@bender@twtxt.net F-Droid is a platform/app that lets you side-load/install and serve android apps without the need for Google’s play store’s blessing. I also use Aurora Store to install Play Store’s apps without having to associate my phone with Google account. 🦾 it makes me feel good about myself 🥸

Anyone had any intereractions with @cuaxolotl@sunshinegardens.org yet? Or are they using a client that doesn’t know how to detect clients following them properly? Hmmm 🧐

@slashdot@feeds.twtxt.net At least Android has fDroid. Apple is a dominatrix.

early preview of my new web-based twtxt client https://sunshinegardens.org/static/howl/

@movq@www.uninformativ.de Thanks! Looking forward to trying it out. Sorry for the silence; I have become unexpectedly busy so no time for twtxt these past few days.

@quark@ferengi.one Check out this thread if you haven’t already: https://mastodon.social/@sundogplanets/112464533481477428

I think we already know It’s likely to be a disaster.

@movq@www.uninformativ.de LOL, well, great things come out of that worry, I can tell that much. Keep being you! :-)

@quark@ferengi.one

I think you are worrying about a non-issue.

That’s what I do best. 😏

@movq@www.uninformativ.de I think you are worrying about a non-issue. I see nothing to do on your example twt, because there is no context. Furthermore, if I wanted to follow the feed, everything I need is already on that twt example. :-)

@mckinley@twtxt.net agevault uses age, allegedly very secure (aiming to replace pgp/gpg). Comparing it with gocryptfs, from the user perspective, agevault seems simpler, though CLI exclusive. As the repository states, “Like age, it features no config options, allowing for a straightforward secure flow”. It would also run in all major OS platforms out of the box.

But agevault is also very new. Though age has been around for a while now, I don’t see an “audited” link (neither on agevault, nor age).

@abucci@anthony.buc.ci their main question is worrisome:

“The main question is, does it disappear during this re-entry?” says Löhle. “Is everything evaporating, or are there pieces that eventually impact on the ground?”

He expects some parts, such as the satellite’s fuel tanks, to survive. “You could learn from the re-entry that if you build a fuel tank differently, it can break up,” he says.

Archived article at: https://archive.ph/WdUvx

@aelaraji@aelaraji.com so lovely, ain’t it? A simple keystroke, and your “mystery” is solved. :-)

@New_scientist@feeds.twtxt.net It’s great that US regulators have approved launching 40,000 satellites with a 5-year lifespan before we had this kind of information about what’s likely to happen when they start falling out of orbit at a rate of several per hour.

@quark@ferengi.one 😆 I’m trying so hard to overcome the temptations.

@aelaraji@aelaraji.com hehehehe. Enjoy, but careful with sugary stuff! :-)

@prologic@twtxt.net what made you make such “financially sound” recommendation? Have you switched jobs, and are now a Financial Advisor? :-P

@movq@www.uninformativ.de wow! We are “lucky” today, only 27°C here, 87% humidity, overcast, and raining sporadically. Thanks to the rain our temperatures aren’t high, but muggy nevertheless. I am ready for our winter too, you know, that whole week. LOL.

@prologic@twtxt.net My pod, which is running the same commit you are, does not return an error like that. It returns the same HTML it always has. Try it. I nuked my cache before restarting.

Edit: Oh wait, the plot thickens. I do get an error if I use curl or if I use a web browser that isn’t logged in. That’s good!

@movq@www.uninformativ.de pretty cool! Switched, and pulled. Nice update on README!

@falsifian@www.falsifian.org have you tried jenny’s fetch-context branch? It works great!

@bender@twtxt.net yup, this works well. I needed those extra settings.

@movq@www.uninformativ.de I think I have got it, but need to test upon receiving further posts. I added:

set uncollapse_new     = yes  # open threads when new mail
set uncollapse_jump    = yes  # jump to unread message when uncollapse
set collapse_unread    = no   # don't collapse threads with unread mails

Let’s see how it goes.

Maybe the @yarn_police@twtxt.net can take this case, and shed some light.

@bender@twtxt.net, cool, so I can join the threads, but your edit to the original will never show at my end. Will have @bender@twtxt.net show the screenshot.

OK. @quark@ferengi.one did not see this update, but should see this reply now, as broken.

@bender@twtxt.net, let’s break it!

@prologic@twtxt.net I’m not sure what this update does, but

https://twtxt.net/external?uri=https://google.com&nick=lovetocode999

still exhibits the same problem, on your pod and on mine, after the latest update.

@prologic@twtxt.net OK, I just updated to commit 77d527, which looks to be the same one you’re running right now. I forgot to blow away my cache before restarting, so I just deleted the cache file and restarted.

@abucci@anthony.buc.ci appreciate it if you find the time to update again 🙏

Had to disable support functions because I’ve received three spammy support emails today. Thanks for that feature @prologic@twtxt.net

@bender@twtxt.net Hey, want to go in halfsies on one?

@bender@twtxt.net Oh look at that, the same problem is still happening on twtxt.net too. I tested a different link but that one gave an error. Maybe that means my pod isn’t behaving different from twtxt.net after all.

@prologic@twtxt.net I deleted a file named cache in my yarn data and restarted. Problem persists.

@prologic@twtxt.net “Refresh cache in Poderator Settings”

Is there some other way to do that?

@prologic@twtxt.net What? I compiled, updated, and restarted. If you check what my pod reports, it gives that 7a… SHA. I don’t know what that other screenshot is showing but it seems to be out of date. That was the SHA I was running before this update.

@prologic@twtxt.net Here’s a log entry:

Aug 27 15:59:43 buc yarnd[1200580]: [yarnd] 2024/08/27 15:59:43 (IP_REDACTED) "GET /external?nick=lovetocode999&uri=https://URL_REDACTED HTTP/1.1" 200 35442 14.554763ms

HTTP 200 status, not 404.

@prologic@twtxt.net This does not seem to fix the problem for me, or I’ve done something wrong. I did the following:

1. Pull the latest version from git (I have commit 7ad848, same as on twtxt.net I believe).
   
2. make build and make install
   
3. Restart yarnd
   
4. Refresh cache in Poderator Settings
   

Yet I still see these bogus /external things on my pod when I hit URLs like the one I sent you recently. When I hit such a URL with curl I think it’s giving an error? But in a web browser, the (buggy) response is the same as it was before I updated.

So, this problem is not fixed for me.

@prologic@twtxt.net Aha, now it gives an error. OK I’m updating to this to see if it fixes the issue on my pod! Thank you.

@prologic@twtxt.net I believe you are not seeing the problem I am describing.

Hit this URL in your web browser:

https://twtxt.net/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin

That’s your pod. I assume you don’t have a user named lovetocode999 on your pod. Yet that URL returns HTTP status 200, and generates HTML, complete with a link to https://socialmphl.com/story19510368/doujin, which is not a twtxt feed (that’s where the twtxt.txt link goes if you click it). That link could be to anything, including porn, criminal stuff, etc, and it will appear to be coming from your twtxt.net domain.

What I am saying is that this is a bug. If there is no user lovetocode999 on the pod, hitting this URL should not return HTTP 200 status, and it should definitely not be generating valid HTML with links in it.

Edit: Oops, I misunderstood the purpose of this /external endpoint. Still, since the uri is not a yarn pod, let alone one with a user named lovetocode999 on it, I stand by the belief that URLs like this should be be generating valid HTML with links to unknown sites. Shouldn’t it be possible to construct a valid target URL from the nick and uri instead of using the pod’s /external endpoint?

@prologic@twtxt.net @bender@twtxt.net I partially agree with bender on this one I think. The way this person is abusing the /external endpoint on my pod seems to be to generate legitimate-looking HTML content for external sites, using a username that does not exist on my pod. One “semantically correct” thing to do would be to error out if that username does not exist on the pod. It’s not unlike having a mail server configured as an open relay at this point.

It would also be very helpful to give the pod administrator control over what’s being fetched this way. I don’t want people using my pod to redirect porn sites or whatever. If I could have something as simple as the ability to blacklist URLs that’d already help.

@lyse@lyse.isobeef.org Interesting. The yarnd --help currently says (for me):

  -R, --open-registrations            whether or not to have open user registgration

meaning it doesn’t give the default setting or warn you that you need to use -R=false and not -R false. It also leaves unclear whether --open-registrations false would work or if you need to do --open-registrations=false. It’s also unclear whether the setting change in the user interface is overridden by the command line arguments, overrides the command line arguments, is persisted across restarts.

Maybe all this is worth posting an issue for additional documentation on the git repo if there isn’t one already.

“registgration” is misspelled that way in the help by the way.

@lyse@lyse.isobeef.org in Australia, take everything you have learned, and do the opposite. After all, it is the land down under! :-D

@quark@ferengi.one LOL we repair everything in here 😆 … I just have a problem with trusting people with my stuff because of past experiences. “Better a half broken screen than no screen” kind of thing.

@aelaraji@aelaraji.com didn’t know there was a place to fix them; in here we toss them. Wish it was cheap to ship stuff. I have a couple of decent monitors in the garage that will soon take a trip to the curve…

@lyse@lyse.isobeef.org I have no Idea, I still haven’t found a repair shop I can trust with my monitor. As for the blackouts, they don’t have consistent frequency. Sometimes it’s once every 3 months… other times it’s 3 times a day 😂

@lyse@lyse.isobeef.org ugh, how come didn’t this occurred to me…! Oh well, I am good now, but noted. Thanks!

@abucci@anthony.buc.ci You can also use -R=false on the command line or leave it out entirely. When explicitly stating -R=false, there has to be an equal sign. With a space (-R false) it’s somehow parsed as -R which is equivalent to -R=true. O_o Very weird. I’d really like to see an error instead.

I still have to figure out the precedence of the settings.yaml or command line arguments. I’m probably holding it wrong, but it seems to give me different results…

@prologic@twtxt.net I’ve just went in a case b) on @abucci@anthony.buc.ci ’s pod, if I click on their nickname I get a Log-in page. And if I click on anyone else’s I a profile page. Is that normal?

@prologic@twtxt.net salt’em to keep them viable longer. Salt’em! :-D

@quark@ferengi.one @movq@www.uninformativ.de A general workaround in these cases is to wrap the command in a shell script and reference said script instead.