web developer, because they disable some genuinely useful features, all in the name of "privacy". At this point it's better to use Firefox instead.
I've never found social networks and their algorithms "addicting", like how many fearmongers claim them to be.
Instead, I found them simply frustrating.
My belief in humanity is at an all-time low.