frg_Away: Danke, läuft

so yeah as long as hg.m.o is under attack they basically have to ban a bunch of stuff including it seems chromium UAs

but it should work on Mozilla-based stuff

as far as my testing goes

hi nsITobin

Good morning

i slept

clownflare (on the PM end)

therube: news.ycombinator.com/item?id=43380388

ooh, the Clownflare agent joined the discussion in the forum too!

> Quite the contrary and this has never been our goal. There is also no anticompetitive angle we are seeking. We don’t participate in browser related engagements to date. We don't have logic in our systems that specifically target the major browser vendors. We rely on well known browser standards to implement our checks.

LOLOLOLOLOLOL

With the team we agreed we can be more specific with the issues identified as it does not pose a security risk. Pale Moon lacks support for these two functions:

canvas fillText()

DomRect.toJSON()

OK, you should have said that 45 DAYS AGO

...do we support those?

> Pale Moon does need to support CSPs as well (including in web workers). Specifically these directives:

> At this moment, it's not possible for us to remove checks for these for Pale Moon. We continue to explore options, but if Pale Moon implements these, we can take care of the lack of JS function support listed above.

nope, can't do, for realsies

It's irrelevant

even if Pale Moon gets special treatment it doesn't do dick for SeaMonkey or anyone else let alone the next time

Anyway, we *really* need to get that Clownflare Clown on board here too

yeah

do CLownflares even know that IRC exists?

and I would rather see the Unified XUL Platform, MY XUL Platform, destroyed than bow to cloudflare terrorism

or you must be this tall to play

no

hmmm, we don't support DOMRect.toJSON()...

...WTF, why a rectangle must generate JSON!?

i don't even know the fuck that is

...Firefox 62

yes i know but WHY

why would a rectangle need to be by js accessed with a json result

because JSON is the new XML

why would you use xml to seralize the bounds of a rectangle client side?

and not use dom to get attrs

I can recall how every Enterprisey™ computer rag in the late '90s claimed the future was XML

for EVERYTHING

it is

just an aborted future

the rightful future in tech is an XML ecosystem

nowadays the new crop of web kids deemed XML was "too verbose" and... replaced it with JSON, because see, JavaScript is the only thing that matters

(and Rust)

The other one seems to be developer.mozilla.org/en-US/docs/We…I/CanvasRenderingContext2D/fillText

but... apparently we do support that?

wicknix: you been silent.. you're a stake holder too as an on again off again browser developer and implimentor

that's Firefox 3.5!

and know the problematic state of anything MCP with strongarm tactics and neogotiations

tomman: it isn't even that everyone switched to not-xml its that the stuff that replaced it sucks worse than any issues XML ever had

Seriously, we need to find a way (legal, of course) to get that Clownflare agent here talking to us

...it will cost two arms, a leg, and possibly one virgin sacrifice or two

but we must hit while the iron is hot

frg_Away: how is our mailnews core doing?

hi, I'm looking into an interesting issue with SM on Gentoo - since some time chatzilla stopped being packaged (even though it is built), It seems it may have something to do with the build finishing with an .xpi file (now) instead of unpacked extension directory.

any chance anyone remembers switch like that happening?

to pinpoint it more precisely: somewhere between 2.53.7 and 2.53.18 :>

weird, I'm using both the stable releases and the nightlies and it's built-in

the extensino as such is built all right, but the gentoo ebuild script has some special treatment of locales - effectively removing the .xpi from install directory.

it used to re-create it in the past, but my guess was, that something has changed and the ebuild hasn't been updated accordingly.

well, if anyone remembers, I'd be glad to hear about it, but it's not a big deal really

hi hrosik can you link the ebuild?

gitweb.gentoo.org/repo/gentoo.git/t…onkey/seamonkey-2.53.20.ebuild#n484 is the likely culprit (but my understanding of the locale thingie there is none)

is it slow?

yeah that's not responding for me they may have hotlink protection

hrosik: I can't access that file

or the entire domain

is it ipv6 only?

they seem to be treating this improperly

why are they fucking with chatzilla's XPI at all

k, I am not suited to comment on this..

also why are they still making provisions for npapi

What I am suited to comment on is why having bundled extensions is a terrible idea.. it should be an integrated component or external to the software package on some add-ons site somewhere

for these very reasons

frg_Away: is there a bulk way to do qimport?

horsik some changes in 2.53.8

Bug 1604663 Bug 1707458

nsITobin I usually edit the series file directly. Never looked but doubt it.

well successive commands seem to need you to either apply foreach after import or to import without applying foreach but reversed cause it always seems to insert a patch as next to be applied

Long time since I used. If I have an existing patch I just copy it into patches and put it in the place in the series where I want it.

hrosik Myckel might know

code is incorrect for sure. xpi is either localized or the SeaMonkey language pack contains the translations.

translations are also incomplete. el and ka missing among others. lt is dead.

window.navigator.deviceMemory

wat

why websites need to know how much RAM I have!?

ah yeah, so that's for someone that wants to write a sysinfo app replacement for HWiNFO or AIDA64 :D

in Web Technologies™, of course

yeah so they know how much to overshoot it to cause hangs for undesirable versions?

seems like a cloudflare technology

least as of late

Iltasanomat has now also stopped working with Seamonkey

it is my opinion that system packagers on average cannot be trusted to take special care when you deviate and even less care if you deviate from the deviation.. there are exceptions like deu and buck

the content is shown for a very short time and then all elements are removed from the page

but in general...

And it only has a text "Jokin on rikki.

Yritä ladata sivu uudelleen hetken kuluttua."

news.ycombinator.com/item?id=43360642 apparently "Mozilla is stupid for not implementing WebUSB", a obvious security vulnerability

what is a WebUSB?

however, I'm also pleased to report that at least one out of each two Hackernews actually hates webUSB

Sompi: give your web browser raw access to USB devices

because writing native flashers and other tools these days is "icky"

what the fuck

only Google implements that, and sadly it has been well received by some device OEMs

know what.. with recent shifts in narratives and global power structures.. we are gonna be put in to a position to eventually defned Mozilla its self as a dirivative cause they knock down the last of Mozilla's.. whatever the modern version of integrety is.. and they come for us next..

And the Chromium developers came up with that?

implementing from keyboard customization tools to... cellphone firmware flashers

Apple and Mozilla rejected it for good reasons

well b2g is back

That should be a _very_ obvious security vulnerability

but kids these days consider that downloading native software is "dangerous" and that the web browser is oh-so-much-convenient to brick your cellphone AND get tracked

i bet it gets merged back into mozilla central

But somehow people nowadays don't even see USB chargers as a security risk

well people who believe in native apps only do so until they "Get theirs"

see a former BinOC Associate

They just plug it in not caring that it is using a universal data port

"webtech is crossplatform, otherwise you get Windows-only software"

not MCP-aligned

And soon even a webpage can talk to your charger?

that's the usual excuse these days

Sompi: don't worry, that's why the Battery API is for

...not sure if that one got shot down, or if Google pushed forward with it

"This is the reason I don't use firefox and opt for Edge instead. Mozilla's ridiculous stance on WebUSB, WebSerial and other web-forward tech is bizarre. It shuts out a huge hobbyist community and diminishes web as a platform."

didn't knew the web was a OS

Wonder if native apps will be mainstream by 2030...

or if they will be relegated to niche stuff, old computers, and dinosaurs like me

tomman: I wonder if I will have the means to run a computer a year from now

in my case that would be...electricity :/

my hardware is aging

and it has been through hell already

and yeah often making it is a 20 dollar difference between just barely enough and going without

I did some major hardware refresh last year, thankfully

although well, I had to settle with tech of 2014 and 2021, but still...

problem however is the endless power outages and surges/fluctuations here

I'm not sure if I can even use those new boot-locked computers that can only run Microsoft Windows. They need a Microsoft account to even log in and I have always had problems with those. I'm probably shadowbanned or something

I wouldn't trust them with my files anyway.

So i been testing to see how well a running conversion from git commit history to hg would be.. I used UXP as the repo to test with cause it is massive but not too massive and already presents a number of git challenges like the constant merge commits .. I first tried a direct conversion then a conversion from draft to patch but merge commits threw a wrench in then i tried every git commit and that failed to work.. then I tried exporting the hg

conversion to patches and importing that.. and history tracking falls down with branch to branch to branch to master bullshit.. nothing aligns with any specific history.. so then i finally settled on git to hg conversion as-is and only work futurewise and I have found if i follow master branch and skip merge commits it seems to work fine.. This use case is the most likely avenue for maintaining a continued hg repo for central once they shut down

theirs.. But we will have to see HOW mozilla lands shit in git. If they want sustainability they will AVOID merges like the plague but once people get on them git flows.. their smarts seem to flow away.

frg_Away: thanks for the pointers, (and yes, I hope Myckel will find a suitable solution)

nsITobin I only did it manually a few times with commit ranges. Formatting patches are numbered and can be directly converted into a series file but yes merges are bad. It is the same with mozilla hg and autoland etc... as seen in the wip repo with the mozilla-xxx.patches.

Foreca just stopped working on SeaMonkey: foreca.fi/Finland/Lapinlahti/havaintohistoria?s=1020002788

It worked just minutes ago but now it does not show the weather information anymore

if I started directly with mozilla i'd likely have been discuraged.. which is why I tested with something less massive but still hefty and using seamonkey gitlab would be cheating ;)

frg_Away: it was already difficult cause I had to prep the git repo just to get a clean master branch.. see UXP had a problem when we were holding off webcomponents so we were running two trunks and two release branches.. well Moonchild's happy ass decided to just merge and ever since we have had TWO histories the redwood history and the history that includes webcomponents and as you know webcomponents landed without being largely operational .. for

git it can be a bit of an issue but converting to hg had both histories visable and because hg doesn't know they are same patches for the vast majority it nearly doubles the commit history and repo size.. the solution is prep the repo with a single branch clone then sever from origin and manually remove all tags and prune and gc THEN singlebranch clone that to a second repo and import to hg from that

the more I work with hg and mq the more I dislike how git works that low entry point has a LOT of consiquences

If it were not for hg mq it would probably be just different but this is the killer feature for me. Shtashing stuff and merging is soo time consuming if not everything applies 100%

At the old workplace svn was already bad but git seems to top it a bit here.

guess when older versions and historical fidelity aren't important git is great for all cases

And as usual doesn't matter git has won and everything else is on the way out.

git won't last

something else will sweep it away

google scc with ai control :)

hg being python is an issue

long term

microsoft co-source :)

oh god

<nsITobin> hg being python is an issue

hg people being hostile to reimplementations (vowing to add more things that need intimate knowledge if people manage to do the current thing that according to them also needs it) is a bit of an issue

well they need to understand if they don't do something someone is gonna rust them out

certainly won't be ported to C by anyone

it would be rust

also as a well known hostile person regarding their own stuff.. they need to .. get over it.. we're well past saving things because its ours.. we have to save it because it helps people.

least I think so and it is at LEAST better than just sticking to being hostile

43 patches in 6 weeks

that's all they have done

how many patches did you backport last release frg_Away ;)

what is "The Right Way (TM)" to create maildir account?

wish i knew anything about maildir

apperently i busted it for a year and no one noticed until after i was out on my ass

sooo

the only resource I found was referring to setting some preference for *default* account creation and then creating a new account

... and can't find again what preference that was :)

does maildir (not dropmail, right) even work across platforms?

given its naming scheme has filenames with colons in them

s/dropmail/movemail/

benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX "Clownflare: We Own Your Passwords"

nsITobin didn't do much lately. A bit burned out. Mostly woked on wip before.

it is hard to muster one of those give-a-damns with how this year is shaping up

or maintain one

Well president Dumb and his russian friend are bad enough but just too mal real life issues and uphill battle with backporting. But will continue for sure :)

The real issue right now is elon.. and the project 2025 people

but i suspect elon is gonna fall hard

he is out of control and not officially anything.. it is pretty perfect actually

the fallout I fear is people becoming dismissive or restrictive to techies that got out of hand across the board

when the technocracy fails or simply fails to get a foothold.. the techies are gonna be blamed

regardless

nn

rest well

nsITobin: I'm afraid you might be putting too much hope into people caring about techies that get crazy. chances are, that people will only notice too late that something went wrong (as in letting people without any eduaction in humanitites rule society)

... not that things like that haven't happened in the past

there are a lot of disterbing parallels with how I used .. largely don't anymore .. act and how Elon hacks.. if I was a little dumber a bit more sociable and had unlimited resources there is a high probibility i would act no different and it scares me. It is a crime that I am left in this condition but not of my own.. what IS my own failure is reflecting that back out allowing rage and superiority to co-op my other capabilities as if that was the

source of them.

hrosik: so much so I am basically forcing my self to relearn virtually all my skills to eliminate taint from it..