Previous day | Jump to hour: 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | Next day

Seconds: Show Hide | Joins: Show Hide | View raw
Font: Serif Sans-Serif Monospace | Size: Small Medium Large

Click in the nick column to highlight everything a person has said.
The Logo icon identifies that the person is a core developer (has commit access).

#rockbox log for 2021-11-04

00:23:47_bilguswell I suppose since creds are commonly found in public git repos I guess its a PSA
00:24:09_bilgusbut thats kinda our point..\
00:30:41 Quit j-r (Ping timeout: 264 seconds)
00:30:54 Join j-r [0] (
01:55:36***Saving seen data "./dancer.seen"
03:55:39***No seen item changed, no save performed.
05:33:27 Quit melmothX (Quit: WeeChat 2.3)
05:35:17 Quit Arsen (Quit: Quit.)
05:35:40 Join Arsen [0] (~arsen@managarm/dev/Arsen)
05:40:02 Join melmothX [0] (~marco@amusewiki/marco)
05:42:54 Quit melmothX (Client Quit)
05:43:39 Join melmothX [0] (~marco@amusewiki/marco)
05:50:05 Quit Arsen (Quit: Quit.)
05:50:20 Join Arsen [0] (~arsen@managarm/dev/Arsen)
05:51:38 Quit Arsen (Client Quit)
05:51:53 Join Arsen [0] (~arsen@managarm/dev/Arsen)
05:55:40***Saving seen data "./dancer.seen"
05:56:39 Quit Arsen (Client Quit)
06:04:59 Join Arsen [0] (arsen@managarm/dev/Arsen)
07:09:37speachyyeah. My "false positive" feedback was (1) You need to report the actual URL you found the git server on, (2) yeah, we have git repos up; it's intentional, and (3) simply telling folks "you have a repo on your site" is going to result in a ton of false positives without doing some sort of deeper scans.
07:10:06speachyI mean, what if there's a git repo on the site we didn't expect to be there? :)
07:31:12braewoodsare these people idiots? like seriously. it sounds like those random emails i get trying to scare you into buying something that is marketed towards the technically illiterate.
07:40:50munkisI wonder what their report on sr.hut looks like
07:50:40 Quit reductum (Ping timeout: 260 seconds)
07:51:58 Join reductum [0] (
07:55:45***Saving seen data "./dancer.seen"
07:57:13paulcarrotysr.hut looks like a return to github v0.0.1.
08:01:23paulcarrotyactually their report doesn't looks so dumb: if you have a git repo on website there's big chance it's closed source 'cause open projects often use github/gitlab etc to get promotion & contributors. so hackers can really extract something useful from published closed repository.
08:16:32 Quit Xeha (Ping timeout: 260 seconds)
09:00:57 Join massiveH [0] (
09:08:25 Join asabas [0] (~asabas@
09:08:50 Quit asaba (Ping timeout: 260 seconds)
09:55:47***Saving seen data "./dancer.seen"
10:25:40 Quit massiveH (Quit: Leaving)
11:31:46 Join q3k [0] (q3k@hswaw/infra/q3k)
11:47:26 Join lebellium [0] (
11:55:51***Saving seen data "./dancer.seen"
12:51:11 Quit lebellium (Ping timeout: 268 seconds)
13:00:48 Join lebellium [0] (
13:12:21 Quit hombrelaser (Quit: ZNC 1.8.2 -
13:47:21 Join ZincAlloy [0] (
13:55:54***Saving seen data "./dancer.seen"
14:18:54speachypaulcarroty: I think they're blindly looking for a '.git' directory, which many of our sub-sites have.
14:19:36speachythere are "credentials" in there but they rely on ssh keys so... eh.
14:19:56speachybut it does seem prudent to add explicit .htaccess deny rules for those subdirs.
14:34:59speachydone and done.
14:44:45Arsenwhat's up? I'm missing some context not close in backlog
14:47:57speachyeh, we got some automated complaint about a "security issue" that stems from our www site being a checkout of a git repo
14:48:35Arsenah, amazing
14:49:46speachyso I added some blanket rules to send access to */.git* to 404
14:53:46 Join nihilazo [0] (~nihilazo@2607:f298:5:101d:f816:3eff:fe1a:29a3)
15:04:58nihilazohi, is there an easy way in a rockbox plugin to render a bitmap that will display on the current device? Without having to manually implement the different pixle formats?
15:55:58***No seen item changed, no save performed.
16:34:26user890104hi, which target ids should I use for ipod nano3g and nano 4g?
16:34:58user890104the whole ipod range (20-29) is already used
16:35:14user890104maybe something 270-ish?
16:50:34speachyuser890104: sure, pick whatever is convenient. the build system uses the strings rather than the IDs.
16:54:24user890104ah, i also need a free target_id
16:54:42user890104a.k.a. modelnum
16:55:16CtcpIgnored 1 channel CTCP requests in 0 seconds at the last flood
16:55:16*user890104 wonders why they don't match with target ids
17:01:28speachyhistorical baggage, I guess. I ran smack into that problem too when trying to get the x3 and various ihifi targets mainlined.
17:21:31speachyMODEL_NUMBER is used by the checksum code in various bootloaders.
17:39:22munkisI would suggest reorganizing he nums if not for th fact that I (and I suspect others) select a target by muscle memory.
17:39:38speachyand it will break upgrades.
17:40:05speachywell, potentially. since voice files are keyed off the model_id
17:40:30speachy(I think rbutil has them hardcoded, so we can't renumber anything rbutil knows about)
17:42:01user890104sounds like a perfect change for v4.0
17:44:27speachyI stand corrected; the modelid isn't hardcoded into rbutil's ini file.
17:45:31speachychanging the model_id will invalidate generated voice files though.
17:46:00speachy(not sure if that applies to talk files too)
17:56:02***No seen item changed, no save performed.
18:10:00 Quit nihilazo (Quit: Leaving)
18:14:56 Quit lebellium (Quit: Leaving)
18:29:55_bilgusin fact there are a bumch of helpers in there should be around 50% of the hard stuff to pick from just be aware of your code eating your free buffer
18:53:41munkisamachronic (logs) putting a control_respond after a blocking recieve panics, and control_respond doesn't do blocking
18:54:33 Quit ZincAlloy (Quit: Leaving.)
18:56:15 Join cockroach [0] (~blattodea@user/cockroach)
19:55:44 Join richbridger [0] (
19:56:05***Saving seen data "./dancer.seen"
21:56:06***No seen item changed, no save performed.
22:28:21 Join dbohdan3 [0] (~dbohdan@user/dbohdan)
22:29:54 Quit dbohdan (Ping timeout: 260 seconds)
22:39:42 Quit yang (Ping timeout: 260 seconds)
22:40:24 Join yang [0] (~yang@
22:43:18 Nick yang is now known as Guest6805 (~yang@
22:50:32 Quit cockroach (Quit: leaving)
23:56:09***Saving seen data "./dancer.seen"

Previous day | Next day