Today I Learned

Generate context with up-to-date documentation for LLMs and AI code editors

Instead of an AI hallucinating about your favorite stack/code...
Context7 will add additional context (using MCP) to the editor and voila, no hallucination anymore! And always up to date!

Today I found out that Linux kernel v6.14 is released, which has NTSync shipped with it.

NTsync was actually released in the past as well, but broken... They fixed it in Linux kernel 6.14 now.

For those using Wine on Linux to play Windows games, this is great news! The new NTSync "driver" improves support for Windows locking mechanisms, allowing applications and games to handle higher workloads more efficiently under Wine.

I use Mainline Linux in order to install the latest Linux kernel (maybe another TIL for you?).

Anyhow, have fun! Some games can have over 670% performance improvements on FPS. Like DiRT 3 for example. That is crazy right?

Using another Linux scheduler called scx_bpfland, a scheduler its job to manage the load across multiple cores effectively. scx_bpfland is an alternative scheduler built on top of sched_ext.

Long story short, you can significantly improve Linux gaming by switching to another thread scheduler like scx_bpfland, which can improve the unstable 30 FPS (with spikes) to a very stable 60 FPS game play (video link).

I also would love to combine these scheduler with other features like CPU pinning. There is a Linux CLI tool called taskset, which seems to pin cores for processes.

In another unrelated software sidekiq, taskset was also used to improve performance due to CPU affinity which in result making the software so much faster.

#TIL that #OpenRTC2 an open source reimplementation of Roller Coaster Tycon 2 exists.

Setting commit_delay = 300 (which is 300 microseconds) in PostgreSQL allows you to group write commits. And flush them by a single transaction.

This is in particularly useful if you have a lot of writes to the disk in a short time window, this will reduce the disk I/O bursts.

You could also set synchronous_commit = off as well. So there will not be a flush earlier than the specified wal_writer_delay. However, only turn this off, if your performance is more important than your data integrity. That being said, it will not cause corruptions, unlike the fsync setting (which I would strongly advise to NOT change, so keep fsync on the default setting).

And then we have wal_writer_delay. Which is the time in milliseconds how often the WAL gets flushed. This option only works when synchronous_commit if set to off!! You most likely do not need to increase the wal_writer_delay value (in fact, you might even want to lower this value).

Official docs: https://postgresqlco.nf/doc/en/param/commit_delay/

Settings to point out are in random order:

• https://postgresqlco.nf/doc/en/param/shared_buffers/
• https://postgresqlco.nf/doc/en/param/effective_io_concurrency/
• https://postgresqlco.nf/doc/en/param/max_worker_processes/
• https://postgresqlco.nf/doc/en/param/max_wal_size/ & https://postgresqlco.nf/doc/en/param/min_wal_size/

See more PostgreSQL fine-tuning at: https://gitlab.melroy.org/-/snippets/610

#TIL the international criminal court is a thing and that the International #Cricket Council doens't [yet?] have the ability to sentence people to death. #ICC
RE: assortedflotsam.com/users/News…

Private properties are counterparts of the regular class properties which are public, including class fields, class methods, etc. Private properties get created by using a hash # prefix and cannot be legally referenced outside of the class. The privacy encapsulation of these class properties is enforced by JavaScript itself. The only way to access a private property is via dot notation, and you can only do so within the class that defines the private property.

I am able to use different programming languages. I know most of the well-known languages ​​without any problems: C, C++, Java, Python, JavaScript, Typescript, PHP...

However, I wanted to expand my horizon. Zig didn't do much for me neither did Rust, but now that I've written some Golang. I admit, I'm intrigued by the language.

I love the fact it's compiled to native machine language. There is still one caveat: despite Go being a GC language, you often still need to manage your memory. Sound strange right? But I needed to use io.Copy instead of io.ReadAll to avoid memory issues. But also you need to explicitly call defer res.Body.Close() to avoid Go not cleaning-up the HTTP response.. Ow well, so you learn it the hard way. Overall, I'm still very optimistic with Go. And looking forward to use it more often in some of my open-source projects.

See my first project in Go: https://gitlab.melroy.org/melroy/gitlab-artifact-deployer-go. Which I wrote in 3 days.

Did you try Go? What are your thoughts?

https://www.performancemarketingworld.com/article/1754300/reject-cookies-new-google-button-makes-privacy-easier-%E2%82%AC150m-fine

Each AI generated polar bear, kills one real polar bear.

#meme #ai #generated #gemini #openai #dall-e #dalle #midjourney #stablediffusion #chatgpt #deepmind #polar #bear #climatechange #climate #heat #til

So thanks to OpenWRT (it's a fork but still..), we have a Banana Pi Wifi 6 router for just 35 dollars/euros.

I have used many many distros in the past, from Debian to Gentoo, from Ubuntu to Arch, etc. etc.. But I need a system that works and does the job well, hence I'm using Linux Mint for the past few years. Linux Mint XFCE Edition to be precise.

However, always during the end of the Linux Mint support cycle.. I have the issue that it's based on Ubuntu LTS, also known as long term support (instead of the latest release), causing a lot of issues in my daily work.

I just want to use the latest clang format & compiler. Or a newer GCC compiler. And/or other tools I love and use on a daily basis... The problem now I need to add a lot of manual package repos / PPA's to the version I want. Furthermore, it introduce sometimes package conflicts. Do NOT get me started with PHP8 from ondrej + Wine stable from WineHQ.

I do not want an unstable distro like Arch, my time is limited (sorry Arch lovers). I also tried Manjaro. Also broke my system once I think, I do like Manjaro. I like Linux Mint a bit more, except at the end of the support cycle (where we are now at).

That all being said, I think I'm ready for something new... Void Linux! That is right, I think I will move over to Void Linux, created from scratch. Using a rolling release, but focused on stability (we will see). It's therefore also using it's own package manager (XBPS). As well as it's own init system: "runit". Non-free packages might be a bit harder to find, but I mainly use VSCodium, Element (Matrix), Nextcloud, KeePass, Firefox, Telegram, Transmission, Wine (Windows games :P), Mumble, Inkscape and of course various dev tools: npm, go, php, gcc/clang, pip, you name it... I use them all. I think Void Linux will be a good fit. I will keep you posted.

Feel free to leave a comment if you have ideas/feedback or your own story on your distro you're using. Are you planning to distro hop again?

I used to work with Photoshop for years (industry standard, I thought). Moving to Linux, GIMP was the next to go logical step. I was never good in manually drawing vectors or embracing the vector image manipulation tooling in general which I regret now that I didn't move to Inkscape from day one. Yes, I used Inkscape back and forth but I used Gimp more in the past years.

Inkscape is 20 years old and improved a lot in terms of usability in the past 10 years! I still think the right-sidebar options are too much hidden to be honest. For some unknown reason to me the Inkscape UI was just confusing for me. But I get the hang of it now (I think :D). Except exporting to plain SVG is still a bit strange where the image size I entered is not becoming the SVG document size during a SVG export. Inkscape still has a lot of room for improvements in those kind of areas.

That being said, I embrace SVG images more and more! I use it for business logo designs and recently also for Mbin logo designs.

I'm not going back to Gimp for logos that is for sure. And you shouldn't either, use Inkscape!

🩸 A Killing In The Market 📈

(or)

that time in the 1820s when war was traded openly on the stock market 💀

New comic ⬇️
https://www.historyshapes.com/a-killing-in-the-market/

@[email protected]

#History #Histodons #Comics #WebComics #Cartoons #TIL #TodayILearned #DidYouKnow #DYK #Greece #GreekIndependence #OttomanEmpire #1820s #UKHistory #EuropeanHistory #England #EnglishHistory #BritishHistory #ComicStrip

Ledger Live, the most popular crypto hardware wallet software, is tracking and transmitting sensitive user data to third parties.

If you are running big applications on top of PostgreSQL or having a lot of queries your performance might be impacted. By default the default PostgreSQL configuration is to say the least, less than ideal. Same is true for MariaDB but that is out of scope now.

Performance fine tuning your server configuration is key for better overall improvements and making the best use of your hardware! Increasing several key configuration settings in PostgreSQL can already make a huge impact! In the guide below I explain which configuration you need to pay extra attention to and also advise to increase huge pages under Linux when you're using PostgreSQL or MariaDB for that matter.

Please follow the latest PostgreSQL configuration I shared here for Mbin specifically, but can be applied to any application using a PostgreSQL DB: PostgreSQL guide

For more information on fine tuning MariaDB, Nginx, PHP or other Linux kernel configurations, I advise you to checkout my snippets on my GitLab instance: https://gitlab.melroy.org/-/snippets/609, https://gitlab.melroy.org/-/snippets/92, https://gitlab.melroy.org/-/snippets/87

Like [email protected]

Some people might think you can only use or set environment variable of the service in docker compose eg.:

my-service:
  image: lts-alpine
  environment:
    MY_SECRET_KEY: ${MY_SECRET_KEY}

But the same ${} syntax can be used to set a version of Docker image of PostgreSQL, like in this example below:

my-service:
  image: postgres:${POSTGRES_VERSION:-13}-alpine

If nothing is set, version 13 is the fallback value. Now you can set POSTGRES_VERSION environment via your shell. Or leverage the .env file of Docker:

POSTGRES_VERSION=16

When running: docker compose --env-file .env up, Docker should now use PostgreSQL v16 Alpine as Docker image.

Bonus: The docker-compose.yml filename is an old filename, use compose.yml from now. Same for other Compose files like compose.override.yml.

More info: https://docs.docker.com/compose/environment-variables/set-environment-variables/ and https://docs.docker.com/compose/environment-variables/set-environment-variables/

When you want to cherry pick a specific commit from another remote, you do NOT need to manually copy files or fetch a patch. It's git after all...

So when I try to cherry pick a commit from Kbin and merge it back into Mbin in cases we want changes back in Mbin as well you can use git cherry-pick.

But first follow these steps below, which assumes you already have cloned Mbin repository locally and are in the working directory of Mbin (eg. main branch):

git remote add kbin https://codeberg.org/Kbin/kbin-core.git
git fetch kbin
git checkout -b call-it-what-you-want  # Creates a new local feature branch

# Now check the log on the other remote and other branch
git log kbin/develop

# Finally, cherry pick the commit you want, use the commit hash here
git cherry-pick  <commit_hash>

To all instance owners. If you are using Nginx and use the following security header:

add_header Referrer-Policy "no-referrer" always;

Please, consider changing this setting to (note: same-origin):

add_header Referrer-Policy "same-origin" always;

Which should be safe enough for users, while also fixing all the redirect issues the user (or you) might experience with your own Mbin instance.

Referer headers are used to store the previously requested pages/URLs. This can be used to navigate back from which the user came. There are also alternative methods like putting this information in the query string or adding a cookie or session data.

Either way, for now consider changing to same-origin when using Mbin.

Ps. if you are using Apache or Caddy.. Well you know what to do^^

Yes, I also saw the popup today. Youtube trying to block me because of ublock origin. I will move away from youtube if I can't use ad blocker anymore.

Today Bun v1.0.3 has been released. But it's still not ready for production in most cases. Eg. cluster module is not implemented yet.

I also wrote a blog post about Bun (the pros and cons): https://blog.melroy.org/2023/bun-v1.0/

Whether you will try to migrate to Bun it up to you, just know that Bun isn't a fully drop-in replacement of NodeJS. Maybe it will never be? Just like Deno is also not a replacement of Node.

The new AMD vulnerability discovered by @taviso and his team makes all AMD zen2 processors vulnerable. Also known has Zenbleed.

I compiled the demo code and there we go, I can see lot of information getting leaked from the memory. Not great, it's the AMD variant of the meltdown/spectre bug basically. It uses however an "optimization" operator (cvtsi2sd) to trigger the vulnerability in the CPU allowing to read 30kb/core/second of data. No special permissions required. Works on all platforms, all operating systems, VM or docker, it doesn't matter...

This vulnerability was found using fuzzing, which is an automated way of injecting wrong input values and see when or if something breaks or not.

Currently only EPYC processors have received a fix. All other AMD Zen 2 processors are still fully vulnerable. There are also no BIOS firmware updates yet. I doubt wherever this premature public release from AMD was intentional or not...

More info: https://lock.cmpxchg8b.com/zenbleed.html

Lemmy was/is vulnerable for XSS attacks.

Hackers try to inject JavaScript code that tries to steal your (ideally admin) cookie credentials. It seems that the admin account of lemmy.world was compromised this way (MichelleG). Other instances aren't safe either. Which could point to the custom emojis feature in the federate comments, meaning a lot of external instances could be effected by now.

Incorrect escaping of user input data could lead to these issues. Kbin just recently discovered a similar regression issue and which has been solved by now. But it seems that Lemmy was or still is vulnerable to this attack factor.

Mitigation action Lemmy users: You might want to disable JavaScript in the meanwhile.

Mitigation action for Lemmy server owner: Disable custom emoji:

DELETE FROM custom_emoji_keyword;
DELETE FROM custom_emoji;

Clean-up the exploit content:

UPDATE comment SET content = '<REMOVED BY ADMIN>' WHERE content LIKE '%![" onload%';
UPDATE private_message SET content = '<REMOVED BY ADMIN>' WHERE content LIKE '%![" onload%';
UPDATE post SET body = '<REMOVED BY ADMIN>' WHERE body LIKE '%![" onload%';
UPDATE post SET name = '<REMOVED BY ADMIN>' WHERE name LIKE '%![" onload%';

Rotate your JWT secret (invalidates all current login sessions):

UPDATE secret SET jwt_secret = gen_random_uuid();

Note: Even just opening a link to a vulnerable Lemmy instance could allow hackers to steal your cookies or sessions credentials. Therefore I will not share or allow people to share URLs of comprised / vulnerable instances.

Without proper CI/CD workflow jobs, errors are easily made without noticing it (or noticed too late). Especially when multiple developers are contributing towards your code base. Maybe your project is open-source?

When developing in a (large) piece of software, automated building & testing are crucial aspects to avoid regression impact of the code archive and even deployment.

The latest best practices are to setup a good and stable continues integration. Ideally also add a continues delivery setup for your project. Meaning that each pull request you receive will automatically try to build, test and deploy the code.
With testing I mean unit testing, functional tests, integration and E2E tests. And maybe UI tests if your application has a frontend as well.

Personally, I use GitLab for all my own projects, GitLab has a great CI/CD pipeline feature built-in their software. I'm running multiple GitLab runners, ready to pick-up requests. Which could be a unit-test running a Docker container, software build using GCC compiler or deploying my code live towards dev, acc and production.

Lacking such a well thought out CI/CD pipeline might result is build issues, regression issues or in the worst case down-time or unhappy users. Try to avoid this by using CI/CD for each of your open-source projects.

Have fun programming!