HackerTrans
TopNewTrendsCommentsPastAskShowJobs

leafo

no profile record

comments

leafo
·11 mesi fa·discuss
Throughout this our only contacts have been representatives at Stripe and PayPal. They indicated that they got a notice and kicked off their own audit.

As far as I'm aware, the Collective Shout letter caused a "formal card network inquiry" to originate from both Mastercard and Visa. I did not have access to the actual inquiry, but my assumption is that it wasn't "we see this content, take it down" and more like "we saw this letter, look into whats going on before we do our own investigation and fine you"
leafo
·2 anni fa·discuss
Interesting, this morning I got a response from a staff member of the parent company that owns iwantmyname saying they didn't get my response with regards to the abuse notification they sent and that's why they took the domain down.
leafo
·2 anni fa·discuss
Unfortunately the domain has a hold placed on it by the registrar, so I believe transferring is disabled. I also wouldn't want to risk doing a transfer at an hour when their staff aren't available to help with the current issue.
leafo
·2 anni fa·discuss
I'm the one running itch.io, so here's some more context for you:

From what I can tell, some person made a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game. The BrandShield software is probably instructed to eradicate all "unauthorized" use of their trademark, so they sent reports independently to our host and registrar claiming there was "fraud and phishing" going on, likely to cause escalation instead of doing the expected DMCA/cease-and-desist. Because of this, I honestly think they're the malicious actor in all of this. Their website, if you care: https://www.brandshield.com/

About 5 or 6 days ago, I received these reports on our host (Linode) and from our registrar (iwantmyname). I expressed my disappointment in my responses to both of them but told them I had removed the page and disabled the account. Linode confirmed and closed the case. iwantmyname never responded. This evening, I got a downtime alert, and while debugging, I noticed that the domain status had been set to "serverHold" on iwantmyname's domain panel. We have no other abuse reports from iwantmyname other than this one. I'm assuming no one on their end "closed" the ticket, so it went into an automatic system to disable the domain after some number of days.

I've been trying to get in touch with them via their abuse and support emails, but no response likely due to the time of day, so I decided to "escalate" the issue myself on social media.
leafo
·2 anni fa·discuss
I've been trying for a few years now, trying to get something made most days. I actually made a website to track my progress by giving me a place to upload and get a GitHub like calendar streak: https://streak.club/s/8/daily-art-club

Here's my profile with my art: https://streak.club/u/leafo Currently in a gouache phase, but I have done sketching, figure drawing, watercolor, digital painting over the years

Here's the my figure drawing: https://streak.club/u/leafo/tag/figure-drawing
leafo
·2 anni fa·discuss
Lapis is very dependent on the server backend it is running in, generally OpenResty.

Last I investigated, the ergonomics of the websockets API in OpenResty didn't really seem like a good candidate for building websocket based applications. As an example, there's no trivial way to keep track of all connected clients and broadcast a message to them without overly complicated solutions. It's not trivial to listen to events from different asynchronous sources at the same time. (probably other things too but I don't remember right now) OpenResty/Nginx is not a general purpose event loop. The fact that it's primarily an HTTP webserver is evident in the design of the interfaces that are made available.

That said, there's nothing stopping you from and utilizing the `ngx` APIs directly, there are just a few considerations to be made with database connection pooling, but generally you can `require` any Lapis module and use it anywhere in Lua code. For websockets in OpenResty look here: https://github.com/openresty/lua-resty-websocket

The reason the issue is still open is not because I'm not interested in adding it, but because I didn't feel Lapis could provide a useful abstraction at this time.
leafo
·2 anni fa·discuss
I suppose I haven't really fully considered this use case, but...

There's no requirement to put your entire app in a location / {} block. You can freely use as many location blocks as you want, and those that you want to be rendered by Lapis can call serve to the app as normal.

eg.

location = /exact-match { content_by_lua 'require("lapis").serve("app")'; }

location /directory-match { content_by_lua 'require("lapis").serve("app")'; }

Keep in mind pattern matching will still happen in the app: You will need to define the routes handled by Lapis within the definition of the Lapis app. Why is it done this way? Primarily, for named routes. Typically you want to be able to generate the URL of a resource within your app's code, so by having routes defined in Lua you can easily reference those. Secondly, easy parameter parsing and the parameter validation.

> It's got some nice utilities that we use, but we ended up just using regular location {} routes each with their own content_by_lua code block and none of the lapis routing/handler stuff.

Although it's very possible to pick and choose what components to use, keep in mind that the `serve` function does some important work with connection pooling. If you are using any query related functionality outside of a dispatch it will open and close connections per request, which is not ideal for performance.