HackerTrans
TopNewTrendsCommentsPastAskShowJobs

bo0tzz

4,208 karmajoined há 8 anos
bo0tzz.me

Submissions

M9 Gun Director

en.wikipedia.org
3 points·by bo0tzz·há 5 dias·0 comments

CloudNativePG and Crunchy PGO: an honest, opinionated comparison

gabrielebartolini.it
3 points·by bo0tzz·há 2 meses·0 comments

Phantom tokens: JWTs and sessions combined

zoriya.dev
2 points·by bo0tzz·há 2 meses·0 comments

Async Rust never left the MVP state

tweedegolf.nl
9 points·by bo0tzz·há 2 meses·0 comments

Why the cycle of open-source sustainability needs to be virtuous

gabrielebartolini.it
2 points·by bo0tzz·há 2 meses·0 comments

Carrot Disclosure: Forgejo

dustri.org
145 points·by bo0tzz·há 2 meses·58 comments

GitHub RCE Vulnerability: CVE-2026-3854 Breakdown

wiz.io
451 points·by bo0tzz·há 2 meses·93 comments

The Steam Controller D0ggle Adventure

im-just-lee.ing
4 points·by bo0tzz·há 3 meses·0 comments

Immich vs. ente photos – the photo backup showdown

alexandmanu.com
5 points·by bo0tzz·há 4 meses·0 comments

Technical Excellence Is Not Enough

raccoon.land
94 points·by bo0tzz·há 5 meses·97 comments

Oiling the Doors at FOSDEM

tarakiyee.com
1 points·by bo0tzz·há 5 meses·0 comments

Building the Immich Editor

immich.app
4 points·by bo0tzz·há 5 meses·0 comments

Lean, Mean, Solitaire Machine

ersei.net
2 points·by bo0tzz·há 6 meses·0 comments

Deep Stack Engineer

glazkov.com
1 points·by bo0tzz·há 6 meses·0 comments

RAII Guards and Newtypes in Rust

benjamincongdon.me
1 points·by bo0tzz·há 7 meses·0 comments

Mapping DNS

loc.place
2 points·by bo0tzz·há 7 meses·0 comments

Managing Postgres Extensions with ImageVolume

gabrielebartolini.it
3 points·by bo0tzz·há 7 meses·0 comments

Show HN: Mapping DNS

loc.place
5 points·by bo0tzz·há 7 meses·0 comments

Ret: Reverse Engineering Tool from FUTO

github.com
5 points·by bo0tzz·há 9 meses·0 comments

The Geomys Standard of Care

words.filippo.io
7 points·by bo0tzz·há 9 meses·0 comments

comments

bo0tzz
·há 9 dias·discuss
It's been available for nearly three years
bo0tzz
·há 3 meses·discuss
I specifically want the entire thing to run on workers though; if I'm hosting a separate CMS backend elsewhere, I might as well have that serve the site.
bo0tzz
·há 3 meses·discuss
I've been wanting a CMS on top of Cloudflare workers for a while, so I hope this pays off!
bo0tzz
·há 3 meses·discuss
2.6 million transactions per day [0], which in ISO 20022 XML format messages works out to (rough guess) 20GB per day for an average of 1.8Mbps...

[0]: https://www.scion.org/ssfn-scion/
bo0tzz
·há 3 meses·discuss
duplicate of https://news.ycombinator.com/item?id=47584540
bo0tzz
·há 4 meses·discuss
The Universal Declaration of Human Rights, Article 25.1:

> Everyone has the right to a standard of living adequate for the health and well-being of himself and of his family, including food, clothing, housing and medical care and necessary social services, and the right to security in the event of unemployment, sickness, disability, widowhood, old age or other lack of livelihood in circumstances beyond his control.
bo0tzz
·há 5 meses·discuss
I'll take the challenge if it gets me Oxide hardware!
bo0tzz
·há 5 meses·discuss
That is indeed what I meant.
bo0tzz
·há 5 meses·discuss
This is a myth, actual fraud rates on programs like this are tiny - especially if you compare them to the benefits.
bo0tzz
·há 6 meses·discuss
The system should undo state drift even if a run hasn't been prompted by changes to the upstream definitions in the repository
bo0tzz
·há 7 meses·discuss
I loaded up the hacker news dataset in google bigquery, which turned out https://news.ycombinator.com/item?id=42057647 as the biggest at 9624 comments. Second is https://news.ycombinator.com/item?id=43208973 at 5349.
bo0tzz
·há 7 meses·discuss
The post mentions 743 LOC records in the entire database; I'd be very curious to hear what that number's at now?
bo0tzz
·há 9 meses·discuss
1. It only works at all for internal PRs, not for forks. That is a limitation we'd like to lift if we could figure out a way to do it safely though.

2. It's running on a pretty big machine, so I haven't seen it approach any limits yet. We also only create an instance when requested (with a PR label).

3. I've of course been inspired by other examples, but I think the current pattern is mostly my own, if largely just one of the core uses of the flux-operator ResourceSet APIs [1]. It's absolutely generalizable - the main 'loop' [2] just templates whatever Kubernetes resources based on the existence of a PR, you could put absolutely anything in there.

[1]: https://fluxcd.control-plane.io/operator/resourcesets/github...

[2]: https://github.com/immich-app/devtools/blob/main/kubernetes/...
bo0tzz
·há 9 meses·discuss
Dude, I built it, surely I'd know how it works...
bo0tzz
·há 9 meses·discuss
> correctly classified as having user generated active content

No it's not

> PRs can be autodeployed to this domain without passing review or approval.

No they can't

There is no untrusted/user content on these domains.
bo0tzz
·há 9 meses·discuss
As I've mentioned in several other comments in this thread by now: The whole preview functionality only works for internal PRs, untrusted ones would never even make it to deployment.
bo0tzz
·há 9 meses·discuss
> unless one of the developers in the team published something malicious through that system

If that happened we'd have much bigger problems than Google's flagging.
bo0tzz
·há 9 meses·discuss
> Google flagged this domain for legitimate reasons.

No they didn't.
bo0tzz
·há 9 meses·discuss
There is no user generated content involved here.
bo0tzz
·há 9 meses·discuss
I'm the guy that built the system, lol. Labels can only be added by maintainers, and the whole system only works for PRs from internal branches.