#development

🤮 https://flare.rjns.dev/68yE7/flameshot-brh5od.png

galaxy brain: ditching everything and using C instead

void* everywhere

ive went back to c++ recently for another project and i really did miss using raw pointers

its like a drug addiction i know its bad for me but its just too good

void* my beloved

everything in existence can be boiled down to just 8 bytes

on linux atleast, you can usually use the top pointer bits to store data without issue

because the kernel has a ridiculous number for its memory region on 64bit

that's crazy

ah yes 2 entire unused bytes on pointers

cpus natively support tagging 8 bits afaik

so you can even retrieve tagged pointers' data without needing to untag them

free real estate

i mean yea memory allocators often use it

petition to change pointer size to 6 bytes

im sure this will go down well

definitely wont lead to unaligned accesses

intel and amd will have to change their cache line size to 66 bytes i think its a net good imo

ignore any other use case

might aswell call them 48 bit processors

x86 already so bloated why not improve unaligned accesses tbh

https://www.youtube.com/watch?v=Wz_xJPN7lAY

its that time of the year again

i hope whoever invented npm and the whole npm package thing

go to hell, hope your pillow is always warm, you'll always wake up sweaty, may your sleeves fall into water while washing your hands, may you forget to get your pizza out of the oven, and several other unforgivable things in humanity

whoever made that shit should never touch technology

go touch grass, that shit is more simple than whatever node_modules shit you invented

literally cant even get a proper, non buggy foss approval with another stupid library needing to update their readme and cause a whole fucking rebuild of their shitty little library that does something in 2-3 lines

stupidest invention

I've been spending like a year or so getting a proper pipeline to work, only for npm to take a shit on that

and its not even python, i love poetry, poetry is to fun to work with, do it once and never again

nah npm literally makes it depending on the alignment of cloudflares fucking lava lamps

enough rant, thanks for listening, but does someone have any idea how to handle this?

has anyone tried pnpm before

yes i use it on all my projects

probably my go to then

pnpm is already selling me on the autoritative pnpm-lock

than a package-lock.json that changes on a single node version bump

just accidentally clicked "stop" on the company's central IIS instance (rich mans version of nginx) which also stopped all sites running under it, oops

why in the hell is there a central kill switch with no confirmation that looks exactly like the one you use for a single site

we love Internet information Services much

exactly, used to work with it, glad my team kind of said "nah fuck that"

we use nginx

sadly at our business we are riding microsoft so every single server is hosted under windows server and IIS

though IIS has a somewhat cool feature where apps written in dotnet and asp.net can hook directly into the IIS instance which IIS then manages and listens for requests directly

and if you're low on memory it recycles the instance by shutting them down and starting them up when a request arrives

i have mixed feelings about it though

i have yet to see an asp.net app use less than 100mb of memory when running a hello world

used iis at work once, though was php lmao

im glad we use nginx though, less bloated ngl

using iis for anything else than .NET is crazy

im aware

is there anyone here who does professional dev work including getting software through a FOSS approval process?

Definitely not asking for a friend

for example in a corporate environment where a simple foss mistake could actually be crucial

@frosty gale send a way to sponsor u ✏️

Most sane js developer

uhmm are you sure you didn't misclick?? 😭😭

jokes aside thank you sooo muuucchhh!!

❤️

Funny thing is, i dont even code it

I have to deal with the licenses approval shit

thats more pain than to code it

Hey, I want to ask what are the message types in the bot, such as buttons.

Button is not a type of message, it's a component

Oh, thanks for the info, what components are there?

https://docs.discord.com/developers/components/reference

Across dashboard / bot 500commits

rbac done finally

man i keep getting this 400 error in my logs when i hit send test. Could yall verify what yall see on yalls end? https://top.gg/discord/servers/784147911148965888?s=0a931c1cb37fc

Are you inputting your webhook link correctly?

never mind i may have figured it out

No worries, lots of us here who can help aswell

Yeah I’m having trouble with it posting to my server for some reason

Can’t seem to figure it out

I’ll figure it out eventually

i got it ot finally post in our voters channel, but when the embed gets sent I can only see their user ID not the actual display

thats a code on my end

Is the user cached

discord cache

it’s temporary cache

yeah there were some lines i needed to add

If you use component v2 it gets around that a bit better. Now of course, if the user isn't in the server then you it wont be proper either.

I made sure to include a line where it’ll still post but say, (not in the server)

So is everyone taking the entire index and building on it or only taking what they need?

I took this embed idea from I believe it’s Mr woo’s project, top gg webhooks

I've just noticed with components I don't get the cache thing or atleast I haven't ran into it yet.

Because it actually pings the person which I'm certain you can suppress it.

Could you send an image of what it looks like for you when someone votes

I dont have a vote image but I can show example of a component

But you just build the component the way you want. You just can't inline like how embed fields do which I kinda wish we had with these.

great job gothic!!

Hi

Was there ever a time where you just scraped a project and restart everything Because you didn't like it

@pliant gorge

I'm talking about a Discord bot

yeah

Ive ported my bot from js to ts which essentially required a tear down of everything, some copying because the functionality has been great

Just different project organization, libs, etc. Used to use discord.js as well and now it uses the raw api

Half the commands are made originally broke So I'm currently doing everything

ngl kinda unfortunate server name/bot name

hoping discord doesn't accidentally ban that lol

fun fact, gcc seems to only turn a switch case into a jump table after 5 or more cases (at least in my environment where a case is just a < comparison depending on datatype but results may differ)
otherwise it just turns it into traditional branch comparisons

4 switch cases

        mov     rdx, rsi
        mov     esi, DWORD PTR [rdi]
        cmp     esi, 2
        je      .L2
        ja      .L3
        test    esi, esi
        jne     .L4
        cmp     edx, ecx
        setl    al
        ret

5 switch cases

        mov     rdx, rsi
        mov     esi, DWORD PTR [rdi]
        jmp     [QWORD PTR .L4[0+rsi*8]]
.L4:
        .quad   .L8
        .quad   .L7
        .quad   .L6
        .quad   .L5
        .quad   .L9

just a random observation

makes sense

clangd only does it if its 4 or more cases

so if i really wanted to force a jump table in gcc i'd probably have to do a decoy branch that will never execute

interesting!

#development message

https://tenor.com/view/all-roads-lead-to-rome-time-rabbit-gif-9497165517404307883

Thick it's probably gonna take me a few weeks to a month to rebuild everything

double it and give it to the next person

dont have another person to give 100€ to

😭

you are so generous

Gosh why are so many people getting denied or banned

What is going on...

You mean here? It's pretty normal

Also reasons are public

premature banning in this place isnt anything unusual

whats the occasion lmao

invest it in crypto and become a rich man
-# ⚠️ This message is for informational purposes only and does not constitute financial or investment advice; cryptocurrency investments carry a high risk of loss and you may lose some or all of your funds.

see u in chat often and i have money to write off

Bet on red and multiply it

This way you can give 200

oh ik

chatgpt is getting ads on their free plan

https://tenor.com/view/skull-droeloe-gif-19319575

oh no whatever shall I do with my ublock

the cheap paid plan too iirc

can't wait for all these companies to go up in flames. we will end up running models locally

i mean we already do, sort of

it will just become more mainstream as time goes on

new rack almost done 🙏

holy looking sweet

what sort of hardware r u running

freaking look sweet

Ampere Altra Q80-30 with 256gb ram
AMD EPYC 7443P with 512gb ram
AMD Ryzen 9900x with 96gb ram

About $5million worth of ram

bought the ampere ram during the shortage for just 400€

(1 month ago)

I am very much on the hunt for 2nd hand DDR5 but people are now wise 😂

yeah ddr5 I'm not even gonna try

wanted to upgrade the 9900x to 192gb but waited too long

I want to pickup a cheap server to first give it a whirl and just mess around on it

bro

nah his wallet is crying rn

Raspberry pi

hell nah

my current server is much stronger than that lol

I want a new server which I'll use as staging

i bought my ram for around $100 now its worth around $300 and its only ddr4 lmao

hah

biggest investment

i thought things get less expensive as they age but not nowadays

yeah apparently no

stonks

even apartments (not relted to here) go for crazy amounts 🙁

noooooooooo my onboarding flow is broken, when I implemented RBAC

but fresh users servers endpoint is empty so loadMyPermissions is never called

🙁

idk why but Apartments in my town are so fucking cheap

350€/month warm

holy shit

CABLE FUCKING MANAGE

HOLY SHIT

how much is a m2 = euro?

ohh my days look at the "almost"

the AP I was looking at is like 60-80m2

no to buy an apartment

hm?

So when you buy an apartment e.g. they give you a price 180k euros for 80 m2, so that would mean it's 2250eu per m2

hope that makes sense 😄

well, on that apartment it's 2€/m2 for cold rent

yes but renting

you can't buy it

okay but in general to buy an apartment

how much is the ~e/m2 aprox? here it's 2.5k

can't really give a good number, there's only one buyable apt currently and it's a luxury one

ah fair

hey guys

does anyone know a database that has active, online sites that have credit card skimmers, or skimmers in general? This is for research purposes, i need it for my thesis for training data as machine learning input.

what, I am sure this is not for here, and breaks the rules both Discord TOS , and Top GG rules.

no it's for my research

i am doing research on skimmers and need to have training data available.

sites need to be online as i need to infer contextual features

I don't think you'll easily find a dataset for that..

think about script source and origin etc

you would be mistaken. abuse.ch is sick but almost all sites are offline already.

you can look at the inferred injected code but not the contextual features that i need as an addition.

Although I don't think you want finnancial gain still agsinst TOS

I get the idea, but I don't think you'll find results that easily.

bro what are you talking about

The thing you want to research on you won't be able to find results that easily.

i don't want to make a hack or something, i just need some sort of database of known scams lol

it's for my thesis

I know I know, I understood after I re-read the message 😂

i found like 3k entries already but the sites are offline

Exactly, offline.

so maybe i can use the wayback machine to get the contextual features or something?

Probably, maybe also reddit's cybersecurity sub-reddit might have some info

That's literally illegal bro 💀

i swear i will kill myself

read through the convo you'll get it

Or just get banned from Discord

how is a public list created by researchers of known malicious urls illegal?

It's for research purposes.

i knew some guys in here that knw a lot of cybersec so figured to ask

You really think joining communities to ask about skimmers is ok?

Bro what

@frosty gale what did i do

it's for my damn thesis. What the fuck could i even do with those sites? I need to use that for my machine learning training data.

I know some guys in here are into cybersec, this is the development subchannel, this is about developing a machine learning model.

i didn't ask:
someone please tell me how to make a skimmer. I asked for a publicly known database of malicious urls for training data.

Why does your thesis need illegal websites in the first place

Aye you're trolling lmao

shit you got me

ragebait final boss

Also confused what you mean by skimmer anyway because they are irl scam devices not websites

Okay now i know there's just a knowledge gap.

https://en.wikipedia.org/wiki/Skimming_(fraud)

skimmers are injected code that reads forms for private info. They are running cient-side. Mainly used in ecommerce platforms, login forms etc.

e-skimmers bro

MageCart and WordPress usually get hit by that

So write about that then

Yeah but i need a database lmao

of known historical e-skimmer frauds.

And how wordpress, plugins and vulnerabilities are bad

I want to make a ml model able to detect skimming. Need a lot of training data for that though.

I have found a solution though, i can use abuse.ch for that.

They got a public researching database, i can basically infer some features from the injected code dispalye

https://www.spamhaus.com/?

and wayback and gg

damnnn!

much love broski

yes yes i know obvious no need to troll me lol

hmm?

You can't really fully detect that since a server can just hide what it's doing when you use apis, javascript and php sure can

no i appreaciate this, they got a public database i can query.

you can.

They inject code. That injected code can be seen in the devtools.
Usually outbound fetches, obfuscation etc.

In js php yea

whole idea of skimmers is that an external source loaded it in.

Malicious ads also can

no?

i mean not in terms of forms

Yea websites that have malicious ads can be hijacked depending on how secure the ad network or usage is

Especially ones with fake popups and new tab opens

You have a really weird thesis tbh even if it's cybersecurity

ngl all you just said isn't correct. It could be coming from the ad network indeed but that's likely going to be google. Injected code is almost never possible as the ad's are sandboxed to only be an image/gif and are sanitized on input.

how is it weird lmao.

They wouldnt have you try digging this up more of writing about it

heh?

i am excited for this thesis tho, gonna be lit.

Got a bunch of work to do though

check out this guy, you might find something interesting
https://youtube.com/@tcmsecurityacademy

I watch a few videos here and there, guy knows what he's talking about

i definitely will, cybersec is really fun man

Not wrong about this btw it's a reason why adblocks are basically required at this point

you are wrong. If you click on it, okay that's a different story. I was talking about loading in ads for the site itself. That's not problematic.

wait, but can't session hijacks happen via ads/extensions as well?

Yup

or not related? but fairly sure it can? especially if saved cards are stored in a cookie?

they could but it's heavily sandboxed now and iirc no external scripts can be injected.

or maybe they can though.

I'm trying to understand more, and seems like a nice convo to learn more

Google ads sure are sandboxed but not other ad networks to that extent

ads can inject code indeed but it is heavily sandboxed. It's rare to occur but happens though.

Also chromium just had a zero day exploit announced today too with js

it's also iframe isolated.

but wait, e.g. worked in a gaming mobile company which published games, they used publishers, and they define what ads are shown in the html5 playables

this is mobile but still.

https://m.youtube.com/watch?v=2g1FKeDEpFo

if an ad is a html5 playable it renders directly in browser which would mean a card saved in a cookie/session can be hijacked as well, my logic might be flawed but ye

the iframe is cross-origin

e.g. you say google admob's is sandbox, but what about unity, meta ads etc.

meaning it has its own local data and cannot access other sessions.

yes but other publishers 🤔

It also depends how secure a website implements cors and hsts (strict transport headers)

ads are always inserted as an iframe right? as a cross origin source.
Cuz of that they have their own session, storage, cookies, etc.

They also cannot access the DOM.

depends on the ad

or ad publisher

Nowadays safe-iframe is being used as a main way to insert ads.

Although it depends heavily on the provider. Sketchy ones could load using script tags.

There's also shadow dom which is like iframes but not external websites they are embedded html with their own dom/security

damn i read that wrong, shadow dom haven't heard of that.

That's sick though.

actually this turned into a decent conversation lol

from one way to another 😂

hahahha fr i like it

same lol, turned into a much more productive conversation than expected

Yea my bad i though you were on about buying card skimmers or something lol

no it was for my research

i mean the initial message did kind of sound like that, that's why I reacted the similar way, but still

yeah i worded it a bit wrong.

E-skimmers are genuinely sick tho

I am curious though, it can be a potentially good extension

interesting. They inject code in a site and lurk on forms.
They usually then send it to an outbound serer that logs it.

I mean it would function similar to those roblox scams, I've seen, when they click verify and then go to the landing page which has a "iframe" loaded to look the same as the roblox login, as soon as they hit login it gets sent to a channel.

The roblox scams use another trick they use bookmarks as javascript reference which browser for some reason allow

exactly, but now the scary part is that these forms are loaded in on a legitimate website

under the same domain and ssl

usually the fake roblox sites are just sketchy overall.

These skimmer sites appear exactly like the normal site, nothing changes in terms of UI..

no no this is a different one

so they tell you to verify you click on verify it takes u to some bot landing page (which is a clone of the legit bot), then they prompt you to login which opens an iframe with the same design of the roblox landing page but in an iframe and the domain is different, but since in iframe you can't see the domain lol

Yea phishing basically

yeah

And ones with fake popups and fake url bar

finally guys finally

the bad part is that most of this code is obfuscated tho

it is done, the merge tag panel is done\

so you can't read shit

yeah lol

very nice man! Looks sick!

imma cry I'm so happy that I finished it.

btw that site you gave me was sick. Exactly what i. needed broski

glad it's useful.

do you use react?

dashboard?

for the frontend yeah

python for the bot, and everything, and dashboard yes.

very noice man. How did you manage security?

I swear some guy vibe code a site and he sent me it, i was able to change my session id client-side lmao.

lmao

it was persistent too

questions towards everyone javascript

pnpm or npm

Listen, if you are down feel free to try @eternal osprey , would appreciate if I've missed something lol

npm

npm because its easy?

yeh

i would love to, dm me the url 🙂

will do now!

they got shitty way of scanning for malware though.

so bun for me as long as the packages are supported lol.

oh we discussed this here as well 😂

lmao yeah

😛

they do database lookups of known vulnerabilities

if someone pushes a new package it only gets picked up after x time.

also how do they allow post and preinstall scripts to run automatically with priviliged rights

after it gets reported / known

yeah but then it's too late already.

yup

i think they're just assuming that new packages got no motion lmao

that's why companies have dedicated roles to be in the know

you can actually view the official database npm uses

https://github.com/advisories

yeah

they got integrated in late 2021.

hah

btw dm'd you, I'll take a small break because tired

a big + though is that they did a partnership with microsoft for behavioral analysis but thats super expensive hence why it cannot run 24/7

Thing is, beside easy npm install stuff, I need to ensure heavily that the lockfile is very enforcable

which npm does sometimes

say less, i will look at it tmrw cuz i am going to sleep soon

lmao

later homie appreciate the convo

@crisp trout @prime cliff it was nice talking to yall, we gained some knowledge today hehe

eh f-it i added yesterday analytics as well as a valid option.

get quick insight on how your last day ended, how many tickets have transfered in your current day and so on 😄

https://i.imgur.com/GRYdKeo.mp4

Looks great!

You should make it have a selectable date range so can do like last hour, day, week etc

atp cursor's llms are trained specifically to ragebait you to waste your tokens so you buy the more expensive plan

i remember that day on jan 31 it kept messing up some windows api calls in golang and that session may or may not have lasted 2 hours with absolutely no progress in the end

https://tenor.com/view/dog-husky-soon-gif-7801078

Whats your code stack for the dashboard?

Reactjs with what else?

yeh

I feel like that highlights a key rule of AI. Don't let it work above your own skills/knowledge.

If it can't figure it out in a prompt or two you should just write whatever it is yourself or write the bulk of it and let AI finish it.

tailwind + shadcdn

Also ye @warm canopy working on having the filters 😛

I just have to expose it in the API.

i also use shadCDN!!

or i did, recently swapped it out

it's goated 😛

though analytics to be done are so easy since you just expose it in api and filter it lol

i don't think i've meaningfully developed my backend in quite a while

most of my work on statcord nowadays is frontend

technically i just expose via the api anything new i want t do lol, very light frontend changes

BUT you have 100k users so you are doing everything right hah

gosh i wish discord would hurry up and verify it

wait what sort of verification are you doing the one with ID?

the way you present your work on threadcord is very professional

i dig it

thanks ❤️

privileged intents

oh ? i just applied instantly for it lol, is there a separate verfiaction?

xd

once you surpass 100 servers, discord has to manually approve you for it

oh

so different one than the one with id's

yes, since its manual you'll be waiting for ages haha

ive been waiting for 6 days so far

ahaha

damn, you'll get it sorted no worries

this is neat, very neat

though i did notice a bug yesterday because i implemented RBAC whivch broke onboarding flow where no server existed

done @warm canopy 😄

i love your UI and color choies @low marten

haha, been black and orange since some of the first releases, let me find my old logo and UI

first ever logo

wait

i actually like it lol

https://support-dev.discord.com/hc/en-us/articles/23926564536471-How-Do-I-Get-My-App-Verified i thought this is instantationus?

older dashboard too

this is yes

i love it

the checkmark is instant

but being approved for gateway intents (invisible on the bots profile)

is not

hmm

one sec i can show

ye

oooh

can I dm ya salt?

ofcourse

Ty ❤️

working on a new logo,

i kinda f with 2nd version

I need help with having my botghost bot detect when my server is voted for

how can we change background like the full background color of my bot page?

CSS

can it do the whole page too?

You can change style of literally anything on the page with css

gawh damn

new to it

thought only the descption and stuff thats it

as long as you dont replace topgg elements like bots like this etc

tysm!

oh

what was that command

it explained smh can't find it

You can change colours, set background images, style and animate elements within your long description using CSS. If you need help learning CSS, you can check out these resources and ask for help if you need it in ⁠development.

Please note: It's against our guidelines to hide or modify the content of any Top.gg page elements such as reviews, bot information, ads etc. You may change colours and border colours of site elements, but you may not modify the text content within.

Failure to follow these guidelines will result in your page being unlisted from our site.
2/12/2026 9:33 AM```

oh

ty yall

new login page who dis

Guys i am working on making an automated pen testing tool for api’s and webservices. Would yall be interested? It will be open source and tests the service against a large number of cve’s

we starting again 😄 ?

haha

Love it

Hahahahha fr

There’s many out there but i really try to make things easy for beginners

i feel like I might be sharing a lot just exciting lol

I love the translucent design!! great job gothic!

hehe thank you

Finally done the webhook integration with top.gg xd

i sure do hope i've set everyting yp correctly

awesome!!

though i think i've missed something, they don't need to be logged in in order the vote to register or?

Yeah login via discord.

aaha so i did get it right button -> topgg login -> vote

Yup, the login auth is handled via top.gg and what not 🙂

haha nice i thought i did it wrong

im trying to buy some used 4gb sodimm ram to test a laptop with but i cant find anything under $15

a single 4gb used sodimm stick with unimpressive clock speed, the resale value doesnt get any lower than that but yet still $15

market is fucked

ddr5?

thought i said ddr4

hello, what is the best database to use a bot with a large number of servers

Probably the same case as with the best programming language - it really depends on your preferences I guess

Large numbers? You're probably going to want to determine things yourself and spend some time testing various databases.

As above, depends on usecase but when talking "large numbers" the optimisation of the data and the database service itself becomes the paramount sticking point

i mean what are the options postgresql, maria and what else

sqlite xd?

cockroachdb, clickhouse

MongoDB 💪

YESSS

Only database I use

I have one instance hosted on my VPS that all my projects use

Man of culture

thank god for my uni to use mongodb throughout its react course

i wouldve died needing to learn a complex SQL DBMS

my years of being a discord bot developer using mongodb PAID OFF

quite honestly the stack they use is the most discord bot stack ever!

mongodb sounds like the kind of db where youll be bottlenecked by your cpu rather than IO 😭

i'm not insinuating that i prefer mongodb over other databases btw

i don't have the time to learn them right now

I use mongoDB but thats because it's simple for me

it's simple for sure, but i'm not gonna use it for serious projects in the future

it's good for a beginner practice though

i hate mongodb

sql based databases are on top.

I have worked on a lot of postgre DBs

yeah I understand

it's not even super hard to learn, i think sql is manageable within like 3 days to a week

Working on large prod sql databases is a nightmare though, that said any large scale database is just nightmare fuel to me lol

it depends

boys i am looking to work on a nice project. Do you have any ideas?

i thought of making an automated pen test tool for scanning vulnerabilities in api's, sites etc.

I have several long-term ideas for sure

shill em

wow, setting up RBAC like @crisp trout suggested, found some pretty insane stuff! i've never actually bothered to look at any of my bigger servers

200k messages is 47% of statcord.xyz's message intake currently

in 1/100 servers

nah i'm afraid people would steal them 😔

i have set up a github organization for them but atm it's still empty

another suggestion save them in your db as guild{ID}

that's how I have them saved, is this your internal dashboard?

not sure how you do but

servers are already saved, though i have no internal dashboard yet, i'm yet to find a means for one

wait im confused then how do you have a list of all of them?

wdym

i just modified the auth endpoint in my testing environment to pull all available servers

haha

aah

😂

my bad

how is the intent verification going

oh dont even go there...

still radio silence

im very upset 😭

damn, hope you get it soon

i had to turn a few people down today when they asked why they couldn't add the bot

its so annoying

yep

i kind of switched the premium (hopefully done it right), now instead of purchasing it you vote for premium

• stripe ain't available in my country

wise wise wise

so figured this is tyhe smarter way

i've had this one member vote daily since day 1, its insane dedication

haha true

also did new logo

to better fit "hopefull"

not sure if you seen it

i have haha the T

its very neat

this

yes

yeees

and the portal change

but we'll see how it goes

the goal still remains 50 servers

how many currently?

active probably 1 rest are 2-3 test

2-3 people who added it to try and see how it works to break it down and reverse engineer it lol

xd

and to try and see how the actual thing works but meh

I did reach out to few servers but so far nothing positive.

bro i am fucking sick what is happening man

whole day feeling like shit

what's going on

it's Sunday, understandable to bit down under.

my immune system is acting like a bitch

according to my math, around 70% of my server count either didn't give the bot permissions, OR are test servers, as they have either no data, or very little data attached, like 1-2 messages.

not sure if in y'all's country is the same but people get sick with similar syndrome's that resembled covid lol

see not sure how it is for you, but for me in order for them to get a database (initialize) it only happens once they run /setup

Datalix sales are so goated.
64 gb of ddr4 ram, 500gb disk, 8 cores xeon cpu, 30 dollars only

i might start doing this

you are full of ideas man

hahahahhaha dude, most of the things are done because i struggled with X

so I went with Y 😂

it's all experiments in my book LOL

i feel like a /start command is warrented in some way, would be quite optimized

experience matters haha

yeah, pretty helpful, though one bottleneck I'm trying to solve is after they run setup they would need to refresh the dashboard, as there's no way to force reload the browser

and I don't think I will solve, it so I just put it in a embedd lol

what's your current flow?

if you don't mind sharing

nothing really, it just joins, and instantly sets itself up and begins collecting

pretty lame now that

i think about it

hmm, I mean

it's not bad lol

if it can instantly collect lol, its just a personal preference, i had to do it because i have to define a channel for tickets, a role which is support and a log channel

i think, along with a /setup command, it may be a good idea to have the bot automatically leave if the setup command has not been run OR there's no data.

and that ends up setting up the actual guild_config and from there each table is populated.

you can automatically force that via DB

i'd lose a huge chunk of my server count yes, but i'd give more REAL servers an option to join

I need a team! please recruit me

So ye my case is /setup sets up guild_config, so I can do if there's no data inside or tickets I can just delete the db and it goes out

not sure if i make sense tbf

✅

yep true

32TB?

also nothing lame about your bot/dashboard remember that, people do different things because of different experience lol

Why does not my bot server statistics go up? Even if it is in multiple servers?

i think you need to send a request for it via the api

Interesting, do you know how to do it?

check the docs lad

I’ve been reading and reading 🤣 I’ll look for the docs, cheers

what exactly confuses you :p

Its not that confusing, its just that I cant seem to find anything im actually looking for

Wait I think I found it
Found it

Curious. Apologize if I missed it somewhere. Is there a queue listing to see where your submission is?

nope

eh seems to work im happy

poggiess

❤️

Worked on a new update

my search continues

does anyone know any public skimming js datasets? They must contain the raw injected js.

It's for machine learning

I feel like the import commands prompt should have some kind of description of how to do it more obviously for instance doing it like this if you wanted to do it only once with discord.py:```py
import discord
import json

client = discord.Client(intents=discord.Intents.default())

@client.event
async def on_ready():
print(json.dumps(await client.http.get_global_commands(client.application.id)))
await client.close()

client.run(DISCORD_TOKEN)```

The JSON payload you send to discord it is 🤷‍♂️

tf I just noticed netflix uses graphql

lots of big companies use graphql. meta, x, even github

we use it in our company

i despise it lol

holla

Been using it for years

Since 2019

not a fan either and in a lot of cases i find it is used without a good reason

ive used it with shopify before and their use case i can understand since they have so much data available per order/user that having a language that can granularize it really helps

i just dont like how you have to create a plaintext query first then attach variables to it to do what you want, rest for life

Can I use the v0 API with the new tokens or do I need two tokens?

new tokens work with v0

old tokens dont work with v1

Just wanted to be sure, thanks

i'm trying to find some ui components for react

but everything seems to be vibe coded

antd? material?

Shadcn

kind of want to build my own inspired by discord/and my personal style lol

That beautiful moment when people start playing with your new lil Discord bot and they somehow break it in ways you couldn't even imagine

Free rep 😎

I have done like 5 quick fixes so far

Lookup apparently failed and then went to hell

🙁

Is there a bug county channel in here to report security issues in top.gg published discord bots?

Would be nice to have that

holy please no

top.gg already has lots of volunteers for the review of bots, moderating the server, etc. you don't want to add a new task to manage a big bounty channel properly

wasting time that could be invested in something better e.g. the website

that would imply every bot owner would need to be contacted, coordinated with, etc. over some period of time - big waste of time

I mean most bots have their own support servers where you should probably report such things and if not you could probably report it to top.gg as a dangerous bot I guess

why not just report it to the support of that bot instead of disclosing it publicly in a server

if they don't have a support server, skill issue, may their bot burn when they don't care

or reach out to ntts if this is worth a video

that's sick

Modals v2

I like the profile picture lmao

rookie numbers

I love the new buttony bits.. might add that soon to mine. Haven't touched the surface of CV2 yet though, prefer to do it the traditional way

why isnt my bots pfp showing up in top.gg

If you changed it on ddevs portal you need to click "refresh data" button on top.gg

it just says the bots name in the pfp instead of the bots pfp

nvm its fixed after i changed the pfp to a different one

yo boys anyone that uses mac here?

What ftp client do yall use?

Are you guys bot or what?

yes

i am running on my Masters moltbot.

How can I learn how to build software

What kind of "software"?

build it

Gaming software and also software for harking

Idk even what "harking" is

What software can you build, if you can teach me

It really is just a matter of building things

Try and fail

Try and fail a ton until it works 🤷‍♂️

yo waffle

you use mac right?

Nope lol

well usually you start with something really basic and work ur way up

also "hacking software" is just hollywood stuff, most hacking is done either by phishing or physically obtaining the credentials

relevant xkcd btw

filezilla?

Personally use cyber duck

WinSCP

i love scp

secure contain protect

damn i got flashbacks to 2006s lol

apparently chatgpt predicted me as being over 18, nice

although i imagine my conversations were processed with the involvement of palantir which is great

nah it would have just done it based on tracking from other products

it uses a few different methods

🔥

did u rob a protogen's snack stash?

speak to my lawyer

see this is why prices are so high

its all this guys fault

Some of those look janked up

they are used

wtf

<!DOCTYPE html>
<html lang="">
  <head>
    <meta charset="utf-8">
    <title>test</title>
  </head>
  <body id="hi">
  </body>
  <script>
    hi.innerHTML = 'test'
  </script>
</html>

i never knew this was possible

i thought getElementById/similar was required

I guess when doing it inline it’s possible but in js files that you import into it you’ll need to use those methods to get the element

nope

also works with external js

Really?

yep

Interesting

wow

mind blowing

🔥🔥 https://github.com/rust-lang/rust/pull/141295

ngl at first i thought it was vapes

https://github.com/0x7d8/trunk-test

decided to play around with wasm today, nothing all too fancy

Someone can help me xd? I haven't finished the project yet, but this part was supposed to be working, but it's not. What's strange is that no errors are showing up in my log.

https://github.com/DurkzPRG/Notes-Bot

I can't figure out wtf is happening

Nvm, I think God sent me a vision of what I did wrong.

™

await?

no same, now i got 2 warnings

the fix is, instead of importing mysql2/promise, i import just mysql2 and put .promise() at the end of create pool

weird

seems like a vscode ts issue

It probably is failing to recognize it's a Promise

have you tried restarting vscode

*webstorm. it's recognizing it as a promise, and promise gone when i put await. the built in docs also says getConnection(): Promise<PoolConnection> but idk something is saying that getConnection() is void. this issue has existed since days ago when i started (ofc multiple restarts)

huh

idk im not that advanced with typings like this

Well its not typed as an async function/method so you can't really await it

is this the one from the mysql2/promise package?

looking from the path, seems like no, and also there's no way i can change it to specific package because it's baked into their typings, unless i cast it which is, nono

hm

what happens if you use pool from mysql2/promise? Does that not change the typing of getConnection?

Ah

I see the issue

It uses one typings no matter what mysql/whatever you use

it's typed to be non-promise so even when using mysql/promise getConnection will be typed as void and not Promise<void> or whatever it normally is typed as

It's an issue with their typings, for whatever reason they don't generate .d.ts files alongside the outputted js files

yeahh that seems like it, but their docs says this https://sidorares.github.io/node-mysql2/docs/examples/connections/create-pool#createpoolconnectionuri
so i guess they don't test it(?)

It's likely autogenerated

It takes the ts/js signature and outputs what it thinks it should be

💀

It knows /promise returns a promise

so in js it's valid

but in ts their typings don't give a fuck

it just gives you a non-promise typing

you can fix it by setting a global typing for it

overriding the default

or by just making a pull request

eh too much, i'll just stick to .promise()

erm

wtf

Did I read this wrong

or

is their fucking Pool just a promise pool anyways

SO what the fuck is the point of /promise

oh yeah that's the method for .promise, it converts from Pool to PromisePool

the main issue is here

it should be :PromisePool

yeah

this is so fucking weird

😭 😭 😭

their code has to be this way cause of technical debt or something

like they made this pre-promises or something

or without promises in mind

and was like fuck it lets throw in promises

but didn't want to do a massive rewrite

xDD

you guys should open an issue or a pull request for it

free github points

Yeah and cry because trying to add proper async/await support with typescript typings into that codebase would be the equivalent of downing an entire bottle of tequila

not fun at all

plus I don't even like mysql

though I have heard that @planetscale/database is a better alternative to mysql2

due to it being promise oriented and typescript first

I think it was meant to be used with their own hosted dbs but from what I can tell it works on any mysql database hosted anywhere

It's...also 2 years old nvm

make a newer version of it

interesting

yeah i wouldn't want to use that until i was forced to by the assignment

ohh

wait

taki

mariadb is just a superset of mysql and will connect just the same

use a mariadb wrapper

im afraid they'll somehow use another engine on the mysql

wdym

debatable

meanwhile my assignments: mongodb 🤪

i mean it can be other than mariadb, no?

you're just using it to connect, the sql is the same

idk about mysql much

mariadb uses the same protocols and sql syntax as mysql

so https://npmjs.com/package/mariadb will function similar to the mysql2 package you're using now

It's an adapter/wrapper for mariadb/mysql

i better ask the lecturer if i can use mariadb client or not

uhm aaron i don't think it's worth migrating when he's this deep on the project right now

Wouldn't take much

especially if they have a centralized file for exporting the pool/connection

since the method names are the same between mariadb and mysql2

mariadb is just typed better and promise based

also you aren't using a mariadb client, you're just using the maraidb package to interface with the mysql database

since the package also works for mysql databases

Up to you though just throwing out a recommendation

It'd be easier to develop with since it natively supports the async/await syntax without some .promise()

Unless your assignment specifically requires mysql2 (yuck hate when professors do that)

but yeah i agree if he has enough time for it and his lecturer allows him to do so

Eh it would take 2s

unless they don't export a global connection

💀

(and his lecturer allows him)

export const pool = whatever

Yeah

I hate when professors limit your freedom

ithink what should matter most is the outcome not how you got there

depends

limiting your db library doesnt make sense

yeah i was already thinking about using mariadb client before, but i'm just afraid i will not get a perfect score just because they don't know if mysql is just a wrapper of mariadb. i just asked it and waiting for the response

limiting lang / limiting library use in general is ok

I mean, unless there is a very valid reason to limit something then it makes no sense

that's basically telling you not to use knowledge you learned outside of class

my prof was thankfully very forgiving when I used railway over the given options of heroku or render there's no way i am paying a hosting service just for a homework 💀

If you're able to well document and articulate your reasoning for using it

Ifeel it should be fine

"ai told me to"

but yeah takiyo is better safe than sorry by asking his lecturer

I mean for sure always do that

then the lecturer goes and asks ai

Iwas just throwing out a recommendation 😭

(thats what mine does)

I use AI for frontend

Im not afraid toadmit it

but tbh i am sure you will get a perfect score regardless 😄 i believe in you! 🤞

I definitely could of made this myself but fuck it we ball, I dont have time

my lecturer was talking about his password manager, someone asked him wht password manager it was then went "oh yeah thats a really good question" then sat down, asked ai and replied

is this why the average react site has gotten slower

I haven't tested my speed of the site or whatever

lmao this is funny

but it actually responds relatively fast

so far none of my profs have openly used AI in lectures

they allow students to use AI for assistance or learning but that's about it

my old compsci teacher used to generate questions with AI because he was "too busy"

I still want bun to absolutely rail my product before I fully launch it

all of our assessments with this lectuerer are marked as no ai, but he will sit there and generate loads of pictures and the assessment brief using AI

and you pay that school ?

this is university so yes

I feel bad for you

You're paying for something you could of gotten for 20$ a month

here every student had to also include an "AI declaration" form that documents how they used AI in their assessments transparently

it also had to be signed by the student

rip

i mean it's good that they embrace the students' transparency

@knotty night boop

the bot will be vibe coded

vibecoded to your specific needs

Specializing in building Discord bots sounds lame

ikr

@placid pike please dont advertise

why is hetzner so goated

cuz its german

Germans are pretty much superior when it comes to hosting I guess

this

and regulations

and german norm culture in general

I wish I were German

until u want to start a business yourself here

you get shot to death even after ur dead

yeah

nah you dont wanna

Anything is better than being Polish

update: ok i can use any dependency as long as it works

time to use mariadb

Polska gurom

awesomee!!!

why mariadb when you can use mariacarey

you get a free christmas song

time to cool some peltiers

mysql>mariadb>postgresql

ragebait trap has been set

mongodb>mysql>mariadb>postgresql

better ragebait trap has been set

Wym ragebait

That's true

mariahcareysql>sqlite>json>discordfs>postgres>mariadb>mysql

PSA :

A new scam is around where companies you apply to tell you to review their repo / run locally in the background some malware is getting executed.

How's this look chat

Not bad

W

The only thing I don't like is that these badges, such as “enabled” or “active” are so close to the text above them

Oh yeah

That is urking me too I just realized

it looks pretty good! i share nynu's thoughts as well 😄

good job aaron!

Is that better or still too close?

It's definitely better for me

W

same

I still haven't done any of the embedded components yet so Balance, payouts and recent payments are placeholders

Everything's coming along pretty well though

good job!

The icon radius for the left hand icon doesn't match the height taken up by the badge and text and looks a tiny bit odd to me, but that is being very nit picky

Wait I dont see what you mean by the radius thing

It's hard to show on mobile, and also it may be a small perspective issue, the height taken up by like the house icon vs the height taken up by the badge and text

Ah yeah I see

hm

I am not sure how to really fix that without it messing with the text next to it

are you using tailwind?

or just normal css?

using tailwind

it's a small thing so you don't have to fix it at all if you don't want to, but if you put it in https://play.tailwindcss.com/ I can fix it

I will worry about this later ahah

It's a minor detail

I'd rather focus on getting everything at least visible before fine tuning

Not to mention a lot of the frontend is made with claude's help so there's definitely going to be a lot of fine tuning and modification as all I care about rn is at least getting data visible, and actions functionable

Seller dashboard done

yo this is fire

really

thank you Waffle

It absolutely breaks on small screens cause of the inner css of the stripe embedded components

but that's a tradeoff for useability for now.

v2 will have most of that become custom except for account management

this looks great

Thanks!

believe it or not claude helped a lot lol.

I just made some tweaks to match what I thought looked good

Perfectly alright especially if it keeps you motivated

Frontend can be draining

Yeah UI is not my strong suite so anything that helps me push the product forward ima take

I tried not using claude for frontend and I saw my productivity slowing down

I was too worried about making it look perfect, ima just fine tune shit later if I see the need

claude also has been doing a good job of keeping my theme intact

Since it's able to read context from other pages.

do u guys like my dashboard?

Nah

too cheap

19.99

you forgot a couple zeros

but yes

its tuff

Admin dashboard!

looks dope

maybe just a bit of spacing between the text and number or increase the size as there's so much gap

not sure if you are interested in feedback 😛 but i'll shoot it out

or re-order it so icon is on right side something like this

Ah yeah, there is a rather large gap, I plan on fine tuning things later so I definitely will take your feedback into consideration!

Here's the current progress of another page which is the /admin/[id] page that gives org specific info

hell yes

btw my reccomendation if you are interested look into lucide

icons

are you using a UI library? it looks snazzy