#development

:))

but for js you can easily do it

I mean C# I just have a api on my next js endpoint that validates tokens passed to C#

It’s a bit of a headache but I’d end up doing the same if I used an external IDP

for a js backend, this is pretty much the best resource on auth

https://lucia-auth.com/

it used to be a lib, but as of v4 it became a guide instead of a lib

Oh

I mean if it’s a guide I can implement it myself no problem ahaha

you're using asp.net right? auth is pretty well covered in msdn docs

Hm?

Oh I know

Ms docs just are overly complex

yeah there's a lot of information

And trying to find an answer to something takes you through 3-4 hyper links and back again

but you don't have to read through all of it, it mostly falls down to what kind of auth you want to implement

oauth is super simple

i use supertokens

self-hosted ofc

I’m tired of using external idps

None of em let me use my own database

Works for me

supertokens literally uses postgres

so you can use your own

I can use my own tables and modify them how I like?

and I setup supertokens to do account linking manually so I saved money by doing that too

I need to store extra data

That’s why I like better-auth cause I can add onto the generated tables

ah fair

supertokens has a metadata section

so

not that I use it

I’m not sure how well that would work for me

I’d need complete control of the auth flow as well

I’m trying to find something I can use for any project going forward

One of the reasons I’m tempted to just hunker down and learn it all myself

Cause no solution out there seems to match what I need exactly without me having to fight with it

brainstorm with claude :^)

Who’s claude

hahahah, it's a language model

it's really good for programmers

I see

I throw all kinds of ideas into it and discuss which solution fits me the best

https://claude.ai ?

yeah

I’ll check it out

I really want to learn auth myself

It’s just the resources on it are half baked

And typically from those who have just as much knowledge as me

well, there are good guides and docs. you just have to search for them properly

😁

Yeah I suck at using the internet to my advantage it seems aha

You’d think I’d be good at it after using it for so long

Yay got my demo back online https://devspace-demo.fluxpoint.dev

Tried the claude.ai thing, and it basically recommends either
A. Keycloak
B. If I have a lot of time and patience use passport.js and implement everything myself

wow you use js?

Not necessarily

I use C# for my backends

and TS for my frontend obv

I am trying to find an auth solution that best fits what I need.

And it also versatile to work with any project I make going forward

https://cdn.hamoodihajjiri.com/jx1Me0VUtQ

I don't use edge~ any potential reason data usage is high, though?

Maybe updates?

webview, probably

Same that is very spooky

Using web view shouldn't take up 4 GB of data usage though

This is from the last 30 days

Hamoods is 7 days 25 GB

well, its data used by other apps, that goes through webview

so it wrongly shows up as being from edge

i might be wrong, but that would be one possible explanation

it could just be data usage being stupid. my data usage is completely wrong too

shows up 4gb used by brave in the last 30 days, which cannot be possible, should be more like 200gb

Honestly at this point fuck web dev bro

Like bruh

export default function RootLayout({ children }: { children: React.ReactNode }) {
    return (
        <html suppressHydrationWarning lang="en">
            <body>
                <Providers themeProps={{ attribute: 'class', defaultTheme: 'dark' }}>
                    <div className={'w-full min-h-dvh flex flex-col relative'}>
                        <Navbar />
                        <main className={'pt-16 px-6 space-y-4'}>{children}</main>
                        <footer className={'p-4 mt-auto'}>(footer)</footer>
                    </div>
                </Providers>
            </body>
        </html>
    );
}

damn

Decided to check out a different UI library heroui

And the width just refuses to work for me

The navbar seemingly overflows causing everything else to overflow

https://pastes.dev/EESJG2OUD3 navbar code

For now I guess its just not responsive, until I figure out how to fix it I cba

heroui my beloved

I hate it rn

Apparently it’s not responsive by default or some shit

im using daisyui and its been pretty alright so far

I’ve used so many component libraries

And none of them really stick with me

Have you had issues with width?

I still can’t solve it

I am like 95% sure it’s the nav

Causing everything to be overflowed that is

It functions normally on larger screens but mobile it fucks up for whatever reason

for example? everything works fine when i used heroui

The example I just mentioned above

Ahaha

For whatever reason the nav seems to be going beyond the viewport

And or it’s the main content but both I’ve tried limiting the width for and neither seems to effect anything

u didnt set any width to the body

so w-full does nothing

it is

Even setting a width on the body does nothing

Wait

Maybe its chrome dev tools fucking up

Restarting the nextjs app seems to resolve it sometimes

Dev tools seems to be failing to get the right width or some shit for its emulator thing

@zinc fable new redesign of the homepage

Not fully finished yet but we making it out the mud soon 💪

slay

huh

what are you talking about

Sometimes when using the dev tools responsive mode it doesn’t look right unless I toggle it off then back on

never happened to me, idk

btw https://responsively.app is really good for testing your responsiveness

New record day 🔥

why are you coding for 12 hours in 1 day

New project

I didn't want to lose motivation so I went all in

Now the hard stuff is done

And I'm motivated for tomorrow

That's me on my project staying up till 3am

Almost got a full stable release version out now just need to do some testing for docker stacks

I'm about to release premium for SRA

finally being able to release chatbot memory too

Never really done any kind of chat stuff but might be nice to do in mine for something

I should probably work on shortlinks and image editing features soon, those would be the most useful and easy enough to add.

does this seem like too much?

@zinc fable

Another support scam?

yep

That's crazy

isn’t that just useless tho?

discord doesn’t change the ids of any commands that aren’t updated for me?

@lyric mountain correct me if i’m wrong 🙏

await rest.post(Routes.applicationGuildCommand(clientId, guildId), {
  body: newCommand,
});

you want to use post instead of put

https://discord.com/developers/docs/interactions/application-commands

I believe it's right, but I don't use slashes often enough to say for sure

enjoy the coder mania until burnout

Nah not gonna burnout on this project haha

glad to hear that :)

I had to start spacing out how much I work on my projects

Is storing user IDs considered "potentially sensitive information" during Discord's app verification process?

My bot is an open-source game bot. We store the user IDs of users who participate in the game, but only for a leaderboard. No information entered by the user as part of the game and stored in our database can be tracked back to the user who created the data, and vice versa.

We need two privileged intents for the bot to work: server members and message content. The usage of these intents is explained in details in the privacy policy of our bot. Besides, anyone can review our code easily.

We are going to apply for permission to use these two privileged intents, and we are being asked whether we store "potentially sensitive user information". Does user ID qualify as potentially sensitive information? We do not store any usernames or display names. We have already made this clear in the questionnaire wherever possible, but since verification is a one-shot thing (i.e. If denied, we cannot appeal), we want to be super careful in what we send.

Can anyone provide some advice on this?

no, moreover it's encouraged to only store IDs where possible

no it doesn't

That's great, thanks to both of you!

can anyone working with tokio please tell me if this is the intended way of doing this 🙏 https://pastes.dev/N6eZSdEBfO

(focus on the extraction of tar archives)

Thank you for this, its helped me a lot so far :))

Turns out developer tools on chrome are just bugged cause it looks normal using that tool you linked

np

Saying you won't collect usernames / display names doesn't really change anything

With a user id you basically have those

Though you reasonably cannot get all of your users' names in one fell swoop without it taking time as there are ratelimits to consider. In which case if Discord detects you making a ton of requests to get user info then that situation falls in their hands

Does anyone here use Redis/Valkey as their leaderboard?

Context: DynamoDB is my primary datastore. While it supports global leaderboards, it's prone to hot partition issues at scale ... particularly when hundreds of thousands of records concentrate in a single partition. To avoid this, I offloaded leaderboard handling to Redis. However, Redis HSET only supports one unique key (e.g., Discord user ID), and I also want to display usernames. It's one of my top requested features.

I see two options:

1. Continue using Redis with user scores keyed by Discord ID. For display, fetch usernames from the DB or cache. Since the leaderboard is paginated, I can cache the top 5–10 pages where reads are most frequent.
2. Ditch Redis for leaderboard storage and leverage my existing DynamoDB change listener to sync updates elsewhere. The question is: what would be the right backend for that?

Open to ideas 🙂

I don’t see why you can’t just use redis. If you’re displaying data you already have access to the id. Fetch user info using that id to get the username

If you’re using discord.js it’s fetch methods will check cache first for the user otherwise fetch from discord then cache them

I would typically reach for something like that, but I manage my own caching / don't use a client. I have my own HTTP server and I manage the interactions myself.

I see

well i'd still do what discord.js does

Check cache for user first, otherwise fetch discord and then cache

I assume they apply that across all users on a given bot. The challenge for me is that my system is stateless, so every transaction requires a fresh Redis fetch. That's expected ... but with a leaderboard page showing 20 users, hitting Redis 20 times per page feels excessive. It makes me think I should cache full pages instead and only revalidate if a user has fallen off the page.

Is there showcase anywhere of the new components / what people have created with them? Looking for some inspiration other than what's in the discord documentation

@wheat mesa i was thinking of replicating the Map.Value.ComparingByValue() method

should i return an object of a class literal(?) or something

im very confused

(context: i was forced to write my own hash table implementation)

asked chatgpt, now uhhh

now i get why people hate java generics

got it resolved

still a bit puzzled tho

Yeah generics can be a little weird. I haven’t written Java in quite a while but there’s a certain intuition you gain after writing some generic stuff in Java

Does anyone know of any playgrounds where I can design discord v2 components without needing to spin up a test bot?

Maybe https://discord.builders

This is awesome! Thank you!

getting closer 🙏

friendly reminder: make sure to sanitize console output too

yea im currently only porting

porting from go to rust

after thats done I start rewriting

I need to keep compatibility

Worth pointing out

you can do those 10 transactions in 1 call with any redis lib basically

https://medium.com/@239yash/how-to-implement-redis-pipelining-in-node-js-using-ioredis-ba3eab32f1a7

good example

Just search up how redis pipelining works

In a sharded environment, it gets a little more cumbersome since you can’t act across multiple partitions in Redis. But I do use pipelining! Thanks for the tip!

Why not cluster instead then?

unless you already do

in which case it should be fine no?

https://www.youtube.com/watch?v=uptpnVdwFM4

this video is a good one btw

Maybe I’m getting my terms wrong?

I meant to say cluster. But pipelines can only work on one cluster / shard at a time

is your client in cluster mode?

cause it should be able to

Yes

Oh I see what you mean now

Pipeline is the limitation

Assuming JS/TS environment?

But I agree on what you’re saying - delegate to the technology to handle the async

In this case, yeah - I’m using valkey

Thats fine

Realistically, if you want to fetch 20 users at once

just use a Promise.all()

Yeah, that’d likely work for my scale and even into the medium term

It's essentially just moving the async handling to JS but you shouldnt see a massive speed hit

works in the large scale too,

just depends on how heaily you cache responses

like even a 5 minute cache for any immediately subsequent requests would make it last you until 100k/s to 1m/s honestly

You'll run into limitations with JS before the promise.all

If I could get rid of my cache entirely I would - my database technology is already used as a cache sometimes haha

Haha I’m using a managed Redis cluster which charges per USAGE of it. That’s also why I’m trying to gauge just caching the contents of each page

Rather than the names individually

I mean caching just each page would work

but that would also mean fetching 20 users information from discord before sending the page itself to cache it

if you cache the users you end up with technically less of a bottleneck on the implementation side
that plus you can use that cached data elsewhere

Nah I’d hit my own database in that case

ahhh fair

I store the username in my database

What database btw?

Dare I say..

Postgres?

Mongo?

Haha for funsies, guess

MySQL?

Redis!

Oh

damn

Just kidding

DynamoDB

Ah

assuming thats charged based on usage too

For sure

It’s free tier is VERY generous

im spoilt by self-hosting everything

I’ll likely never have to pay for usage until I’m hitting hundreds of concurrent players … and my memory will remain free until a couple million players

idk if dynamo has a way

but is there not a way to do a for in query

No

like in SQL

SELECT * WHERE id in ()

DynamoDB is very specific / niche

Nope

You can only do prefixes

what about this

That’s a batch get item - that’s what I would likely update my cache with

hmmm could you not use this to also generate your leaderboard

and just use that

Negative

hmmm

then your plan should work honestly

I can technically do that. DynamoDB does have support for something like that, but it places everything into one partition to do it.

pk = leaderboard
sk = 10
name = Thomas

Then you can query on the pk and sort by the sk. But you run the risk of hot partitioning because you’re updating 1 partition (leaderboard) for potentially millions of players

similar to SQL views then

Possibly yeah

hmmm

then fetching and caching the leaderboard is a good idea

just set a TTL on the redis key ig

What also sucks is that DynamoDB can’t give you a position. If you want to know you’re rank, it can’t provide it

That’s why I’m using Redis as my leaderboard

yea okay that makes sense

I'd move databases but thats me

Yeah DynamoDB isn’t for the faint of heart.

is there a reason you went with it?

besides the free tier?

I use it everyday in my day job and have built APIs that have concurrent usage of 10k+ at one time.

DynamoDB has never ONCE been a problem. No migrations, no downtime, no maintenance windows, no throttling, etc.

fair

But I’m using the wrong tool, so I acknowledge that

My game would likely NEVER reach those levels lol

I'd have personally said go with Prisma + postgres

Yeah Postgres is GOATED

only because topstats is completely cacheless rn

for now

Do you use supabase?

it's taking it like a champ

nah, self-hosted and self-configured/tuned

If you can avoid the the complexities of managing a cache, I’d say go for it

DynamoDB could technically be a cache itself … but the usage pricing would be brutal

I'll be caching the function responses in our internal SDK

It’s a cost problem over a performance problem

Thanks for the chat, Luke! It’s always a pleasure 😀

Side note - hope you got the job!

Always happy to help

I didn't

unfortunately

Damn! Sorry to hear that 😔

Job hunting is a pain in the ass honestly

Especially right now

In your country, is leetcode abused as well?

no idea

I dont have the time or the mentality to push myself through that crap

but probably

Hopefully something comes up for you.

It’s insane your resume / experience

Especially for someone of your experience

Honestly

they don't seem to care for my experience

Makes sense

They don’t recognize the value without a name attached

Name = company

Yup

Some juniors that were hired at my job can’t even spin up an HTTP server.

Luckily topstats is founding into one

:^)

And they’re paid $97k USD

Seeing juniors like that get hired knowing that they get paid that makes me wanna crawl into a corner

They’re great at leetcode and gamed the system to get in

Leetcode is a pile of shit imo

how that makes me feel

lmao

lmao

I used it to study for CSA frqs lmao

Bet you that one of my coworkers with 15 yoe couldn’t do that either

It’s less about the hiring process and more about how motivated people are to learn

I wish

That’s fair. It’s not like I’d expect an embedded systems engineer or a kernel developer to understand HTTP servers.

They likely do, but not a requirement

Keep in mind that I work at a company that pretty much exclusively does web dev contracts

He’s a web dev lol

Oh…

He didn’t know the difference between .Wait and await in C#, which is pretty bad because .Wait is synchronous/blocking and spins the thread

Like the CSS/HTML/JS kind?

C# ASP.NET, Springboot, and html/js/css stuff

If you asked that man to start a project from scratch tho… good luck

I’m exaggerating bc I’m sure he could figure it out but it’s concerning that his code quality feels worse than the interns 😭

Your work is both a Java and C# shop?

Yeah, there’s a mix. I’m purely on a C# project with js/razor pages frontend

Is Razor a templating engine built into ASP.NET?

I've legit never touched C# in my life, but I assume ASP.NET is an opinionated web framework with a templating engine built in. Analogous to Ruby on Rails or Django.

Yeah, it’s awful

One of the worst technologies I’ve ever worked with

It’s SSR, basically a mix of C# and HTML. Horrendous.

Working with bad tech stacks is nice because it makes you appreciate the good ones so much more

SSR is fine, but what in particular makes it awful to work with? What framework would you prefer to use if you could?

For the most part, the majority of the enterprise-ready frameworks (imo) are SSR / stable / boring.

There's obviously stuff like NextJS that bleeds the concept of backend/frontend ... but other than that?

I’d much prefer a normal SPA with Vue, the reason it’s awful is because it’s an older technology not meant for modern use cases with a lot of reactivity. There is no reactivity, so you have to sync backend and frontend state manually with javascript if you don’t want to do a full page reload every time. The project I’m on was intended to be somewhat small, so they chose it for simplicity, but now it’s large and the client wants lots of state updates without page reloads

Most of our bugs come from the fact that making a small change often interferes with other state changes that need to occur, but unless you have a deep understanding of the app, you don’t know what parts need to change

The entire stack is just outdated and a pain in the ass to work with

I’m going to be the last intern on the project because they said the app has gotten too complex and they only have lead devs on it from now on after I’m gone

So thankfully I’ll be moving on to a different internship in June but man, razor pages is awful

that defeats the purpose of a cache lol

unless you have a direct line with 1ms latency or something

It's reasonable haha

You're not serious right....?

Razor has been one of the best modern pieces of software for all C# users

It's like react on steroids you just need to use it right

^ yes like react basically

You mean blazor? Razor is dogshit

Both just work as intended and the syntax and flexibility of it is just really nice to use

React isn't technically a templating engine, right?

It actually does a lot more? Like DOM manipulation?

Correct me if I'm wrong for sure – I'm not really in the web dev space all that much

Yea razor is more like server-side components but the syntax is template-like react

Just read up on Blazor haha

Apparently it's more analogous to react?

Does anyone here do file manipulation in their Discord bots? Ie. like drawing out a checkers board for example?

Basically each element can be either pure html/css like the table or you do components like the buttons, pagination, inputs with customization.

Razor itself though can template every single text and component and render it based on server data, open/hide stuff on click (without js) and a bunch of interactivity if you use blazor

All that makes sense. Thanks for taking the time to explain it!

You would use an image generation library like js canvas, py pillow, skiasharp

Yep, sounds right. But those are all sync processes. At scale, I imagine some slowdown would occur? Do larger bots offload to queues and such to get it off of the main thread?

no but everything I do on SRA (Some Random API) uses skia-canvas

skiacanvas is signficantly better and faster than node-canvas

Depends on language and how it's implemented really and i use my own image gen api too

I use skiasharp aswell

Is it still bound to a single thread?

But fast enough that it's not noticeable?

NodeJS is inherently single thread unfortunately

🙂

Sorry, wrong terminology on my end

I assume that anything that does image manipulation / image generation would block the thread right?

Not that i've seen, async wise anyway

They can be done in their own thread as long as you don't spam open read files that would be blocking

^

Nice thing about skiacanvas (atleast from what I can tell) is that the loadImage function even if its reading from a file doesn't block for some reason

As far as I know, node-canvas is bound to the CPU – therefore likely blocks the thread

But it may happen so quickly that it's not noticeable until massive scale

more likely

SRA see's 30,000 requests a day

and I see no slowdowns on the API side

That's actually wild

Luke, how many products to you maintain??

Uhhhhhhhhh

TopStats (Formerly DBl Statistics)

• I work on this with marco and xig
  PyroCDN - I own
  Some Random API (there is history to this one) - I own
  Shiro - Currently shelved but has 15k servers

All in TS/JS?

DBL Statistics has TS/JS and GoLang

I love Go!

Oh and I have dbot.dev

which is just an image api

I worked at a company that used GO for about 9 months under contract. Was a great time.

Paid me well too

I learnt go in like

3 months?

Yeah GO is simple

I love the simplicity of that language

same

What did you use it for? Did you offload some specific portion to it for performance reasons?

Nah just to learn it

Also LOVE the fact it compiles to a single executable

wrote dbot.dev it in

The website?

https://api.dbot.dev/

there's no landing page atm

OK

love it haha

it see's some usage

That's wild!

My website gets about 8k visitors/mon

But it's dead simple and I haven't maintained it in a while

topstats btw

What analytics platform is that?

Plausible

self-hostable

Ah!

I knew it was that

this is the landing/docs for SRA

How much do you pay for all of your websites?

Hosting I mean

It's on a dedicated server me and marco share

we split 200 euro/month between us

I figured it'd be somewhere in that range

turns out storing 2.2billion rows of data takes some power

I hope you make some money from this?

We will when we release premium

Luke, ever thought about working contract / freelancing?

I tried

I cant seem to find any of the decent sites

You went through a recruiting agency?

Tried that

I never get any calls

just the spam emails

That's interesting

I guess not having a name tied to your resume is the annoyance

Gotten to the point where since I'm working on all these projects

im just gonna try and get some money flowing from them

TopStats is a joint venture tho

That sounds like fun

it is

its awesome

Do you have any experience with Python?

I do

I'm thinking about doing my next bot in Python simply because I'm the fastest in it.

My only gripes with Python:

• Async
• Syntax

python itself isn't a bad language

Main reason people hate it is the syntax

Yeah, the async part is a bitch. It's why I ditched it originally when building my initial discord bot

But it's come a long way if I'm being honest

Haven't really used async in python

Main reason people love python: syntax
Main reason people hate python: syntax

in all honesty, you don't need to be quick
I stick with JS for most projects because if you build it right it'll scale

oh yeah for sure

JS is leagues faster than Python

like your stateless app, once load balanced can scale infinitely for example

at that point you just need to scale your databases

I use C# for most of my projects now

It's solid too

I used to be a JS/TS dev for like 4 years

Yeah, let's be honest here: the language is typically NEVER the bottleneck when doing web development.

Then I swapped around to stuff for my industry

I have experience all the way from Infrastructure, to Backend to Frontend

granted my frontend needs work

same

but

My frontend is terrible

I want to gain experience in infastructure though

I've done CI/CD, Infrastructure, API, cloud operations admin, etc.

All paid roles by various companies

OUt of everything

I do backend programming mostly, and even that is a bit on the rough side

deploying shit is the worst

WiLl It WoRk

It was the first that I learned haha

"Btw this should just deploy and work btw"!

sure.

never in my life have I ever need a "works as intended"

something goes wrong

every time

At my first gig, we were a full AWS shop. As the infrastructure engineer, I built everything in AWS Cloudformation yaml templates.

Nowadays, it's all AWS CDK

I dont handle any of the deployments anymore
And I will stick to making every service I work on, have an autodeployment setup for dev and prod

At other companies, it's Terraform

I'm on holiday and you break something? oh well, just fix it and it'll deploy

This makes sense IF you're managing all your own things. When you start incorporating multiple developers, need to reproduce local instances for development, etc. it gets dicey

I setup docker composes for everyone

so they can setup an env

or I run a dev db for them to connect to

What if you need managed service?

Setup a dev env for it with a duplicate schema

stripe for example has sandboxes

Who setups the dev env for them?

I tend to keep one on at all times

we also connect to them using a VPN

What if you get hit by a bus?

See my point? haha

yea I know

Ever used Terraform?

I'm planning to document everything in notion for topstats

for that reason

Looked at it

never got a chance to use it

since we self-host everything

Self host on what platform?

Hetzner

Or do you have a server rack yourself?

If someone deleted the server today, what would happen? How long would it take you to spin up a new one and recover everything?

tbf not long

everything is stored in github in a docker image

and the env is saved in 3 different places

Btw, I'm not saying what you have isn't sufficient. Just providing examples why terraform is important haha

yea I know

terraform is mint

just gotta work differently when its not at your disposal

Terraform: spin up hetzner instance
Ansible: configure live server and install stuff like kubernetes / docker on the server
Kubernetes: configure the nodes on the ansible server
Application: have a kube config

You can skip Ansible altogether if you use a managed kubernetes service

in all fairness, terraform is great

and it's awesome for VPS spin ups

It's not needed if you're not at a certain scale

I've just never liked being heavily reliant on cloud

I overly rely on the cloud

After the OVH fire I refuse

In an enterprise setting, not managing servers saves literal millions of dollars per year.

-# this is a joke btw

Yeah I know haha

I definitely get that you know your stuff lol

Tbf, we calculated it between me and marco

using vps's for what we do

would cost us practically almost triple I think it was

100%

You shouldn't do it at your scale

https://img.pyrocdn.com/pMFxUm7m.png

btw if you wanted to know the setup

What is qemu? Why does that sound so familiar?

vms

it's a standard AX102

• upgraded ram to 192GB
• Additional 22TB HDD
• /28 subnet

thats why it's 200/month

sshhheeessshhh

I'll just continue with my free bot lol

I get free AWS credits to be fair

Ive been paying out of pocket for a while tbf

My bot costs around ~$20/mon. But I'm credited $500/yr by AWS

So I put everything on it haha

We put all my invoices in to our accounting software

Is everyone who works with you in germany?

since jan 2024

Marco is in germany

Xig is in NL

Wait, you're German right?

im currently in UK

oof my bad

all good

-1.9k ????

ive been in germany quite a lot

oooooof

since jan 2024

GF there or something?

yea

Ive been funding projects like this since like 2022

there it is!

I remember associating you with germany for some reason haha

you can tell we're founding the company atm

jjeeezz

it'll all be worth it

I hope so for you!

hopefully releasing premium on SRA will be helpful

5€/month
48€/year

tried to make it reasonable

Similar to my pricing

This entire time user installs could have worked for my bot if I would have set the integration type & contexts correctly on my application command 🤦‍♂️

what are these lobbies?

docs only have the first 3

I am almost 80% certain those are in relation to the Game SDK / Activities

Yeah they are

They're in relation to the Game SDK

Side note: still frustrated that they don't have the ENTITLEMENT_UPDATE or ENTITLEMENT_DELETE events as available webhooks. Yet they're under the gateway events ...

@delicate zephyr my bot got rejected?

Can u tell why

How do people keep track of per-server leaderboards in addition to global leaderboards?

You can either make 2 tables in your db for this. One for servers the other global. You’d basically add to their global leaderboard whenever they do something in a server

Otherwise

You can have just a server leaderboard table (or whatever else)

Then you fetch every record relating to that user and add up their points

Or whatever you use to classify the leaderboard

So redundantly storing multiple totals per server or hammering the database by fetching / summing all collective points?

You can do it in one db call

Most if not all databases allow fetching multiple records

Which is rather speedy

Then you can just sum the points up

Got it

I’d prefer method 2 personally

yeah method two feels cleaner

Storing redundant data feels off to me

It is typically not recommended for postgres / SQL-like systems ... so it makes sense that it's a code smell to you.

It makes sense to redundantly store at certain scales though.

But those don't typically hit the 95% of use cases haha

Sure, but most modern dbs can handle fetching multiples of data

Not like a user is going to be in more than 200 servers

true that

One last question..

If they are no longer active in a server just prune them

boom just about to ask

Or keep the data in case they join back

Up to you

I'm not really sure how to track that?

Messages is one way

Am I supposed to listen to updates or prune people who haven't been active in X amount of days from the leaderboard?

#mod-logs message

Or using the guild member add or remove events

When they leave you can track the timestamp and then periodically check if the timestamp has been removed

But that’s too much effort

Nah, I'll just keep the data forever but just filter away older ones

I’d honestly prune them when they leave

WHERE updated_at ...

Yeah

That works as well

If it hasn’t been updated in x time delete

Maybe? I'll just keep it around to start with

Just filter them out when users look at leaderboards

I mean it should be fine depending on what kind of data you are storing

I doubt a users record will take up mbs of storage

Oh yeah that’s what you meant

That’ll work as well!

On a leaderboard? Shoot ... it'll be guildId, userId, their score, and last updated at.

so ... like no data lol

So basically nothing

yeah haha

You’re gucci then

You could keep it and still be fine later down the road

On that note, what does your typical "user" record look like in your database? What is the primary key?

I’m different

is it serial?

Is it uuid?

I don’t use autogenerated keys at all

That's fine

I use the users discord id if its discord related

Or my own snowflake generator

Wait ... back up

Is a discord id sortable?

I mean, in what sense?

Because, if it's not, then you may be inadvertently hurting your performance as you scale

Inserting non-sortable ids can lead to performance issues

Iirc it is sortable

🤷

Another note

I haven’t really bothered testing tbh

Do you prefer discord ids as your primary ... or do you go out of your way to make your own id?

for the user?

I dislike uuids

UUID v7 spec is perfect imo for databases.

I use discord ids since I know it’s a constant

I’ll always be able to have access to their id

So it’s not like I’m going to wonder how to query the db

It’s also unique by nature

I was contemplating if I should manage my own ids for players / users ... and have a secondary property of "vendorId" for discord's id? The only problem is that I'll always be using the damn vendorId as basically my primary field. Not sure if it'll run into problems

I mean having multiple id fields seems stupid imo

I never understood why people do it

I'll tell you why ...

Especially if the id you end up using is unique already and what you’ll primarily be using to query

I've also contemplated pushing that problem down the road and having a player table match the id of the vendor ... and creating a "user" table later on if I want to allow users to link their platform-specific "players"

I see

I may actually release what I'm doing on other platforms as well: slack, Twitch, etc.

But I think I can start with a player table and figure that other part out later.

The way I think of it is, if I use the discord id then the user in my db is directly tied to it

If you’re wanting multiple platforms then you obviously have to use your own id system

Either serial or one you generate

I'm going to create the concept of a "user" later where they can login to my website and "link" their discord account to it.

Or multiple technically

so, player for the actual instances of the player. user for my own managed users.

Also I answered your question in #general

But it’s bout time I sleep

same haha

Thank you for your help!

My gf will be mad if I stay up too late

#longdistance

No problem

I have the freedom to stay up as long as I want ... as long as I'm not neglecting my child the next morning haha

Yeah that’s fair

She’s just 6h ahead of me

So if I stay up too late I sleep later

And then it’s basically evening for her

Makes sense.

You have a great night, Aaron!

By chance

Have a good night yourself

Have you ever played on Kongregate?

Nope

Alright cool, just making sure

How can I contact the reviewer of my bot.

They said it's clone of eleven but the bot eleven verified on top.gg is now offline this is new eleven bot

Are you the original creator

No but if I get consent from them can u verify?

Bubba not my job and more likely not you gotta read the make a command that isn’t related or already in the bot

If I add no prefix will it work ?

Read this

Okk

Hope that helps

Should I have to change name and pfp of bot ?

@shell tundra heyyy

No

@remote lagoon I'm adding game guess the song will it work to verify ?

@delicate zephyr @next storm

yes?

..

My bot rejected for clone if I add Guess the music

It will be verified or not ?

Well this channel is reserved for conversations related to development/coding. If you want any help related to bot you can head up to #support

Okk

Hey guys, I'm trying to host a bot that is able to run Linux terminal. I don't have a Linux pc but is it dangerous to make a Linux bot? Is it possible for users to use dangerous commands?

I can host it on a free hosting site.

I won't run it locally

make a sandbox for it

The linux shell is very powerful and you can end up doing just about anything. Without proper protections in place, people can get your bot's token easily and do whatever they want under your bot's account

Ah got it. thanks.

Even if you do docker it or sandbox it running any remote commands on a server openly like that is always bad

Yeah, you really shouldn’t be running commands openly without knowing what you’re doing. Sandboxing is an absolute must and you’ll definitely need limits to what permissions the user has

Are gambling bots against discord TOS?

Or is it okay if you don't monetize the in-game currency?

For example, if users accidentally gamble all their money away ... then can I provide an option to purchase more virtual currency?

OR would that be against TOS?

I'm pretty sure it would be against ToS because people can lose real money I guess

Sounds dubious at best, I’d stay away

Not only is that probably a tos violation, it’s probably illegal too

It'd be more of a "starter pack" where you could purchase X amount of tokens

But it's not like you could earn money from it either

I don’t know what constitutes gambling, but this sounds close to it

Yeah agreed

Yeah that’s the only thing that I would think makes it a gray area, idk the laws

I'll just monetize skins or something

Since you can’t gain money from it technically

Yeah that’s a better idea

Gambling stuff isnt allowed in app directory but not really against ToS i think

this is correct and the gist of it

Basically if they can put in real money and lose real money, and have the ability to withdraw real money then it's not allow on AD

if it's token based (like dank memer) you're fine

tho tbh i dont see the benefit with AD tbf

unless you're on the front page ofc

The issue with this is that it’s likely illegal to run this type of bot in the United States at least. Gambling is a very difficult legal line to cross here

Even if it might be allowed on discord itself

You still have to comply with your local laws and regulations. If it’s genuinely gambling, then it’s problematic. If it’s something more cosmetic, it’s probably fine

Gambling law in most places explicity requires Real money in Real money out

digital currency is how most places get around it

Yeah I’m not super familiar with the actual legal requirements but it’s just a dangerous game to play if you’re not careful

it's why steam ran into the issue with csgo skins

If you have some sort of system like that I’d probably consult a lawyer before releasing it publicly

whilst the lootboxes themselves didnt get considered gambling, it fell into a grey area due to the value of the skins themselves

if you dont let them withdraw real money you'll be fine, personally

it'll just fall into the same catergory as something like candycrush/fake poker

Ah I see

I guess that makes sense as long as you don’t have withdrawal

Since there’s no way to profit within the terms of the game itself, only if you break the TOS and sell your items private party

Makes sense

yup

Steam fell into the grey area

due to them themselves running the market

if you can see what I mean now

Yeah I see

Plus the market prices are set by private parties, supply/demand, not steam itself

yup

am allowed to have a AI chat system in my bot right, i was thinking and i didn't know if that would break an tos of discord

Yeah should be fine

thanks

How does this look for a simple docker guide/overview https://docs.fluxpoint.dev/devspace/what-is-docker not too explainy but enough to understand.

Seems fine

Whatcha guys think so far?

Nice although the discord icon looks a bit squished?

needs more margin between these

Also wait why is the login showing first, last name and date isnt that supposed to be for register or?

I made mistake

Didn't change the button to say Register

I would center the Login / Register button on the bottom

(the one under the password)

Should I add validation to the login form? I feel like it is fine, because I will just display the errors from logging in whether or not they failed yk

The user having to wait for a response from the server when some basic validation could be done client sided can turn some users away as having to submit a form multiple times can be annoying

But what validation would I do on the login form?

Well. What could cause an error from the server?

If its not the correct email or password

Even if they pass in aasdasdad as the email, it will just respond with Invalid Email / Password

Should I still do it client side?

Well that's 1 request you can block client sided at least on your official site

Hm alright then

Even if the goal isn't ux then it could be reduced traffic to your site processing stupid requests

Fair enough, thanks for the response!

Still have the server sided validation. Don't rely on client authority!

Ah yeah for sure

just store a local client cache of every user so you can check if they exist without having to query the backend

ez

:(

is it possible for me to add my bot again after deleting it due to a bug in top.gg?

I'd recommend making a #staff-tickets first and reporting the bug

they may be able to assist you without you needing to take that action

yay filters time

🙂 Doing a bunch of filters for stacks, containers, volumes, images and networks

Question for yall, I'm very new to webhooks, I have my bot in a docker container on a separate docker-compose.yml than my website, I've gotten my website to transfer the topgg info for voting to my bot, should I buy a random domain for the webhook to anonymize it a little? I'm using python for my bot, and I made sure you can't execute code and sql inject, how safe is it to the webhook on my main bots website?

You don't really need a domain for requests as long as you're using https with the IP it will be fine, also people can't see the webhook url

validate on client, double-check on the server

I kinda want to, because i don't like giving out the ip that the bot is on, as to not get ddosed, I use clouflare for my website and ssl through let's encrypt to secure it. I was just wondering what security vulnerabilities to watch out for, the bot only accepts auth password and rejects anything else.

Thank you for awnsering me!!

You're only giving your IP out to top.gg in this case noone else can see it

Yeah but my problem is if they get their data leak or stolen then there goes the ip. I'm a problematic thinker, I try to find every problem then try to prevent it

I am going to be 100% with you, you're overthinking it

^ top.gg has never had a data breach either, they may have made some goofy mistakes in the past but certainly not to that extent

Knowing you're IP will do nothing

Even if you buy a domain, guess what it can still be ddosed cause you have to route that domain somewhere

Cloudflare protects from ddos attacks so not really and you can block external access to just cloudflare only

I mean sure

but it can still bring it down if its bad enough

but no ones going to care enough

Its a discord bot

Indeed

Yeah cause despite what people think, top.gg has some rather smart people working behind the scenes

🙂 https://github.com/Paul-Reed/cloudflare-ufw

Doesnt lets encrypt make your IP known for a specific domain anyway?

I've had my servers IP leaked before because I used lets encrypt.

I'll research that, thanks

I don't doubt it, just I've had some bad experiences with websites before

True, thanks for answering me

Could you give around the time it happened please?

just wanna point out, your should never treat your IP as private lmao

people do ip scans for open ports

we got a /28 ipv4 subnet

and instantly had to block ips/access to open ports

just use non-generic / freq-used ports and you'll be fine

and make sure everything open as auth

Hello how can i apply for bot reviewing

You want to become bot reviewer?

yes

Applications are closed afaik

dam when it was closed

#announcements message

It's great when you can see if Discord had API issues by the sheer amount of interaction failed errors over night 😂

Not a big issue

connexion problems or what

API response time

damn very fast isnt it

Looks like it was an unhappy bunny overnight

maybe it had a nightmare

Just wake up with 16 pings going "why bot down?!"

https://tenor.com/view/kid-en-sacrement-regard-de-feu-gif-15231722216266444049

exactly

i need ideas asap

i ma bored

am

for gambling bot

i already did and working but i need ideas

I mean, just look at any casino ever for ideas?

idk wouldnt that be boring

i need something wild

like wild wild

A game where you gamble but if you lose it deletes the discord server.

Hell no LOL

You said you wanted wild...

but i might try it

like on a test bot to see if it actually works

i ve never did it

ermm how do i go about using something like better-sqlite3 on a dockerized app

@slender wagon you just use a docker volume or bind mount

docker volumes live in a pre-defined folder/volume_name and bind mounts are a directory link from anywhere on your host system to the container

oh makes sense

i totally forgor

i just gotta see if like better-sqlite has the option for that

That's not an sqlite option that's just how you create a container/compare with the volume argument

yes ik thats a docker option

but

import Database from 'better-sqlite3';

const db = new Database('tokens.db');

i gotta find the right way to go about defining it on the code

i prefer bind mounts

easier to keep track of data

also easier to migrate an entire project from one machine to another

Yea but then that wouldn't really show in docker as volumes you can manage, i use both

fair

what is better storing info in a data base or a json file

?

Proper database by far

my_sqli it is then

json file is only appropiate for immutable data like a config e.g.

but i tried stocking storage and info that is second updated and it is actually cool

postgresql

prisma orm

@delicate zephyr

Hello?

How can I become an analyzer?

@silk forge

ok

i want an image accessory instead of thumbnail accessory in sections

it would look so clean

theres a long space, when you have text thats just empty under thumbnails

it makes no sense to not have one

i need 24/7 hostong, PLEASE HELP ME HO HOSTING THIS

Rent a cheap VPS and host your bot there

or use an old laptop/pc!

Would not recommend this, expensive to run since they usually consume a lot of electricity and very annoying to keep running 24/7

If you’re going to selfhost then you should do it on something small and power-efficient, like a raspberry pi

fair enough

There is such thing as free VPS tiers as well, most will require a debit card to prevent abuse

i host my bot on a old laptop

but i dont care about power haha

It’s just clunky to deal with

I have a raspberry pi set up running a website right now through cloudflare tunnels, super small, no noise, super power efficient

nice

i use an old laptop coupled to my game laptop with teamviewer 😂

but love the pi tho

i had the pi 3b+

Does Discord API support the new feature application-entry for Discord servers like to log, accept and deny them?

This is actually what I'm talkng about

It's not documented yet afaik

Try it and see :/

There are a lot of bots to be analyzed, I sent mine a few weeks ago I think 😔😔

-upto

for further questions regarding bot reviewing/top.gg in general, feel free to head over to #support

Was the message for me?

yes ^^

why is my analysis taking so long

for further questions regarding bot reviewing/top.gg in general, feel free to head over to ⁠support
see the replied embed i sent

ok why the heck is textDecoder so slow at decoding multibyte utf8

What are Discord's webhook ratelimits based on?

As in, would having multiple IP addresses use the same webhook change anything

Asking to see if deploying a webhook proxy into multiple regions might help

probably not

rate limits are per channel and global

webhooks included afaik

so 5 messages per 5 seconds per channel

and 50 per second global

hi

maybe but cheap better novonode hosting this discord hosting 😄

bruh

why my bot not get access to the emote?

Why are some of the json keys full capitals and the rest lowercase xD

Emojis are like this: !11071hmm
it's not just the ID of the emoji. Also if you are using a custom emoji from a server your bot needs to be in that server

From the looks of it you're using the emoji feature in discord developer portal. it should work the same so it could just be your code being out of wack

i change all code of emoji

i trying to fix this..

well to be honest have you tried looking at the code for embed to see if you are loading the json file correctly?

check the way you're loading the json file and add some debugging try statements.

hover over the emotes in the discord developer site, on the right there is a "copy markdown" button which has the correct format

Epic

Idk how you mess up css that well it clips into other elements

mine didn't look broken

Probably broken under specific cases

idk i zoom out

how to report the bug?

What browser/device you using?

PC

Browser is like chrome, firefox, edge, etc.
Device is like Mobile IOS/Android, Tablet, Chromebook, Laptop, etc
This can also include your OS like Windows, Ubuntu, Arch, Mac, etc

egde

edge

try a different browser see if it fixes it

TIL

Is anyone using the content component in the new v2 components?

You mean Text Display?

sorry about that, yes correct.

My primary reason for asking: does it support all the same markdown functionality of the prior content? It has an example message that showcases it, but I'm having difficulty making the timestamp work 🤔

Yea

Subscript seemingly doesn't work either

Could just be a skill issue

alright. skill issue then

Thanks for the help @deft wolf !

Np

Perfect 🙏