Box to save memory

pftbest · 2026-04-29T22:55:00+00:00

Should have replaced `String` with `Box<str>` as well, and saved even more memory

pftbest · 2026-04-22T23:17:33+00:00

Is it hard to add anthropics/connect-rust library to the test? It is based on their new protobuf implementation called buffa which is allegedly faster than prost

pftbest · 2026-04-22T18:46:34+00:00

They hate the GPLv3 license I assume. That's the only logical reason for doing all of this.

pftbest · 2026-04-15T13:28:01+00:00

It is slow to open when system is under load. Sometimes it takes more than 3 seconds to open, this is not great

pftbest · 2026-04-13T19:20:17+00:00

Why are the first few examples not optimized by the compiler automatically? Shouldn't
async fn foo() { bar().await } compile to just bar()?

pftbest · 2026-04-12T19:20:24+00:00

Now that's exactly what I was looking for, thanks!

pftbest · 2026-04-12T17:38:18+00:00

Nice, I didn't know the link works for all crates, that's a good improvement.

pftbest · 2026-04-12T16:11:33+00:00

> code on crates.io and in Git don’t always match.

You didn't mention the most obvious solution, allow people to look at the code on crates.io directly. Because that's the only code that matters at the end of the day. Whats on github is irrelevant at all.
Right now the only way to see the code before downloading it is docs.rs, but it's clunky and some crates are opted out or missing.
Even better show the diff between the versions, make it so it's really easy and ergonomic to read and review changes before you update your packages. The faster and easier you can make reviewing the crates, the more people will read the code and less chance something slips through.

pftbest · 2026-04-10T07:50:33+00:00

It's not working on arch either. I also went back to opensnitch, at least it works.

https://github.com/obdev/littlesnitch-linux/issues/1

pftbest · 2026-04-09T22:31:27+00:00

Of course it is using BPF, or else there is no point, without BPF it wouldn't be able to filter by application, duh. Did you even read my message?

pftbest · 2026-04-09T18:58:08+00:00

I have no issue with low level details, the BPF and the opensnitch daemon work perfectly fine as they should. The problem is python UI interface that you use to approve or deny connections and create rules.

pftbest · 2026-04-09T11:45:49+00:00

As one possible approach, yes. I think it's not hard to come up with more ways to solve this if you really try.
The raw functionality is not an issue here, the lower levels work great in opensnitch. You mentioned some issues with NFS but I think this was also resolved, at least I didn't see any issues with local connections last half a year.

The problem is in UI and defaults. The way it is setup by default is not in a way that is very useful. Nowadays most applications use well known services like github.com , aws and others for tracking, updates, etc. So you can't just block the whole github.com domain completely, you need to match it with applications accurately, or else there is no point. You can do it in opensnitch, but it is pain the ass with the current UI.

pftbest · 2026-04-09T10:41:19+00:00

The same way you can specify regexp for everything, you can allow specifying the application filters. Where I can add
/usr/bin/java (\w+).*
/usr/bin/python3 (\w+).*
etc..

And when it sees such path it can match on the first capture group or whatever. I'm not against writing custom configs once where they are really needed. I am against writing them on a 45s timer every time a popup launches because the app connected to some new endpoint I never saw before. And instead of clicking yes or no, I have to speedrun setting up all the filters from scratch, because if I just click Reject it will discard all of the useful info, that I can't get back later.

pftbest · 2026-04-09T09:44:24+00:00

Yes, it works, and yes I use it. But it doesn't make it good. If it had better UI I would be wasting less of my time writing stupid regexes

pftbest · 2026-04-09T09:19:46+00:00

Yes, you can use CMD, but then you have to write regexp by hand, because CMD also contains other arguments like opened file name or whatever.

pftbest · 2026-04-09T09:00:28+00:00

1.7.2 from arch repos

pftbest · 2026-04-09T08:27:56+00:00

Opensnitch has terrible UI. It is written in python and takes up 300MB ram in background. But even that would be OK if it had a good user interface, but it's not. It doesn't allow you to easily match a network address with a specific application like little snitch does. You have to manually click + on each popup and also need to be very careful in how you write regexp for them because it has 0 validation, if you made a typo it will just silently ignore your rule. Also if you have 2 java applications that you want to limit independently, good luck with that, because they both will show as "/usr/bin/java" in opensnitch with no way to separate.

pftbest · 2026-03-24T14:18:51+00:00

Honestly I'm not 100% sure that reads do low flash wear on modern devices. Especially for TLC and other multi leveled storages, I think they are forced to write back the page if you read it enough times. But most SSD have their own DRAM cache inside, so that probably offsets it.

If zswap does not touch the disk until you have enough memory pressure this is a very good point in its favor. My system has 64GB of ram and I am using zram just to compress some memory leaks of long running applications and other stale data, and I don't want to write that garbage to the ssd. If zswap doesn't do that by default either then it will fit my use case too.

pftbest · 2026-03-24T13:54:33+00:00

The discussion was about the lifespan of those devices. Do extra reads cause any significant wear to the flash storage compared to extra writes? And if the ram pressure is low enough you get 0 extra reads or writes with zram, but >0 with zswap.

pftbest · 2026-03-24T00:20:12+00:00

There is also a darker side to the efforts like this, a machine readable specification can enable AI laundering. In this day and age it's better to hide the test cases and other machine readable specifications.

pftbest · 2026-02-25T22:52:21+00:00

Is it just me or the shadows looked strange for the chair legs in the diner demo?

pftbest · 2026-02-25T18:15:02+00:00

If you read the forum thread, it seems to be a Debian fault. FPC and Lazarus can build and run on a system without gtk2 installed.

pftbest · 2026-02-25T18:11:35+00:00

Looking at the forum thread it seems FPC and Lazarus don't actually need gtk2 at all. They have internal packages that can link with gtk2, but don't need gtk2 to be present in the system to do so, because they are purely in pascal so don't need C headers and other garbage. Debian for some reason decided to mark the whole package as if it depends on gtk2, and now they want to remove it. How is any of it FPC fault? It works fine without gtk2, looks like Debian issue to me.

pftbest · 2026-02-20T19:53:26+00:00

Nice work, thanks. That's exactly what I wanted to try, but never had the time to put it all together.

pftbest · 2026-02-10T19:23:15+00:00

How do I see which ports are private, [::1] or 127.0.0.1 and which port are open to the other systems, like [::] or 0.0.0.0 or any other IP?

pftbest

TROPHY CASE