#dev 2024-03-29

2024-03-29 UTC
geoffo and [Joe_Crawford] joined the channel
# 01:51 
[Joe_Crawford] For years I've had a php error log on my personal site that was a steady stream of misc warnings and errors. Over the past months I've been attacking each of the bad actors and it's gone a solid 12 hours without an error. Obviously it's time to code some new stuff.
BinarySavior and jacky joined the channel
# 02:56 
gRegor Nice. How many of those were from WordPress/plugins? I feel like I'm always seeing logs filled with those.
# 02:57 
gRegor Last couple years I've enjoyed declaring strict typing, catch a lot of things I'd otherwise miss
# 03:14 
[Joe_Crawford] Given that the majority of the code on my site is my own hand rolled theme, which includes short codes, custom templates, some classes that extend wordpress classes, an extension to DOMDocument, I’m the person to blame for all of it. There are some utilities and other non-wp stuff I moved into wp too.
sp1ff, vikanezrimaya, moose3337, [tantek], gRegorLove_, gRegor, jacky, [jeremycherfas] and AramZS joined the channel
# 14:22 
mandaris I wrote a blog post about my feelings on `h1`s and headers.
# 14:22 
mandaris https://mandarismoore.com/2024/03/28/why-does-the.html
# 14:23 
capjamesg mandaris[d]++
# 14:23 
Loqi mandaris[d] has 1 karma over the last year
# 14:23 
capjamesg for blogging!
# 14:23 
mandaris I've got KARMA!!!!
# 14:23 
Loqi [preview] [Mandaris Moore] Why does the Labarum theme not have a header
# 14:24 
mandaris Don't know what to do with it...
# 14:24 
capjamesg karma++
# 14:24 
Loqi karma has 1 karma over the last year
# 14:24 
mandaris I'll abuse it to make the interns get me coffee
# 14:24 
mandaris 😛
# 14:25 
capjamesg You should get the interns coffee 😂
# 14:25 
Loqi definitely
# 14:27 
mandaris Well, if the AI powered bot says so....
# 14:27 
capjamesg Yes indeed.
# 14:27 
capjamesg If Loqi says, it shall be!
# 14:29 
mandaris My next topic will most likely be side bars
[manton] joined the channel
# 14:34 
[manton] [snarfed] I’m experimenting with pulling Bluesky mentions into http://Micro.blog. It’s interesting to make it play nicely with Bridgy too. I’m now hitting the permalink for Bridgy in some cases to resolve a http://brid.gy/comment/bluesky/did:plc/… URL into an at:// URL (looking for p-uid). Don’t expect this will create any problems, just FYI.
# 14:36 
mandaris Whoa! Manton is here!
# 14:37 
mandaris The Dude makes me spell my own name wrong
# 14:42 
[manton] Hello! 👋
# 14:54 
livebay Hello guys, I want to know how can I create headers file
# 14:57 
livebay I only tried Netlify syntax in their own setting, but now I want to upload all my files directly to my website folder using sftp
jacky, ttybitnik and mahboubine joined the channel
# 16:43 
[snarfed] thanks for the heads up [manton]!
# 16:44 
[snarfed] you can pull the at:// URI out of the bridgy URL directly though, no need for an HTTP request
# 16:45 
[snarfed] what is a headers file?
# 16:45 
Loqi It looks like we don't have a page for "headers file" yet. Would you like to create it? (Or just say "headers file is ____", a sentence describing the term)
[qubyte] joined the channel
# 16:56 
[qubyte] Is this a netlify specific “_headers” file? What you need will depend on what HTTP server software is serving your site.
jacky joined the channel
# 17:02 
livebay No sorry, I mean I only used their syntax in a Netlify .toml file before, but this time it's for a different site on pages.casa, and I don't know how to create hearders file myself (such as its file name...format.. and other) or where to put it
# 17:02 
[qubyte] Call the file `_headers`  (no suffix).
# 17:04 
[qubyte] Put it in your public directory (the one served by netlify). You can see some example configurations in their docs: https://docs.netlify.com/routing/headers/
# 17:06 
[qubyte] It _can_ also be templated. I use this to add import-map hashes to the content security policy header of each page with some JS on (only things like art stuff)
# 17:07 
[qubyte] Example:
# 17:07 
[qubyte] ```/blog/pastel-migraine-auras
# 17:07 
[qubyte]   Content-Security-Policy: default-src 'self'; script-src 'sha256-VCFIg41OuMeBdvmPR/1lCW/asi2yc8jBTUaxkbZzYy0=' 'self'; img-src *;```
# 17:09 
[qubyte] The path the rules apply to is on the first line. In this case it’s an exact match, but wildcards and placeholders can be used to apply to many paths. The second line is indented, and contains the header key left of the colon, and the value is everything on the right of the colon (including the semicolon at the end).
# 17:10 
[manton] [snarfed] Oh cool, thanks. I wasn’t sure about that, but it would be more convenient.
# 17:13 
[snarfed] [manton] yup! second one is the response itself, first one is the post it's in response to
# 17:14 
livebay [qubyte]: Thank you very much, that helps a lot!
# 17:16 
[qubyte] You’re welcome! 🙂
# 17:18 
[snarfed] https://brid.gy/about#source-urls
jacky and geoffo joined the channel
# 18:00 
sknebel Most people are probably fine, but if you are running a server on any bleeding-edge linux distro check their security information now and update if needed!
# 18:01 
sknebel (Debian testing/unstable, fedora rawhide specifically, others less likely but messy enough it doesnt hurt ...)
# 18:04 
sknebel https://www.openwall.com/lists/oss-security/2024/03/29/4 (TL;DR: backdoor in upstream of xz compression library, which infects package builds, when used with SSH produces vulnerable SSH servers)
geoffo, jacky and [schmarty] joined the channel
# 19:01 
[schmarty] wowow sknebel++
# 19:01 
Loqi sknebel has 12 karma in this channel over the last year (31 in all channels)
BloggingBitcoin and ttybitnik joined the channel
# 20:41 
[qubyte] oof wow
jonnybarnes joined the channel
# 21:02 
capjamesg [tantek] See https://github.com/capjamesg/indieweb-utils/blob/main/src/indieweb_utils/replies/context.py#L334 for my and [James_Van_Dyne]'s prior work on reply contexts.
# 21:40 
[qubyte] The xz issue exists in homebrew. Worth doing updates if you’re on a mac and use it.