Programming

The vast majority of events (talks, hacking sessions, open discussions) are held inside “developer rooms” (“devrooms”), which are mini-conferences organized and managed by open source projects themselves.

It’s also FREE !! 🥳

And there are cookies 🍪

cross-posted from: https://lemmy.dbzer0.com/post/62659556

Edit: I managed to get it working by using :has and nesting css classes!

body:has(#theme-toggle:checked) {
  background-color: #eff1f5;
  .content {
    color: #4c4f69;
  }
  .header {
    color: #8839ef
  }
  .nav {
    background-color: #dce0e8;
    color: #4c4f69;
  }
}

I'm making a website for my school's robotics team and I'm trying to create a dark theme toggle but it's just not working. I'm trying to avoid javascript and I've seen this kind of thing done with only css and html before so I know it's possible. any advice?

repo: https://github.com/WrenHavoc/JudgeMent-Call-Website

edit: currently my code looks something like this:

#theme-toggle:checked ~ body {
  background-color: #eff1f5;
  color: #fff;
}

#theme-toggle:checked ~ html {
  background-color: #eff1f5;
}

#theme-toggle:checked ~ .content {
  background-color: #eff1f5;
}

the button itself is a checkbox that has display set to none and the label set as an svg so when you click the icon, it gets checked.

<input style="display: none;" type="checkbox" id="theme-toggle">
                <label for="theme-toggle" class="theme-button">
                    <img class="theme-button-svg" src="./icons/half-moon.svg">
                </label>

I used a similar strategy when making the menu for the site so I know it should work

.menu {
  position:absolute;
  margin:0%;
  right:20px;
  top:20px;
}

.menu-button {
  position: relative;
  display: flex;
  flex-direction: column;
  justify-content: space-between;
  width: 30px;
  height: 22px;
  cursor: pointer;
  z-index: 2; /* above menu */
}

.menu-button span {
  display: block;
  height: 4px;
  background-color: #cba6f7;
  border-radius: 2px;
  transition: all 0.3s ease;
}

.menu-items {
  top: 30px;
  right: -20px;
  width: 200px;
  background-color: #181825;
  position: absolute;
  display: none;
}

.menu-items li {
  margin: 20px 0;
}

.menu-items a {
  text-decoration: none;
  color: #cba6f7;
  font-size: 18px;
  padding:5px;
}

.menu-items a:hover {
  text-decoration: none;
  background-color: #cba6f7;
  color: #181825;
  font-size: 18px;
}

.menu-selected {
  text-decoration: underline;
  text-decoration-color: #cdd6f4;
  text-decoration-thickness: 3px;
}

.menu-selected:hover {
  text-decoration-color: #181825;
}

#menu:checked ~ .menu-items {
  display: inline;
}

#menu:checked + .menu-button span:nth-child(1) {
  transform: rotate(45deg) translate(5px, 7.5px);
}
#menu:checked + .menu-button span:nth-child(2) {
  opacity: 0;
}
#menu:checked + .menu-button span:nth-child(3) {
  transform: rotate(-45deg) translate(5px, -7.5px);
}

<input style="display: none;" type="checkbox" id="menu">
                <label for="menu" class="menu-button">
                    <span></span>
                    <span></span>
                    <span></span>
                </label>

I want to write a reader for multiple lightweight markup languages. It must only support pretty basic "rich text" features (bold, indent, lists, such things), complicated formatting and not-matching tags will be entirely ignored.

I don't want to use a intermediate markup like pandoc does, since it should not convert but only display.
Which is why i thought of using a "mapping file" for each language. Guess it should support hierarchies, since formats like Markdown require context (prior line has this and next line that), so it will likely be in YAML/TOML/JSON.

Is this sufficient, or is there any better approach for simple addition of markup languages?
Or other projects doing similiar, i could learn from?

The context is a simple mbox/eml reader for a start (html and markdown), and the experience/ideas will be used in a bigger project later, with more language support.

I hope this post fits in this community :)

I'm trying to wrap my head around how authentication works with micro services.

Say we have a system, with a frontend, that communicates with an API gateway, which in turn communicates with all the micro services.

As I understand it, we authenticate the client in the API gateway, and if we trust the client, the request are forwarded to the micro services.

However, what is stopping a malicious actor from bypassing the API gateway and communicating directly to the micro services ?

Do we solve this problem using a firewall, so only trusted traffic reaches the micro services ?

Or do we still have API keys between the API gateway and the micro services ?

Or is there a third way ? :)

All the articles I've read seem to assume, that we can trust all traffic entering the micro services

I hear they are good, make it easier to maintain code-bases. Most often I reach for python to get the job done. Does anyone have experiences with functional languages for larger projects?

In particular I am interested to learn more on how to handle databases, and writing to them and what patterns they come up with. Is a database handle you can write to not ... basically mutable state, the arch-nemesis of functional languages?

Are functional languages only useful with an imperative shell?

cross-posted from: https://lemmy.bestiver.se/post/890009

Comments

Task

I'm working on my final project for school, we are supposed to make a web app of our choosing and there has to be specific features in it. One of it is all data must be encrypted, and the other is that we have to have a search functionality. My app (A customer support framework) has a ticket functionality where customers can submit help request tickets, the contents of these tickets need to be encrypted at rest, at the same time admins need to be able to search contents of tickets.

Current Plan

My current plan is to store an AES-256 encrypted copy of the message message.content to meet the encrypted requirement, and also store a tokenized and hashed version of the message message.hashed to meet the searchability requirement.

The tokenization/hashing method will be:

• strip the message to alphanumeric + whitespace ([a-zA-Z0-9 ])
• tokenize by splitting the message by whitespace,
• SHA-256 each token,
• rejoin all the hashed tokens into a space seperated string and stored in the message.hashed field.

Thus this is a test string becomes <hash of this> <hash of is> <hash of a> <hash of test> <hash of string>

When the user searches their search string goes through all of the steps in the tokenization/hashing method, then we query the message table for message.hashed LIKE %%<hashed string>%% and if my thinking is right, we should be able to find it.

Concerns

• Statistical analysis of hashed tokens
  • I really don't see a way around this, to make the string searchable the hashing needs to be predictable.
• message.hashed field could potentially be huge, if each word is getting a SHA256 hash, a large message could result in a very large hash string
  • maybe we just store the last 4 of the hash?
    • This would increase collisions, but the likelihood of multiple last 4's colliding in a given search string should be pretty dang small, and any collisions would likely not be valid language.
    • Would this help with the statistical analysis concern? Increasing collisions would decrease the effectiveness of statistical analysis. It would be a performance hit, but after returning all matches against the hashes I could decrypt the message.content data and search the raw search query against the unencrypted text and remove any incorrect returns caused by collisions.

I'm interested in hearing everyone's thoughts, am I being logical in my reasoning?

"Gemini Project" refers to a new network protocol and document format created by open source enthusiasts - it has nothing to do with Google.

I found this article from 2020 (shortly after the launch of the Gemini Project) interesting.

For more technical information and updated resources, see https://geminiprotocol.net/docs/faq.gmi .

AI-integrated development environment (IDE) company Cursor recently implied it had built a working web browser almost entirely with its AI agents. I won't say they lied, but CEO Michael Truell certainly tweeted: "We built a browser with GPT-5.2 in Cursor."

He followed up with: "It's 3M+ lines of code across thousands of files. The rendering engine is from-scratch in Rust with HTML parsing, CSS cascade, layout, text shaping, paint, and a custom JS VM."

That sounds impressive, doesn't it? He also added: "It kind of works," which is not the most ringing endorsement...

Too bad it wasn't true. If you actually looked at Cursor engineer Wilson Lin's blog post about FastRender, the AI-created web browser, you won't see much boasting about a working web browser. Instead, there's a video of a web browser sort of working, and a much less positive note that "building a browser from scratch is extremely difficult."

Developers quickly discovered the "browser" barely compiles, often does not run, and was heavily misrepresented in marketing.

...this week‑long autonomous browser experiment consumed in the order of 10-20 trillion tokens and would have cost several million dollars at then‑current list prices for frontier models.

Hey there,

I'm doing some mainlining stuff for Linux phones, so it'd be helpful for debugging to know C.

Sometimes I just have to figure out what a driver does that makes it fail, which is hard without really understanding the syntax.

So the question is: What are some good resources for learning C?

I mean, I roughly know what a variable or function is, as I've played with Arduinos before. I don't need an explanation that covers what programming is, but I also don't know enough to pogram an Arduino without googling the most basic syntax all the time.

I prefer guided stuff that makes me type and think over just reading specs as purely reading specs does not mean it'll stay in the head.

Hi,

How can I become a team/department lead? I guess I'm starting to feel tired of having a vision and not being able to implement it because I have 0 political power in a company.

I thought that the easiest way was to join a startup as the first person of a "department" in a company, but now I'm not sure how it's possible to get hired to a startup on the early stage.

Major new features:

• The ISO C23 free_sized, free_aligned_sized, memset_explicit, and memalignment functions have been added.

• As specified in ISO C23, the assert macro is defined to take variable arguments to support expressions with a comma inside a compound literal initializer not surrounded by parentheses.

• For ISO C23, the functions bsearch, memchr, strchr, strpbrk, strrchr, strstr, wcschr, wcspbrk, wcsrchr, wcsstr and wmemchr that return pointers into their input arrays now have definitions as macros that return a pointer to a const-qualified type when the input argument is a pointer to a const-qualified type.

• The ISO C23 typedef names long_double_t, _Float32_t, _Float64_t, and (on platforms supporting _Float128) _Float128_t, introduced in TS 18661-3:2015, have been added to <math.h>.

• The ISO C23 optional time bases TIME_MONOTONIC, TIME_ACTIVE, and TIME_THREAD_ACTIVE have been added.

• On Linux, the mseal function has been added. It allows for sealing memory mappings to prevent further changes during process execution, such as changes to protection permissions, unmapping, relocation to another location, or shrinking the size.

• Additional optimized and correctly rounded mathematical functions have been imported from the CORE-MATH project, in particular acosh, asinh, atanh, erf, erfc, lgamma, and tgamma.

• Optimized implementations for fma, fmaf, remainder, remaindef, frexpf, frexp, frexpl (binary128), and frexpl (intel96) have been added.

• The SVID handling for acosf, acoshf, asinhf, atan2f, atanhf, coshf, fmodf, lgammaf/lgammaf_r, log10f, remainderf, sinhf, sqrtf, tgammaf, y0/j0, y1/j1, and yn/jn was moved to compat symbols, allowing improvements in performance.

• Experimental support for building with clang has been added. It requires at least clang version 18, aarch64-linux-gnu or x86_64-linux-gnu targets, and a libgcc compatible runtime (including libgcc_s.so for pthread cancellation and backtrace runtime support).

• On Linux, the openat2 function has been added. It is an extension of openat and provides a superset of its functionality. It is supported only in LFS mode and is a cancellable entrypoint.

• On AArch64, support for 2MB transparent huge pages has been enabled by default in malloc (similar to setting glibc.malloc.hugetlb=1 tunable).

• On AArch64 Linux targets supporting the Scalable Matrix Extension (SME), the clone() system call wrapper will disable the ZA state of the SME.

• On AArch64 targets supporting the Branch Target Identification (BTI) extension, it is possible to enforce that all binaries in the process support BTI using the glibc.cpu.aarch64_bti tunable.

• On AArch64 Linux targets supporting at least one of the branch protection extensions (e.g. Branch Target Identification or Guarded Control Stack), it is possible to use LD_DEBUG=security to make the dynamic linker show warning messages about loaded binaries that do not support the corresponding security feature.

• On AArch64, vector variants of the new C23 exp2m1, exp10m1, log10p1, log2p1, and rsqrt routines have been added.

• On RISC-V, an RVV-optimized implementation of memset has been added.

• On x86, support for the Intel Nova Lake and Wildcat Lake processors has been added.

• The test suite has seen significant improvements in particular around the scanf, strerror, strsignal functions and multithreaded testing.

• Unicode support has been updated to Unicode 17.0.0.

• The manual has been updated and modernized, in particular also regarding many of its code examples.