--- Log for 04.11.121  Server: sodium.libera.chat  Channel: #rockbox
--- Nick: rb-logbot  Version: Dancer V4.16  Started: 2 days and 22 hours ago

00.23.47 #       <_bilgus> well I suppose since creds are commonly found in public git repos I guess its a PSA
00.24.09 #       <_bilgus> but thats kinda our point..\
00.30.41 Quit    j-r (Ping timeout: 264 seconds)
00.30.54 Join    j-r [0] (~j-r@p2003000623267218404207fffefd0a65.dip0.t-ipconnect.de)
01.55.36 ***     Saving seen data "./dancer.seen"
03.55.39 ***     No seen item changed, no save performed.
05.33.27 Quit    melmothX (Quit: WeeChat 2.3)
05.35.17 Quit    Arsen (Quit: Quit.)
05.35.40 Join    Arsen [0] (~arsen@managarm/dev/Arsen)
05.40.02 Join    melmothX [0] (~marco@amusewiki/marco)
05.42.54 Quit    melmothX (Client Quit)
05.43.39 Join    melmothX [0] (~marco@amusewiki/marco)
05.50.05 Quit    Arsen (Quit: Quit.)
05.50.20 Join    Arsen [0] (~arsen@managarm/dev/Arsen)
05.51.38 Quit    Arsen (Client Quit)
05.51.53 Join    Arsen [0] (~arsen@managarm/dev/Arsen)
05.55.40 ***     Saving seen data "./dancer.seen"
05.56.39 Quit    Arsen (Client Quit)
06.04.59 Join    Arsen [0] (arsen@managarm/dev/Arsen)
07.09.37 #       <speachy> yeah. My "false positive" feedback was (1) You need to report the actual URL you found the git server on, (2) yeah, we have git repos up; it's intentional, and (3) simply telling folks "you have a repo on your site" is going to result in a ton of false positives without doing some sort of deeper scans.
07.10.06 #       <speachy> I mean, what if there's a git repo on the site we didn't expect to be there?  :)
07.31.12 #       <braewoods> are these people idiots? like seriously. it sounds like those random emails i get trying to scare you into buying something that is marketed towards the technically illiterate.
07.40.50 #       <munkis> I wonder what their report on sr.hut looks like
07.50.40 Quit    reductum (Ping timeout: 260 seconds)
07.51.58 Join    reductum [0] (~reductum@2603-8000-b400-8764-dea6-32ff-fe16-a622.res6.spectrum.com)
07.55.45 ***     Saving seen data "./dancer.seen"
07.57.13 #       <paulcarroty> sr.hut looks like a return to github v0.0.1.
08.01.23 #       <paulcarroty> actually their report doesn't looks so dumb: if you have a git repo on website there's big chance it's closed source 'cause open projects often use github/gitlab etc to get promotion & contributors. so hackers can really extract something useful from published closed repository.
08.16.32 Quit    Xeha (Ping timeout: 260 seconds)
09.00.57 Join    massiveH [0] (~massiveH@ool-18e4ebfe.dyn.optonline.net)
09.08.25 Join    asabas [0] (~asabas@103.113.159.250)
09.08.50 Quit    asaba (Ping timeout: 260 seconds)
09.55.47 ***     Saving seen data "./dancer.seen"
10.25.40 Quit    massiveH (Quit: Leaving)
11.31.46 Join    q3k [0] (q3k@hswaw/infra/q3k)
11.47.26 Join    lebellium [0] (~lebellium@2a01cb04012c0900f91283f7afed2e6b.ipv6.abo.wanadoo.fr)
11.55.51 ***     Saving seen data "./dancer.seen"
12.51.11 Quit    lebellium (Ping timeout: 268 seconds)
13.00.48 Join    lebellium [0] (~lebellium@2a01cb04012c0900f91283f7afed2e6b.ipv6.abo.wanadoo.fr)
13.12.21 Quit    hombrelaser (Quit: ZNC 1.8.2 - https://znc.in)
13.47.21 Join    ZincAlloy [0] (~Adium@ip5f5abcae.dynamic.kabel-deutschland.de)
13.55.54 ***     Saving seen data "./dancer.seen"
14.18.54 #       <speachy> paulcarroty: I think they're blindly looking for a '.git' directory, which many of our sub-sites have.
14.19.36 #       <speachy> there are "credentials" in there but they rely on ssh keys so... eh.
14.19.56 #       <speachy> but it does seem prudent to add explicit .htaccess deny rules for those subdirs.
14.34.59 #       <speachy> done and done.
14.44.45 #       <Arsen> what's up? I'm missing some context not close in backlog
14.47.57 #       <speachy> eh, we got some automated complaint about a "security issue" that stems from our www site being a checkout of a git repo
14.48.35 #       <Arsen> ah, amazing
14.49.46 #       <speachy> so I added some blanket rules to send access to */.git* to 404
14.53.46 Join    nihilazo [0] (~nihilazo@2607:f298:5:101d:f816:3eff:fe1a:29a3)
15.04.58 #       <nihilazo> hi, is there an easy way in a rockbox plugin to render a bitmap that will display on the current device? Without having to manually implement the different pixle formats? 
15.05.02 #       <nihilazo> s/pixle/pixel/
15.55.58 ***     No seen item changed, no save performed.
16.34.26 #       <user890104> hi, which target ids should I use for ipod nano3g and nano 4g?
16.34.58 #       <user890104> the whole ipod range (20-29) is already used
16.35.14 #       <user890104> maybe something 270-ish?
16.50.34 #       <speachy> user890104: sure, pick whatever is convenient.  the build system uses the strings rather than the IDs.
16.54.24 #       <user890104> ah, i also need a free target_id
16.54.42 #       <user890104> a.k.a. modelnum
16.55.16 Ctcp    Ignored 1 channel CTCP requests in 0 seconds at the last flood
16.55.16 #       * user890104 wonders why they don't match with target ids
17.01.28 #       <speachy> historical baggage, I guess.  I ran smack into that problem too when trying to get the x3 and various ihifi targets mainlined.
17.21.31 #       <speachy> MODEL_NUMBER is used by the checksum code in various bootloaders.
17.39.22 #       <munkis> I would suggest reorganizing he nums if not for th fact that I (and I suspect others) select a target by muscle memory.
17.39.38 #       <speachy> and it will break upgrades.
17.40.05 #       <speachy> well, potentially.  since voice files are keyed off the model_id
17.40.30 #       <speachy> (I think rbutil has them hardcoded, so we can't renumber anything rbutil knows about)
17.42.01 #       <user890104> sounds like a perfect change for v4.0
17.44.27 #       <speachy> I stand corrected; the modelid isn't hardcoded into rbutil's ini file.
17.45.31 #       <speachy> changing the model_id will invalidate generated voice files though.
17.46.00 #       <speachy> (not sure if that applies to talk files too)
17.56.02 ***     No seen item changed, no save performed.
18.10.00 Quit    nihilazo (Quit: Leaving)
18.14.56 Quit    lebellium (Quit: Leaving)
18.24.39 #       <_bilgus> nihilazo https://github.com/Rockbox/rockbox/blob/master/apps/plugins/lib/osd.c
18.29.55 #       <_bilgus> in fact there are a bumch of helpers in there should be around 50% of the hard stuff to pick from just be aware of your code eating your free buffer
18.53.41 #       <munkis> amachronic (logs) putting a control_respond after a blocking recieve panics, and control_respond doesn't do blocking
18.54.33 Quit    ZincAlloy (Quit: Leaving.)
18.56.15 Join    cockroach [0] (~blattodea@user/cockroach)
19.55.44 Join    richbridger [0] (~richbridg@089144202237.atnat0011.highway.a1.net)
19.56.05 ***     Saving seen data "./dancer.seen"
21.56.06 ***     No seen item changed, no save performed.
22.28.21 Join    dbohdan3 [0] (~dbohdan@user/dbohdan)
22.29.54 Quit    dbohdan (Ping timeout: 260 seconds)
22.39.42 Quit    yang (Ping timeout: 260 seconds)
22.40.24 Join    yang [0] (~yang@212.129.38.130)
22.43.18 Nick    yang is now known as Guest6805 (~yang@212.129.38.130)
22.50.32 Quit    cockroach (Quit: leaving)
23.56.09 ***     Saving seen data "./dancer.seen"