Programming

cross-posted from: https://lemmy.bestiver.se/post/895059

Comments

https://positive-intentions.com/blog/quantum-resistant-encryption

demo: https://cryptography.positive-intentions.com/iframe.html?args=&globals=&id=cascading-cipher-ml-kem-demo--mlkem-standalone&viewMode=story

code: https://github.com/positive-intentions/cryptography/blob/staging/src/crypto/CascadingCipher/layers/MLKEMCipherLayer.ts

Changing Piefed Worker Scaling to be Based on Queue Size in Kubernetes with KEDA
I recently caused myself a bit of a minor issue by installing some updates on the Keyboard Vagabond cluster. It wasn't a big deal, just s...

The vast majority of events (talks, hacking sessions, open discussions) are held inside “developer rooms” (“devrooms”), which are mini-conferences organized and managed by open source projects themselves.

It’s also FREE !! 🥳

And there are cookies 🍪

cross-posted from: https://lemmy.dbzer0.com/post/62659556

Edit: I managed to get it working by using :has and nesting css classes!

body:has(#theme-toggle:checked) {
  background-color: #eff1f5;
  .content {
    color: #4c4f69;
  }
  .header {
    color: #8839ef
  }
  .nav {
    background-color: #dce0e8;
    color: #4c4f69;
  }
}

I'm making a website for my school's robotics team and I'm trying to create a dark theme toggle but it's just not working. I'm trying to avoid javascript and I've seen this kind of thing done with only css and html before so I know it's possible. any advice?

repo: https://github.com/WrenHavoc/JudgeMent-Call-Website

edit: currently my code looks something like this:

#theme-toggle:checked ~ body {
  background-color: #eff1f5;
  color: #fff;
}

#theme-toggle:checked ~ html {
  background-color: #eff1f5;
}

#theme-toggle:checked ~ .content {
  background-color: #eff1f5;
}

the button itself is a checkbox that has display set to none and the label set as an svg so when you click the icon, it gets checked.

<input style="display: none;" type="checkbox" id="theme-toggle">
                <label for="theme-toggle" class="theme-button">
                    <img class="theme-button-svg" src="./icons/half-moon.svg">
                </label>

I used a similar strategy when making the menu for the site so I know it should work

.menu {
  position:absolute;
  margin:0%;
  right:20px;
  top:20px;
}

.menu-button {
  position: relative;
  display: flex;
  flex-direction: column;
  justify-content: space-between;
  width: 30px;
  height: 22px;
  cursor: pointer;
  z-index: 2; /* above menu */
}

.menu-button span {
  display: block;
  height: 4px;
  background-color: #cba6f7;
  border-radius: 2px;
  transition: all 0.3s ease;
}

.menu-items {
  top: 30px;
  right: -20px;
  width: 200px;
  background-color: #181825;
  position: absolute;
  display: none;
}

.menu-items li {
  margin: 20px 0;
}

.menu-items a {
  text-decoration: none;
  color: #cba6f7;
  font-size: 18px;
  padding:5px;
}

.menu-items a:hover {
  text-decoration: none;
  background-color: #cba6f7;
  color: #181825;
  font-size: 18px;
}

.menu-selected {
  text-decoration: underline;
  text-decoration-color: #cdd6f4;
  text-decoration-thickness: 3px;
}

.menu-selected:hover {
  text-decoration-color: #181825;
}

#menu:checked ~ .menu-items {
  display: inline;
}

#menu:checked + .menu-button span:nth-child(1) {
  transform: rotate(45deg) translate(5px, 7.5px);
}
#menu:checked + .menu-button span:nth-child(2) {
  opacity: 0;
}
#menu:checked + .menu-button span:nth-child(3) {
  transform: rotate(-45deg) translate(5px, -7.5px);
}

<input style="display: none;" type="checkbox" id="menu">
                <label for="menu" class="menu-button">
                    <span></span>
                    <span></span>
                    <span></span>
                </label>

I hear they are good, make it easier to maintain code-bases. Most often I reach for python to get the job done. Does anyone have experiences with functional languages for larger projects?

In particular I am interested to learn more on how to handle databases, and writing to them and what patterns they come up with. Is a database handle you can write to not ... basically mutable state, the arch-nemesis of functional languages?

Are functional languages only useful with an imperative shell?

I hope this post fits in this community :)

I'm trying to wrap my head around how authentication works with micro services.

Say we have a system, with a frontend, that communicates with an API gateway, which in turn communicates with all the micro services.

As I understand it, we authenticate the client in the API gateway, and if we trust the client, the request are forwarded to the micro services.

However, what is stopping a malicious actor from bypassing the API gateway and communicating directly to the micro services ?

Do we solve this problem using a firewall, so only trusted traffic reaches the micro services ?

Or do we still have API keys between the API gateway and the micro services ?

Or is there a third way ? :)

All the articles I've read seem to assume, that we can trust all traffic entering the micro services

I want to write a reader for multiple lightweight markup languages. It must only support pretty basic "rich text" features (bold, indent, lists, such things), complicated formatting and not-matching tags will be entirely ignored.

I don't want to use a intermediate file like pandoc does, since it should not convert but only display.
Which is why i thought of using a "mapping file" for each language. Guess it should support hierarchies, since formats like Markdown require context (prior line has this and next line that), so it will likely be in YAML/TOML/JSON.

Is this sufficient, or is there any better approach for simple addition of markup languages?
Or other projects doing similiar, i could learn from?

The context is a simple mbox/eml reader for a start (html and markdown), and the experience/ideas will be used in a bigger project later, with more language support.

An interesting perspective on the future of software development. I short: software that can save energy (token) consumption, will survive.

Task

I'm working on my final project for school, we are supposed to make a web app of our choosing and there has to be specific features in it. One of it is all data must be encrypted, and the other is that we have to have a search functionality. My app (A customer support framework) has a ticket functionality where customers can submit help request tickets, the contents of these tickets need to be encrypted at rest, at the same time admins need to be able to search contents of tickets.

Current Plan

My current plan is to store an AES-256 encrypted copy of the message message.content to meet the encrypted requirement, and also store a tokenized and hashed version of the message message.hashed to meet the searchability requirement.

The tokenization/hashing method will be:

• strip the message to alphanumeric + whitespace ([a-zA-Z0-9 ])
• tokenize by splitting the message by whitespace,
• SHA-256 each token,
• rejoin all the hashed tokens into a space seperated string and stored in the message.hashed field.

Thus this is a test string becomes <hash of this> <hash of is> <hash of a> <hash of test> <hash of string>

When the user searches their search string goes through all of the steps in the tokenization/hashing method, then we query the message table for message.hashed LIKE %%<hashed string>%% and if my thinking is right, we should be able to find it.

Concerns

• Statistical analysis of hashed tokens
  • I really don't see a way around this, to make the string searchable the hashing needs to be predictable.
• message.hashed field could potentially be huge, if each word is getting a SHA256 hash, a large message could result in a very large hash string
  • maybe we just store the last 4 of the hash?
    • This would increase collisions, but the likelihood of multiple last 4's colliding in a given search string should be pretty dang small, and any collisions would likely not be valid language.
    • Would this help with the statistical analysis concern? Increasing collisions would decrease the effectiveness of statistical analysis. It would be a performance hit, but after returning all matches against the hashes I could decrypt the message.content data and search the raw search query against the unencrypted text and remove any incorrect returns caused by collisions.

I'm interested in hearing everyone's thoughts, am I being logical in my reasoning?

AI-integrated development environment (IDE) company Cursor recently implied it had built a working web browser almost entirely with its AI agents. I won't say they lied, but CEO Michael Truell certainly tweeted: "We built a browser with GPT-5.2 in Cursor."

He followed up with: "It's 3M+ lines of code across thousands of files. The rendering engine is from-scratch in Rust with HTML parsing, CSS cascade, layout, text shaping, paint, and a custom JS VM."

That sounds impressive, doesn't it? He also added: "It kind of works," which is not the most ringing endorsement...

Too bad it wasn't true. If you actually looked at Cursor engineer Wilson Lin's blog post about FastRender, the AI-created web browser, you won't see much boasting about a working web browser. Instead, there's a video of a web browser sort of working, and a much less positive note that "building a browser from scratch is extremely difficult."

Developers quickly discovered the "browser" barely compiles, often does not run, and was heavily misrepresented in marketing.

...this week‑long autonomous browser experiment consumed in the order of 10-20 trillion tokens and would have cost several million dollars at then‑current list prices for frontier models.

"Gemini Project" refers to a new network protocol and document format created by open source enthusiasts - it has nothing to do with Google.

I found this article from 2020 (shortly after the launch of the Gemini Project) interesting.

For more technical information and updated resources, see https://geminiprotocol.net/docs/faq.gmi .

Without human feedback, LLMs tend to write software like an early-career engineer - code that solves the immediate problem but tends to accumulate “design debt” over time, leading to software that’s becomes brittle and buggy.