• 0 Posts
  • 449 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle









  • Here’s one I have saved in my shell aliases.

    nscript() {
        local name="${1:-nscript-$(printf '%s' $(echo "$RANDOM" | md5sum) | cut -c 1-10)}"
        echo -e "#!/usr/bin/env bash\n#set -Eeuxo pipefail\nset -e" > ./"$name".sh && chmod +x ./"$name".sh && hx ./"$name".sh
    }
    alias nsh='nscript'
    

    Admittedly much more complicated than necessary, but it’s pretty full featured. first line constructs a filename for the new script from a generated 10 character random hash and prepends “nscript” and a user provided name.

    The second line writes out the shebang and a few oft used bash flags, makes the file executable and opens in in my editor (Helix in my case).

    The third line is just a shortened alias for the function.







  • How does the xz incident impacts the average user ?

    It doesn’t.

    Average person:

    • not running Debian sid, Fedora nightly, Arch, OpenSUSE Tumbleweed, or tbh any flavour of Linux. (Arch reportedly unafffected)
    • ssh service not exposed publicly

    The malicious code was discovered within a day or two a month of upload iirc and presumably very few people were affected by this. There’s more to it but it’s technical and not directly relevant to your question.

    For the average person it has no practical impact. For those involved with or interested in software supply chain security, it’s a big deal.

    Edit:
    Corrections:

    • OpenSUSE Tumbleweed was affected; Arch received malicious package but due to how it is implemented did not result in compromised SSH service.
    • Affected package was out in the wild for about a month, suggesting many more affected systems before malicious package was discovered and rolled back.



  • Since you’re in EU you have quite a few options for vendors. Here is a good list.
    I looked through most of these vendors before and it’s unlikely that you’ll find everything you need to build a fully custom keyboard from a single vendor, but with 2 or more you should be able to source all the pieces you need.
    Some vendors that have a decent selection:

    Another option of you don’t mind the potentially long shipping time is to buy all the components from Aliexpress. They will likely have an expansive selection and lower price compared with EU retailers, but you may or may not end up paying tax, and the shipping time will be longer on everything.

    I managed to figure out an ugly way of getting the keyboard matrix down to 20 pins, but a much better option to using a pro-micro would be to go with an Elite-Pi or Helios Microcontroller Since it has 23 GPIO pins, and there won’t be a hacky workaround like with the pro-micro.

    One thing I forgot to mention is key switch preference, the two main types are MX (high profile) and Choc (low profile). MX switches are both easier to find and have much larger variety of both switches and keycaps. Choc is nice because it has a lower profile similar to laptop keyboards, but the selection of switches and keycaps are much more limited. There are other low profile switch types like Choc mini (PG1232), Choc V2(PG1353), and Notebook X(PG1425) switches, but they’re even harder to source than the Choc V1(PG1350).


  • Probably not exactly what you’re looking for, but for my personal use I just set up a repo in my git forge (gitea in my case) with a bunch of markdown files in various folders and a Hugo theme.

    Every time I want to update a document I can click the link at the bottom of the “Wiki” page and edit it in Gitea’s WYSIWYG editor. Similar process if I want to make a new document. When I save the changes I have a CI job (native to Gitea/Github) that uses Hugo to build the markdown docs into a full website and sync it to a folder on one of my servers where it’s picked up by a web server.

    Sounds complicated when I type it all out, but the only thing that I can reasonably expect to be a deal breaker is the Hugo software, of which there are archived versions, and even if there wasn’t Hugo’s input is just markdown, so I can repurpose however I see fit.

    You could probably do something similar with other SSG’s or even use Github’s pages feature, though that does add a failure point if/when they decide to sunset or monetize the feature.