Yeah, DNS protection

I don't know what dns is either

I'll pretend I know what that means

Lol

:o

No way

That's insane

No way

there were a lot fewer internet devices back then

True

But that still had to be a lot

bruh how to rewrite git history

rebase is generally the way

basically i have a branch and i need to rename the first commit

Or you can screw it up with git push -u origin <branch> --force (don't do this)

so do that?

maybe don't tell me what not to do 😂

that doesn't do anything until you actually rebase changes

oh good

and yes, you have to force push if you change history

can't push 2 incompatible histories after all, that makes no sense

https://github.com/G33kDude/CloudAHK/pull/2

i have this

and need to rename that first commit

like uhm

i hate it

but is there a way to change just that one and not the others?

Looks fine tbh

meh this should just be squash merged

yeah, I wouldn't bother for that, maybe just as an experiment

joe ded

the blurple destroyed him

Word of advice: If you're gonna screw with git, screw it up on your own repo first

other word of advice: I don't care with this repo since I already screwed up twice

lol

i'm writig my thing uo

the diagram

joe + devops + writing = essay that makes you smarter

that's roughly what a request to our infra looks like

open original to zoom in

That's a lot

Oh

Traefik is like Traffic

so, Traefik is running of one of Node A, B or C

Linode is a VPS service like DigitalOcean

so if the request gets forwarded to Node A and Traefik runs on Node B then we need to call Node B to perform the request

Calico creates a network link between all three hosts, it's a mesh network

so node A can talk to B and C, B to A and C and so on etc etc

PyDis has so much going on in the background, it's pretty cool

so that services on node A can talk to services on node B as if they were on the same machien

think like accessing an IP over your local network

traefik is used to forward each incoming request to the correct service

That logo for it is amazing

we don't want to create several IPs for each service, like paste, site, grafana, etc.

we want one load balancer under which all our services can be hit

so traefik looks at incoming requests and maintains a phone book of where each record should go

soooo

one sec

which it does based on the host header!

right?

sometimes

but

it actually is smart!!!

and figures it out before the host header

so okay, let's digress into TLS for a second

imagine you have one server and run services for foo.com and bar.com

when I request foo.com over TLS, how does the server know to send me the foo.com certificate?

The domain?

we've not got a HTTP connection open yet, so no headers have been transferred

so that Host header that @vapid nymph mentions doesn't work

(Host usually contains pythondiscord.com)

the server needs to present the right certificate for the domain before the HTTP transaction has started

and it's thanks to a nifty little thing called SNI that it works

(but can contain the subdomain as well right?)

SNI, or Server Name Indicator, is a component of a TLS ClientHello message (you opening a connection to the server)

yes

hahaha

alright

so

TLS is transport layer security

when you access a website over HTTPS, you are using TLS

certificate is SSL which verifies that you are indeed yourself

certificate is TLS, not SSL hopefully hahaha

😂

Have I visited this site before today? Yes, 11,393 times

Hypertext Transfer Protocol Secure

so, TLS just encrypts connections between you and a server, yeah?

i'm gonna skip over SNI and revisit that in a second

so, a certificate is used to verify that the server you are talking to is indeed a server

for example, I have the certificates for pythondiscord.com meaning that when I serve pythondiscord.com your browser can verify I am the one authorised to do so

certificates are signed by trusted authorities which are hardcoded into your browser, so your browser knows which certificates to trust

think of it like a college diploma, but the college is a certificate authority and instead of your name it's the domain

fuck tls

here are the certs for pythondiscord.com

SSL is an old version of TLS

secure socket layer

SSL is deprecated and not accepted

anyway, so now we've covered what TLS is, how it ties into HTTPS and how certificates work, right?

so, let's take a brief look at SNI

we host all our domains off a single server, meaning that we serve a different certificate for every web property, e.g. paste.pythondiscord.com, pythondiscord.com, stats.pythondiscord.com

when you open a connection to those, the server needs to know which certificate you want before it can open a TLS tunnel

so, to do that a little bit of data goes in your TLS hello, it's called an SNI

subject name indicator

or server name indication

whatever

so, that is a little bit of data before the TLS connection is encrypted that lets the server pull the right certificate out and send it

that means that you can serve multiple web properties with different domains off the same server

yeah, this is the step where it opens the connection to the server

but tell me, do you see any security flaws with SNI?

don't even get into cnames yet

yeah it doesn't have to match the tls

nope

the flaw is that SNI is sent unencrypted

before the TLS happens

hahah

yeah, so the problem is

people often say that HTTPS means people can't see which domains you are looking at, just the IPs

but due to SNI they very much can see the exact domain, in fact ISPs do collect that and in places like China they use SNI in the Great Firewall to block off it

and now we're kind of brought up to date, because things are changing right now

yep yep yeep!

SNI is being phased out, in favour of ECH, ECH stands for Encrypted Client Hello, and to sum it up briefly that means that the TLS connection from finish to end, there is no exposure of SNI or other information

how hard would it be to handroll TLS in an insecure way

ECH works off keys stored in the DNS, and in fact pythondiscord.com is already compatible with ESNI!! (which is the stage before ECH where the SNI was encrypted)

implement instead of using a library

we'll probably be ready to go with ECH as soon as it enters general use

as with everything that even remotely touches security, you should never ever write your own

hm, what about with cloudfare warp. Do you know if they do anything to block your ip at all?

well, right now the clienthello is unencrypted

so the SNI is exposed, becausse the SNI is in the clienthello

ECH will use encryption for that step meaning that you can't have SNI and other information exposed

the connection will basically be encrypted from step 1

well. Support the people who already do it.

Don't do security as a side gig.

Either go all in or not, but don't work on it in your spare time

pretty much

yes, cloudflare warp will hide your SNI because it's a VPN, though since ECH is not in production the SNI from Cloudflare --> end site will probably still be unencrypted

it is impossible to write it correctly on the first try, you need peers and some auditing stuff to ensure it is at least usable

I'm going to hop for dinner, but lmk if you've got any questions on #ot1-perplexing-regexing message or around the stuff above 🙂

actually no

just partially hides it

it will fully hide it from you to your ISP

after cloudflare it's unclear

if i go to duckduckgo.com with a search asking what my ip is, its 8.6.1.4

yes

or whatever

yep

if i go to a different site its not

yeah

its my actual ip

that's... probably a kept alive conn or something

i think its if they're on the cloudflare network they get the actual ip

warp should not expose your legit IP

if they aren't they don't

it does

I haven't heard of that, I don't think it does

and it wasn't a keep alive

since it was a new thing

a site i never had been to

I'll look into this after dinner, might call on a CF friend

sheet joe knows everyone

to be clear, warp. Not warp+

lol

cf are great

joe you are really active today lol

hahahahaha

im in awe

balancing it out for @harsh tundra

lmao

lol

Lol

noice that's a good list

i've finished lol

if joe is gonna answer all these I'm all ears too.

hmmm

tempted to do them in voice

nah we'll do them in text

1. some shit to do with IP's and servers and stuff. That answer it?

yeah 1 is simple.

give joe time

Why is there a Discord Server for a snake????

How does a DNS Lookup work?
So, DNS is a question-answer protocol for resolving domain names into records, most usually A records which signify an IP. First your query starts at 1 of the 13 root name servers, if you ask for paste.pythondiscord.com first you go to the root servers and ask "which nameserver handles com lookups?", the root server then replies with the com nameserver, then you go to the com nameserver and ask "which nameserver handles pythondiscord.com?", which in our case is Cloudflare. Next you hit the Cloudflare nameserver and ask "where can I find paste.pythondiscord.com" and that's where you get an IP which you then use to visit. Most of this is totally abstracted away, if you use a public resolver like 1.1.1.1 or 8.8.8.8 then you only do one query and then the resolver does all the hops for you BUT! there is a neat tool at https://dns-lookup.jvns.ca/trace.html#pythondiscord.com which will actually take you through the whole request process. DNS queries are made up of questions (I want this domain), answers (here is this domains IP) and additional (I don't have this domain, but ask here, they might!)

What do you mean? Python is a snake. Why do you need a Discord Server for that?

I'm joking. I know Python

But I don't know how to work with it.

I don't know how it works?

What does Cloudfare do...? It has a cache of some sorts by looking at the diagram.
Cloudflare provides a cache/ddos/optimisation platform which brings your servers closer to your users. When you visit pythondiscord.com you're directed to an IP which is geographically close to you (see which one at https://pythondiscord.com/cdn-cgi/trace, the colo field is the name of the nearest airport to the datacenter you hit, I hit MAN which is Manchester). Cloudflare then delivers the request to the origin IP, so in our case the Linode load balancer. It also mitigates DDoS traffic to prevent it from hitting Linode and applies caching so that if you visit pythondiscord.com you might get a cached version of the page served from a geographically closer server, instead of having to head to frankfurt. https://www.cloudflare.com/en-gb/learning/what-is-cloudflare/ has some good details.

nameserver is any server that handles DNS queries. so the Cloudflare nameserver answers for Cloudflare domains like pythondiscord.com, the com nameserver answers for com domains and so on.

What is the purpose of this CF cache?
Brings content delivered closer to you. If I hit pythondiscord.com the edge server which is close to you will store it for a few hours, if anyone else hits it it will deliver that content instead of trekking to the origin.

what if content changes? how does that work?

How does a load balancer actually know which node has low traffic?
It's as simple as saying "okay there are 5 open connections to this node and 3 to the other, so I'll forward it to the other". Load balancers are smart! There are various methods as well as just congestion such as round robin which does A, B, C, A, B, C and so on and also just pure random.

that is obvious but i mean how did cache server findout that data has changed.

yeah but joe said its hours

that's why the content has a time-to-live, generally for static resources hours is fine because taking a few hours is fine. Cloudflare allow you to empty the cache upon request as well if you need to reset cache quickly.

cloudflare has a toggle called development mode which turns the cache off temporarily

ah i see. makes sense.

there are smarter ways such as cachebusters which is where you can update the URL fetched everytime you build a new one, therefore resetting cache

so I might have ```html
<script src="/myscript?v=a34f23ad"></script>

so then that file + hash gets stored

yeah i think builds in react do same.

then when I change the script I change the hash ad the cache resets

yep, they do 🙂

yass. talk with us moooore ❤️

they put this long hash at the end to handle cashing

So Traefik runs on a single node and then forwards the request?
Yep, Traefik right now runs on one of our nodes, picked randomly when we schedule the deployment, eventually I might set up Traefik on every node so each node can answer queries.

yep, they can run on any node

[So Traefik runs on a single node and then forwards the request?] To where?
To the service running, so I might tell Traefik to forward pythondiscord.com requests to our internal service called site. Traefik is the border between the internet and our internal services.

yep

a bit of a simplified explanation on this: I could run django on port 3000 and then tell traefik to fetch from port 3000. In production we not only use different ports but every service gets an IP in the 10.0. 0.0/8 private range to be accessed over.

so 10.10.2.3 might be Python Discord site, and Traefik forwards there (actually over DNS! we run a DNS server in the cluster to resolve domains like site.default.svc.cluster.local to their in-cluster IP, meaning we don't have to hardcode IPs anywhere)

Does each service run on a different node?
Yes, when we create a deployment of a pod/container Kubernetes finds a node that can host that service (we tell kubernetes a rough estimate of how many resources it needs).

.bm 841383256938250310

it's the exact same as the public internet, but inside our cluster, instead of resolving pythondiscord.com to a public IP we're resolving an internal domain to an internal IP

each service gets an IP so since we can run a DNS server each service can get it's own domain record as well

the domains are in the format {service}.{namespace}.svc.cluster.local and can be accessed from any pod on any node

yes, a pod is a single deployment within a cluster

so python discord site, hastebin, stats, even traefik, are all pods

What is mTLS?
mTLS stands for mutual TLS. Think about how regular TLS works where the server presents a certificate and the client verifies that it's legitimate. mTLS extends on this by not only having the server show a certificate but the client as well, so the server goes "I am pythondiscord.com, here is my certificate" and the client goes "I am Cloudflare, here is my certificate". We've preloaded the Cloudflare certificate so we can verify it very easily. It's effectively a form of authentication.

Where else can the request to Traefik come from apart from CF?
Other than when we're debugging stuff, nowhere. mTLS locks it down so that only Cloudflare or myself can ever reach Traefik and trigger a request.

How does Traefik apply the middleware, isn't that Django's job?
Django has middleware, but a different type of middleware. Some examples of the middleware we do at Traefik's side is things like redirecting git.pydis.com to our github page, verifying that a user has passed through Cloudflare Access and a few other things like applying security headers. We use them since we can apply configuration to web properties very easily.

Django middleware is Django specific, Traefik middleware can run across all ingressing web traffic is the TL;DR

What is meant by "proxied service"
The service we're communicating with, so the django site/hastebin/public stats in the pod is the proxied service, Traefik and Cloudflare are proxies and you are the client.

any reliable source to read more about this? also i mean server has it all stored right? or servers follow some automated task to generate new time by time. or is it done manually?

https://developers.cloudflare.com/cloudflare-one/identity/devices/mutual-tls-authentication

the blurb bit there goes into a bit

https://wott.io/blog/tutorials/2019/09/09/what-is-mtls is also good

makes sense. but again, the certificates, they get auto generated?

on server side

the certificates for pythondiscord.com are auto-generated, yeah

Traefik generates wildcard certs for *.pythondiscord.com

as for the client cert, Cloudflare provides one which we import

.bm 841386502134300734

ah i see so it's basically user dependent. some may be doing manually too.

.bm 841386789716492298

yep, you can manually do it, but LetsEncrypt uses short expiry times to encourage automation of certificate renewal

Why can't you just do pythondiscord.com/paste instead of paste.pythondiscord.com
If we wanted to, we probably could, it's just easier for users to use subdomains as opposed to paths under our root domain, and it's easier to configure subdomains as well.

if you have some understanding of docker and want to get more into CI/CD/DevOps then yes

ECH works off what "keys stored in the DNS"?
ECH is switching to a record type called HTTPS instead of using A records. In this HTTPS record type there is not only an IP but a public key. When the client connects to the server it can encrypt that first payload with the public key it found in the DNS, meaing that the whole transaction is encrypted.

so you'll lookup the HTTPS record of pythondiscord.com, get back an IPv4, an IPv6 and a public key in addition

yes 🙂

What does ESNI have that SNI doesn't?
It's encrypted 😄. ESNI was an implementation before ECH which looked up the TXT (text) record on a domain located at _esni.pythondiscord.com or similar.

Once it had the value of this domain it did the exact same as the HTTPS record key and encrypted just the SNI field in the ClientHello (as opposed to ECH which encrypts the whole packet).

so, here is a regular TLS handshake

you can see SNI is before encryption begins in that ClientHello

yep

okay so

then this is ESNI

wait

no

this is ESNI

you can see the ClientHello is still unencrypted, but the SNI is

and then here is ECH

the implementation of ECH is a bit different from what you'd expect, because it's trying to maintain back compatibility with routers

but that ClientHello inner where sensitive information is located is encrypted using that key in the HTTPS record

What is CF "warp"?
https://blog.cloudflare.com/1111-warp-better-vpn/

WARP is Cloudflare's take on a VPN, built from the ground up and encrypts all payloads to the Cloudflare Edge

lol

you're welcome

let me know if anyone has further questions, questions about my answers are also happy to be answered, it's fun stuff 🙂

thanks a lot joe.!

no problem 🙂

Joe why my server slow

not enough golang

more like too much LOL

not enough sharding

sharding is the secret ingredient in the web scale sauce

too much state

where has my bloblul gone

lol

very context dependent

basically, you get a pane of glass

lmfao

and you hit it with a hammer

and you get these shards of glass that you then throw at your servers

until they work

well, as an abstraction, say I have 1,000 requests coming in per second, sharding would be directing these requests to several instances of a service to prevent a single instance being overloaded

a goodish example is Discord, where when you reach a certain number of servers they make you run multiple connections to the websocket and then split up different servers into different socket connnections

hahahaha

enjoyy

ah yes latency

lol

I swear that postman's added latency though is poop

Like postman reads 800

then you do the same from the browser

and get 200ms

latency moment

this is why we use curl

cURL to be powered by rust™️

soon we'll call it rURL

lmfao

this is the only problem with our setup

is when it's not being used

it goes quite cold n slow

which for development is fine and all but it makes bench testing a nightmare

rock solid

17

hahaah

wait @bleak lintel What month were you born?

aug

Am the elder

I feel old with so many teens here in chat. it reminds me I'm no longer a teen :c

lul

I miss my high school days :c

when u realize ur becoming a boomer

I'm not that old

but I don't even remember I'm 25 unless I think... or see people here .-.

you decide what to do with this

? Is this meant to ridicule the user?

.

no

then what are you trying to say?

that it's funny he said he was a dev but didn't know what the err was

so... yes to making fun of the user then?

idek

let's not make fun of people for not knowing stuff, okay?

yeah, my b

@bleak lintelcf update?

hmmm

the update was

that shouldn't happen

lol

and to open a post on https://community.cloudflare.com/ if it does

so basically cloudflare warp is a vpn.

yes

in your own opinion from what you were told, comparable to some of the paid ones?

yes, comparable

blog post good https://blog.cloudflare.com/1111-warp-better-vpn/

welp time to make an issue

huh

on second thought

i need to check smth

how to do a tracert?

uh

with tracert LOL

gg

traces the route from you to the place

uh joe can you help me with this for a moment

it literally pings with "discard me after x steps" going from 1 to 30 (by default)
[normally this field is so that undelivered packets do not trash the connection by eventually being dropped]
this means 1st jump goes back to you with "oh, sorry, I didn't reach the end result",
then with other ping packet it passes but 2nd jump replied that it didn't deliver...
with 3rd ping it gets passed by first 2 but 3rd one replies...
and so on until you find the correct server and it correctly returns the ping, or until you hit the limit of 30 jumps

OH MY GOD LOL

i was so confused for a moment

but https://www.whatismyip.com/ gives my actual ip

tracert is so cool

wtf

how can i see my actual public ip

navigating to a bunch of sites i get 3 different ips

lol. google just showed you suggestion from its search results... which was scrapped by google bot, of course, so the ip is its XD

if you're behind NAT, then no

yeah

although i'm curious what my own device is

i'm 99% sure im not on nat

comcast

yes

actually no

NAT is the private network to one public ip thing

yea ;-;

so if you have wifi at home and can connect with multiple devices, then you're behind NAT and your router translates the stuff between private subnet it created for you and its public address

yuh

what's the tracert equal at home

ohhhh

i thought you meant the nat nat

the one where the ISP puts you on their subnet

not actually called that

so you don't have a public ip address and are part of comcast's network

internet service provider

what's the linux equal?

it's basically that for router its "public" address is in fact in another private network

and only when you go out of the ISP's NAT you have one public address with hundreds of other people

yeah

and this is why IP bans SUCK

I think I have this kind of stuff with one of my ISPs because tracert shows some private addresses at further steps... or was it only 2nd step which is still our router? I don't remember XD

wild

@bleak lintelthis is wild

what's wild

Comcast is pretty likely on a NAT

Hm maybe not actually

its not afaik

yeah likely not, moment of madness

starlink is a NAT interestingly

i go to a site

it says an ip that isn't my own

i do a no cache refresh with ctrl f5

it's from private range

and now its my own ip 73.xxxx

right but

it shouldn't be visible anywhere outside that subnet

172.16.0.0/12 is a private range

so that website is odd

yeah that's actually not my home ip

i think that ip is on the cloudflare internal network and that website probably is too which is why it happens

people can’t do anything with ur ip, right?

it is

so the 172.xxxx is a cloudflare internal ip

i think that's genius

8.6.144.188 is an outbound facing cloudflare ip

the problem is my 73.xxxxx my ip from comcast is publicly exposed to a few sites

https://ipchicken.com/ is somehow getting it

Depending on the setup you have, they can track your location. Beyond that, it's possible for an attacker to look for security holes in your system, so it's best to not share your IP if you can avoid it

How specific can they find ur location? like an address on google maps specific?

More general location, so maybe like city or area, but it highly depends on your setup

Also, it depends on where you live. If you get a general location in Antarctica, well there are only so many places with internet there

@bleak lintelso you think i should report cloudflare exposing me?

I'd open a community forum post about it

you think that's better than feedback in the app?

windows app fwiw

uhh either is good

huh

aside from not being able to choose a country

i think cloudflare warp > other vpns

oh and occasionally leaking ur ip address

it depends on how your ISP has the addresses arranged
I had dynamic IPs located at whole region, I had static public ip pointing to the ISPs office (local, city ISP), I had static ip at my high school dorm (Nicolas Copernicus University in Toruń, Poland, apparently has too many public addresses...) pointing at some university terrains... but my friend's server in one faculty had almost correct location? or was it that school servers were pointing at this faculty? I don't remember if both are correct

how does it expose you?

.

that's showing my actual ip address

even after no cache refreshes

it shows the cloudflare ip

then it shows mine

same with https://icanhazip.com/

and you're behind some cloudflare vpn?

yes

cloudflare warp

weird shit

aside from this and not being able to choose server location i would say its the best vpn lol

although I've seen weirder

some online shop started bugging the cart for me as I was browsing it and adding stuff for the future but not buying it yet

so since it was bugging and the cart's state changed from tab to tab, from url to url...

I tried clearing the cookies and stuff, but something was still off, it was still weird

so I opened an incognito tab

and it still sometimes had my cart history, sometimes part of it 😮

then I tried a different browser, on the same computer... and same shit

I don't want to know how they kept user sessions - IP based or what? but at the same time it somehow kept multiple sessions for me and switched between them?

it's a shame because after going through covid I wanted to buy some oil diffuser for mum, she loves nice smells and stuff, and this website had the best designs, tbh EDIT: checked the website and it doesn't seem bugged anymore but the design I was browsing then is sold out atm, so I won't test the sessions again, lol

Wtf lol

U must be on a NAT then

A ISP NAT

"u must be"
it was both my carts, just from different days. I often browse shops and add things but then buy after a few days

so when it showed empty cart, I went on to add the things again... but during that, it started sometimes showing my old full cart and sometimes the new partial one

Wild

I think I'm kind of lucky it's nearly impossible to get my real location by IP

Our internet comes from a different city

What the…

Angular and React use node stuff

They aren't alternatives

How about JavaScript? 😛

Geez, I hate Node.js...
Why not use JavaScript instead?

perfectly normal conversation between human beings

Imagine considering php in the current year

Sadly, that's normal

I will never learn PHP

lol

I thought php was only a thing for legacy reasons now

Are people actually considering building new stuff on php?

nope, some demonic tribes out there actually use it

PHP is used a lot cause Laravel

Abominable

Rather use spring haha

But there are now Laravel alternatives in js

Heh

For webdev my uni did JSP

And fucking tomcat

I wanted to scoop my eyes out with a spoon

JSP?

Imagine using jQuery in the modern day

Java serverpages

Oh

I don't

I don't trust stairs because they are always up to something

as can be said for just about everything in existence

I found that online

what about the sky? the clouds? buildings? your TV?

Lol

Yeah they can be too

me? my cat? this table?

Because

Stairs are "up" to something

Get it?

no

Ok i should stop with the dad joke

stairs are not special

anything can be up to anything

You don't get it

It's a dad joke

I do get it

and it's not funny

How do the celebrities stay cool all the time?

Get ready this is a dumb one

no

Because they have fans

Ok I should stop

I am the second one

same

Heheh

ok

same

\n{ is cringe

The Day of the Programmer is an international professional day that is celebrated on the 256th (hexadecimal 100th, or the 28th) day of each year (September 13 during common years and on September 12 in leap years). It is officially recognized in Russia.[1][2]

\t*

Did you know it before?

officially recognized in russia

same

It should be global

You've angered the C programmers

!mute @rough sapphire

:incoming_envelope: :ok_hand: applied mute to @rough sapphire until 2021-05-11 08:12 (59 minutes and 59 seconds).

!warn 548876479337857025 Please keep it appropriate

:incoming_envelope: :ok_hand: applied warning to @rough sapphire.

!unmute @rough sapphire

:incoming_envelope: :ok_hand: pardoned infraction mute for @rough sapphire.

That message was for the group of friends

i wake up today, open up my laptop, and one half of the space key is harder to press down and the spacebar doesn't work when pressed from the side >_<

Has anyone ever experienced anything similar, or know of some sort of solution?

Thanks in advance.

(The space key isn't "clicky" from the right side and i can feel some slight resistance, I have to "clack" it quite hard to get an input)

@raven birch Check for debris/clean it out maybe?

I know this sounds stupid, but I have no idea how to...

I've never tinkered with hardware as such, always been working with software

and I have no idea where to even begin with this laptop, other than completely dismantling it and risking breaking something

oh. laptop... cleaning the keyboard isn't going to be very easy

Most laptops don't have a straight-forward way of cleaning the keyboard

Most I can suggest is looking through manual, maybe seeing about separating the keyboard and cleaning it separately or just using compressed air or something

iirc removing the keys is not a good idea because putting them back isn't going to be trivial

https://asciinema.org/a/Ph4V7hwFkdQZYkdSm7slAwkle 🙃 this is awesome

both of them

piston-cli recording with asciinema

poggers

can you guys help me fix these corrupted .fla files

!warn @lucid moon you have just been asked to not bypass our filters using mediafire

:incoming_envelope: :ok_hand: applied warning to @lucid moon.

sad

i just wanted help

Hey

Why would one prefer XOR EAX, EAX above MOV EAX, 0

Is the xor instruction faster than mov?

as far as I know, yes

Ohh okay ty

that is pretty cool

hmm why are mentions white

this is cringe

yeah

the asciinema or piston-cli?

yes

yes

yes indeed

yo wtf the reactions look cringe too

the reactions which you give are cringe

and pings which are given to others are cringe

bruh.

Wow

imo this looks good

this looks 🥴

Rounded corners

looks weird

They were always rounded

You sure?

looks ok

Looks like bold text

YOU'RE CRINGE

they were always rounded

I CAN'T UNSEE IT

||The new logo is like a Chinese knockoff||

lol

This seems like a "designer had to justify their pay" type of deal

Because the new design doesn't seem very necessary and it doesn't look good either

mmmm new childish font

OH NO

ARE YOU SURE

old:

new:

WOAH

yep it looks like a chinese knockoff

what the ever loving fuck is that

that logo

i do not like

especially the font

explain that to me

what the fuck is this

DiSCORD

ikr

trumpet monster

Discord is a corpo now, this is what current corpo branding looks like

Idk why yall surprised

CRINGE

I mean

normal corps are not that bad

DiScord is just being really really really bad

Look at slack, linkedin, twitter, etc

They all have the same look

Oh, I don't mean that positively

https://cdn.discordapp.com/attachments/110373943822540800/837003763775701043/202104020_UA_RebrandAppStore_2020_1920x1080-1.mp4

It looks uglier than the old design

that's their new branding video

for youngins

I hate this

I hate this I hate this I hate this

we bouta get swarmed by dumb kids I was a dumb kid too but still

DiScord: ImAgine A PlaCe

"This is how it happened, this is how Discord died."

unfornately i've been working on discord bots

yeet

i gave up on dpy bots early

good for me

AnYwaYs tHis seRver shoUld probablY rebrand

they need their new fonts and ugly colors

No

PyDis colors are PyDis colors

I agree though that this seems pretty corpo

Screw Discord's rebranding

(i'm kidding don't rebrand)

(keep the 7289da alive as long as fucking possible)

You should just remake Discord

Easy

where did u get it

reddit

Can you link it?

https://www.reddit.com/r/discordapp/

the entire reddit is talking about this shit

and is this a leak or somethin?

We'll forget about it in a week or two

literally any post

Just is what it is

The new logo is ugly though

i actually doubt it

The colors are fine

I'm not even seeing it

Where is this?

at minimum one month

ur on stable give it 2 days

Like it's for some reason not updated on mine

damn

Oh right right

This logo

may 13th is their birthday

why does reddit always hate redesigns lol

@rough sapphire the most informative post https://www.reddit.com/r/discordapp/comments/n9on8q/lets_discuss_the_new_discord_branding/

oof

first the reddit redesign then spotify then discord

the blurple discord

everyone hates it

Idk i like that blueish colour

it celebrates discord's bday with blurple

Whats it called

NOT THIS YEAR

blurple new probably

Lmao

Looks good, vibrant blue

would be better if everything agreed with it

the reply accent color is different on mobile and not

THEY REMOVED WUMPUS?

surely not

nah the got rid of blurple

@plucky ridge tell me, how are we gonna forget this wumpus replacement?

If they did, UNFORGIVABLE

agree

To be fair, new Reddit is not that bad, although old Reddit is better

Heavy drinking

i have so much to say about that and nothing that i can say in a under 18 server

but why the fuck does it have teeth

goddamn that font looks shit

I'm glad you're able to restrain yourself

… Aren't you under 18?

lol

yeah so

wumpus is still here

OH MY GOD ITS BLURPLE

i think

no thats wumpus

but fwiw

Rise Wumpus, the supreme lord of blurple

they can't remove those

because legal reasons

Screw Clyde

you paid for it to have it for the entirety of your account

so those will not be going away

@wraith hound ur pfp is out of date

wrong blurple

No

I'm keeping it this way

yes

that blurple is ded

We must make Project Blurple v2

Where we protest to keep blurple

yummy DiScord

@plucky ridge due to the app icons its gonna be at least a month

because you have to see the shit every single day at sign in

and have to find it too

yeet

I don't think this will go away though

Very unfortunately

it's WHITE now???

say sike rn

its white now

oh my god

lol

My god that font is atrocious

that looks amateurish

DiScord

Fair

that looks like that special version of discord you get

PEP 8 4 LIFE

with hacks and all

DO YOU SEE THAT ICON

Uni Sans Heavy > this stupid font

Well actually

like a discord ++

if it existed

If we think about it, they're living up to their name

it would look like that

i will be telling myself that i'm not using a fucking chinese knockoff every day

Oh god

They're currently sewing discord among the masses

The icon doesnt look that bad next to the text

hahahaha

Dont bring logic into this

Ik what a discord is but what is DiScord

whats new in canary?

mmmmmm

FONT

yes

oh fk

yeah

nononononono

start here #ot1-perplexing-regexing message

yeah i got canary

Eyyy

i hate you now

OH THEY KNEW THIS WAS COMING

when they rebranded partners and verified

to the green

So if this is what you see when turning Discord back on, you know it is going to be a good afternoon, right?

I need one of those joke book written by hemlock

Like, I actually need it

someone made a new icon and put it on reddit

imo i think its really nice and we should use it

a-good-afternoon-awaits

more serious again: this sucks

It's a wonderful afternoon

quick count the mentions in that screenshit

@vapid nymph Do these look similar: #python-discussion #python-discussion

Crap

they are the same picture

were

Discord is being mean

second one is bold

oh

#python-discussion #python-discussion

Discord is being dumb

identical

Yeah

It turns it into a channel mention

And escaping it doesn't work

#python-discussion
#python-discussion

python-general

welp peace

Dont

Dont cancel your account

😏

You wouldnt

Damn

I know you wouldnt

I mean, that's the nuclear option, but I won't stop you

ur not wrong sadly

i wish microsoft had been able to buy microsoft

*discord

I think I've mentioned this before, but I doubt that that could've prevented this design change

eh

it wouldn't be as bad imo

microsoft owns both github, microsoft, and azure, and yet manages to not be reallly shiity with their design

hell, its been rumored that windows 10 is getting a makeover and few people have been complaining about it

That's a fair point

It's more about how this design change seems planned somehow

yeah

@rough sapphire although to give them the benefit of the doubt, do you like anything that's been changed so far about Dᵢscord?

About the design, not really

yuppers

pog

i am going to regret this pfp change

EMBRACE THE 7289DA TRUMPET

Oh, boy 😅

Differentiating that because there are some features added

With an arguably unnecessary caveat

i changed it to the non blurple one first and then did it

There have also been talks about Nitro users getting a higher text limit in messages, access to themes, per-server avatars, increase server cap, popout/tabbed chat windows, favorite channels & DMs.

yay!

CORE features

LOCKED

please microsoft buy discord i'll give you a lunch

are those legs of someone inside the trumpet or is that a tongue

's a tongue

both are bad

True

mmm

full width banner

https://preview.redd.it/bzrermc11fy61.png?width=5000&format=png&auto=webp&s=dd0ad8e9e65e5b02df5ffa143ccfe925125855e8

tomorrow,

apparently theyre hiring a bunch of good designers

at least mobile discord is blurple

for now

i can tell you that its changed a lot so far

Per-server avatars? Hmmmm. Could be useful in some servers but in general people are visual, so matching avvies helps me find people

If I go to Play Store, discord's logo there is already in new colour, sooooo...

On Android Alpha

Ugly

Yes

That's fair

Like I recognise people I know on WoW server's discord, or on PUG/guild servers

Even if they have a different username set there (multiple characters) or have a fun nickname set in guild server

Yeah, I think it's more of an issue about being able to do so, not about wanting to

Although I agree that people are visual

that isn't the full icon

the icon is just the orange stuff

the rest of it isn't part of the icon

Yeah ik

It's part of my phone theme

But the orange stuff is ugly

Hello

so is this the place of getting answers to permission denied errors? 👀

No?

damnit

Use a help channel #❓｜how-to-get-help

it's not really that python related that's why

Ok then you can ask here i guess

okay I'll take a try

I just installed ffmpeg then tried to play a sound

loop = AudioSegment.from_mp3(f"{cwd}\\hello.mp3")
play(loop)```
But it's showing me that I have no permission to a fully different folder and a fully different file
```PermissionError: [Errno 13] Permission denied: 'C:\\Users\\User\\AppData\\Local\\Temp\\tmpvo9y4974.wav'```

but why

whats cwd?

oh my bad

cwd = os.getcwd()

so like C:\app

it looks like it made a temporary wav file

to play

but it doesnt have access

but thats the temp folder

it should have access

I tried to run a cmd as administrator and then

cd C:\app
Python3 app.py

still don't work

hmm

I also tried to download simpleaudio

but it gave me so many errors I just couldn't handle it

im not sure why it doesnt work

i think windows is just python app.py

dont need to tell it the version number

py app.py should work if that doesn't

yeah py is not recognized, python started but it's still the permission denied error

what happens if I pull the whole folder in the Temp folder? 👀

then it can get deleted

oh nvm

can

not gonna take that risk

and if I change it, so it doesn't make the temporary file in that folder?

https://github.com/jiaaro/pydub/issues/209

essentially, bad library

isn't this gonna change the whole computer

you can change env variables only for the current shell session

but that isn't the actual problem

scroll to the very bottom and try those things

yeah that's where I got the simpleaudio solution from

you mean that by the last comment?

Yeah the problem is that I'm trying to learn these things right now, and I don't understand anything from that

What do y'all think I should spent my DigitalOcean credits on?

hm

Make a site on how bad manjaro is and host it on digital ocean

Simple

brilliant

hmm

There are already a few of those

how do symlinks affecting the working directory ?

what do you mean?

if i want to symlink a file and then i run that file, what directory did it run in

did it run in the ~./symlinkgobrr/ directory, or the ~./lol/wow/heythisiswhereimlocated/ directory

what is its cwd

well, your cwd is wherever you was

what is its

even if you are in ~/whatever/ and run ./some_folder/some_file
then your cwd is ~/whatever, not ~/whatever/some_folder/

but what is the file that is ran working directory

not my own

what does it use

if it was a python script and i got the directory what would it be

working directory is always where it's run, as I said

in python it's the same

if you have relative paths like ./my_file.json in the main.py file's location
then you have to execute it from main.py's location

so it could be in a different location and symlink to that

and it would use the directory of the symlink

let's say it's ~/my_project/main.py
and it has open(./my_file.json) in its contents

if you are in ~ and do python3 my_project/main.py then you'll get an error because cwd is where you were - ~ - and ./my_file.json doesn't exist

it's the same with symlinks, when it comes to cwd

ah okay

now.…

what happens if a program goes to edit a symlink?

that edits the original and doesn't remove the symlink, right?

the think only changes when you get the current file's location, e.g. by import module and module.__path__ - because that's for the file's real location

symlink is basically a reference
and original file is the object itself
you point to that object, changes to object don't change other references

yeet what did i do

but as for opening the symlink, you might need to check if whatever you use follows symlinks

I know that some path-searching stuff like os.walk or glob might have a parameter whether to resolve symlinks

@harsh tundrayeet pylance

do you use vsc?

nope, mainly pycharm

ah

wow

uninstall and install

needed the -U

oh wait no

lol

no this is an extension for a @polar knoll

lol

directory is wrong

because they live in a seperate repo

that's why its symlinked

found a font that has all lines equally thin

there's a cat trapped in your prompt

no one asked for it but here's a recent picture of my cat

ruining my dad's plants

and I just let her be

😳

WAIT ANOTHER UI CHANGE AAAAAAAAAAAAAH

ROUNDED CORNERS@graceful basin

sorry for reply i forgot to remove it

and now a gap

oh, nice

oh that gap is annoying

I have literally never used that window

lol

fwiw

its the same modal as emojis and channel mentions

and slash

/sucks for all of them

Our cat tried to get into tomatoes because the containers were on the windowsill he likes :D

Cat tax

little devils

is that a huge place?

In his defense, some time before there were tomatoes there, a bird was annoying him from the outside...

What place?

the one your cat is in

like an orchard or what

Ah. Those bushes are just a line of lilacs

It's just perspective

It's basically:
::::|::::::: where dots are the lilacs and line is the cat, lol. The whole tree line is like 3 meters long?

i c i c

But we have more than those lilacs

Perks of living in the countryside with family

That's from last year

He was helping us get the late/last pears :D

:o

said by a true Apple user

i use android windows and linux

Imagine using Apple /hj

never use iPhone or iOS or iMac or Mac or any of it except at school and then i hate it

That was mostly a joke because Apple people are obsessed with rounded corners

for whatever reason

nothing can truly have a corner

i'm obsessed with the fucking gap between the chatbar and the modal

WHY DOES IT EXIST

showing unflip there is ironic

oops

(╯°□°）╯︵ ┻━┻

lmao

No flipping Cypheriel ┬─┬ ノ( ゜-゜ノ)

haha

you're not my dad

pfft

well. I don't know that

maybe you are

you guys didnt see nothing

Yes I did

we did not see nothing

huh

Grammar, Aboo. Grammar.

lmao

lmao beans

i like beans :P

https://tenor.com/view/chrome-eating-ram-joey-friends-ram-abuse-greedy-chrome-gif-17554657

captain fisher!