jdev - 2024-09-06


  1. Schimon

    > But you can tell a reaction without any extra metadata just by looking at the content and seeing it is a single emoji I will try it.

  2. Schimon

    edhelas. How do you check for a reaction?

  3. edhelas

    > edhelas. How do you check for a reaction? The good thing about Movim is that the code is actually open :)

  4. edhelas

    https://github.com/movim/movim/blob/a4b89e1a571ebf4328a7112a146d84f38775fc7c/app/Post.php#L718

  5. Schimon

    > The good thing about Movim is that the code is actually open :) edhelas. Thank you. I know. I do not know where to look.

  6. Schimon

    This is nice. Thank you. edhelas. ``` public function isLike() { return ($this->contentraw == '♥' || $this->content == '♥'); } ```

  7. Schimon

    edhelas. I think a post about XEP-0004 would be relevant to many others; and it would generate some traffic to you. https://github.com/movim/movim/blob/master/src/Moxl/Stanza/Storage.php

  8. moparisthebest

    anyone ever tried to follow the certificate transparency log to scan for XMPP servers ? Seems good in theory... in practice looks like ~150 domains per second

  9. goffi

    Schimon: regarding pubsub reaction, Libervia don't use comments, and won't. I've authored a specification for that: https://xmpp.org/extensions/xep-0470.html it works with any pubsub node, it's not restricted to blogging.

  10. goffi

    Schimon: I can't follow all discussions here, so please ping me if you have pubsub related stuff.

    👍 1
  11. Zash

    moparisthebest, I tried running the monitoring thing, it set my disks on fire.

  12. singpolyma

    moparisthebest: certificate transparency is so noisy. In practise for many people I expect it's hard to derive value from it. Oh a new cert issued for my domain? Why? Oh some automated process somewhere or at one of my hosting or dns companies happened to run today I guess

  13. Menel

    It would work for small selfhoster. That don't have an extensive sever and vserver cluster

  14. singpolyma

    And that have a gut knowledge of when their cronjobs run and don't use any services that need a cert for any reason

  15. moparisthebest

    > moparisthebest, I tried running the monitoring thing, it set my disks on fire. Hehe yes my disks are currently burning I think I'm going to do some filtering up front and see how many domains that excludes, there are so many that are super long and have 10 levels of subdomains, maybe I'll skip all > 3 .'s for now

  16. Zash

    but aren't CT logs some kind of blockchain, thus you can't filter the logs, you need all of them

  17. moparisthebest

    What I would *like* to do is run this monitoring over 3 months which should give basically all domain names with certificates, and then try to connect to each one recording whether it supports c2s and/or s2s, and the protocols it supports for each

  18. moparisthebest

    > but aren't CT logs some kind of blockchain, thus you can't filter the logs, you need all of them Yes, reading them all isn't the problem, I was trying to store them all in sqlite so I could do ^ later but it's going to be way too many

  19. singpolyma

    Something something kafka

  20. Menel

    Poor peoples shodan

  21. moparisthebest

    Also I'm surprised by the number of wildcard certs, looking like nearly 30% are wildcard

  22. Zash

    Everybody loves wildcards. In DNS, in certs, everywhere!

  23. moparisthebest

    Menel: hehe well in ways it's better, shodan is useless for IPv6 and iirc non-standard-ports

  24. citrons

    my cert has 3 wildcards in it

  25. Menel

    Ah I thoughteith enough money it would work with everything. Wildcard will of course hide some servers. That's the goal (my goal why I use wildcards)

  26. Schimon

    > Schimon: I can't follow all discussions here, so please ping me if you have pubsub related stuff. Thank you. goffi. I will!