The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
Update on what happened across the GNOME project in the week from July 21 to July 28.
Update on what happened across the GNOME project in the week from July 21 to July 28.
Mr_Figtree 1 year ago • 100%
Mr_Figtree 1 year ago • 100%
Hello again from the Rust Leadership Council. In our first blog post, we laid out several immediate goals for the council and promised to report back on their progress. It has been about a month since our first update so we wanted to share how it's going and what we're working on now.
Update on what happened across the GNOME project in the week from July 15 to July 22.
Update on what happened across the GNOME project in the week from July 15 to July 22.
Mr_Figtree 1 year ago • 100%
Mr_Figtree 1 year ago • 100%
so I can totally ditch chromium/electron
GNOME Web isn't Chromium-based and does support PWAs, so it might work for your usecase.
Mr_Figtree 1 year ago • 100%
Someone I know recently switched from automatic bathroom lights to manual ones. Remembering to turn them on isn't an issue, but months later everyone still forgets to turn them off.
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software. What's in 1.71.0 stable ========== * C-unwind ABI * Debugger visualization attributes * raw-dylib linking * Upgrade to musl 1.2 * Const-initialized thread locals
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software. What's in 1.71.0 stable ========== * C-unwind ABI * Debugger visualization attributes * raw-dylib linking * Upgrade to musl 1.2 * Const-initialized thread locals
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software. What's in 1.71.0 stable ========== * C-unwind ABI * Debugger visualization attributes * raw-dylib linking * Upgrade to musl 1.2 * Const-initialized thread locals
Mr_Figtree 1 year ago • 100%
And .box
has been registered as a generic TLD now, so you could run into external .box domains.
Mr_Figtree 1 year ago • 100%
They're not going to have open signups. It's government agencies only. Not that there's technically anything stopping Germans from joining the PR departments of our government agencies…
Mr_Figtree 1 year ago • 92%
So what you're saying is that Twitter successfully kept out a bad actor.
It's a shame that most of the users they have left are also in that category, but hey, they seem to be working on it.
Bevy is a refreshingly simple data-driven game engine built in Rust. It is free and open-source forever! --- Since our last release a few months ago we've added a *ton* of new features, bug fixes, and quality of life tweaks, but here are some of the highlights: * **Screen Space Ambient Occlusion (SSAO)**: Increase scene render quality by simulating occlusion of "indirect" diffuse light * **Temporal Anti-Aliasing (TAA)**: A popular anti-aliasing technique that blends the current frame with past frames using motion vectors to smooth out artifacts * **Morph Targets**: Animate vertex positions on meshes between predefined states. Great for things like character customization! * **Robust Constrast Adaptive Sharpening (RCAS)**: Intelligently sharpens renders, which pairs nicely with TAA * **WebGPU Support**: Bevy can now render on the web faster and with more features using the modern WebGPU web API * **Improved Shader Imports**: Bevy shaders now support granular imports and other new features * **Parallax Mapping**: Materials now support an optional depth map, giving flat surfaces a feel of depth through parallaxing the material's textures * **Schedule-First ECS APIs**: A simpler and more ergonomic ECS system scheduling API * **Immediate Mode Gizmo Rendering**: Easily and efficiently render 2D and 3D shapes for debugging and editor scenarios * **ECS Audio APIs**: A more intuitive and idiomatic way to play back audio * **UI Borders**: UI nodes can now have configurable borders! * **Grid UI Layout**: Bevy UI now supports CSS-style grid layout * **UI Performance Improvements**: The UI batching algorithm was changed, yielding significant performance wins
Mr_Figtree 1 year ago • 100%
You'll still have the people who are opposed to any telemetry at all, but I think that would do a lot to alleviate the concerns.
Mr_Figtree 1 year ago • 100%
These are all fine in the US, but in other countries not carrying proof of identity can get you into some trouble, as can refusing to talk to the police. Know your local laws.
Mr_Figtree 1 year ago • 100%
Ah, I see. Looks like that should enable people to take individual domains off the list, too, if they want their extensions to work on just some of them.
One's a bit raw and touchy, but the other is vintage stuff, brought up to date
Mr_Figtree 1 year ago • 100%
Is there a list somewhere of these “quarantined” domains?
Mr_Figtree 1 year ago • 100%
uBlock Origin seems to be included in the whitelist, so I'm sure the point of this isn't to show you ads.
Mr_Figtree 1 year ago • 100%
A FreeRTOS derivative has gone through the effort of getting certified for safety critical applications, but that derivative is sadly proprietary. Even if FreeRTOS itself can't meet that bar, though, the work wouldn't have to start from scratch.
Mr_Figtree 1 year ago • 100%
Looking at it optimistically, maybe we'll start seeing some improvements in documentation as everything else becomes useless.
Mr_Figtree 1 year ago • 100%
Kbin enhancement script to the rescue! One of its features is showing the domain on federated posts and users.
Update on what happened across the GNOME project in the week from June 16 to June 23.
The FIA has closed off a potential loophole in Formula 1’s cost cap regulations to prevent teams from making use of staff outside of spending restrictions.
If you recently generated a new API token on crates.io, you might have noticed our new API token creation page and some of the new features it now supports.
Mr_Figtree 1 year ago • 100%
kbin.social is a Kbin instance, not a Lemmy instance, so it's not stopping lemmy.world from being the biggest Lemmy instance.
Mr_Figtree 1 year ago • 100%
Both of the RHEL clones, Rocky Linux and AlmaLinux, build images for the Raspberry Pi 4. Those should fit your needs nicely if you're looking for something familiar and stable.
Tantivy is a high performant full-text search engine library written in Rust. The library is inspired by Apache Lucene and acts as a foundation to build a search engine, we use it to build our distributed search engine Quickwit.
Servo is an independent, modular, embeddable web rendering engine written in Rust.
Pirelli boss Mario Isola admits that he doesn't know why Formula 1 teams have rejected the opportunity to introduce blanket-free intermediate tyres within the 2023 season.
Mr_Figtree 1 year ago • 100%
Subscribed. See also !firefox@fedia.io (https://fedia.io/m/firefox | /c/firefox@fedia.io | /m/firefox@fedia.io), which is run by an /r/firefox mod.
Mr_Figtree 1 year ago • 100%
Yeah, a real priest understands that he is expected to die rather than reveal anything he heard in confession, while this guy was passing everything along to the boss.
Mr_Figtree 1 year ago • 100%
Fallout: New Vegs - a post-apocalyptic farming simulator.
Mr_Figtree 1 year ago • 100%
There's a risk here of reputational damage when Ernest or other instance admins show up as the owner for some of the less savory communities out there.
Mr_Figtree 1 year ago • 100%
I'm certainly not trying to karma farm. I haven't seen any total "karma" score on kbin, and don't think that there should be.
There's a ‘reputation’ score, but it's fortunately pretty pointless (it's boosts minus downvotes/reduces, upvotes don't count).
As of today, RFC 3392 has been merged, forming the new top level governance body of the Rust Project: the Leadership Council. The creation of this Council marks the end of both the Core Team and the interim Leadership Chat.
Mr_Figtree 1 year ago • 100%
Ah, I see. Maybe one of the offices they're actually using and also not paying the rent on next? A man can dream.
Mr_Figtree 1 year ago • 100%
So far it doesn't look like he's getting away with it. Ad revenue is down 60% compared to last year, it doesn't look like there is enough revenue from subscriptions to make up for that, and they're being evicted from one of their offices.
Mr_Figtree 1 year ago • 100%
I like that it's at the bottom. That encourages at least skimming the other comments before you add your own, hopefully cutting down on the number of times people comment the exact same thing.
If you want it to be at the top instead, that's one of the options provided by the Kbin enhancement script.
On Mastodon, reports go to the admin of your own instance, and optionally also to the instance that the post originates from. The admin of your own instance sees that you're the one who made the report, the admin of the other instance only sees which instance you are from. On Kbin, there are potentially four levels of moderation involved, depending on how deep moderation goes here: * The moderators of the magazine the content is posted to * The admins of the instance the magazine is on * The admins of the instance the user is from * The admins of the instance you're viewing the content on There is no indication on the report screen which of these people the report goes to. So where does it go? As for where I think it *should* go, it probably should be possible to report content to any of these four, especially when it comes to content that could cause legal issues for any instance that federates it, but on the other hand not every report is going to be relevant to all of them. Ernest doesn't need to be bothered about someone posting memes about bananas in a serious magazine about serious grapefruit science, for example. Some granularity would be good.
Mr_Figtree 1 year ago • 100%
They've been trying them in US cities for a while too. One got a bit of media attention after telling someone using its emergency call button to ‘step out of the way’ and then wandering off humming a tune.
Mr_Figtree 1 year ago • 100%
Way ahead of you. In fact I posted this TWIG in there a day before you did :P
Mr_Figtree 1 year ago • 100%
For a more general solution, that will redirect you from anywhere to anywhere else, check out Redirector. Being more flexible does make it a bit more fiddly, of course.
Intended audience: OCaml/SML programmers learning Rust; new-wave functional programmers who haven’t used older languages like OCaml or Haskell, but who might be interested in a certain abstraction technique. Note that “ML-style module” refers to the ML family of programming languages, not machine learning.
The FIA has revised an earlier change to the barriers at Montreal’s first corner ahead of Sunday’s Formula 1 Canadian GP following consultation with the drivers. [[Some of the complaints (racefans.net)](https://www.racefans.net/2023/06/18/not-the-safest-f1-drivers-unhappy-with-change-to-turn-one-barrier/)]
Mr_Figtree 1 year ago • 100%
And the dream of a Hülkenberg podium goes on (probably briefly).
Mr_Figtree 1 year ago • 100%
I'm on Kbin and see this. Kbin.social seems a little bit overloaded at the moment so that's probably why people are having trouble with federation.
One hundred weeks ago, on Friday 16 July 2021, “This Week in GNOME” was launched - the first post was "#1 Scrolling in the Dark". Since then TWIG has grown into a vibrant community, and has become a weekly ritual for many people—both for developers who share their work, and for curious readers who want to follow the development of GNOME.