#development

I guess in case some software intercepts it and "creates" it itself

it tells you what exactly is creating it

it gets stored on your phone locally

if your phone has a TEE it gets stored there (aka hardware attestation)

if your windows machine has a TPM it gets stored there also

what if i lose the phone? arent they keys backed up to google?

I think they are

Cause I have keys I saved to my android on my iphone because I have google logged in

not sure if its backed up to google but its possible

so basically we are handing it all to google

not sure

im sure if that happens you can toggle it off though

as bad as google is they cant force you to

my main concern tho is how to access my accounts if i lose my phone and/or google account

sucks to suck

don't lose your phone L

similar problem as to losing a password manager or password

but im sure you can backup the keys somehow

its probably OS dependent

you can view them here on windows https://support.microsoft.com/en-us/windows/manage-your-passkeys-in-windows-6a70599a-25e1-4461-86be-d67d1023c69f#:~:text=You can use the Settings,saved for apps or websites.&text=Note%3A some passkeys for login,the device and Microsoft services.

I mean at a certain point there is no way to prevent something

they can allow you to backup your keys, but if you lose access to the places you backed them up there's nothing else you can do except maybe get new ones generated but idk how that works

tim

ok i just tested it out, looks pretty cool

i think i will need to learn shaders if i want to make anyway remotely cool

when logging in i can chose whether i want to use username+password or a passkey device

so i can still use user+pass if i dont have myphone

i pray for your mental health

and the best part is the server only gets your public key, so if the company/server gets breached no user credentials get leaked

damn no rust implementation

im not trying to impl webauthn myself

fuckkkk that

its really easy actually

i did it in rust

i made this and thought it would be infinitely more cool if it has some kind of shader animations to it

my backend is going to be in rust

it was easier to implement than in nodejs

I dont have the paitence to use rust rn

:O

awesome

but there are a few steps involved and you need to understand what to verify

so its best to use a library

there is one for rust

where

they must of not updated teh website for it then

https://crates.io/crates/webauthn-rs

https://github.com/kanidm/webauthn-rs

I guess there is that

you think the rust community wouldve missed a single opportunity to port something to their language?

webauthn is cool ig, but I dont see its uses for me rn

thank

Actually I can use it for vidcord

not any of my other ones

not really

icba seting up vaulwarden, jhust gonna use bitwarden itself

now i just need to manually move over all my 50+ accounts that i have written in plain text

:^)

bad thing with it though is the webauthn standard supports authenticator attestation

that means a website can force you to use a single authenticator to login

specific*

that makes sense for a business perspective, a company might want employees to use the company's own internal authenticator

google could make it so if you want to use webauthn, you have to have an unrooted phone or another phone approved by google/the company

if its rooted the TEE will not sign the attestation

and google will know

but thats the only downside and i doubt theyd do that

also, i know why my windows doesnt have the option to store locally

i dont use lock screen

:^)

most secure IT system in brazil

i havent used a windows password in 20 years

longer than how old most people on this server are

tim

you need a password.....

omw to tims computer rn

good luck finding your way through the brazilian jungle

Windows encrypts your passwords and passkeys with your password so that makes sense

i've always found windows passwords the most useless thing in the world

because 1, theres only me, and 2, i can just boot into some recovery iso and remove the password

dw, im very resourceful

Just tell me a 50 ft radius at least

:^)

perhaps your windows security is the brazil itself

third world security: danger

yea tbf

Id rather jump off a mountain than go through the brazilian jungle

my country's government literally only use windows defender as a security measure in their database 😭

when relatively famous but loved-by-community people make a kickstarter campaign

this is timnet

i wish it was me

me too

secure boot + bitlocker + password protected bios:

bootlicker

• rust backend to ensure prevention of memory corruption

Right, so im not too sure on how swap memory works, but if a program requires at least 12gb of ram to function properly...could I substitute that with swap if I don't have the full 12gb?

you dont control swap from inside the program

Well no, but as the program is using ram, I can make the os prefer swap over ram no?

like on linux vm.swappiness controls how often the os swaps between ram and swap memory

Yeah you can adjust the "swapiness"

but I am wondering will this be sufficient

I dont want to upgrade to a higher ram server rn to run a test rust server

so I was wondering if I could just use swap in place of the missing ram needed

I think your best bet is to optimize your program first

you dont need to tho

wdym

rust requires at least 8-10gb (12gb preferably)

I only got 6

the program will ask for whatever memory it needs, the OS will simply do its best, which includes many things, including swap, memory compression, paging files, etc...

ok

but tim

thats not what im asking

if the OS cant meet the requirements, the program will just run slow or crash

I know the os will do its best

but will swap be sufficient to fill in the holes or is that not how swap works

Swap usually starts by dumping inactive programs memory to disk

if you have 6gb ram and 6gb swap, it will be sufficient to run the program, it will just run slowly

The memory still has to be in physical memory at some point

Fair enough thank you

But if the same program has to use all physical memory and swap at the same time it probably wont work

well

Its worth a try

I don't have the money to upgrade rn, and quite frankly I am bored and want to try my hand at making rust plugins again

const enum variable6 {
test = 1, test2 = 3
}
console.log(typeof (3 as variable6))

why does this still show as a number?

like i can remember, in java we could take normal numbers, and cast them to enum types.
How can we do that in ts?
I assume that as is like cast in java/c++?

typescript?

ye

as in typescript only changes the ts type

not the js type

in this case you would need to write custom logic to do this

there is no way to cast a number to an enum built in

look at the compiled code and you'll see why

poise?

I mean, you can definitely make use of macros here

It would be similar to what @radiant kraken made for our rocket routes

let me

get the code

one sec

#[macro_export]
macro_rules! gen_command_routes {
    ($($command:ident),*) => {
        $(mod $command;)*

        #[inline(always)]
        pub fn routes() -> Vec<Something> {
            vec![$($command::$command),*]
        }
    }
}

and you'd use it

gen_command_routes! {
  ping
}

providing that your ping cmd file is called ping and your command fn is also called ping

so

// ping.rs
pub async fn ping() {}

then you would just

commands::routes() where you tell poise what commands to load

Sorry if this is confusing (I myself hardly understand macros) I just vaguely know how to read it

@covert gale It helps to think macros like regex

* matches zero or more

tbh

macros are exactly just regex

but rust specific regex

btw

that macro expands to

mod ping;

pub fn routes() -> Vec<Something> {
  vec![ping::ping,]
}

now if you gave it multiple

gen_command_routes! {
  ping,
  avatar
}

it expands to

mod ping;
mod avatar;

pub fn routes() -> Vec<Something> {
  vec![ping::ping,avatar::avatar,]
}

Let me break it down for you

#[macro_export]
macro_rules! gen_command_routes {
    ($($command:ident),*) => {
        $(mod $command;)*

        #[inline(always)]
        pub fn routes() -> Vec<Something> {
            vec![$($command::$command),*]
        }
    }
}

Note: $ declares a macro variable containing the matched result
($($command:ident),*) - Match a identifiers that can either be zero or more (aka you can have zero, or you can have more than zero)
$(mod command) - basically puts mod ping into the file
No idea what #[inline(always)] does tbh, I know it inlines it but no idea why you specify always
vec![$($command::$command),*] - Specify that you are putting in, zero or more references to $command (the macro variable containing the identifier passed to the macro) becoming something like vec![ping::ping

@covert gale ^^^

This is the best I can do to explain it

@radiant kraken can likely explain it better if I missed anything

Pretty much

Its quite literally just rust specific regex

https://doc.rust-lang.org/book/ch19-06-macros.html

Here is a detailed explanation

I cba to read it tho

No problemo

Just make sure to credit null

realistically you'd be doing this in a mod file inside the folder commands

// mod.rs inside commands folder
gen_command_routes! {
  ping
}

then inside main.rs

commands::routes()

to get the vector of commands

here's a good comparison of rust and zig
https://www.youtube.com/watch?v=rKXsZno9ijw&t=176s

Using zig in sandboxed environments like AWS lambda is even a use case to use zig over rust
https://youtu.be/rKXsZno9ijw?t=778

inline always strongly suggest the rust compiler to inline the function, as just #[inline] is not a 100% guarantee but merely a suggestion

you don't need to! hahahaha

you explained it pretty well :)

programmers insisting on explicitly specifying inline even though single line functions already get inlined automatically

if applicable*

depending on usage of functions you can make inlining impossible

can someone help? i am having a weird ass issue

const { client } = require("../../ufo");

if i have this in a specific file it works, if in another file it doesnt

is the "another file" in the same folder?

in extra, its undefined in in BotStatus its working fine

did u save the file?

does ufo.js require extra.js?

ye ye lol

not really

does ufo.js require a file that requires extra.js?

that import chain restriction is ridiculous lmao

no lol

where is ufo in the file tree?

you sure about that? because this smells like a circular dependency

outside functions and then outside src

try creating a new file and importing it

if it works, then it's circ depend

easy way to test (and fix), in extra.js, remove the require from the top of the file, and put it inside the function that needs to access the client

yeah it works like that

then it's what tim said

hmm

I dont get why js has issues with that, only other lang I know that cannot deal with bidi imports is delphi

because cjs is line-by-line sync

it loads a file and parses it, when it reads another require, it loads the next file and parses that, before finishing parsing the previous file

that sounds inefficient

welp, thats how they chose to do it

because the file being required is not just parsed, it is also executed

does esm also have that issue?

and to be executed, it needs to have everything it needs loaded

it does have a few more ways of dealing with it, but yes, it has the same issues

because like, if you have a file1.js like this:

console.log(10)

and you require that file, it will log, because the code executes

buf if your file1.js is like this: ```js
require("saomething else")
// or import something else

console.log(10)

the console.log needs to execute regardless

so what if it needs to log the contents of the loaded files?

not possible to log that without the full file chain being resolved synchronously

so if a single lib in the chain has bad code like an infini loop then it'll get stuck if a single file references it

yes

unlike compiled langs where a compiler examines the code and puts it together beforehand, an interpreted lang will dynamically load and run the file during runtime

// a.js
const b = require("./b.js");
console.log(b);
module.exports = "A";

// b.js
const a = require("./a.js");
console.log(a);
module.exports = "B";

what would happen if you run either of these?

a.js needs to log the contents exported by b.js, but when b.js loads, it needs to first log the contents exported by a.js, but a.js is still waiting for b.js to deliver its exported content, but it wont do it before it logs what a.js is exporting

so it will loop infinitely until it exceeds maximum stack size (not sure about this, maybe node is smart and just stops it from looping), and just return undefined

Basically i might have found the issue

ufo.js requires a path called api.js
api.js requires ufo.js (it works fine though)
api.js requires a functions file extra.js
extra.js requires client.js

generally, one should never export anything from the main file

if ufo.js is your main file, the one you run node ufo.js on, it should never be exporting anything

if it has something that needs to be exported, put that something in a separate file and import it in the main file

i am only exporting redisClient & the discord client

i think the issue is with the redis client

gonna do it in a seperate file

thanks 🤝

also, ideally you should not be exporting created instances

for example if you have a class in a file (like the discord "Client" class), the file should export the class, and the file who imports it should instantiate (new Client) the class

the file where the class is should not export a "new Client" directly

its also better for the class or instance of a class to call/require the functions/files it needs, and not the other way around

how do you properly pass the discord client to your api routes file then?

a function in extras.js should not require client, the client should require extras.js

if the bot is the main program, when you run the bot, you create the api server and pass the bot instance as a parameter to use in the routes
if the api server is the main program and the bot client is just an extra, you create the api server and inside it somethere you create the bot client to use in the routes

there are a million different ways to do things, but in general there is usually 1 thing that is the main thing the program is doing, and everything else is extras or addons to the main program

its much easier to design things with that in mind than trying to have multiple "main things"

Yeah exactly

Main thing is obv the bot in my case

the api is an addition for my dashboard

const app = express();
app.use(cors());
app.use(bodyParser.json());
app.listen(PORT, () => {
  console.log(`API running on port ${PORT}`);
});
app.use("/", require("./routes/api"));```

thats how i currently do it, this is in the main ufo.js file

why ufo btw

bot name haha

ah

how does api.js look like?

This is what it requires

const router = express.Router();
const { v4: uuidv4 } = require("uuid");
const { redisClient } = require("../ufo");
const { PublicKey } = require("@solana/web3.js");
const { Web3 } = require("web3");
const { BotStatus } = require("../src/functions/BotStatus");
const web3 = new Web3();
const { client } = require("../ufo");```

what does it export?

the router?

correct

you can do something like this:

// api.js
module.exports = function createRouter(client) {
  router.get(...);
  router.post(...);
  return router;
}

// ufo.js
const createRouter = require("./routes/api");
app.use("/", createRouter(client));

in fact you can move the entire express part into the api.js file

dont need express at all in ufo.js

ufo.js can just do ```js
const api = require("./routes/api");
api.start(client, PORT);

and have a start function do all of the initialization and routing of express

thats smart!! cool cool thanks alot

if you want to store them to look at them later, then yes

but there are special dbs for that

one that supports append-only writes

such as time-series dbs

you can also let the OS handle that

linux itself for example stores all logs in various append-only log files

you can easily setup something that redirects all stdout into some log file and then just print/console.log stuff away

but a proper time-series database will give you a lot more tools to work with such data

ah i see, thank you!

Shit's bullshit let me cast my thing pls

pls ts

mannn all my bot does is dm ppl who join the server..
shit's annoying

@quartz kindle do you like my horrible physic thing https://8000.webhook.pet/

"casting" is for types, types are not values

in js types dont exist, only values

in ts, types exist, but they are removed when compiling

yeah i know, it's sad cuz i always liked the feature

though it's not needed, i can just use a switch right

ngl, this earns an instant block from me

[*]

dyno and mee6 are blocked for this very reason

😭

mannn

are they still blocked

cuz idk it;s not harmful right

yes they are

I wont unblock anytime soon

it's not harmful but annoying af

damn

especially mee6 cuz it's everywhere

sorry ig

It really depends. I often saw advertisements for "partner" servers when joining a server

yeah that shit is annoying asf indeed

lmfao looks pretty fun hahahah

i am joining a gaming community and out of nowhere i get 18+ servers shoved into my screen

fr fr

ion know gang but the physics seems off

one got stuck, cant create more xd

ye its very hard to fix when idk shit about physics

xD

lmfao me too

I may need to redo my amazing js

https://8000.webhook.pet/index.js

(I should just use a library for this)

you probably wanna use requestAnimationFrame()

ok now it uses matterjs for physics which seems to work a lot better (who couldve guessed)

is it live?

i just see a dark screen with some settings buttons, but i dont see a way to start/create the blocks

right click

ah

they dont move tho?

did you set it to static

ah

xD

physics engines always have issues with "resting" position

throw a bunch of objects in a pit and they will keep moving forever and never settle

ye

still fun

oh god

xD

this doesnt seem to work well tbh

oh wait i broke importing oof

nvm

nice

I can almost hear source engine's clank sound from the bottom part

Am i a bitch that i secretely fall in love with wordpress?

I used to do all my website coding in html, css etc but damn that was crazy

Wordpress is so easy to manage

that's why non-coders use it

😭

it's easy & cheap to get a website running

yeah

So far ive been creating my sites in plain js/ts and html/css with bootstrap

Its been a pain cant lie

Is react worth it to speed up the process of developing a site?

personally I hate react

first because it's very prone to dependency hell

I see

second because the source quickly becomes unreadable if you lower your guard

I see yeah thats true

Could i basically rely solely upon a css library and plain js/html?

on react? not really

you need to use react in react

No i mean without react

I like doing sites with pure html5 kit

i hear everyone talking about react and thst its a must have etc, but idk i find it bs cuz ive been creating some good sites without

dynamic pages are a bit complicated, but jquery is a thing

but idk i find it bs cuz ive been creating some good sites without
react is the mainstream thing, it by no means mean you cant make good sites without it

it's like python, it's easily the most popular lang

Yeah true

but it doesn't mean anything else is inferior

I'd say use html or the closest-to-html library you can find

the output becomes clean and you get better grip on your changes

Damn you gave me hype. Ill stick with the vanilla shit and bootstrap then

i am a big svelte advocate i love you svelte

i used to be hardcore vanilla css/html

i am like 10x more productive with svelte and tailwind

I'd even ditch bootstrap tbh

I never liked how "pre made" it felt

That shit makes my site responsive tho

Without i am lost

Lost in the sauce

nah, you can easily make responsive sites by using flexbox

bootstrap is more for standardized themes

you can easily make your own stylesheets and have 999x less classes on elements

crazy

yeah that's true

i've been relying way too much on bootstrap

fuck it guys i go in raw

plain html and js

but if u like bootstrap then it's fine too, my reason for avoiding is that it feels too much like theme packages I've used before

it works dandy, until you need to change something

then it's documentation hell to find out how to do it without cascade breaking

btw, intellij has built-in browser preview if u use it

u dont need to keep refreshing to see changes

yeah that's true

overridding is litearlly a cancerous job to do

if you're gonna write your own CSS, check out LESS or even SASS

being able to nest CSS rules makes everything so much easier and smoother

also never forget that instead of ```css
#parent #this {

}

#parent #that {

}

#parent .those {

}
u can just docss
#parent {
#this {

}

#that {

}

.those {

}
}

wait, is that built in now?

i dont remmeber that ever being possible without LESS/SASS

idk, found out when I was making the roulette thing

it was made using pure html + css (+ js later)

no libs or anything

oh dayum

i didnt know they actually made it built in, finally holy shit

ie is dead, so no need to worry abt it anymore

Just waiting for jxl to get support 😦

jxl?

jpeg-xl

oh

chrome had a flag for it, then it was removed.
https://caniuse.com/jpegxl

considering what happened to jpeg2000

i wouldnt count too much on it

Safari supports it, chromium just chose avif over it

https://caniuse.com/avif

all I want is anything other than gif on discord

I just want sharp to add native support, but they refuse because chrome wont.
But chrome wont, because webdevs dont.

So its a circle of no one adding support because others wont.

what yall think of this logo

imo it's too white

could also do this

what about black?

white aint gonna work as the background is bright already

yeah try black

could even use transparent, then darken the logo if page background is too bright

hmm black let me see

i made it more fun and deployed sir @quartz kindle https://physics.rjansen.dev/

xD

horrible src is here https://github.com/0x7d8/physics

smh abusing the cubes

:^)

if it had sound

xDDDD

add it

i dare you

will do it later

oh wait, u mean to the app?

just get the source engine collision sound and add it to onCollide or whatever you use

yes

can i send svgs in embed image?

or just image

just image afaik

mhm

ok so is it better to use canvas or svg?

ik canvas is more cpu intensive. im thinking of drawing stuff using svg then load it onto canvas and stream the jpg to embed image

idk if that will be faster because im like drawing shapes and texts and some icons on it

thats gonna be more cpu intensive than using canvas directly, but it depends on what you're drawing

a couple of rectangles

and couple of images

like a banner

if the end result is gonna be to output an image, going canvas directly is probably preferable

hmm

i feel like if i were to add some animations canvas will start causing issues

or lag

where do you want to display those animations?

whereas svg is just simpler to work with no? and it just loads faster

on the canvas

i mean, where on the user's end

ah on embeds images

on discord?

yea

the animations will be in the image itself

what animation formats does discord support?

idk that

gif, mp4, anything else?

gif

ig

idk if they support apgn or animated webp

mp4 will be weird

in any case, those are all done better with canvas

ive seen png images ebing animated and shown on discord

got it

svg animations are done by css, you cant put that into an image

mm, ok so is there a way for me to add text into a rect on canvas and tell me to automatically take the width of the text?

or do i have to calculate the text width and adjust it

you have to calculate stuff, but canvas does offer a measureText() method

ic, also canvas positioning is all absolute right?

is there any relative positioning i could use

yes, its all based on XY 2d coordinates

alr

you'll have to calculate those yourself

man wish there was an easier way

welp, its a good learning experience

i enjoyed watching my shit slowly turn up good looking with canvas

yeah. gotta learn some optimal ways to write text and draw on canvas and make it load in less than 50ms

when choosing one or the other, you just need to question yourself:

and the funny bugs i got from miscalculating stuff

do you NEED infinite resolution?

my only concern is canvas taking too long

(also discord doesnt display svgs)

canvas scales exponentially with resolution, how large do you need your images to be?

im trying to compress all my images considerably small. but if i allow users to like upload their own image it might be problematic

well not exponentially but like cubically or something, idk

like showing a banner

it's cubically yeah square

w * h

you can resize user uploads if they are too large

how big is the banner? like 600x200?

yeah smaller than that

then its fine

you can easily generate those in < 100ms

yeah well there gonna be 2 images, lets see. also is there way i can like fit this image to have cover object fit into a rect?

like on canvas i have a rect of some 100x200, i want to fit the banner in this box

and have rounded corners

yes, canvas's drawImage method has variables for source cropping/resizing and destination resizing

for rounded corners you will need to use clip paths

can.t i use roundRect and then add some image as bg?

sure

how

how what exactly?

how do i do this

ig need to use clip path

TPS: 22 / 240 (9%)
Bodies: 2917, Removed 1513

very small slowdown

canvas has something called "composite operation"

thanks

https://developer.mozilla.org/en-US/docs/Web/API/CanvasRenderingContext2D/globalCompositeOperation

scroll down to example images

for example

you draw the image you want

then you change mode to destination

then you draw the rectangle on top of the image

otherwise you can also do clip paths, with beginPath(), moveTo(), lineTo(), arc(), closePath() and then clip()

@lyric mountain it has been completed

it sounds absolutely horrible

but it SOUNDS

scale the sound pitch with the size of the object

xDDDD

nah someone make a pr (ok=

just got a dm from someone

"hi, im a developer and i have a client that wants to use your api, can you help me"
"i asked chatgpt to parse the response your api gives me, but the result is wrong"

developer in 2024

crazy

its not even hard, i literally gave him copy pastable code to parse the api response into the format he wants

and hes still asking chatgpt to do it for him

and getting wrong results

lmfao

"developer" my ass

We need a no-ai website like nohello

dontasktoask is also one of my personal favourites

i wish i could send it on Teams to my colleagues

lol

what yall think of the little design on the bottom left corner

it's a webpage that explains how we check for downtime.

tryna make a very minimalistic site

(site colors are orange, white and black btw)

maybe black actually loops beter!

in this instance i like the white better

but black doesnt look bad either

I prefer black

feels lighter on the eye

same

have you ever seen this? should all these people just be banned?

well those people are people who flagged by discord/cloudflare because spamming scam links

idk but that's my guess

i have a few of those on mine, i didnt do anything to them

they didnt do anything either (yet)

It just means they are marked as a spammer

You already see that marker in chat, up to you if you want to ban

They are more than likely already disabled / restricted from chatting in or joining servers

i should just kick them. they might spam other members

Uhm I highly doubt that

As I was looking in a server I own, and null had that next to her

They disable only some of the time

Generally if it’s a new account or if the account shows indicators of compromise

i joined 121 servers and i'm surprised there's none that is a spamming server

I mean, u need to kinda look for to be in one

👀

Love it

yeah fair enough

Why does on_dbl_test but not on_dbl_vote literally makes no sense

Anyone here ever use grafana with nginx and cloudflare origin certs? I am running into an issue where visiting the page it shows a 400.

grafana.ini

[server]
# Protocol (http, https, h2, socket)
protocol = https

# This is the minimum TLS version allowed. By default, this value is empty. Accepted values are: TLS1.2, TLS1.3. If nothing is set TLS1.2 would be taken
;min_tls_version = ""

# The ip address to bind to, empty will bind to all interfaces
;http_addr =

# The http port  to use
http_port = 3000

# The public facing domain name used to access grafana from a browser
domain = grafana.greenzone101.com

# Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks
enforce_domain = false

# The full public facing url you use in browser, used for redirects and emails
# If you use reverse proxy and sub path specify full url (with sub path)
root_url = https://grafana.greenzone101.com/

# Serve Grafana from subpath specified in `root_url` setting. By default it is set to `false` for compatibility reasons.
serve_from_sub_path = false

# Log web requests
;router_logging = false

# the path relative working path
;static_root_path = public

# enable gzip
;enable_gzip = false

# https certs & key file
cert_file = /etc/ssl/certs/somecert.pem
cert_key = /etc/ssl/certs/somecert.key

nginx

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name grafana.greenzone101.com;

    ssl_certificate /etc/ssl/certs/somecert.pem;
    ssl_certificate_key /etc/ssl/certs/somecert.key;

    ssl_verify_client on;
    ssl_client_certificate /etc/ssl/certs/cloudflare.crt;

    location / {
      proxy_pass    http://127.0.0.1:3000;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
    }
}

nginx looks setup properly

it seems to be the grafana.ini file causing problems

remove the certs from grafana.ini and set it to http only

you're not using them at all, you're connecting via http

Since I got my bot added to Top.gg, I've been getting errors with my bot, which forces it to go offline. Been getting an error with webhooks, and also this one here.

      throw new DiscordAPIError(data, "code" in data ? data.code : data.error, status, method, url, requestData);
            ^

DiscordAPIError[50013]: Missing Permissions
    at handleErrors (F:\YannaBot\Bot\node_modules\@discordjs\rest\dist\index.js:730:13)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async SequentialHandler.runRequest (F:\YannaBot\Bot\node_modules\@discordjs\rest\dist\index.js:1133:23)
    at async SequentialHandler.queueRequest (F:\YannaBot\Bot\node_modules\@discordjs\rest\dist\index.js:963:14)
    at async _REST.request (F:\YannaBot\Bot\node_modules\@discordjs\rest\dist\index.js:1278:22)
    at async TextChannel.send (F:\YannaBot\Bot\node_modules\discord.js\src\structures\interfaces\TextBasedChannel.js:177:15) {
  requestBody: {
    files: [],
    json: {
      content: undefined,
      tts: false,
      nonce: undefined,
      enforce_nonce: false,
      embeds: [
        {
          color: 3447003,
          description: '![YannaLevelUp](https://cdn.discordapp.com/emojis/1267046635217879091.webp?size=128 "YannaLevelUp") @coarse belfry, you have reached Level 1!'
        }
      ],
      components: undefined,
      username: undefined,
      avatar_url: undefined,
      allowed_mentions: undefined,
      flags: undefined,
      message_reference: undefined,
      attachments: undefined,
      sticker_ids: undefined,
      thread_name: undefined,
      applied_tags: undefined,
      poll: undefined
    }
  },
  rawError: { message: 'Missing Permissions', code: 50013 },
  code: 50013,
  status: 403,
  method: 'POST',
  url: 'https://discord.com/api/v10/channels/707673693160996895/messages'
}

Node.js v20.14.0```

your bot is trying to send messages to a channel where it has no permissions

the channel ID is 707673693160996895

you can look up this channel in your bot's channel cache, and check which permissions are causing the issue

but ultimately you will need to check permissions before sending the message, and you also need to catch the error if sending fails to prevent the crash

Only thing I can think of is that its within a server thats added my bot

Well I fixed it partially

now its sending this tho

whats your config now?

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name grafana.greenzone101.com;

    ssl_certificate /etc/ssl/certs/greenzone101.com.pem;
    ssl_certificate_key /etc/ssl/certs/greenzone101.com.key;

    ssl_verify_client on;
    ssl_client_certificate /etc/ssl/certs/cloudflare.crt;

    location / {
      proxy_pass    http://127.0.0.1:3000;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
    }
}

and in grafana I set http_addr to be 127.0.0.1

since it was assigning to * aka all interfaces

did you remove https from grafana?

no

because I need it to be https

you dont need grafana to be https

oh?

you already have nginx

proxy_pass http://127.0.0.1:3000

nginx connects to grafana via http

Thanks tim

you are a godsend

https is only for outside networks, you dont need https for internal networks

I was under the assumption grafana needed to be https as well

Cause thats what the docs told me

only if you expose it to the outside

and access it without nginx

well thanks a lot tim

<3

np

yes but you still need to do those checks in your code, otherwise your bot will keep crashing

is someone able to help me in #topgg-api

what is grafana

        private async Task<long> GetBalance(string playerId)
        {
            long res = 0;
            _sqlite.Query(new Sql("SELECT balance FROM player WHERE playerId = ?", new object[] { playerId }), _conn, async result =>
            {
                result[0].TryGetValue("balance", out object balance);
                if (balance == null)
                {
                    Debug.LogError($"Economics: Error reading balance: {balance}");
                }
                res = await Task.FromResult(Convert.ToInt64(balance));
            });

            return await Task.FromResult(res);
        }

For some reason this looks wrong

It doesn't seem to error but like

        private async Task<long> GetBalance(string playerId)
        {
            // Set an initial res value to be 0
            long res = 0;

            // Perform an sql query to get the balance based off the playerId
            _sqlite.Query(new Sql("SELECT balance FROM player WHERE playerId = ?", new object[] { playerId }), _conn, result =>
            {
                // Check if result is empty, if so report it. Later make this so it actually reports at some point.
                if (result.IsEmpty())
                {
                    Debug.LogError("Economics: Nothing found for that user.");
                }

                // If result is not empty, balance must exist.
                var balance = result[0]["balance"];

                // Convert balance to be an Int64 aka long
                res = Convert.ToInt64(balance);
            });

            // Return res as a task result
            return await Task.FromResult(res);
        }

Cool graphs

grafana is beautiful

we love grafana

prepare-statements in sql lets go 🗣️

i see so many sql prijects on github not preparing their statements.

is there a way to preview html files on discord?
Not the actual code inside the html file, but a preview of the actual site the file described.

Me getting prepared for my statements against sql and how you should totally just use a json DB :)

Oops I forgot my /s

what's the use of Task#FromResult here? not critiquing just literally never seen it

not really no

Bro, js is weird as fuck, now extra.js and BotStatus have only 1 function easy, exactly the same, one of them works fine once i require a file and the other it doesnt

still having circular dependency issues?

i can't believe intel stock just crashed. it only too 2 generations of faulty processors to make it happen

Tbf many chipmakers aren’t doing well rn

its a pretty major deal though, its a huge blow to the company's percieved trust

its like the boeing situation

yeah, it's been rough for the silicon industry

My poor AMD shares are down pretty bad rn

Still up from what I bought them at but still

Same with my NVIDIA stock

Never would’ve bought Intel stock though. They’ve been downhill for years

lel

they might be a buy in a a year or so

Doubt it

they'll be bailed out

People have been saying that for years

Their stock peaked in literally 2000

dont they have a new foundry being built now

They haven’t been able to capitalize off of the modern era of chip making and to me that’s a very bad sign that something isn’t right there

something isn't right

AMD is doing much better than Intel ever has, I trust them a lot more

yeah, just fixed it seperated everything lol found out it was a stupid ass mistake from my side

xD

So i can return a value while using async

Ive not used async without using Task so idk how else to do it

ah that makes sense

you absolutely should be using task for async

this isnt the norm yet?

immediate critical vulnerability if you dont use them

even sanitizing values before inserting into an sql query is risky

best to tell the db engine whats sql and what isnt

no look at github

like 40% of the projects don't prepare their statements

or sanitize anything

https://tenor.com/view/face-mask-guns-redneck-hazmat-gif-16608474

cron.schedule('0 5 * * *', () => {
  scrape();
}, {
  scheduled: true,
  timezone: "America/New_York" 
});

hey guys i am a bit restarted right now.
i want to run the script at 12 am, each day in est time. Would this be configured right/

idk about the whole am pm type thing, i use 24h like any other country

https://crontab.cronhub.io/

that means at 5am

0 0 * * * should be correct

owh damn

so that's 12 in the morning right?

its 0:00 so 12am

wait no i remember 0 0 being at night

ah so 0 12 would be in the morning?

i think you are talking about 12pm

yes

ah yeah

thankss!

r word

it is tho ngl

shit got me confused asf

i dont get why 12pm is 12:00

and 1pm is 13:00 ????

that together is so weird

couldve just done 1-12 = am
13-24 = pm

that is called 24h-time format

Ye ik

That's normal

It throws an error to try to edit the components an interaction reply that already has a few

How may I avoid it?

https://tenor.com/view/misinformation-spreading-spreading-misinformation-online-gif-4543841945782036495

you need to set the hook to the other but then reverse it so that and then you need to reload it.
It's not that hard tbf

Real

Aw, I just realised that I forgot to use .setCustomId() for the new components

Nevermind, it still throws the same error

rawError: {
    message: 'Invalid Form Body',
    code: 50035,
    errors: {
      components: { '0': { components: { '0': [Object], '1': [Object] } } }
    }
  },

i hjate it when i explain stuff to others but they end up ignoring me

lemme retry again, set the hook from one to the other and then reverse the entity to be able to reload it.

no jk, please show me your code @neon flicker

can't help without any form of code.

i just created a ticket saving bot

what yall think 🗣️

it saves ticket transcripts to maria db, and i then host a private weblink for it for the users to see

only problem is that i need some way to make sure that people can't randomly enter someone else's ticket.

sorry you have used the "R" word which can be used to describe mentally challenged individuals in a derogatory way

back in my day it wasnt such a big deal

it would be a bit better if the date and time was aligned properly

srry chloe

my sincere fucking apologies 🗣️

https://tenor.com/view/cat-kitten-cat-crying-kitten-crying-05starrynight-gif-10141647709992578610

Because the day starts at 12:00am

Aka 00:00

Then by noon (12pm) it’s 12:00

An hour later it’s 1:00pm/13:00

12pm and 12am are also completely arbitrary

even the US government used 12 am for noon as recently as 2000 smth

The issue was that I also forgot to set the styles of the buttons as well 🤦‍♀️

It fixed it eventually to set the styles of the buttons

Hey guys, I recently decided to take a look at valve's RCON protocol and I can't really make heads or tails of it

https://developer.valvesoftware.com/wiki/Source_RCON_Protocol#Basic_Packet_Structure

I am not quite sure what exactly little-endian integers are, and reading the link to it is not exactly very descriptive for me.

I am also not exactly sure how to form a TCP packet to send over

AI knows

I see

Makes sense

here's a zig example

const std = @import("std");

pub fn main() !void {
    // Create a little-endian integer
    const value: u32 = 0x12345678;

    // Convert host integer to little-endian bytes
    var bytes: [4]u8 = undefined;
    std.mem.writeIntLittle(u32, &bytes, value);

    // Print the bytes
    std.debug.print("Little-endian bytes: ", .{});
    for (bytes) |byte| {
        std.debug.print("{x:0>2} ", .{byte});
    }
    std.debug.print("\n", .{});

    // Read little-endian bytes back to an integer
    const read_value = std.mem.readIntLittle(u32, &bytes);
    std.debug.print("Read value: 0x{x:0>8}\n", .{read_value});

    // Example for RCON-like packet
    var packet: [12]u8 = undefined;
    std.mem.writeIntLittle(u32, packet[0..4], 8); // Size
    std.mem.writeIntLittle(u32, packet[4..8], 1); // ID
    std.mem.writeIntLittle(u32, packet[8..12], 3); // Type (SERVERDATA_AUTH)

    std.debug.print("RCON packet: ", .{});
    for (packet) |byte| {
        std.debug.print("{x:0>2} ", .{byte});
    }
    std.debug.print("\n", .{});
}

Not sure about that for loop at the bottom.

That is zig specific syntax

zig doesn't do anything tricky. it's all simple stuff

No idea what .{] or .{byte} is

x:0>2 is also a bit weird

I assume thats like pythons x[0..2]

no, it's different

it's like sprintf

Either way x is undefined

never heard of it

sprintf (buffer, "%d plus %d is %d", a, b, a+b)

interesting

such a weird and annoying way to do that

zig users trying to be unique for absolutely no reason

btw writeIntLittle and readIntLittle dont actually exist if you try to run this

100%

it is copying C there

that's not unique

these are c docs

so real

the whole "hidden control flow" thing doesnt even get me interested

that's literally just C

it is literally just figuratively C

Bun uses zig just to look different

isn't zig kinda a bad idea for a JS runtime? don't you actually need saftey for that?

i know zig is planning to have memory safety on par with rust someday, but that's not today

well the v8 runtime is in C++ so

well it's a step in the right direction

zig having 3 release modes is a good idea though. safe/fast/small

i also don't really think runtimes are very safe in the first place when you're writting JITters

you're literally just injecting assembly code to be run

thats not quite how it works

the bytecode doesnt get converted to assembly/machine code, it just gets interpreted by some low level program written in c/c++/rust/whatever that does something depending on that bytecode instruciton

kinda something like:

if (line.instruction.op === "ADD_NUMBER_TO_VARIABLE") {
  variable += line.parameter;
}

unless you have a memory corruption bug its impossible to run arbitrary binary code in a JIT engine from a flaw in the bytecode

nevermind, apparently there is actual compilation involved in most JIT runtimes

im not sure how it works but id imagine it would be a sequence of predefined instructions for the most part so it would still be very difficult to execute any arbitrary binary code using that

One message removed from a suspended account.

because no hidden control flow!!!! 💪

zig fans when operator overloading 🤮

One message removed from a suspended account.

so real

it's less complicated and has a faster runtime than rust

yeah that's just a normal interpreter

but this is still hard you have to ensure that no undefined behaviour arises

Bun uses zig for the wrapper, the js engine itself is JSC, webkit's engine

JSC is c++ like V8

just use whatever your language offers for tcp, like some sort of built in tcp/net/socket module

icic

ty

tcp is basically just writing bytes

create tcp, connect to some ip address, once connection is open, use some write function to write bytes

so v8 is just like discord.js-light. makes sense

lmfao

8v is like chrome, JSC is like safari

(quite literally, chrome uses v8, safari uses jsc)

how can i obfuscate my website so noone can see the code from its elements ???

what do you mean by code?

like index.html

if i use elements from dev tool it shows all the correct codes

is there any way to obfuscate them ?

is bun on the same level as v8 and JSC?

can you give a fake example of a code you want to obfuscate?

Bun is a wrapper around JSC

node is a wrapper around V8

there is no point in trying to do that, html, js and css are by default meant to be exposed

<form action="action_page.php" method="post">
  <div class="imgcontainer">
    <img src="img_avatar2.png" alt="Avatar" class="avatar">
  </div>

  <div class="container">
    <label for="uname"><b>Username</b></label>
    <input type="text" placeholder="Enter Username" name="uname" required>

    <label for="psw"><b>Password</b></label>
    <input type="password" placeholder="Enter Password" name="psw" required>

    <button type="submit">Login</button>
    <label>
      <input type="checkbox" checked="checked" name="remember"> Remember me
    </label>
  </div>

  <div class="container" style="background-color:#f1f1f1">
    <button type="button" class="cancelbtn">Cancel</button>
    <span class="psw">Forgot <a href="#">password?</a></span>
  </div>
</form>

at most you can use front-end frameworks, they usually have a very different source code from what the resulting code looks like

ohh but like i saw a website that is using a huge line of codes while which i use it directly shows i used api to get the elements

here is the example of that obfucated website (like how i want)

that is not necessarily obfuscation per se, some front-end frameworks do compile stuff in very weird ways that makes it almost look like obfuscated, but its just the way they work

but you can also google some "html obfuscator" and try using that lol

oh ok

thanks for info

none of that is very good at preventing people from reading the page tho, anyone with enough time and dedication can find ways to de-obfuscate

kk so basically you cant hide your code of website ??

thats why you should never put important things like api keys and passwords on the front end

because its impossible to protect

oh wait yeah 1 more thing like sometimes my api give a little error it shows the link to it can i hide that ??

you cannot hide network requests, they always show up in the dev tools network tab

even if the code is obfuscated, once the request executes, it will show up in the network tab

ohh

and how can i get SSL certificate for any url (like where my application which sends api post is on http but i cant use on my website which is https )

so how can i make that http to https ??

you need to add SSL to your application

there are many ways to get free SSL, for example using letsencrypt or acme.sh

there is also cloudflare

even if that host is not mine (its a vps)

yes

you do need a domain tho

ok ill buy one or can we get domain for free ??

some are free

you can also get free subdomains

how ?

https://freedns.afraid.org/

https://www.noip.com/

some examples of services that offer free subdomains (yourwebsite.theirwebsite.com for example)

or you can create a subdomain on the website you already have

free domains!!;??!??!?!??

people abuse them though which is why they don't tend to last

one bad website can get the entire domain flagged

the domain owner is also on the hook with the registrar and ICANN

Are the new SKUs for bot monetization the same as Entitlements?

lol

how do I get a discord bot token

yeah
https://discord.com/developers/docs/monetization/entitlements#list-entitlements

How are the differing types mapped? Like, how would I know which SKU/Entitlement the user purchased?

look for entitlement_sku_ids

Thanks! I see that now.

if you are working with consumables it's a little bit different

On the discord developer portal you create an application. It'll be under the Bot tab. Be sure to save it somewhere as you won't be able to see it without refreshing it. You should be shown it during or imediately after Bot creation.

How so? We're talking about the One Time use purchase?

lol sorry, lots of things. I'm also having trouble creating a test SKU. What scope on the Oauth token do I need? I keep getting a 401 unauthorized with body

{
    "sku_id": "my id",
    "owner_id": "my guild",
    "owner_type": 1 // guild subscription (1) user subscription (2)
}

with url https://discord.com/api/v10/applications/< bot-id >/entitlements
with scopes applications.store.update applications.builds.read applications.entitlements applications.commands.update

create the skus here.
https://discord.com/developers/applications/<BOT_ID>/skus

Even the test skus? Does the entitlements not create the test skus?

I'll give it a try

bit confusing on discords end

this endpoint creates a test consumable. you need to create the consumable sku before you can create a test consumable
https://discord.com/developers/docs/monetization/entitlements#create-test-entitlement

create-test-entitlement does not create a sku

If I created the SKU in the development portal is that not the same thing?

Like I have a store and everything

The create test entitlement takes a guild subscription or user subscription owner_type which isn't a consumable? Question mark?

i'm not fighting you, just making sure I understand the terminology

Maybe I should clarify and say that I'm creating a test entitlement to test my implementation of checking skus in my bot.

yeah, you can make it look like a guild/user purchased a subscription

That's the issue i'm having is a 401 on the test entitlement endpoint

was wondering if I was missing a scope in my token request

you need to pass an auth header

Authorization: Bot TOKEN

I'm sending a bearer token, does it have to be the Bot API Token?

yeah, can you even make a bearer token for a bot on discord?

I used the client_secret and client_id of the bot to generate the token. Maybe that wasn't doing what I thought it was

worked like a charm. Had to use the Bot < bot token >

bearer tokens are used for oauth and oauth is user auth. just use the bot token

ty ty

nice

ok so

anyone there

what is the best resolution i should use for a canvas to send on discord as an image?

for example:

https://cdn.discordapp.com/attachments/1004615731431874600/1269258381865254974/profile.jpg?ex=66af687b&is=66ae16fb&hm=d0a4e3b2d38137b5adbd0b777fde28103b08ca59e37df012e3c73381cee8c075&

im using 708x550. but the icons are not legible at all

more like the color

bright bg + bright icon =

even if i use dark bg.

the badges are too small i feel

no?

the text on it is not visible. i tried to like zoom in and all

i need a bigger reso

@crystal wigeon Your problem is contrast. The icons themselves are very low contrast and your choice of colors isnt the best against the background. You can create a higher contrast while retaining both the background color and the icon colors by having a container for the icons.

Inside the icons, I can see what is supposed to be identifying features for what the icon is, but unless I zoom in, I can't make it out and it isn't a resolution issue as on the client, the images are covered to a container size. The only benefit would be from super sampling at the detriment of lower connection speed download rates and higher transmission size and memory footprint while compositing and sending the image

so you're saying if i added some dark bg you will be able to identify the icons?

the container bg

lemme try it out

https://media.discordapp.net/attachments/497161350934560778/1269273425327816788/profile.png?ex=66af767e&is=66ae24fe&hm=6537208784024a4b5ea934cec19560f04e973ea684241505ee4b17def19e3fa1&

https://media.discordapp.net/attachments/497161350934560778/1269273465886605352/profile.png?ex=66af7688&is=66ae2508&hm=de7bf218df1d92f4e813dcace748344462bec733e13dfa42b945c4f25bd9934a&

I have both a dark and light mode and while I don't change the icons themselves, they've been crafted to be high contrast so you can still tell what they are

Dont mind the fact that the text is overflowing

how do i make them high contrast

in figma

the icon color itself needs to be high contrast right? nothing to do with icon resolution?

i was thinking of increasing the icon reso from 24px to like 32

https://cdn.discordapp.com/attachments/1004615731431874600/1269274341938429992/profile.jpg?ex=66af7759&is=66ae25d9&hm=2c13427b5f25fe57d205f8d052e36df64a9353314d349fa150546916c541e8b5&

the icons are better visible now hmmm. or is it not?

Colors. Black and white is the highest contrast possible and white text on a black background is the most legible. You need to look into what colors contrast nicely with what colors you already have and deem to be non negotiable like if you have brand colors you arent gonna change those

Slightly, but that can be an issue of exposure/glare on the light theme

so like i want to allow the user to change the background.

right

if i added a color on the container would that help?

On these, I'm using a custom background and patrons can do the same. But everything for info is in its own container specifically for contrast which I can control

you cannot control user content contrast

right, so i put a container bg

for the icons

https://cdn.discordapp.com/attachments/1004615731431874600/1269275663332937729/profile.jpg?ex=66af7894&is=66ae2714&hm=5c56c9ecadbcdf1c75e54547a70a82163a2da2592ba55f30433e9bb5765cc9d0&

like this?

Yes

https://media.discordapp.net/attachments/475602890430611456/1269275377260560507/profile.png?ex=66af784f&is=66ae26cf&hm=e8dda557b79973975159ea7d4621ef62c72b7560f36df6568788373c9df2c488&

Some more images

gotcha

now i just need to make the icons itself more light

I have two profile styles. You can have some control over user background contrasts but it's limited

Still need a container just with a semi transparent background

gotcha

thanks

https://media.discordapp.net/attachments/497161350934560778/1269278604232228935/profile.gif?ex=66af7b51&is=66ae29d1&hm=8f0dfdf7a60390b3c20fab4f2c14ad3e7d31259646f750ec937c524f40668386&

The bot's profile

Need to add a custom bg :(

Gif quantization is also highly unstable

yoooo teach me how to add gifs on canvas

https://github.com/AmandaDiscord/Amanda/blob/4afb19865cbbe275cdcf604b12a9e74225c5a3a1/packages/runtime-worker/src/commands/money.ts#L966

My method only requires me to build the profile background once and then just add the next frame on top of the previous one. If you need transparency, you need to dispose of the previous frame after adding it to the encoder and rebuild it

nvm I rebuild the whole frame anyways

:3

pro

You should probably make use of a worker_threads thread pool since this will exhaust the thread even though it's async

Good Ping?

rly bad

terrible

Me when pinging myself

Shitty

@rustic nova

@sharp geyser

What's your response time

Timed out: 5000ms

2ms

Lie

Thats so bad

Thats true

👀

Guessing someone just did rubber duck debugging here

Bru

does this code look broken

yea send code?

whar

send the code i can fix it

  if (message.attachments.size > 0)
    for (const attachment of message.attachments.values())
      if (
        attachment.contentType &&
        !attachment.contentType.startsWith("image/") &&
        !attachment.contentType.startsWith("video/")
      )
        return message.delete();```

whats the problem with it

it looks fine

i don't know

for some reason it doesnt work

try doing console.log(attachment) before the if

see if its definitely returning the right thing

wait

oops

okay

it wasnt broken

i was testing with a psd

ah

not knowing its mimetype starts with image/vnd

  if (message.attachments.size > 0) {
    for (const attachment of message.attachments.values()) {
      if (
        attachment.contentType &&
        !attachment.contentType.startsWith("image/") &&
        !attachment.contentType.startsWith("video/")
      )
        return message.delete(); 
}
} ```

webster that looks worse

brackets are optional in javascript

you also dont need { for the if

Ahh

Im on my phone

vs

if in doubt, js if (message.attachments.size && !message.attachments.every(a => a.contentType.startsWith("image/") || a.contentType.startsWith("video/"))) message.delete();

READABLE CODE PLEASE THANK YOU 🙏

i mean

thats readable

it does the same job, if not faster

tested

const attachments = [
  {
    name: "image.png",
    contentType: "image/png",
    size: 1024
    // whatever
  },
  {
    name: "video.mp4",
    contentType: "video/mp4",
    size: 2048
    // whatever
  },
  {
    name: "file.exe",
    contentType: "application/exe",
    size: 1024
    // whatever
  },
  {
    name: "blahaj.shark",
    contentType: "shark/chomp",
    size: 1234
    // whatever
  },
  {
    name: "fish.png",
    contentType: "image/png",
    size: 1024
    // whatever
  }
];

// test performance
console.log("testing original version");
console.time("original version");
for (const attachment of attachments) {
  if (
    attachment.contentType &&
    !attachment.contentType.startsWith("image/") &&
    !attachment.contentType.startsWith("video/")
  )
    console.log("some attachments are not images or videos");
}
console.timeEnd("original version");

// test performance
console.log("testing short version");
console.time("short version");
if (attachments.some(a => !a.contentType.startsWith("image/") && !a.contentType.startsWith("video/"))) {
  console.log("some attachments are not images or videos");
}
console.timeEnd("short version");```