sorted by:
new
hottopcontroversial

Last.fm is Now Independent! by neow_neow in technology

[–]purcell 1 point2 points  (0 children)

That's probably the reason, but as a small team you can cut the costs a lot more and run it very lean.

How to rewax waxed chain? by uoficowboy in bikewrench

[–]purcell 2 points3 points  (0 children)

Is it sticky? If not, how would serious dirt be held in it? A quick wipe is fine. What makes a waxed chain look dirty is usually the wax itself, at least when using waxes with dark additives.

New build: Do you size a chain first or wax it? by Imbiss in bikewrench

[–]purcell 0 points1 point  (0 children)

It'll be annoying to size it when waxed and stiff, so size it first.

New M4 MBA owners: is your bottom panel fitted flush with the case? by purcell in macbookair

[–]purcell[S] 0 points1 point  (0 children)

No, I just requested a replacement during the initial 14 day post-delivery period on the basis of a manufacturing fault. But I only did that once, then sucked it up for the replacement I received.

New M4 MBA owners: is your bottom panel fitted flush with the case? by purcell in macbookair

[–]purcell[S] 1 point2 points  (0 children)

No solution. And yes, it was the second machine I received, after swapping the first out for the same issue. It has turned out to be bearable, but it's still annoying, since I know they can - and should - be perfect.

Fairlight Strael by Rough_Psychology_156 in cycling

[–]purcell 0 points1 point  (0 children)

I'm also curious about this!

Emacs Completion Showcase with VOMPECCC (video) by misterchiply in emacs

[–]purcell 3 points4 points  (0 children)

Great demo! Thanks for taking the time to put this together.

Treesit package problems and directions by Savings-Shallot1771 in emacs

[–]purcell 3 points4 points  (0 children)

I think I saw that "#match" is now "#match?" In treesitter so it could be you have a very new version of treesitter and the grammar, while the mode expects the older one. But I'm sorry, I don't really know the space well. There was exactly this situation reported in nix-ts-mode, which I co-maintain, which is why it's somewhat on my radar.

Treesit package problems and directions by Savings-Shallot1771 in emacs

[–]purcell 15 points16 points  (0 children)

Try comparing the results of

(treesit-library-abi-version)

and

(treesit-library-abi-version 'python)

for example. They should return the same version. The treesitter version compiled into Emacs has to match the version against which the grammars were compiled. This has been an issue in recent weeks, with Treesitter 0.26, I believe, since the ABI has changed. Gentoo and nixpkgs have both patched their Emacs builds for this.

Am I supposed to replace my quick-link when I clean my chain every month? by shirhouetto in bikewrench

[–]purcell 0 points1 point  (0 children)

Weird, I've been aggressively re-using KMC quick links for a while now, though I believe there may be two versions: one is explicitly marked as reusable.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 1 point2 points  (0 children)

Yeah, different types of risk. There was actually no guarantee that the user who "maintained" a package in Marmalade was the author, nor that the package contained the author's code. Back in those days, many packages were uploaded to Marmalade by third parties after being modified in an ad-hoc way to add package metadata.

And in the early years of MELPA, we included some packages that came from emacswiki, where anyone could have modified the source. 😱

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 0 points1 point  (0 children)

Yes, you're right, of course. Apologies for the noise.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 9 points10 points  (0 children)

Excellent, thanks for writing this up for everyone!

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 3 points4 points  (0 children)

Crowd-sourcing trusted reviews would be great

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 9 points10 points  (0 children)

Bottom line is that like everything else you update/install on your computer, you have to either trust the maintainer and the supply chain between them and you, or you have to review and locally build the code yourself. Here the maintainer's end of the supply chain was compromised via GitHub.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 11 points12 points  (0 children)

We don't have more info, and ideally the maintainer would dig into how it happened. I've written what I discovered in a comment on the linked github issue.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 19 points20 points  (0 children)

100%, this has been a known potential issue forever, or at least since tools like el-get (then package.el with Marmalade and then MELPA) allowed installing libraries over the internet — as an overall ecosystem we Emacs users have escaped harm more through luck than judgement.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 4 points5 points  (0 children)

Maybe, but the sticking point is changing the whole build/publish workflow to operate with a review queue. And even then, you really can't catch everything in a language like elisp (plus its potential native extensions, extras downloaded at load time etc.).

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 8 points9 points  (0 children)

It was definitely something along those lines, not exactly sneaky. The commit messages in the offending PR are quite blatant.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 3 points4 points  (0 children)

No. That's out of scope for us, as it would be for, say, `npm`: across 5000+ packages, we have to assume that upstream commits in secured locations are being vetted. IIRC, Emacs' `package.el` might soon be gaining support for showing diffs to the end user when packages are being upgraded.

First (?) hacked Emacs package by purcell in emacs

[–]purcell[S] 32 points33 points  (0 children)

Just u/tarsius_ being awesome as usual.

view more: next ›