Hacker News new | comments | show | ask | jobs | submit login
Show HN: Turn a source image into an animated party emoji (github.com)
63 points by scotchfield 11 months ago | hide | past | web | favorite | 28 comments

Idea recreated using CSS animations:


Thanks! Definitely using this in my current project. Sorry to my users in advance.

For some reason it's just black on black in Vivaldi. I had to change the background-color to something else to see the emoji.

Could you make one that shakes like in the gif in the OP README?

so good!

I believe computer science is a solved field now!


Uses node? What. the. fuck.

This could be done with imagemagick in 4 lines of shell script.

Yeah. Gravislizard had a good thread on this and how it's intimidating to beginners because everything has to scale regardless of if it's just a one-shot project or an actual business: https://twitter.com/gravislizard/status/954262779304722432

.. & then they go on about how Game Maker doesn't "scale"

I'm a fan of stream of consciousness, but that rant kind of just falls into a bunch of whining

I started with Game Maker 5.3, threw together a maze game the same day, proceeded to fiddle around with GM for three years, learning from the manual. Thankfully I was offline so I didn't have the internet's shoulder to cry on

> .. & then they go on about how Game Maker doesn't "scale"

Do they? I didn't see them write anything about GM scaling. They did write about how other people seem to have success with Game Maker, but they have a problem using it because they find some things difficult to understand. But that has nothing at all to how Game Maker scales.

Post the script? I'm curious how one would do this. Something like:

    for i in $(seq 0 9); do
        # Offset by (cos 2pi*i/9, sin 2pi*i/9) and expand the canvas somehow
        convert "$1" ... frame-$i.gif
    convert frame-*.gif -delay 1 -loop 0 final.gif
    rm frame-*.gif

tbh I am more likely to have node installed than imagemagick nowadays

I think you'd be surprised. You probably have imagemagick installed if you're on a Linux system or use brew. A surprisingly amount of tools depend on it. It's like saying "I probably don't have ffmpeg/libav installed." You probably have like 5 copies of it installed.

> You probably have like 5 copies of it installed.

Did people stop using package managers while I wasn't looking? :-)

I believe that this project would also run in the browser (via browserify). Do Imagemagick and your shell work in wasm yet?

Use imagemagick? What. the. fuck.

This could be done in node, which almost everyone already has installed, and whose dependencies aren’t a pain in the ass to get installed and running.

Also node is memory-safe and Imagemagick isn't. Somewhat surprisingly to me, the two dependencies (get-pixels for reading and gif-encoder for writing) are both written in pure JS, meaning that using this solution is vastly more responsible than using Imagemagick, if you're handing it untrusted input images.

How is ImageMagick not memory-safe? An attacker could only do damage if they discovered a very bad bug in ImageMagick, but such a bug could also be discovered in Node.

Such very bad bugs get discovered regularly in Imagemagick. The most recent one is from earlier this month: https://github.com/ImageMagick/ImageMagick/issues/927 and over 200 were found in 2017: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=imagemagick (Of those, a bit under 100 were memory leaks, but the rest are things like buffer overflows.)

Meanwhile, bugs that allow malformed input to trustworthy code in JavaScript to subvert or escape the JavaScript interpreter - or the equivalent bugs in Python, Ruby, Perl, etc. - are extremely rare. Of the bugs in 2017 in V8, Node's JavaScript interpreter, every single one of them requires specific malicious Javascript: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=v8

It is very easy for a good programmer to accidentally write honest C code that has memory safety bugs that allow an attacker to take over your computer by sending it specially-crafted input. It is very hard for a good programmer to even intentionally write underhanded JS/Python/Ruby/Perl/etc. code that introduces one of these bugs without looking like it's trying to introduce one of them, let alone do so by accident.

Of the security bugs in V8 from 2017 http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=v8, it looks like exactly one of them could be (and was) tripped by honest code, instead of code trying to subvert the interpreter: https://crbug.com/744584 and if I'm reading it right, it's not even data-dependent. Either the code has the bug or it's not.

There have been ImageMagick security bugs in the past, but it is an active project/community and they do get patched.

I'd prefer using ImageMagick for something like this, but it's all about tradeoffs and what you're looking to do. There could be memory/security bugs in the future. There are also performance trade-offs if you created a microservice for this function in rmagic/ruby vs node (and you should do both and test them, because you might be surprised which one is actually faster).

I agree it's best to use the right tool for the task, and there are valid reasons for using both in this case. I'd personally probably take the ruby/rmagick/ImageMagick approach myself in a container, but that's not to say that's the best approach.

> which almost everyone already has installed, and

Nope. Sorry to disappoint but I refuse to touch node with a barge-pole. Also 90% of the systems I deal with also don't have it installed.

> whose dependencies aren’t a pain in the ass to get installed and running.

pacman -S imagemagick

sudo apt-get install imagemagick

Wow, you're right that was an utter nightmare.

pacman -S nodejs npm

Why won't you touch node? It's a super handy scripting language.

I already have bash, mksh, awk, sed, vi's programming language, perl, python, C, Erlang, SBCL Lisp, and GUILE Scheme if I want a "super handy scripting language". Node is extremely bulky and things written in it tend not to be well-written. Not to mention that npm is inherently insecure: https://news.ycombinator.com/item?id=16195875

That's a problem, since you're gonna have to install this functionality on 100% of your systems!

> whose dependencies aren’t a pain in the ass to get installed and running

Well, now maybe. I have been able to reliably install stuff with yarn or even npm lately. A year ago though, whenever I saw a node project, I'd try to npm install it and it'd fail 60% of the time.

When you do install something, dear god all the dependencies! So many dependencies! What do all of them do? I have no idea, but they're needed in this boilerplate to get this electron app running.

I've found support in the node community to be pretty non-existent as well. It's easier to find elixir documentation than to get help with node apps. I've been stuck on this electron/vue.js issue forever and have gotten no help, and I've tried Gitter, Stackoverflow, Atom's issue tracker and IRC:



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact