#development

https://media.discordapp.net/attachments/1342556477516156949/1393110629694570566/togif.gif?ex=694247e0&is=6940f660&hm=c076816c3464e04f874f6e321ae29a81a9362f6b454ff43e8a92eb14d61a5b6c&=

@quartz kindle we should make this true and write android in javascript

v8 can handle anything at this point and keeps it reasonably fast

then all the electron and web developers can start working on android making it better, win win

electron on android, huge W

memory 100 performance 0

just do like discord: restart when memory is too high

surely can't be bad if they do it /s

Woooooo

Give review please

• Use one theme for all icons
• Instead of all categories in a single column, split into two columns
• Proofread
• Either go full slash or full message, or have them be interchangeable - dont leave partial support for either
• If you have to scroll to show your help command fully then it's too big, keep it simple

Last but not least, streaming services very very rarely are ok with people using them (or their branding) on bots, be aware you might get a C&D should ur bot become popular

Using red icons for everything isn't a very pleasant experience 🙃

what the fuck book is that

xD

I have no idea, it's just a running joke on another server

next time someone accuses me of being incorrect about java being javascript i will show them that

I mean, it's written in the book so it must be true

my doctor lecturer literally said java is javascript on my first semester. and also they said there is java++ because there are c and c++
idk if they're joking or what, but their teaching is bad, 3 semester passed and we always assume they don't even know what they are teaching about

JavaScript++ my beloved

🤓 erm dont you mean typescript

looks like every single music bot I've reviewed before

bet thats a clone

Nah I just know Java aka JavaScript, never heard of Type aka TypeScript

Sounds unnecessary when you have JavaScript++

Thoughts?

missing Schrodinger's cat

Missed the opportunity to use “grumpy cat”

hey guys

how does clicking on a phishing link result in you 'gettinh hacked'

for example i sometimes get spam mails with fishy links.

How does me clicking on that link, and tehrefore visiting the website, lead to me getting fucked.

it seems to me that there must be some sort of extra steps involved that require user interaction right?

Most phishing attacks are to get you to willingly give up your information by impersonating a real site

There are also things like CSRF attacks

hmm i am scrolling throuhg the internet and people are saying that just by clicking a link they can steal your passwords, your data, install malware etc.

But taht seems bs because there must be some sort of user interaction?

Shit true.....

Afaik this isn’t possible without CSRF, but you always run the risk that it’s a CSRF attack. Anything that can do that with 0 clicks would be a zero day

🙂 mobile working

Builderb bored

looks swag

No it's fulley by me it's never clone

Lets fking go

That's possible if the browser has a not so good vulnerability or by user interacting afterwards and installing something

Other than that, 99% chances you can open a link, ideally in a private window

And in those private windows, you ideally don't have your password manager extension usable to prevent something like what happened a few months ago

https://marektoth.com/blog/dom-based-extension-clickjacking/

and i mean not in the same vein but I remember I found a discord botlist that didn't correctly parse bot descriptions, and the result was an exploit on a bot i made where if you were logged in and saw the bot whether on a homepage or it's page, your user automatically voted for it

Better add a dev mode that lets you set permissions using bitmasks

Lmao

Good idea also a permission tool in developer settings too

Do people add bots just to never use them, like possibly to inflate numbers of some kind? I have had 4 servers add my new trivia bot but never set it up.

Absolutely
Friend of mine had his bot added to a server filled with 13k bots
💀💀never used any of the bots
Just hoarded them

Do we care about this or just leave it alone?

eh as long as bot aint being abused

Many bots leave if there's a huge number of bots with only a few people. Or leave if they don't have their first command run within x time.

Mostly just to save on resources.

Yea bot collection servers are a weird breed....

i'm facing a similar thing, 28 servers yet 50k messages, come to find out around 13 of the servers don't have any data in them, whatsoever

its like someones.. botting my bot

I like that idea, I think I will implement it.

Are Bob and Earle shards?

Yes, i thought naming them would be funny

There's Bob, Timmy, Earl, Gregory, Jennifer and Lee

Yeah I like the idea! Seems like a bit of an overhead sharding at 30 servers tho

yeah.. sorry about that haha, this was actually my first time sharding, so i sharded.. for the sake of sharding haha

No reason to apologise It's good to have it in place in case your bot rapidly grows. Otherwise you'd have to rewrite a lot quickly

Was just interested

yeah most of the time its exaggeration, very difficult nowadays to get pwned just by clicking a link, you either need a successful CSRF (becoming very tricky with CSP and more people using XSS-safe web frameworks), or an exploit that allows you to break out of the js sandbox (possible but very rare, type of vulnerability that gets you a few stacks of $ in a bug bounty)

perhaps it’s to help older people who don’t really know about tech thingy to be much more careful when opening something untrusted

For example 250k this year

that looks super sexy. if you ever want to work on the design more look at dribbble for inspiration
but it's already having a nice theme going

just redid my bots clan embed

how does it look

check mobile

looks good on mobile

i lied

mobile has a serious issue with line length yea

Had to cut a ton

bruh

apparently according to chatgpt closing a tcp socket non-gracefully is illegal

GPT has been so picky recently with “ethics”

Acting like it wasn’t trained on billions of dollars worth of stolen data

just ask gemini instead

yeah im aware, just found the guardrails absolutely hilarious and baffling

Hello everyone, if I have a question about trying to find and use a discord bot for my server that is capable of performing a particular function that might be somewhat obscure, is this the correct channel?

@shell tundra

nice scam

ok

oh so it wasn't the right place

figured

its not the best place, but there also isnt a place. what function are you looking for?

Alright, let me try to describe this, give me a moment.

Basically, I run a YouTube channel with almost 21,000 subscribers, and this channel has a discord server for the community of over 300 users. Earlier this week, I began writing articles for 'Seahawks On SI', a part of the Sports Illustrated OnSI network. What I'd like to do is make a discord bot (or leverage an existing one) that will detect whenever an article of mine is published to the site so it can then send out a message in the discord server with a link to the article.

oh so smth RSS i think

could smth like https://rss.app/en/bots/rssfeeds-discord-bot work?

possibly

let me look into this

okay i believe that it works

my only question would be, how often does it check the feed to see if a new story was added

i have no clue

if you post one itll probs be instant but i dont know how it works

thank you so much

i appreciate it

no problem

i thought this was going to be really difficult to set up

Woo image uploading and view

wooo

when files besides images?

I'll need to use specific UI layouts for other file types and i'm using vlc lib for cross platform audio and video playing so i have that covered too

im just waiting until i can upload a totally safe exe

I'm gonna block exes so no u :p

Discord and Revolt learned the hard ways of having unregulated file types

How about a totally safe screensaver file 👀

we are not allowed to write a perfect paragraph without being detected as AI generated 💔

4 statements that are literally the same thing written in different words

🤣 🤣

know what's more ironic?

LMFAO

yeah man i really hate that tool, more hate it because lecturers use that as the benchmark that either the students use AI or not

Which is just wild

Tools will always struggle

all of these criticisms apply to any concise formal writing 😭

i think we should all just accept that AI will replace us and just start using chatgpt to write all of our messages

If you haven’t tried ChatGPT yet, give it a shot. It’s great for quick answers, brainstorming ideas, fixing wording, and saving time on everyday tasks. Ask it like you’d ask a teammate.

not far from that

a lot of articles I come across are AI written

so many search results are polluted with AI garbage

Natural stupidity > artificial intelligence

indeed, i am getting more and more comfortable in delegating my work to claude code

honestly its impressive how its able to regurgitate beautiful cohesive frontend designs that actually work and look better than anything i would have designed myself

its also kinda fun how it forces me to take a break and makes me go do something else for an hour or two every time i hit its 5-hour rate limit lmao

yeah im delegating a ton of stuff to llms as well, although one part of code i refuse to use it in are security components (my main project atm is an SSO app so basically 90% of my backend) and anything with very specific specs behind it like oauth2 and openid

ive read and implement the oauth2 and openid spec in my app as well as some of the popular extensions, and the amount of stuff that LLMs hallucinate in those RFCs is insane

if you want to implement something that resembles an RFC but is non compliant use an LLM to implement it

it also very commonly mixes up common implementation mistakes in RFCs and says "that was part of the RFC" when it was just a common mistake or non compliance

😄 generated random avatar types based on username

I do this with gradients

Like your username gets turned into a gradient

Eh some people might not like having colorful gradients everywhere xD

my newest project is also you draw your avatar as pixel art

https://discord.mx/v/MIsK5Y1uLI.mp4

Really like that idea

When I type npm init, I get this error

node.js installiert

https://superuser.com/a/106363

how i can add command like this

You can't, it's automatic

??

?

i used slash command

but is not automatic

added

Discord need more data to display commands

so, how i can display the command?

You can't, Discord will display it automatically if they have enough usage data

bruh

so how i can import command to top gg?

Get a json of your bot's commands from the api or write a valid json yourself and paste it

You can also do this via top.gg api afaik

first time using go feeling kinda nervous can i use go everywhere to make everything mega fast

im waiting for the point where this has an entire api wrapper in each language for bots inside this new discord

I have a semi-usable bot api already though need to fully test it xD

In-app developer stuff too 🙂

ooh in app? spoiled

such luxuries

Add a bot builder into the platform

today (and the first in ages) 30 min late night update. went from geocaching support only in code detection to include opencaching. props to opencaching for their API too, that shit is beautiful

I used go for a lot, it's actually really nice to use once you have the hang of it

Funny you mention that i do have one for Discord already

for discord? or the new chat thing youre making?

New chat 🙂

ooh

well thats certainly a nice thing for non-devs

im assuming its based on the same API style as discord?

Well i can't do a 1-1 but i can improve and add things as i go along

I got some nice features atm though like group channels with apps/webhooks, collapsable channel bar, you can click on channel name for menu, more system message stuff and more split permissions

how do you plan to handle like account reports / message reports and stuff?

In-app too

i meant who / how

since im assuming this will be released eventually when its done?

Me at first but i'll see how things go

I'll do a warnings and a 3 strikes system with more serious things perma suspend

That's what gave me the idea

you fell into rabbit hole 😛

go is the most rust thing ive ever seen

its like rust but with a gc and runtime

Go teaches you some Rust principles while having some optional, then in Rust you're kinda forced to do it

Tbh I felt like Go was more like C with a GC

yeah go is nothing like rust

the most rust like language is probably ocaml

I mean, Rust was inspired by OCaml

And the first rust compiler was written in OCaml

Hence the similarities

Rust was inspired by lots of languages https://doc.rust-lang.org/reference/influences.html

Fun fact: None of them is Go

jokes on you I see a very small fine print that says go was the main inspiration

https://discord.mx/v/qJM18ZrNBU.mp4

go will always be a rustling in my eyes 😠

or go-ling since go is older

gophering

ok i'll shut up now and learn the language

why go

Hnn

voice of reason!

go confuses me as a language

its statically typed but tries to be a little hippy like javascript

on second thoughti would like to retract that statement

im suprised the borrow checker allows this

but I guess make sense, the mut references dont all go to item, they go to the property in item

id expect it to start complaining about lifetime guarantees

maybe the borrow checker is learning

its being trained on the tears of rust devs

quoting an IT ticket i saw

Hello

Can someone help me set up the following please? I want to do some testing over Christmas while its quiet

i have been trying to use V0 for solutions, but it has limitations. Chat GTP is advising that i should set up OR Tools and use V0 as UI only

• Create a small folder on your machine or server
• Copy the two files I gave you:
• optimizer.py
• app.py
• Run:
  pip install fastapi uvicorn ortools
  uvicorn app:app --port 8000
  If this runs, you are done.
  You never touch OR-Tools code again unless you want new rules.

(he has absolutely no coding let alone tech experience)
this is definitely going to end well

That's only minor you haven't seen the worst of IT support

This was one of the clients laptops for a IT company i used to work at.

Wtf is that on the screen

is the screen blurred or is it that bad?

It's that bad idk what kinda stuff was on that screen

Go knows how it ended up like that in the first place xD

The dust mites want to eat your cpu nibble nibble

@frosty gale did I cook

    async fn search_in_stream(
        mut reader: impl tokio::io::AsyncRead + Unpin,
        substr: &str,
        case_insensitive: bool,
    ) -> Result<bool, std::io::Error> {
        if substr.is_empty() {
            return Ok(true);
        }

        let needle_owned;
        let needle_bytes = if case_insensitive {
            needle_owned = substr.to_lowercase();
            needle_owned.as_bytes()
        } else {
            substr.as_bytes()
        };

        let needle_len = needle_bytes.len();

        let mut buffer = vec![0; std::cmp::max(crate::BUFFER_SIZE, needle_len) + needle_len];
        let mut valid_bytes = 0;

        let finder = if !case_insensitive {
            Some(memchr::memmem::Finder::new(needle_bytes))
        } else {
            None
        };

        loop {
            let n = reader
                .read(&mut buffer[valid_bytes..valid_bytes + crate::BUFFER_SIZE])
                .await?;

            if crate::unlikely(n == 0) {
                return Ok(false);
            }

            let data_end = valid_bytes + n;
            let active_slice = &buffer[..data_end];

            let found = if let Some(ref f) = finder {
                f.find(active_slice).is_some()
            } else {
                active_slice.windows(needle_len).any(|window| {
                    window
                        .iter()
                        .zip(needle_bytes.iter())
                        .all(|(a, b)| a.eq_ignore_ascii_case(b))
                })
            };

            if crate::unlikely(found) {
                return Ok(true);
            }

            if data_end >= needle_len {
                let keep_len = needle_len - 1;
                buffer.copy_within(data_end - keep_len..data_end, 0);
                valid_bytes = keep_len;
            } else {
                valid_bytes = data_end;
            }
        }
    }

anyone know why github keeps giving me "you've exeded the rate limit" message? I literally just went on the website and searched something and clicked on a result and thats apparently too much? is it just me that gets these is more what I am asking?

I had the same problem on my old internet iirc

interesting, was your old internet really slow?

cuz mine is and I'm wondering if thats somehow the cause??? I really dont know otherwise.

Well it was but I'm not sure if that's the reason tbh

so far its the only similarity

oh well

https://github.com/rue-language/rue

another language with the same future as V

Shit's also probably 100% AI slop

Everything co-authores by Claude

I want to see how good Claude is at building compilers

says it in the readme so yeah

What's the problem?

Also you shouldn't upload random zip files, noone would download that

@shell tundra random zip file

.ban @digital cove 7 possible scam

ok carl

Banned akaza07253

it's the name pattern that makes me suspicious

scam accounts ALWAYS have the somename123456 pattern

Well, it was legit bot packed as a zip file

i'll be real was only expecting ixz to delete it not to ban

wait u downloaded it?

lmao

Yep, but before opening it I scanned it

84 commands, probably some kind of "template bot"

can confirm, that is true

thanks for confirming, probably should be careful abt downloading zip files lol

still possible scam

won't show in scans

https://www.youtube.com/watch?v=A8O94RhcQN4

there could be a malicious node module, once you npm install and run the bot you could get grabbed

has happened here before, people approach others and ask "can you run my bot and see whats wrong"

lmao

how tf does this "random" project have so many stars

but definitely interesting project, although performance might be a bit 🗑️

i noticed llms dont aim for best performance

we live on the edge over here

nice, but what is the use case for this (i know its searching for a substring in a stream)

https://github.com/calagopus/wings/blob/main/application/src/routes/api/servers/_server_/files/search.rs
searching through server files recursively

incredible

The developer is not so random

And got some posts around and articles that cover it

just realised that the test bot that I havent used in 5 years has its name typed wrong

that being said, Im making a bot in python instead of node.js and oh man is it nice to not be in dependency hell. I just did pip install discord.py or whatever and it was a couple MB download and it just worked. I think discord.js is like 150MB or something isn't it? takes ages to download

Python is also dependency hell

elaborate?

I only say cuz to install discord.py it installed about 3 other dependancies if I remember right, but discord.js is about 15

if you have multiple dependencies sure

the difference is that the whole npm ecosystem is hell since the beginning

real

for the most simple things up to the more complex setup

when i was new to it everyone always recommended me to dowload this and that for whatever feature. but I later realised that most of it was either some really simple thing I could just build in myself or just a wrapper for some other dependency that I could also write myself.

I'm not even bragging Im litterally a dunce

but it just got to the point where I got fed up rewriting stuff cuz some dep updated its syntax so I just thought bugger it I do it myself.

Python package versioning is just hell in general. Setting up a project with dependencies that work on everyone’s machines between OS’s and shit is annoying because everyone needs to be on the same python version when they install things

Otherwise it causes major issues

I had an issue where I was working on a version of Python that for some reason simply did not exist for windows machines, which meant all of the deps I had installed and their corresponding versions were messed up on my friends’ machines

setting up conda is an even bigger pain

https://tenor.com/view/lurking-in-murky-monster-snakes-on-my-way-im-coming-sneaking-gif-18712681

it was a good day when i found out conda was named after a snake

where's conda's wife Ana

wonder how i compare to other vibe coders

doesnt tell you how you compare to others :(

they enshittified the pro tier a lot, the limits are so much lower to what they used to be, they now want you to subscribe to their $60 or $200/month plan

They realized that they actually have to turn a profit and not just burn VC money

they also patched the machine ID reset (free cursor essentially) glitch so now you cant use 200 emails to cheat decent AI coding

Or just learn to code 🤷‍♂️ I feel like you might be doing yourself a disservice by making 200 emails rather than just learning how to code

Seems like more effort to me

Its not so much learning to code, its learning higher levels of code that you use once for a niche thing and never again

But that’s exactly how you get better at coding

I have no intention of making discord bots really ever again, but I learned them at one point and it made me better at programming in general

I’m not saying don’t use AI, but not being able to code without cursor probably isn’t a good thing to get reliant on. Especially bc the whole AI bubble is going to require these services to get expensive in order to turn a profit

I can code without cursor, just not as well as I can with it

@humble gyro essentially, i am building a screen capture app that lets users capture timelapses without needing to create huge video files and editing them down.

at the moment i have this structure:

• the tauri frontend
• the rust backend
• • the main event loop for handling unexpected errors sent from each graphics capture objects' framearrived and closed callbacks. this will then be sent to the frontend
• • the event loop for processing capture commands from the frontend and creating graphics capture objects from them
• • the event loop for handling video merge (ill explain later) commands from the frontend and creating ffmpeg threads from them (not relevant for now.)

essentially users start capture sessions, pause them at their will (which saves the captured frames to a new video chunk), and resume them (which creates another video chunk.) chunks are done because it's impossible in various video encoding APIs to "stop" video encoding and "resume" it later.

then once the user is done with a recording session, users can pause the capture session and proceed to merge the chunks together into one full video.

i have a single recording object that the user creates on their own behalf. they can have names, sources, settings, etc etc. each recording has three states, idle, capturing, and merging.

at the moment, for screen capture i am using windows graphics capture API with its thread pool functionality, which means that the framearrived callback will always fire in a different thread every single frame. inside every callback, i check if it's time to properly process and encode it or not via an atomic variable. if it is, i write the frame to the video chunk.

indeed, i can barely use it without getting locked down for god knows how long. they dont even tell you when the limits reset

the reason i stopped using chatgpt is their limit only after like 10 messages,,, used to have the plus sub for 4 months and it was not even that bad before i had it. switched to gemini

i use chatgpt pretty sparingly so most of the time i'm able to get under the limit

received this email from our CTO just today that i wanted to share

We are entering next year with a very different shape to the one we started with. More focus on AI, more speed, and higher expectations. The foundations are in place, and that is down to you.

And in the spirit of honesty, this message itself had some AI help. If I am not writing all my own emails anymore, that probably tells you everything you need to know about where we are heading.

Take a proper break where you can. Next year will move quickly.

Merry Christmas, and thank you for the hard work and commitment this year.

good to know we are heading towards half baked ai slop 💀

if that isnt a reason for me to start searching for something else then idk what is wtf even is that email

unfortunately, it's the trend

i wonder if this is a bubble or are we destined to write worse software than we did

too many words

bad CTO

true

hes usually quiet but hes a selective yapper

Team,

Happy Holidays, rest up - next year we're going to fuck up the business.

🫡

for the latter, it heavily depends on how you use them

a lot of the business already uses LLMs in many places, especially in a front facing dashboard for customers, its a half baked mess that breaks quickly and with half of the buttons not working, dont even get me started on the internal services that power half the business, constantly breaks and needs fixes

ironically me and another dev designed services from a heavily LLM conservative standpoint (at best chatgpt for some backend parts but not copy & pasted) and the last time i needed to touch that service because of an issue was last year because of an outage

im not quite sure if the time saved vibecoding with cursor and then proceeding to apply patches across the year outweighs the time spent just writing it properly

A lot of businesses also use AI because it's "trendy" and "can fix anything"

Your user experience dosen't matter if they are still getting paid

Even companies like EA have nailed the milk your customers dry and repeate scheme with their games especially fifa which is the most addicted game

i attended a tech conference last week, almost all of the presentations are about AI

and glazing google

tbf i don't think this is going away any time soon

Nope and we are all gonna suffer for it 🙂

i don't think there's a benefit in being so pessimistic, we just need to utilize AI in a way that also makes us grow

it will never go away

if you're working as a SWE I think it's important to adapt to this AI craze.. learning how to prompt properly is a useful skill

call it future proofing :)

Imo you can't really call yourself a software engineer/developer if you're just vibe coding and you're giving a bad rep to people that actually want to learn and develop not to mention we have gotten to the point of vibe coded github pull requests and the disaster of windows

you just have to be responsible whenever you prompt things

Sure you can use AI in some things but not everything should be

there's always nuance

The way it's being used atm is destroying games, software, community and now are hardware

i agree but not every use of AI is like this

it's lacking regulation

i agree

haha it works!

how are you doing that? my last attempt in a discord-clone was a 1,000 line absolute madness

it's just cv2 builder

in rust

renderer is made with dioxus and websys

I meant that auto complete

I listen for oninput and onclick, then I get the cursor position and display a dropdown slightly below that position, focusing the cursor on it.

nothing too complicated

I went to a hackathon and every price was for an AI project

same here

Yup, it’s pretty much a requirement now to win

Won a hackathon last month by doing that lol

well can't argue with the trend

all of the winners for mine are focused on AI

one of the winners is a project that allows you to generate presentation slides on the fly 🤢

Ok yeah that’s pretty lame ngl

Ours was an agent that autonomously performed tasks for data center technicians & generated actionable steps for them

It solved an actual problem

Unfortunately neither company that we won the hackathon tracks for hired us 😭

one of ours winners eventually got some kind of investment by nvidia

Yeah they tend to do that

We won NVIDIA’s track

Didn’t even get an interview even though they set us up directly with the hiring team 😔

maybe soon!

😉

Nah I don’t think so lol

I don’t want to move to California anyways

or you can just email them

Yeah that’s true in the future, I do have their emails

And some connections to senior staff

I’m happy with the job offer I have now in Texas

awesome!!

you and your team are insane!

@wheat mesa oh btw one of the things our tech event touched upon is essentially how virtually untouched VR is nowadays

has making projects in VR ever interested you?

Not really, but it is interesting as a technology. It’s just kind of a niche thing for me since I’ve never used VR before

yeah

but they said that VR has an "unfair advantage" because of how niche it is

in contrast to how oversaturated web dev is

merry christmas everyone🎄
||-# pic not mine||

vibe coded stack

xD fr

merry christmas takiyoo!!

Merry Crimus!

Merry Chrysler

https://tenor.com/view/forza-motorsport7-chrysler300srt8-racing-race-sedan-gif-27210018

A few of the ideas were cool but most of the projects were just AI slop and it’s kinda annoying

claude offering double rate limits for the next 6 days, knowing most people will be busy with other things and not actively using it

lmao

At my hackathon that is

indeed, with AI there are so many creative potentials where it could help with real world problems and not make people lazier because it makes things "more efficient"

Hallo

I want to change my bot name and profile picture on Top.GG. How do I do that?

pretty sure it's tied to your discord bot

It's technically both first Discord then top.ggs refresh data button and save

Made my bot a proper site!

Also got buisness emails

!!!

So fckin happy

that looks vide coded lol

Does it?

yes

I guess i could see it. Eh. Better then what i had before it was just some blocky and odd sht

the style just screams it

mostly this

some models love these S P A C E D text

eh

Honestly i usially suck at this bc im not good at graphic design so ima just roll with it. Until i can hire someone to do it

If models can make sites like this thats scary how good there getting

But it got there earlier on it was this

Pls center this text I beg

lmao

Models are really good rn

Fck i thought it was

Should be better. Its centered to center according to CSS unless im missing smth

I'll be honest, I like that version more

I hated that version.

That version was actually AI

it sucked ass

that's funny

Really it is

I'll be honest

using AU for anything other than assistance is really obvious

you'll spend more time fixing the issues the AI creates than you would if you started off yourself and asked it to do specific portions

prompt leaked: "create me a dashboard for my discord bot with witty humour with random nonsensical labels plastered around the page to lure people into a false sense of security, also use shiny cards because thats kinda modern"

lol

it looks like a template

which to be fair is a pretty good intro to web dev 🤷‍♂️
I remember toying around with templates as a teenager.. which was mostly php8 + jquery on the frontend. web dev was truly hell back then

dont remind me of templates they bring back bad memories

trying to hack a template and the buttons to your own text and functionality was hell

i'll take vibe coding any day

Ai like i said sucks at websites. This site now was me but it ssry has been in the works for. Idk however long antiscammer has existed. Its just now on a proper domain with emails and sht

ai is stupid

Honestly AI doesn’t suck at websites, it’s just awful to maintain or customize. It has a tendency to rewrite a bunch of shit that doesn’t need rewriting

If you need a simple design that’s one-and-done that you never intend to modify much, it’s alright

AI actually can do websites somewhat ok the issue will be descriptions and content

Yeah

I might know why it is. Ai isent really given a properly done site. Its given how each function works. So realistically it has no ref to go off

yes out of half a petabyte of training data, none of it is a well made website 😆

Its not a joke. The way a model is trained is by understanding how the code works. Not how to make a solid site.

Also au?

Im assuming you ment AI

One time I did have a ai code a small pygame thing. It had the code so screwed up i didn't even know how it works and I just got a A+ in collage level python

yea

I used AI to build components for this but the rest was mine

looks pretty good! great job luke!

I did the research for the components etc and then asked for implementation examples

AI assisted will always be better than AI generated

I wish i could get this good. This is clean ASF

Honestly if i can ever afford it ima hire someone bc theres alot i want to do that i just cannot do

Literally:

• research design concepts
• learn how to setup a base for your framework
• research popular component libraries
• find the component you want
• ask it to implement X component

The issue is im not good at UX

Nor am I lmao

not by any means

I can see a design but cant execute it

At all

Xig did 100% of the UI for topstats

Im learning myself and pyrocdn is the project im testing with

Thats why this site has been worked on since the start of antiscammer. It just got to here now and it still sucks

Idk. Honestly i want to hire some fiverr dev or smth i want to eventually do a full bot page like dyno or mee6 with the discord sht but still learning how discord oauth2 works

i think what matters is that you always strive to learn from him

if you ask for assistance from AI on your project but you refuse to let your curiousity roam free what's the point

Idk honestly this site im making bc i kinda need to with how big its getting. Plus its nice to get my TOS and Privacy policy off google docs

I mean… vast oversimplification, the model doesn’t really “understand” things

Hi, I am {{NAME}}

hai {{NAME}}!

merry christmas!

Hewwo

To you aswell 🎁

True

LLMs can be described as a glorified autocomplete, they are trained to predict how likely each word is likely to appear next in a text

the only way i could ever be able is to get my own car to work for a month or so before the pandemic hit so that my parents can have the money.

this sentence is made by spamming the autocomplete on my keyboard. so i guess it is SLM (small language model) xD

eks dee

Just got a A safety rating for my site!

Honestly its more there to show im Trying to not have users data stolen. It is another check ontop of my SSL cert and some other things

Unlike every goddam site that you can run 1 command and steal every users info

What?

Also, how would people even "steal" data on your site? I took a look at it, it's a static site that doesn't make any requests to any servers for dynamic content

There's some stuff being worked on behind the senes

There's a reason its behind Cloudflare with maximum security the free plan gives

This year. Ive gotten. 40 data breach letters. One from this fckin platform

So clearly ppl can hack sites with ease rn

There is nothing to "hack" on your site is my point

You're just serving a static javascript bundle that doesn't make external requests

I'm assuming it's an SSG site

Your content is just static HTML that is built by (I'm assuming) a javascript framework

data breaches almost never happen due to "hacking"

99% of the time its social engineering / phishing / stealing employee's access info

Again. Stuff is happening behind the scenes. Decently soon here ill be sending stuff back and forth to my bot. Payment processors and discord portal sht. So its not static and I need it as secure as I can get ig

True. I categorize this under hacking as they still find a way in just through unusual means.

Often through spoofed or double extention emails

I'm cooking 0_o

Def cooking. Love the style

Rather be safe than sorry, when the react vulnerabilities came out I fixed them for my website even though it's just a portfolio, all public, nothing private

Respect

And ill admit there is some stuff I dont have (lack of funds) but id rather. Be secure now that way when I need it its already there

Encryption is key too

Everything is forced https. Better protocol. I have active ssl certs. And encrypt anything else behind private api keys

You would have to hack into root. View my api. Then nav yo page. Bypass cf. Bypass https to get any user data

So what is that 3 layers protection. One being impossible

interesting

It really is. I do it so deep because I will be handling alot of stuff. Eventually full API will run on that server. Ill have 2 way chats between multiple servers. Transaction handlers. User accounts through discord oauth2. Ye. Ill have alot ill need to handle so it needs to be secure. And id rather do that now then later on when its too late

what is the website?

Its for my bot.

whats the bot

Antiscammer.

This /\

Its basic rn but does have a api on it. Just got smth going for my bot to post its stats to the site

Good starting point for the website, it looks nice

Thanks.

I kinda suck at ux so its def a solid site for me

I really need to work on it so its cleaner tho. I know some things I hate abt it

like what?

Some small things like offset issues and wording

try https://securityheaders.com/ as well :)

you probably dont use CSP which it mainly assesses but its a good practice for security (if you use it properly)

script-src: 'unsafe-inline'

🧌

banned

imagine not using imported scripts

i have my csp as

default-src 'none'; script-src 'self'; connect-src 'self' *.xxx.x; img-src 'self'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' *.xxx.x;

there was a whole debate as to whether unsafe-inline for styles can be exploited but unless you allow connect-src to all domains you cant do much with it (assuming successful xss)

hii

does anyone know a pastebin service that isn't riddled with ads and allows robots to crawl them? I want claude to analyze a file that is too big (in text content)

https://pastes.dev/

https://api.pastes.dev/j8ZAVONbnE

i use https://hasteb.in tho i swear its been acquired like 5x already

no ads only trackers/analytics from what i can see

not when viewing though

gotta love composition (derogatory)

what are you writing

AI prompts be like:

lets make a general-purpose server-side Map-based key-value cache that can be used for anything

over http ofc

nah, over telnet

over rdp

over arpanet

over dial up

hey, i managed to make cobalt run in my bot as a child process but i get an api login from youtube, i added the cookies still the same error, any idea how to fix that

Note : I'm hosting on a pterodactyl panel, every other platform downloads correctly except youtube.

anyone knows anything about that?

user-agent maybe

do note that ur breaching their ToS if ur trying to reproduce youtube content in ur bot

"create me a shit version of Redis"

or memcached if you swing that way

ye but i want in-process

fek off with that microservice bullshit

new Map() you're welcome

your christmas gift for this year

its fun making caches though without llms, use map or just objects and periodically check the keys for expiry (or keep track of usage per keys for an lru cache)

although that probably might not scale too well if you have loads of keys since that cleanup function might struggle

https://flare.rjns.dev/68yE7/flameshot-skpmp9.png

3 different vec libs is it joever

Write your own that does it all

well, the issue is all 3 of them use unsafe code

so it is a fever dream to get these working in a reimplementation

honestly chunked_vec is a must have tho idk why its not in the std lib

what are you working on?

https://github.com/calagopus/wings
game server management daemon

good

Exciting. Been having ratelimitting issues with discord for a bit now. I send so much so quickly its insane. But i think i fixed it! Changed all RUST comms to run through nirn.

@shell tundra

a selfbot?

@shell tundra

.ban @vast finch 7 support scam

Banned cointyxrn

Either that or a hacked acc

Also this is like not the channel for support.

lol

🙂

im finally done, the only thing left is emoji picker and twemoji support

Nice!

it will be open source afterwards

what lang are you writing it in

rust

Bro uses rust.

what lib?

Lol nice

need to write one too and havent looked into libs yet

It is done well. I dont like rust bc its very literal. But good job!

I will probably carry out a thorough refactoring later to tidy up the code

but it works nicely

pterodactyl still exists?

i remember using it for a discord bot host ages ago (probably not made for that)

well, lets just say theres a reason im rewriting it

Are you able to center the drag indicators

aren't they centered? let me get my ruler

Like in context to the thing they drag

it's because of line-height of markdowns

I'll fix it

Yes it does.

Thats what i use it for.

Easier this way

its literally in the prompt> "Map-based"

but isnt Map map-based?

i think ive created a paradox

lmao

yes, the js map impl uses itself to store data

trust

recursive map

the data is stored in the function calls

like the guy who wrote data storage backed by icmp

function store(key, val) {
  return (k) => k === key ? val : undefined;
};

const retrieve = store("a", 10);
const val = retrieve("a");

store data in functions :^)

const store = (key, val) => new Map([[key, val]]);

const storage = store("a", 10);
const val = storage.get("a");
``` :3

custom components done

does anyone know the rate limit for interaction endpoints on the callbacks?

the documentation states that the global rate limit doesn't apply to them ... but doesn't include what the actual rate limit for them is?

If you make a request, then you can check the headers for ratelimit info but you shouldnt be relying on that for hard coding, only programatic values

that's fair

Also, if you dont want to worry about ratelimits to the create interaction response, then you should be letting Discord make the request and then either responding with a defer edit or with the proper response as letting your commands handlers make the request might not make it in time depending on infrastructure

Ie, you mark the response back to Discord as the defer edit payload

What I'm doing now:

/foo -> HTTP-based interaction over to my API ... I respond within 3 seconds with an inline response (no defer)

then I'm going to continuously update the embed about 1/sec

So the res from your API gets directly piped back to Discord?

correct

Cool. I think if you start a response with the status and then write the body buffer later, you can get more time iirc

Like the whole response doesnt need to be received by Discord within 3 seconds just a response started

but I havent implemented this yet

yeah I know, I prefer the inline http response behavior

yer. What I mean is response.writeStatus(200)

first

right, with a defer type?

no

you can then write the body of the response later

you are starting a response to Discord with the 200 status

I don't think the HTTP spec requires the start of the body to be in the same chunk as the status and headers

it doesn't

you can send them independently

Thats what I meant

i don't know if discord allows that type of receiving though

would be dumb if they didnt because slower connections would be punished and never be able to respond

also true

Btw, the use case for this is for making a "crash" gambling game.

http request -> /crash <bet>
i respond with 200 + initial payload
then I spawn a coroutine that updates the embed 1/sec

it looks like it's 5/sec per interaction.

Lines up with message edit

I think that's shared with the edit original interaction response

yeah, I believe so. that's well within my threshold if it's per interaction.

i thought having one giant error type was problematic so i decided to divide it into several distinct error enums

@crimson vapor don't 🥀 react this please

no closure hate!

that's a really funny way of doing it though

the thing is, i just checked in cobalt source itself they stopped the youtube download because of this exact same ToS issue.

i just realised how cursed this is

some poor v8 instance had to execute this abomination

They likely got a c&d then

how much does ping/latency matter in a discord bot?
how can you make the latency on a self hosted bot lower without moving next to discord servers?

It doesn't matter afaik. Like 100-200ms is pretty normal for anything hosted in europe

close enough

lowest ive ever gotten was 95ms

highest was 17289ms

lowest i got is 19ms

it also depends at what ping youre looking at, it can add up

since values can vary depending on what youre measuring

not sure which one im looking at...

    @commands.hybrid_command()
    async def ping(self, ctx):
        """Sends the bot's latency."""
        latency = round(self.bot.latency * 1000)
        await ctx.send(f"Pong! {latency}ms")

that's the ws latency yes

how do you get the other latencies then?

varies

now - command_executed

now - time_before_edit

https://flare.rjns.dev/68yE7/flameshot-aet4yx.png

im committing war crimes

banned from typescript

actually tsx*

only tsx?

wow thank you

only tsx

because jsx is a free for all

what about this file https://github.com/calagopus/panel/blob/main/frontend/extensions/shared/src/translation.ts

does it ban me from ts

you are banned from github as well

what did I doooooo

octocat does not approve

I want to appeal

Nooo not the prototype pollution :(

js strict mode genuinely needs to also disable modifying the prototype and make it frozen

it would basically eliminate prototype pollution which haunts js to this day (i think)

so many vulnerabilities just because js allows this

or at least disallow inferring prototype from objects

Wtf

hahahah yes anakin yes, prototype pollute him

luis espalha lixo

my smtp logs are all just lame brute force attempts every 5 minutes

and these bots dont even issue a starttls even though 90% of servers now require tls if you want to authenticate

ive also set it up so that after 3x failed attempts in same connection it just drops the tcp connection because otherwise they will retry like 20-40x in same session

welcome to smtp servers

i just fail2ban 3 failed attempts for a few hours

fail2ban doesnt ban, it fails to ban

if you dont configure fail2ban properly, it will fail to ban

nothing fails to ban better than fail2ban

ok i'll stop

Yeah here is how you fail2ban

#1: dont configure fail2ban
#2: run fail2ban
Tada

if you fail to ban, install fail2ban so you can fail to ban together

Y e ah then install fail2ban with fail2ban so its a trio of fails

configure fail2ban to monitor fail2ban's logs so it fails to ban what fail2ban already failed to ban

Yeah then have a proxy server running fail2ban so when the other fail2ban fails it sees that and also fails

fail2banception

Lol

Speaking of servers. Need to work on my sht but have 0 energy

https://downdetectordowndetectordowndetector.com/

guys, if let's say you were trying to find and use a mesh VPN/ZTNA for your home network, do you always prefer the open source one (e.g netbird, tailscale)? i heard people says on social media that we should not trust closed source one (e.g twingate),, is closed source really that bad

i think i would prefer the open source ones

I'd always go open source if at all possible

Not only cause I can know what it's actually doing, but also because it's typically free heh

plus a lot of closed sourced ones are paid and expensive

i see, so open source it is. thank you both of you guys

anything!

🙄

Just used tRPC for the first time ever

wasn't terrible

linked my nestjs app with nextjs

I assume tRPC is better rather than making fetch calls to the api

I didn't really do too much research into it

but everywhere I looked tRPC or something like it was always mentioned over using fetch

time to try that with combo of go+react

(well now its not trpc anymore xD

Performance of the new voice channel regions be damned with DAVE, the stability is pretty good

That's hours btw

it only took me until recently to understand the name

fail2ban

fail to ban

fail -> ban

if you fail -> you get banned

so genius

if you fail -> you fail to get banned

:^)

doesnt look like its on cloudflare so it might actually stay up the next time

is this runner cargo + dependency cache a bit overkill?

400mb for a cache seems like a lot

the alternative is it reinstalls cargo and refetches+recompiles all dependencies on each run

Is it normal for top.gg vote webhooks to trigger twice when they never used to

And by that I mean one vote shows as two votes in the bot (sometimes) (it never used to)

Yes because you don't respond in time iirc

Responses to webhooks must be returned within 5 seconds, otherwise they are considered a timeout and will be queued for a retry (if available).

`Webhook requests that time out or return a 5XX status response (like 500) will be retried up to 10 times. The retry delay is increased exponentially per retry by 2^N seconds, from a minimum delay of 1 second for the first retry up to 17 minutes for the tenth.

Errors resulting with status 4XX (like 404) will not be retried as these are considered user errors.`

Hmm

I'm tryna think how that could happen

I'm using a (rewritten) version of the SDK

heh

my GitHub cargo cache is reaching terabytes

💀

seriously, it's so much that GitHub is purging cache that's still being used

I can't fix it

what are you making?

is your key changing frequently for the cache? i have my key setup so that it only reinstalls + recaches cargo and dependencies if my cargo lock file changes

so i dont end up with too many cached keys because i dont touch my dependencies as much

nope, same key per bin (even if lockfile changes, same key=

but i just have tons

though tbh i dont know how much space my cache is taking up since im self hosting

will have a look

ill prob need to move to self hosting runners

use your arm rig for that trust

runners go zoom on arm

emr

yes yes, (ill use it only for windows aarch64 builds), other stuff goes on epyc

oracle cloud has kindly sponsored my arm rig that houses my runners free of charge (i forced them to) so i dont pay anything extra for them which is really nice

u mean the 24g free tier server?

yeah lmao

it is really really fast for a free tier

ye more ram than my entire arm rig btw

same cpu tho

https://www.hostinger.com/vps-hosting

thats what i use

yeah theyre ampere as well

who needs vps hosting when you can just draw 100s of kilowatts per month instead

im already pulling 1000w for my pcv

anyway yeah my build matrix has like 8 entries and only 4 caches are allowed cuz of size limit

so 4 entries are always from scratch

not enough

ur still only using 1 phase of power

and its not good idea to port forwarded on your home network and etc if you're thinking building website with it

im using 2 phases 😎

i got like 3 roommates

3 pcs

my room has 3 servers + 4 pcs

damn

one of the pcs has a 2600W psu array

i got 1 truenas server

https://flare.rjns.dev/68yE7/flameshot-wczvzf.png

not the biggest setup but its the cpu that counts

not bad

im using the truenas server for steam games

first one is a 9900x with 96gb, second one an epyc 7443p with 512gb

arm one has 16gb ram due to the shortage

its not shortage its AI wants more ram but DDR4 is still cheap

ddr4 is NOT cheap

my epyc ram kit went up 4x

and its 4R ram

the one noone wants

i got 32GB of ddr4 for 130 bucks

thats fucking cheap

its not

thats 2x original

my kit went from 550€ to 2k€+

ddr4 2666 with 4 ranks

it is, and yk whats not cheap ddr5

ddr3 is also increasing in price

nice, here 8gb ddr4 1rx4 costs $20 xD

lucky fucks

https://flare.rjns.dev/68yE7/flameshot-icdhom.png

cheapest result too

yeah ram prices are fucked
i bought 32gb 3600mhz ddr4 ram from corsair 2 years ago for around $131, now i checked and that exact same ram is $386 lmfao

heres ddr5

we are cooked

time to pull a contabo and use ssds as ram

use icmp packets as storage and then swap that storage

faster nic = more storage

i saw that cursed video

here ddr4

well, atleast I still have some contacts that have discounted ddr4 so im buying new ampere ram next month hopefully

256gb for 300€

are 8gb sticks cheaper? for 2x 16gb i have a price of $386

not good but not horrible

same I just call ltt

I own the 32gb version of that and when I got it, it was like barely that much 😭

frr

man i wish i upgraded my pc to 64gb sooner to run LLMs on, i was delaying it and now theres no chance of getting an additional 32 for a decent price

only 2 more ram slots left so id have to buy the more expensive 2x 16gb sticks

i hope not ddr5 + amd

if so, forget using 4 dimms for ai

buy mac clusters with DMA

buy my gtx 1070ti gpu cluster pls

im still on ddr4 and amd 😔

tbh, I should try turning it on again

after 1.5 years dusting

youd be better off selling that on ebay 😭

nah, a cpu upgrade and itll run the biggest models (only like 64gb vram total so not)

same

but i got 5060 oc

That’s how much I spent on my 64gb ddr5 6000mhz

Now it’s worth as much as a 4080 super

😭

160$ for the ram kit when I bought it

Now it’s 750$

Mercatus 2.0

mongodb had a critical cve published over christmas lol

they trusted the clients zlib uncompressed size hint and didnt check whether the decompressed data actually matched this which causes a buffer underflow which leaks arbitrary surrounding memory

waiting for r/rust enthusiasts to make a post about how rust wouldve prevented this attack

ignoring the fact that people can use unsafe code in rust

nah more like shit currency

the goat

https://cdn.discordapp.com/attachments/1384341249137446992/1394194241835634790/caption.gif

https://tenor.com/view/druski-gif-18348698948575815487

beta (working, ready to change over) status page. feedback needed! whats good, whats bad, what looks weird, did i make a mistake etc...
https://trackerstatus.vercel.app/
any feedback appreciated

I just realised I never tried it on mobile oh no

So some bits are missing and need to be fixed on mobile uh I recommend you view it on a pc if you can

Bruh the database didn't database for the latency rip me²

sooo please feel free to give feedback on style but not on functionality because it is very broken and database not exist

Yeah I realised that the button can do that and forgot that this can be a happen

looks clean

Thanks

AI did most of it

I know nothing about typescript or react

oh 💀

AI did the base and I just heavily heavily modified it

It's an improvement from my last one
(https://status.trackerbot.xyz/)

i'm obsessed with my newest rendition of the auth panel, haven't shared my progress in a while, let me know

this is neat, im trying to work on my own status tracker

obviously personalized

but its coming along

I think the font for the welcome to is a bit out of place

oddly enough you're the only one to say that

but rest assured it is intentional

I personally am not a fan of it but oh well

I've seen worse font choice though

All in all solid 9/10

thanks man, yeah i use DM Sans, and for important headers, times new roman, just for some spice is all

I like the addition of the join the support server option instead of it being automatic

ye haha, it used to be automatic but

i got a few complaints

so ethically it seemed like the right thing to do

I think I was the uh main complainer

If I remember

OH i remember you now

yes

haha

I am him

And I have actually been using your bot since then

thanks man, yeah we've (or well i) have been growing recently

advertising sucks but

its worth it

Hmm prechecked

Personally I would uncheck both and make the user manually check the privacy policy one to be able to login

oh i see

Ensures users actually have some sense of awareness

you may be right

ill go update that now

This is when you hit cancel on the discord oauth, not sure how much you can make this look a tiny bit nicer or redirect you home

Aaand even if you uncheck support server it still has join servers for you

Eyy good stats

alright, thanks for testing all this for me man

No problem lol, sorry if I'm a bit harsh

ill address them next patch, later tonight

nono haha, much needed

u also forgot ToS