vscode's "Unicode Highlight: Non-basic ASCII" causes the character to get highlighted.
Sadly, the more appropriate "Unicode Highlight: Invisible Characters" setting does not reveal them.
I'm not seeing anything in the protocol that stops the first human from paying for the resource and then sharing their macaroon+preimage with everyone else. Normally, I'd account for that by associating the preimage with a specific human (account) but this seems to be intended for use without accounts?
If it's just for one request, the capability ("macaroon" is just their word for a capability) could be tied to a source IP address, so that only one client can use the service.
That's the least of the problems.
The concept is that each user has a pre-purchased local store of some cryptocurrency.
For some reason, they don't actually say that.
Servers send an "invoice", with just enough info to get paid but not enough to identify what they're selling or who the seller is.
An unconditional "pay invoice" function in the example charges however much the service wants to take. Bad idea.
Automated irrevocable transactions with anonymous parties. What could possibly go wrong?
There's a lot that's not mentioned.
- The server must have a connection to the payment network, and it has to get a success reply back before the transaction can proceed. This is happening within an HTTP transaction, so there's a time limit.
- This lacks atomic transactions. If the connection is broken after the payment is sent but before it is acknowledged, the money has been transferred but nothing was returned. The client doesn't know if the payment was made. This problem is common to all payment systems, and unwinding failed transactions is a part of payment systems that get used.
It doesn't need to happen within an http transaction nor does it have to be atomic. There is a way to present proof of payment to a recipient by showing them a preimage of a hash that's received by a lightning node on payment completion
Presumably the macaroon itself contains a shortish timeout.
You can rate-limit (runes do this, which are simplified macaroons) but then the server is no longer stateless. Pretty sure I've ranted about this in HN comments before, could dig it out if you're interested?
See https://github.com/rustyrussell/runes for a simpler alternative and implementation (this has C and Python, but there's also a Rust implementation because why not?)
However, the "no db access" property has proven to be untenable in practice. Users end up wanting to see what runes are issued, blacklist them, know when they were last used, and have rate limits. The last two are a killer, requiring some state to be kept (unless your system allows you to return a modified rune to the user, which is a different workflow from normal bearer creds).
That's way better than anything I've seen. I get a 79.50$/mo quote with a $1000 deductible from Trupanion for my 2yr old dog. Which is why we've never picked it up.
The $250 deductible version is a crazy $184.55/mo.
I'm not really familiar with how much dogs cost, but it seems like large dogs just cost a lot. I just did a quote for a small 2 year old dog (Maltipoo), and got $55/month. A 2 year old cat is $38/month. (I enrolled my cats as kittens.) I expect breed in general to be a much bigger factor with dogs than cats. Veterinary costs also vary significantly based on location.
This is true. If you're an experienced cat owner in good financial health, indoor cats are generally not worth insuring.
For dogs, it ranges wildly from "not worth it at all" to "mandatory" depending on the breed, and which breeds you should purchase insurance for is pretty trivial to find information for online. In general, bulldogs and large dogs are generally worth getting insurance for, as long as you get it when they're still puppies.
I’m not clear why this recommends using required on everything - I though protobuf v3 had removed that and made everything default to 0 (or equivalent) if not present on the wire.
Thanks for the encouragement to look up lisp's numeric tower (https://en.wikipedia.org/wiki/Numerical_tower), that was interesting to compare to the languages I'm more familiar with.
We are seeing an npm install failure inside our docker builds pointing at a github URL with a SHA change. Is this possibly related?
#15 [dev-builder 4/7] RUN --mount=type=secret,id=npm,dst=/root/.npmrc npm ci
#0 4.743 npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
#0 8.119 npm WARN tarball tarball data for http2@https://github.com/node-apn/node-http2/archive/apn-2.1.4.tar.gz (sha512-ad4u4I88X9AcUgxCRW3RLnbh7xHWQ1f5HbrXa7gEy2x4Xgq+rq+auGx5I+nUDE2YYuqteGIlbxrwQXkIaYTfnQ==) seems to be corrupted. Trying again.
#0 8.164 npm ERR! code EINTEGRITY
#0 8.169 npm ERR! sha512-ad4u4I88X9AcUgxCRW3RLnbh7xHWQ1f5HbrXa7gEy2x4Xgq+rq+auGx5I+nUDE2YYuqteGIlbxrwQXkIaYTfnQ== integrity checksum failed when using sha512: wanted sha512-ad4u4I88X9AcUgxCRW3RLnbh7xHWQ1f5HbrXa7gEy2x4Xgq+rq+auGx5I+nUDE2YYuqteGIlbxrwQXkIaYTfnQ== but got sha512-GWBlkDNYgpkQElS+zGyIe1CN/XJxdEFuguLHOEGLZOIoDiH4cC9chggBwZsPK/Ls9nPikTzMuRDWfLzoGlKiRw==. (72989 bytes)
#0 8.176
#0 8.177 npm ERR! A complete log of this run can be found in:
#0 8.177 npm ERR! /root/.npm/_logs/2023-01-30T23_19_36_986Z-debug-0.log
#15 ERROR: process "/bin/sh -c npm ci" did not complete successfully: exit code: 1
This was working earlier today and the docker build/package.json haven't changed.
That's what I thought, but I assumed with the rollback an hour plus ago, it wouldn't still be happening. That was off a build just a few minutes ago (actually repeated it in between the time I posted my original message and this reply and it happened again).
Just want to second this. Still seeing an issue in our build right now that seems related.
```
Building aws-sdk-cpp[core,dynamodb,kinesis,s3]:x64-linux...
-- Downloading https://github.com/aws/aws-sdk-cpp/archive/a72b841c91bd421fb... -> aws-aws-sdk-cpp-a72b841c91bd421fbb6deb516400b51c06bc596c.tar.gz...
[DEBUG] To include the environment variables in debug output, pass --debug-env
[DEBUG] Feature flag 'binarycaching' unset
[DEBUG] Feature flag 'manifests' = off
[DEBUG] Feature flag 'compilertracking' unset
[DEBUG] Feature flag 'registries' unset
[DEBUG] Feature flag 'versions' unset
[DEBUG] 5612: popen( curl --fail -L https://github.com/aws/aws-sdk-cpp/archive/a72b841c91bd421fb... --create-dirs --output /home/*redacted*/vcpkg/downloads/aws-aws-sdk-cpp-a72b841c91bd421fbb6deb516400b51c06bc596c.ta
r.gz.5612.part 2>&1)
[DEBUG] 5612: cmd_execute_and_stream_data() returned 0 after 12643779 us
Error: Failed to download from mirror set:
File does not have the expected hash:
url : [ https://github.com/aws/aws-sdk-cpp/archive/a72b841c91bd421fb... ]
File path : [ /home/*redacted*/vcpkg/downloads/aws-aws-sdk-cpp-a72b841c91bd421fbb6deb516400b51c06bc596c.tar.gz.5612.part ]
Expected hash : [ 9b7fa80ee155fa3c15e3e86c30b75c6019dc1672df711c4f656133fe005f104e4a30f5a99f1c0a0c6dab42007b5695169cd312bd0938b272c4c7b05765ce3421 ]
Actual hash : [ 503d49a8dc04f9fb147c0786af3c7df8b71dd3f54b8712569500071ee24c720a47196f4d908d316527dd74901cb2f92f6c0893cd6b32aaf99712b27ae8a56fb2 ]
```
re: your PS - it will depend on the school district, but my daughter’s high school is significantly extending their day. They were allowed to leave this year at 225 (with an optional 7th period that went to 310). Next year, they end at 329. And she gains no benefit in the morning because they already started first period at 830.
The law does actually - you can have zero period but it can’t count towards the instructional time required for students.
It’s actually deeply annoying for my daughter’s high school. It already started 1st period at 830, but since 0 period no longer “counts”, the day is getting extended by almost an hour for all students.
This is from an email from our district earlier in the year:
The exceptions to this are zero period classes. Since zero period classes are optional and not required, these classes may begin before 8:30 AM; they just cannot be used to meet the instructional minute's requirements of 64,800 annual schoolwide instructional minutes
Do you have an example of what that looks like? The video posted above doesn't have any conversation happening in the slack channel and doesn't close the PR.
In games it is definitely nice to have. I’ve built multiple online trading/collectible card games and it’s a necessity for those. Don’t want your players predicting what cards will be drawn/in what order.
If the game deals with real world currency I can see why it's important, but if it's casual I'd say players trying to predict card is a very fun puzzle game on its own, imagine the intensity of a PvP card game where both player are playing cards against each other but at the same time trying to decode the PRNG algorithm, that's some quality emergent gameplay right there.
