Hello, I am your constituent from Chicago

06:27every time i go out in the cold i start coughing and coughing and then the coughing makes me cough and then that coughing makes me cough and eventually my spouse and i figured out that if i drink a real nice cup of hot tea that settles things down basically immediately so i have a nice hot cup of water and my scratchy voice and hopefully i won't be spending this whole stream muting because i'm coughing better every day but when i talk a lot i start coughing again so we'll see how this goes yeah it has thrown thrown everything out of whack so big topics for today are pull requests for review because there's a whole bunch of pull requests and i have still even though i haven't done office hours because i haven't been up to the presentation or i haven't had much of a voice god there was the one day i wanted to stream i think last monday and my nose would not stop running that would have been really unpleasant But I have spent a bunch of time working on the code base. And there has been one very active new contributor, whose name is Rahul 1990 Gupta. And I believe he is in India standard time, just he's made some comments about his time zone. So it's the middle of the night for him. So you won't be dropping by the stream. But I've really appreciated him really diving in with both feet to very unexciting, well, to me, unexciting, figure out this feature, configure this thing, tweak the config file, tweak the build, tweak the config file again, tweak it, tweak it. It goes on for a while, so it's really fiddly stuff, and I've really appreciated that he's taken it on. My strategy of... Trying to get all feature and maintenance ideas out of my head and notes and into GitHub issues is increasingly paying dividends. Because it's a whole ton of fiddly stuff that people are working through. And I really appreciate it. The other big topic is the UK Online Safety Act, which I talked about a lot last stream. pushcx https://push.cx/stream/2024-12-…
The notes that you saw on screen a second ago there are carried over from... That's just my blog. I want the stream page. Are carried over from the last stream. And I will share the link in the chat in case anybody wants it. And this one... 12-19. Yes, it's been three weeks. Was largely about... Trying to get a rough overview of the Online Safety Act, which is tough when the regulator's summary of it is 800 pages of legalese in PDFs. and figure out how to respond to it. And I've slept on it some since this stream, because there's a lot of... I don't know, how do you decide how to respond when a government that isn't even yours decides that it's going to criminalize your hobby? That's a weird one. So I really want to get that code and that post basically written today. I'd hoped to get to it over the weekend, but I needed a giant nap on Sunday. So...

10:54So the urgent thing is the UK online... want to start with the pull requests i think they're actually in a fairly good shape and i can spin through them in a reasonable amount of time and i do really want to celebrate those because i appreciate the contributions so much if i have to if i run out of time and i run late i can run a little long tonight and have an evening plan yeah yeah i want to show all this stuff off because i'm really I want to start at least with something happy. It is such a contrast for me between how there have been so many very generous contributions to the code base the last couple of weeks versus the OSA that's just one of those big giant time sinks. I think I mentioned it in the notes for the last stream. I think I wrote, what did I? I mentioned, there are two kinds of games I don't think I ended up describing this on stream, but a mental category I have. Is that there are games that you win and there are games that you don't lose and I don't recall if I pick this up from somebody else. But when events happen and you have to figure out your strategies. when I'm thinking about how to design features on lobsters or how to handle moderation issues, those are, you know, the strategy games that you can win at where you can find things to do that greatly improve the overall situation. They are wins, you know, We can make new features for stories that help people understand the site norms better, that lead people to have more interesting discussions, that do all of these great things. We can win. And then the other kind of game is don't lose games, where you're not going to make an improvement or an advancement over where you're at now, You are just trying to spend as little resources and time and effort on things as possible. And that's the OSA, where it's not going to benefit us in really any way. And if we can deal with it with a minimum of time and expense, by keeping that loss small that's the closest thing we can do to succeeding but nothing is going to get better because of having to deal with this law so there's a really big contrast between the two things i want to talk about today of we are winning with lots of wonderful contributions recently and we are trying to not lose with the uk online safety act so let's at least start with the winning So a short thing I have tweeted or skeeted about this is there was a set of very odd pull requests from junior developers who one of them claimed that they were all students in a class. And I said, please contacted me kind of as expected. They never contacted me. They never responded to pull request comments there. issues went stale and either they i think in this case yeah or the bots the stale bot that was coded up on stream a while ago closed to the mail i would guess that they were high school or college students and their professor said why don't you open a pull request against a repository but none of them introduced themselves or said who they were or what they were doing or what their background was so they basically had a professor waste maintainers time as a class not great. Okay next up. got a nice little bug fix here from Colonel oh 53 who's contributed a bunch of PRS in the last few months. We have a. There is something weird in the rails. Let's just grab these URLs for the notes. I'm taking a quick note here that the stale student PRs expired and closed with no response. The MIME type exception. So Rails has something weird, something either that we have misconfigured or that is just very misdesigned in the framework where we are constantly hassling around with routing that wants to support MIME types we don't support, and it raises a variety of errors. I'm not going to dig through the issue history. I don't think I found it to link in this PR which I should have, but if you dig for our issues there's a long thing where i'm fighting mine types and 400 errors, and this was a case where. Bad bots are people tinkering with URLs would throw these. A very similar one really to the mind type issue where they would throw these spurious errors because. They submitted a bad request and rather than just getting a 400 back, we also had an exception raised. So I don't need my bandwidth cluttered up with exception messages. It is not exceptional that someone sends a bad request. We just need to throw them back a proper error and kernel 53 here figured out what to catch. And then I nudge to say, hey, let's move this up to application controller so it can catch all of these. And I think this is a nice universal fix. One thing I wanted to check in on was, of course, I'm already in Vim. In the application controller where this ended up landing, yeah so kernel 53 wrote this function here this rescue from and i wanted to steal that pattern so let's just hack that out real quick and we're gonna say

18:38Yeah. We will just maintain this camera to there. We will maintain that error message. The status is still bad request. I'm going to send back HTML rather than plain because we've had people trigger this in odd ways and then be puzzled that they're getting back plain text instead of HTML or instead of JSON. And then I'm just going to replicate This, make a quote, paste, extra spacing, that standard takes care of. And now I have great. So let's go ahead and say that we are copying. Pairs in multiple MIME types, copying pattern from 1399. Lovely. So there was one last thing I wanted to do with that. And I'm glad I came back to look, because I otherwise would have forgotten.

19:54And then Dreg, who is a stream VIP, opened up pull request. I had started splitting out some functionality into a mod folder to start tidying up our administrative stuff and created a moderator's controller to ensure that everything under there has the right authentication. Excuse me, authorization. I always have to stop and think about which is which. Authentication is are you a user authorization is and do you have the permission like are you a moderator to do that thing and i'm pretty jazzed about this one because it is a nice template for if we want to add future custom cops to standard rb i've previously had a couple of custom cops and when we switched from rubocop to standard rb they silently broke were not correctly integrated anymore and i didn't realize it but this is very nice and this is this is also a really nice example of a basic cop and it's defensive coding style so that it correctly handles the situation because cops are They're in an interesting place for authorization. I can't write and type something different at the same time.

21:47They sort of work on the AST and sort of work on strings and they deal with, ghost_user_1984 It's a _giant_ mess.
ghost_user_1984 Yeah
ghost_user_1984 It would be better if it was all AST based
code as files and code as like running ruby objects i don't know they're in an interesting intermediate place it's a giant mess what rubocop yeah it's it's an invaluable tool but i think the nature of the beast for a linter is You want it to be operating before and after ASTs? I don't know. I don't have a strong opinion there because I've never tried to implement a linter, but I'm very happy with Dreg's contribution there, both for safety and for the example. So let's actually, I'm going to jump ahead here to Dreg's other contribution. Again, I'm typing this up. ghost_user_1984 Hello!
Also, good to see you, Hunter. Hello, welcome back. So we have a... We had a bug that when Someone was working through the new story form the check URL dupe was occasionally hitting errors about there being duplicate records. And I am not going to walk through this code, because it is. dr3ig https://evilmartians.com/chroni… this is a good tutorial (as well as the official docs) I used it when writing the cop
super fiddly but also they figured out. Well, I really like this code, so I kind of want to, but oh, hey, Drig, good to see you. I'm talking through how much I've appreciated your bug fixes. The thing I really liked about it was... That it wasn't clear in the code written whether domain should create origins or origin should create domains, and I think maybe the exception was that both were happening, especially and it wasn't super clear if it was. them being reentrant or. Like you know, a race condition between two hdb hits at the same time or just. sort of a logic cycle in terms of...

24:41I pulled your very nice link here into the notes. Thank you.

...50In any case, I really liked Drake's PR here. It cuts through the complexity quite a lot. Once I understood what it was doing, I was like, oh, this is all actually simpler and easier to read. So that's super pleasant. I'm very glad to have a couple more tests. Unfortunately, this morning, I also had one more exception that is basically the same exception. dr3ig I've also just commented on your comment on the original issue (#1402) about the new version of the same error
It's also find or create origin throwing an exception about a duplicate key, although it ended up being a different endpoint fetch URL. Oh, great. You just popped up 28 minutes ago. I definitely haven't seen this comment.

25:48Oh, I saw that the first one threw an exception, but where was the timestamp on it? Ah, yeah, the second one is also the same second, and it's only 100 milliseconds later. And in Rails time, 100 milliseconds is basically the same amount of time, because especially write requests are not super fast, typically.

26:19Aha. Well, Drake, I appreciate you continuing to look at it. And I think you're definitely onto something there. If you open another pull request with another fix, I would really love it. But of course, every pull request is a gift and opening one does not obligate you to open more. So I'm glad the... So I was pasting the exception into that issue And I was like, you know, if I was actually running this down, my immediate question would be, is this a brand new origin or is this like it was in the database for hours and weeks already? And then we ran into this issue. And so then I pulled that out. And as soon as I pulled that out and I saw the seconds matched for the created at field, I was like, well, do I have more detail in the timestamp in the HTTP logs? dr3ig i will try
And so then I just grabbed out All the hits that mentioned it from that story submission. And I'm glad that they were useful because I didn't catch that the first two were happening in the same second. Thank you. The... I wonder... I'll bring up the clock. I think you have quite a bit of lag. And my little stream health graph had a dip like 15 minutes ago. So it is possible that you are way behind what I'm saying, which makes it hard to communicate. Sometimes that gets better if you reload Twitch. Otherwise, it is just an internet weather thing that we'll deal with. But either way, it means that I may not see your comments for 30 seconds and then I'll come back to you. So if I tab over, light to dark, yeah. At least on the Twitch dashboard, I see the usual like three to five second delay rather than a huge one, but we'll see how it goes. So unless there's something more, which there might be in 30 seconds, I'm going to move on from that bug and the attempted fix and hopefully the future attempted fix. And then I mentioned that I'm going to skip this pull request because it's someone who had a local fork and I think they're tinkering with development and they accidentally opened the pull request against the main lobsters repo. They closed it themselves. Nothing more to say. The big one is Rahul 1990 Gupta here has opened a whole bunch of pull requests. So I have already merged two And then he has one, two, three, four more open, which is a lot. I was very surprised to see a new contributor open three pull requests at once. And the 12-hour time difference makes it a little tough to collaborate. So there's been a fairly slow process of me trying to respond as fast as I can, but then still, you know, he's asleep when I'm awake and vice versa. So we have that 24 hour dev cycle that is common to anybody who has worked with developers in India, or I should say familiar. However, we worked through two features. Which one did I end up merging first? Yeah, I think this one, which was It's actually a little larger. pushcx https://github.com/lobsters/lob…
I had opened an issue that said, hey, there's all these neat new features in Rails 8. And what's basically happened is that Rahul has taken all of them on.

30:33So I'm adding to the notes that there is this issue. The gist of it is Rails 8 came with a bunch of features. The theme of Rails 8 seemed to be, to me, a whole wave of, hey, everyone is solving these problems. Let's start incorporating more of them, which is the classic Rails philosophy. It had been a couple of years, maybe three or four since Rails has done a big wave of these and integrating a new cache that stores to SQLite, an active job that also stores to SQLite by pretty much by default. And then once again, a new asset pipeline. I wanted us to lean into these features because they address things that we have solved ourselves. Like I mentioned that Keystore does a lot of miscellaneous caching. So the first one that ended up being merged, and it might have been the first one opened, was setting up a rack attack to... Come here, clipboard. Rack attack to solid cache. Rack attack is our rate limiting, and it has to create a ton of, well, it was using a file store, so it did create a ton of tiny files, basically one for each. You can multiply the number of rules we have in rack attack, which is like five or six times the number of IPs we see, which is many hundreds of thousands on a typical day we had tons and tons of small files on the file system file systems don't really love having millions of 10 byte files at some point you run out of inodes i'm not going to beat it to death but we have a cron job that has to clean up old Things in the cache and it runs every minute or two and it would run into the situation where if there were many millions of files, because we saw lots of new traffic. One job wouldn't finish before the second one started, and so, then the second one complains that it sees files that the first one deleted. let's move to sequel light sequel light loves having millions of small keys and the basic access pattern of rack attack where. It's lots and lots of primary key lookups. So this was... I don't want to downplay this at all. It sounds like swapping out file store for solid cache should be almost a one-liner, but actually it was lots of fiddly config to get the gems involved, to add the basic cache config with some reasonable defaults, to update... and make sure that the cache is correctly configured in our database.yaml. This ended up, I had to touch this. You can dig through the comments or dig through our repos commits if you want to see more stuff. There was touching these config files and I think development had some surprising context that bit Rahul. Luckily I caught it. And then the migration. so this was a non-trivial amount of work and i really appreciate that rahul took it on i got this deployed on last saturday so yeah two days ago on the fourth i believe yes it broke the site we had 10 or 15 minutes of outage because there was one more config file tweak and then one more server tweak and one more config file tweak that's why i pushcx https://github.com/lobsters/lob…
especially appreciative of when people take on these really fiddly things so great to have if you are curious about that outage you can look in issue 1401 which had i put it some details of what happened when i tried to deploy and how i worked through it I did that because, number one, I've tried to explain our outages. And this one, you know, being down for 10 or 15 minutes on a Saturday morning, traffic is much lower on the weekends. That's why I deployed it then. This didn't need a big, hey, the site was down for three days, kind of meta post on the site itself. But I like to explain these things. And then also, I had heard, let's go find that. Do I have... I'm not going to remember the name. Let's go to my profile. It's in my replies. So I got, oh, you can't see replies if you're logged out. Dang it. If I say by gets from push.cx. I said the word ways, didn't I? pushcx https://bsky.app/profile/push.c…
Yes, here we are. So there was this thread I had on blue sky where This developer said, oh, I cleaned up our CI so that all of our tasks run in parallel. And if you have been watching this stream a long time, you may remember when I merged a very nice pull request from by root to split up our CI to run in parallel the same way. So when you look at, I don't think you see it on closed ones, but when you look at our build on GitHub, you see all of these as individual checks. rather than one single the build check. And so I just happened to comment, oh, hey, I love this too. And Kane said, oh, you know, I actually looked at your workflow config to see a good example of how to set this up in a Rails app. And this has been an unexpectedly rewarding thing the last couple years of running Lobster where We are a small Rails app in terms of lines of code. You know, we're at 15,000 lines-ish, depending how you count. But the app deals with real world complexity, so it has a couple of complicated corners, and you know it's actually something that people have used as opposed to a to-do list app that maybe they never implement delete, or they never implement A function that includes reporting over everything, because it didn't see real world use well lobsters does have lots of real world use we've been running for. What. 12 and a half years now. Actually yeah 12 and a half years and two days, three days. So.

38:05The other attribute that really matters is JCS was, by his technical opinion, pretty strong about not wanting to add dependencies. And before I started maintaining the Lobster's code base, I was a lot more willing on Rails to pull in dependencies. And so my coding style changed to be a lot more cautious about adding dependencies. The end result is that lobsters is a great example app for some real world complexity, you can actually understand what's going on, if you want to tweak it for some particular use there's not too much too many code places to change, like when the shopify rails performance team picked it up to use as a benchmark. They talked about how they only had to tweak a couple of places to use SQLite and turn off a couple of features that did things they didn't want to deal with. And so I really like that Lobsters is a very, you know, as these things go, is a popular example app for lots of Rails things. And even as I grumble a lot about the things that I don't like in Rails, like callbacks and the pluralization rules, It is an interesting kind of giving back to be an archetypal app. And as we do more of these things, as we lean more into the framework with Rahul's PRs for using the Rails 8 features, we do more of that. It's a really interesting situation that I had not predicted when I started maintaining the app. All right. rack attack great that is working very happily in production the sqlite database has you know however million actually let's go look we can look i won't i'll try not to pull up anybody's ip here on stream so let's see it's in the cache directory i'm probably going to end up tinkering with these locations but three that cache file and then yeah here we go if we look at this we have 438 000 entries in the database that's pretty typical and each one is if we look at the schema for solid cache entries No semicolon on that. It's an ID, a blob. The value here is like some ridiculously wide thing. In practice, these are about 30 characters wide. So each row of the table is, I don't know, 60 bytes-ish. I'm just ballparking. I don't actually know the SQLite row overhead, but call it like 60 bytes. So this has been very nice. And then also having solid cache configured and set up prepares us to lean into it more. We use an old style of Rails caching where we do full page caching for logged out users. It is a really nice fit for our traffic pattern, but not most rails apps so it got booted out of rails core and into an extension and i don't know how long that's going to keep working but it works as files on disk at some point we'll see so this is i think this is rahul's only non Rails 8 update. This one was a small feature request I had where we have a whole mailing list mode that you can turn on and you will get an email for every comment on the site. And some people, especially us Mutt users or other power users of email clients are very comfortable with that. It's not super popular. The last time I looked in, maybe 40 or 50 people had it turned on there's like one mode where you have just email me all the stories and then there's the second mode where it's and also all of the comments so if you want to think of lobsters as a big mailing list you totally can well even if you don't have it on by default it's a setting you can get a notification that someone has replied to your comment and i the mailing list code checks that you have mailing lists enabled or otherwise it won't let you email reply to a comment. And I was like, hey, why not? We can actually get a feature by removing an if. And so Rahul worked through that. This is the tweak where it said, well, we're not going to require that they have mailing list mode turned on. That's what this side of the SQL query is doing. And then I ran into some hassles with GitHub's new pull request merge UI. Nathan, if you're here, you were talking about this on IRC earlier, but this was the first pull request of rahul's that i looked at and i couldn't find the approve button to let his pr run our workflow because it's just missing from the new pr and we had a whole bunch of back and forth confusion that was kind of painful so anyways there was some side code there was a little bit of copy telling people hey you can just reply to this email now i haven't This has been in production for a couple of days. Let's see if anybody's used it. Not that. We want... There we go. That's not it either.

45:19why am i getting prompted for the password that it should be pulling out of because i changed the structure of database.yaml ah so my little so i'm gonna see if i can solve this with the terminal off the stream real fast Oh, so there's a little shell pipeline to cut the password out and the password changed indent levels. So I think I just, yeah, there we go. All right. So let's clear that out and I can bring that back on stream. And if we change this four to a six, there we go. So let's see if we have any comments.

46:29So there's a field on comments that says is from email.

...39Let's also just check that this is the last couple of days because I don't want to hassle around with 2025 with people who have posted comments and then later turned off mailing list mode.

...58And is from email. It's not zero. No one has used it. I don't even have to make the join over to users to see if someone has mailing list mode turned off. Well, hopefully soon.

47:21All right. So that's the merge stuff. And then open. There are four more from Rahul. We are going to take a little side trip into this one out of sequence.

...46Because

...52So I'm adding this to my notes. So this one is by Caius, who you may recognize that name. Caius is the person who posts the weekly, what are you doing this week threads? And what are you doing this weekend threads?

48:16I don't remember Caius's gender. Well, between the... I feel okay calling Caius a key. So he posts those every week and has for literally years. Apparently he's an experienced Rails developer. He said when he dropped by the chat room today, if you're here, Caius, please say hi. Because I invited him to drop by the stream because I told him I would review his pull requests. They are bumps to our Rails version and... So that ripples through all of the rails libraries i'm kind of just skimming for common mark, which is not bumped good, that is the one. gem that I have deliberately pinned because they've made breaking changes to their API and so we have an issue hanging out. pushcx https://lobste.rs/s/uwcvnl/lobs…
i have tried to enlist him to maybe write a kaya spot because we have recurring threads on the site there's not just those weekly threads there's also those quarterly threads for jobs and then a fun one today is an annual like post a picture of your desktop thread

49:38Got some fun ones. Great. So maybe we will get to talk, Caius, into contributing some neat features. Hello, good boy.

...53So I glanced at the 8.01 I'm not going to skim through it on stream. It's really minor bug fixes for this point release. So I feel, why am I logged out of GitHub?

50:15That's weird. I'm going to sign in real quick so that I can merge the pull request here on stream.

...27And the cat is going to help by standing on the keyboard as I'm typing. Thanks, cat. All right, buddy, you're OK. So now that I am logged into GitHub, there's just a bump to the bundle, and let's merge. And then we have to fix the default thing because it's always backwards and verbose.

51:26And then Kai has created a stacked PR that the GitHub interface doesn't super love. And so this one includes the changes from the other one. And I think, yeah, so the build didn't run. There is a gem. I know he's already touched it once, but he will have a faster... workflow cycle now that i've already merged one of his pull requests because otherwise i have to keep coming and clicking approve and run on every pull request that gets a new commit because there isn't a way for me to tell github hey i trust this guy you can run his commits so over on irc i'm going to tell him i merged your rails bump so now your ruby pr will automatically run the build cool all right so with that this one i have not read the changelog for ruby but i'm gonna guess it's pretty darn minor So back to the open pull requests. Sure, I will refresh.

53:09This one by Yawaramin that I lost track of has gone stale. I am expecting the stale bot to close it, and then I will probably pick this up and finish this pull request. We'll see how it goes. And then we have four open pull requests from Rahul. And I believe I've reviewed them all, so this is not going to be a huge amount of time here.

...48I didn't grab the number of the pull request for the open Ruby. I want to put that in notes.

54:04So I've been doing pull request review for a minute, perhaps about 50 minutes, and I had meant to mention My usual spiel that this is lobsters office hours, so if you have any questions about. lobsters the code base lobsters the site lobsters the Community, please feel free to throw in your questions at any time. I may stick them in the scratch notes and come back to them after five minutes if I can't take the interruption, but otherwise. It's office hours. It is a great time to drop by and ask questions or say, why do we do things like this? Why did you do that? I don't understand this mod log message. Would you like a feature that does X? Shouldn't the site do this instead? All of that stuff is great and I am happy to do it. So just pipe on up. And when folks aren't asking questions, I work through pull requests and encourage more, strongly encourage more. God, I love them so much. or I write code on the site. And the plan for today is to... I really did want to spend a couple of minutes talking through the many great pull requests that I merged since the last stream, and then do some quick reviews, because I think not the 3.4.1, but some of these others from Rahul might be ready to go, because I've gone a couple of rounds of review with him on them. And they are kind of, they are definitely all in this vein of let's use Rails features. So I'm gonna take a second and get them into the notes so that I don't have to chase things around. So this one is Prop Chef to let us drop Node.js. This one is not Rails 8. So I'm going to just put it over here in this other section.

56:14We'll talk about that in a sec. We'll do the Rails 8 stuff first. Active job. And this one is also refactoring our cron jobs that have some cruft on them. And then, come on. All right. So let's start from the end. Okay. So he has requested a review from me on this one yet. No. So he's been real deliberate about using the GitHub UI to request a review from me when it's ready. So this one is a draft PR that he's actively working on and I left one quick note. So Kamal is the new Rails 8 feature that is a standard Docker setup for Rails apps. It is intended for developers and also for deployment. I have wanted to add it because I want it to be very easy for developers to contribute to lobsters. And if you look at our README, a big chunk of our README, the development setup section is very basic Rails 101. Here's how you install the database. Here's how you make yourself an admin. Here's how, like all of this is explained in the getting started with Rails guide, but all of it has come up as people have tried to pick up our code base and use it because A bunch of our contributions have come from people who are brand new to Rails. And so while I have tried to avoid learning Docker, and I may not start using it myself, we'll see. I run a Linux desktop, so I don't have any kind of version issues solved by Docker in the way I would if I used Windows or if I used macOS. It would be nice to shorten this stuff down. And then the second part of Kamal is it includes a whole bunch of features to provision from a VPS that you could get it. You know, name your favorite VPS provider and configure it with the basic dependencies to run a Rails app. So Rahul has started this. There's not much for me to say. I noticed that it already, I mean, even if I don't yet merge Caius's Rails bump, the version of Ruby mentioned in one of these files doesn't match what we actually use in production. That's going to be a hassle to keep into sync in the basic DRY, don't repeat yourself sense. And then before I merge this, I am gonna have to sit down and read through all the Kamal docs and read some more about Docker. I don't think I'm gonna immediately throw out our Ansible and put it into production, but we'll see. I'm kind of waiting for more results to come in from people who have used Kamal in production. I'm not gonna be a pioneer on this one. And if everyone is like, yeah, it basically works. That's great. I wouldn't mind on shipping our Ansible repo because it has a lot of complexity for having two hosts. We'll see how it goes. dr3ig Why do you want to get rid of nodejs (and Redis)? Is there more to it than just trimming dependencies?
At the very least, good for developers.

01:00:25My app.

...33dr3ig Just now
dr3ig I refreshed the stream
so so dreg your question and did you ask it three seconds or 30 seconds ago because i did see it appear live redis i added oh great i'm glad we're caught up on lag redis is a moving part that i started adding because i wanted to move out of our cron jobs and move to active job or move to sidekick and have some kind of proper job system because we have things that either happen on the regular in the daily cron jobs or we have and that's going to be this pull request or we have stuff that could happen in the background like that fetch url attributes that you're looking at There's some other similar stuff that just happens in callbacks that really would be better off if it moved to background jobs. The other big one that comes to mind, well, the two are diffbot that goes and fetches story texts. We do that as a synchronous call on story submission. That is an ideal background job. And markdown rendering, which... I mean, we have that bug hanging out to get up to date with common marker. And then the other thing to do would be, it would be nice if comments, well, we can't really do anything with the comment till that rendered. So maybe there's no value to moving that to a background job. Yeah, we'd just end up with more inconsistent data. I have the feeling there are more things that could become background jobs that just... Oh, yeah, the stats. I would have to go through Keystore. There is an issue. Wouldn't it be nice if the stats supported dark mode? I don't think we have. No, we don't have a bug about it now.

01:03:06Awesome. Come here. Grab this.

...21I'm getting distracted, but this is one more thing that should be a daily job that we do. What's the name for it?

...36We have the kind of pass-through caching where the first person who hits this when the cache expires is going to wait 30 or 60 seconds for these to reload. It can get dogpiled. When the cache expires, it should just be a job that gets queued every 24 hours.

01:04:09And then I added, this is a nice thing. I added a tag for visual design bugs that, are mostly about improving our CSS, a little bit of JavaScript, mostly CSS. And it is both this kind of small, this could use dark mode colors, and then larger, we should use CSS Grid. We should have some better UI for moderators. We should have a data visualization. pushcx https://github.com/lobsters/lob…
So if you are artistically inclined or designerly inclined or you know someone who is, great. You can find lots of stuff that might interest you. So that's the long answer of why I got rid of Redis. Or no, I didn't finish that thought. is nice. Around the time I started adding it and went to start adding sidekick, Redis had its whole relicensing and forking thing. And I just didn't want to deal with that. And then also active job had been around for maybe 18 months, and it had reached a level of maturity that I heard on the grapevine that people were happy with. And we have very light use of jobs we're not you know some scaled website that's going to put in a million jobs an hour we're going to put in a couple of dozen jobs an hour sqlite with solid queue is definitely fine for our needs so then to answer the second part of your question i guess your primary question node.js it was just easier for me to start with rails Node.js is, I want one fewer dependency. We're already way out of date on it, and I don't pay a lot of attention to what version of Node.js we're using versus what's available in prod because we're on Ubuntu long-term support. I would just like to stop thinking about it. It is kind of the one thing we maintain a second programming language for is our JavaScript. concatenation and minimization, et cetera. One of the Rails 8 features is this new prop shaft. And if you've seen the announcement, the value of it is, you know, if we have import maps, we can kind of just directly serve our JavaScript in a very clean way without having a minimization step. Does minimization get you anything? Maybe like 5% over gzipping. I don't need that terminal. And when you look at our JavaScript file is 818 lines. TomSelect, I want to say ballpark it as like 1,000. And so... five percent of a couple of kilobytes doesn't really move the needle for me i would rather have one fewer moving part and as much as i get frustrated that the asset pipeline breaks in production every time there's a major update to it by which i mean significant i'm not talking version number because there was that period of like three three one four four one four two and every point one increase broke the asset pipeline in prod that was a frustrating couple of years i would rather just bite the bullet and be current so very helpfully i hope that's a it it turned out a little more rambly than i expected and longer than i expected but that's why i would like to drop those dependencies and lean into the Rails stuff. I don't know if you were watching when I talked about yassification, but that's the title of the stream archive if you want to find it. But I have found we get a lot of benefits when we lean into the Rails way of doing things. And none of them are enormous, but that 5%, 10% really adds up. So this one, has he requested a review? I don't think so, but I got excited about it and I kind of like peeked at it. No, he hasn't assigned it and he has a conflict on gem file, probably because I just bumped rails.

01:09:20So he's done all of this setup. There's this mission control that is the job control backend we've talked a little about authentication that's still pending because it seems like the default path is to make hdb basic authentication i would rather make it available to all of our moderators he also ran into an issue where our time ago in words helper was shadowing rails's time ago in words helper And so we had to rename ours because I don't want to change that behavior their wording is very slightly different mostly they include the word about all the time and it's not that's not a useful level like if we have minute time stamps we're already rounding quite a bit and if you see a time stamp that says one month ago you don't expect second precision the word about in about one month ago doesn't add anything to that So these are a couple of things that happen in a daily cron job now. They'll move to a job. And also they could get off of that daily schedule. It's a lot easier to be flexible. That would be nice. There is a bunch of stuff for foremen, the background job workers. There's a lot of plumbing. I have not attempted to pull and play with this locally, but I will. This was the open thing about how to reuse our authentication. I had said, hey, can we just use our mod controller that you saw earlier that Dreg added the RuboCop for? And because it inherits from application controller that pulls in a whole bunch of extra complexity, the answer was no. And he said, we could either make a standalone controller or make a concern. I think a concern, I don't think we use any.

01:11:54nothing google have you seen that there was a image that got a lot of spread in the last couple of days where someone googled for john wick five and like everything on the screen was bullshit the thing where i search for action controller concern and i get nothing because it just threw away the word concern

01:12:29this is a lot of extend with class methods oh oh no this is not this is the standard ruby module pattern and it just kind of cleans up the boilerplate okay i couldn't remember if concerns were overlapping in my head with callbacks which are a little bit of spooky action at a distance i'm kind of okay with them in controllers because controllers tend to stay thin but one of our long-term projects, I would like to remove them from our models. Because we have actually a moderate amount of magic in our callbacks. And that is also probably part of that check URL dupe thing that Drake is trying to run down. Yeah, that's really nice. OK.

01:14:13Sorry, I've been trying to mute when I cough, but I don't always get a lot of warning on that tickle in my throat. All right. There is more than one place that time ago in words gets called. I got to note that. So wait, there's this. There's the mod note. Isn't there more?

...48yeah oh that's what i'm thinking of we have this helper that also wraps it up in a label tag but then we do have more here yeah so

01:15:45Let's be explicit.

01:16:02Great. So there's that. And then coming back to Greg's question about getting rid of Node.js, here is the asset pipeline update.

...20This one was a little odd. It was the first one I saw of Rahul's, and he kept kind of jumping in different directions, like he wanted to remove what he thought was some duplication between light and dark mode, but he broke the feature for overriding. There's a user setting on the settings page where you can override the light and dark that your browser requests. And he broke that. But then also he was like, well, let's split this up into multiple CSS files. It really isn't a benefit. We don't have a lot of CSS. And then also he talked about wanting to add to replace our auto size JS. And then also somewhere in here, he mentioned refactoring to use Tailwind, which would be another giant dependency to take in with its own. Well, I mean, it would bring back Node or Now they have their own binary to compile things. Anyways, it would be a lot of complexity and a big dependency that I don't want to add. So this one is kind of sprawling. There's a open bit here where he duplicated the vote reasons because of how the pipeline interacts with, it doesn't really play well with pulling those out of the model. So what we eventually got to was, you know, we only edit these flag reasons maybe once a year, more like every two or three. So let's just have a comment that says, all right, this code is duplicated and we'll move on with our lives. Maybe we'll figure out some way to remove that duplication in the future, but it doesn't need to hold up this PR. This is one of those like, Yeah, sometimes part of engineering is you go, well, let's just do the ugly thing and ship it because the cost is not so bad. I'm going to not see what the actual wording of the comments is.

01:18:37This, oh, he's swapping it out of. All right. dr3ig what is the downside to populating those constants in some HTML data attribute from rails?
I'll have to test that pretty thoroughly.

...53All right. So in HTML,

01:19:17I think that would be fine actually, Drake. dr3ig that is one of his suggestions i think
Yeah, I understood. So Rahul had said, put this map in a view helper and render that. And I took this as adding an inline script. But if you see it as

...49Yeah, if we had an invisible element that had this income. My only real concern is I don't want to have an inline script. We've been trying to get rid of those, and I think they're all gone. And if it's like a one-liner, I think that would be great. ghost_user_1984 The invisible element might cause screenreader issues.
Maybe I misunderstood what he was suggesting here. Actually, I probably did misunderstand. Would this map interview help her and render that in HTML? ghost_user_1984 ahh
Well, what Drake is saying is put it on the, the data tags. So it would be like, this is how I understand it as equals story lags. And it would be like either, I guess you'd do like data flags equals Jason. Like that's the. Yeah, because like manually serializing these to a number of data elements would be that you don't need that complexity. But if you just are like, yeah, this will be a JSON blob. Yeah, that's great. Drake, do you want to leave the comment or I can leave a comment about it? Yeah.

01:21:22dr3ig you should leave it
Maybe Drake has wandered away. All right. I'll just write that. Sure. I talked this through. And I believe you didn't want to get credited. So I'm going to just default to leaving your username off like last time. Let me know if you'd prefer to be mentioned on stream. And someone pointed out that I misunderstood your suggestion. we could have a if you a clear way an easy way to remove this duplication would be to have an HTML element with the flags in JSON and have the JS load that. Now that I understand that, I think that's a great idea. Sorry, I had you write comments. We don't need to make it a standalone helper. let me just add this to near the end of what do we think do we think the in the head tag or like end of the body tag i don't think it like nothing matters when we have a thousand lines of javascript but like what's the the clean way to do this is the browser loads the javascript and tries to immediately start executing stuff even before it's finished rendering, you know, finished parsing the HTML. So let's put it near the... Yeah.

01:23:42Near the end of the tag. And is there a... Is there a better element that we could choose than... So I would like to include an example code, but I know from having talked to Rahul on a couple of things that if I give a specific HTML, we're probably going to get exactly that HTML, and I'm not sure... Like, is there a meta tag of some sort this should be?

01:24:36Jason LD.

...43Yeah, well, there's an inline script that I don't want.

01:25:01The link meta was applied to the whole document. I don't think I want to use a meta, because those are maybe baselink script style. Actually, this seems appropriate. Document level metadata. Yeah, I mean, it applies to the whole site, but the whole page. The reason I don't want it in a helper is I don't want to keep track of whether we're printing it twice or have to shotgun it out through every place or remember that it's going to appear in comments. Like, this is going to be 100 bytes. Let's just include it in every page. We don't need an equiv. A char set is not a bad idea. name has a specific meaning the item prop content do we have examples here so is the name a free entry and we're allowed to just make up our own value that seems like what i'm saying seeing if the name is set document level metadata name and content can be used together to provide name value pairs see the standard metadata names do we have to

01:26:58Application name, author. Is there like an x dash prefix?

01:27:21Is there a prefix for app specific stuff? All right. I don't see anything that says we can't make up our own name. So let's do that.

...48And then this is content. And then this will be, what is it? Where was the old code?

01:28:06I think we can just call and map it to key value. Yeah. And I think rather than it's already a map of the short letter to the longer part. So I think we can just call to JSON.

...35Let me check that in the terminal real quick.

...50Yeah, that's beautiful. We even got cancel in there. Alright, I'll take it.

01:29:38Let's look at that. OK, reasonable syntax. Great. Thank you, Drake. I appreciate your help. I definitely misunderstood that, and I'm glad to realize there's an even better way to just not have the duplication instead of having this kind of comment. All right, so otherwise, this one's hanging out. It's in progress. I don't have anything to say. This one is also Rails Yassification, but it is not using all the new Rails 8 goodies. Rails is pretty restful, and our story controller is overloaded with extra actions, as befits our god object. so let's start splitting some of them out and mapping them to rest verbs and so this yoinks all this code out of here yeah because aren't not that one that's something i already pulled out of stories controller yeah it's 600 lines that's pretty line or 550 lines which is pretty long for a a rails controller and the the edit form does like four different major pieces of functionality i'm saying major because they both present the form and take the form and there are like four pairs of those and it would be nice to just start simplifying those All right. And apply tag, not a moderator. Sure, sure, sure. This is all the stuff that was there. This is updating paths.

01:31:51Oh, I see. I didn't have the full context when I left this comment, so I have confused something else. Do I have...

01:32:48I don't even want to say this. What am I trying to say? You can't redirect a post, right? You get something odd if you 302 a post.

01:33:12Oh, I get redirected.

...28hosts if you redirect the user ends up getting a pop-up that says here are you sure you want to do this okay what i would have said is instead of saying

...58You know, I had a time bomb test for one of these once, didn't I?

01:34:10There was an old route that I removed, and I had a...

...27Here we go. This guy, right?

...35Yes. So I had renamed some routes. So I put in 302s and then changed them to 301s eventually, once I knew they weren't going to break. But these suggests, because they're just internal forms and people don't link to them, I'm okay with getting rid of them. without that extra step of 302 to 301. All right, so.

01:35:10Sorry, I didn't explain that well. That was also a misunderstanding. Speaking of looking at, I just looked out the window and the snow is coming down heavy in Chicago. for the first time this season. That's lovely.

01:36:50Helps if I spell it and space it correct. Come here. Redirect.

01:37:12Quoteparentic.

...39I swear there's some... Yeah, here we go. Chrome, I post to a resource that wants to redirect. The browser issues a GET. That's the problem. Unless it can be confirmed, since this might change the conditions. This is the gotcha. Express for the client is not allowed to change the method. Treat 302 as if it were 303.

01:38:13Will they handle it correctly?

...34Automatically request. Difference between 302 and 307 will not change the request method and body. There we go. That's the behavior I want. That's the gotcha I wanted to avoid. This is one of those where I got bit by this like 20 years ago, and so it's just tickling the back of my head. That's why I had to stop and look it up. All right, so on my suggestion here, I will just say status colon 302. Let's break this out.

01:39:17And then the next one becomes, that's a post to suggest over to, I think that, and then 307.

01:40:29We have a stories spec routing. No, of course not.

...46Let's add in a new map test in spec routing. Why are all my specs named singular? God, it's probably supposed to be plural. See, right into the thing that annoys me most about Rails.

01:41:16And then I can see the code off screen, so I'm just going to yoink it up. So we'll say 25.01.

...33redirects for PR1414, which moved these routes, is temporary. And then get rid of the diff marker.

01:42:02So if we do a get to slash story slash suggest, we get a 302. And then let's call this 71.

...44What was that? Shaw 1.

01:44:10there we go all right big comment didn't expect i was going to leave one but figuring out stuff i didn't figure out the first pass through all right so that's all the open pull requests there's been a little activity dreg did you leave another comment since i came back or is this Oh, this is out of date because I wasn't logged in the first time I loaded this comment. Everything else that's hanging out is pretty minor. And then I don't think I've closed. This was the outage on Saturday when I was deploying the thing. Oh, there was one odd one that... So DZW DZ is one of our chat room moderators or no i'm sorry is one of our. has been a stream regular i'm confusing people who's unpronounceable usernames start with D and our five characters long. So they've been having a hassle where even on their very first hit to lobsters they hit that rack attack throttling and. When they mentioned it in IRC, I was logged in and I could take a look at it immediately. And it seemed like Android Firefox has somehow either cached the old URLs or was trying to infer URLs that we used to use for our old logo. And so I fixed it by, let's see, where was it? just saying, look, let's add a symlink from the old name that these browsers are spamming requests for to the current file and just serve it under both names. This isn't worth trying to debug the heck out of. I didn't want to burn hours on this odd thing. And as soon as I added this and 30 seconds for the cache elapsed, the problem disappeared. dzwdz noticed that, or no, I'm sorry, viraptor noticed that they don't have caching headers. And so there is an open issue on our nginx config to add them. But again, it's not really super urgent. So that's about that. Yeah. Cool. So there is the end of the big pull request review. A blue dot. Someone has touched it since. Yeah. So Caius is dealing with a fiddly bit where some of our gems specify their Ruby versions and they may not yet know about 3.4.1.

01:47:29So that PR may just take a couple of days before the gems that we depend on are aware of it.

...41All right, so puts us at about an hour and 45 minutes into the stream. For context, I usually run about three hours. We may end up running a little bit late today because this Online Safety Act stuff is going to have a few moving parts. So good. I feel good about all of that code. As you can see from the ones that I already merged and the comments I already left on this existing stuff, coding has been quite busy the last couple of weeks. And super encouraging. I really appreciate especially Rahul making so many additions and fixes. So before I transfer into the online safety act i'm going to take a second to let's drag that over there to take a quick break i will be back in a couple of minutes and then we will do all of this online safety act stuff yeah all right see you again in a second

01:52:53Alrighty, I'm back. It occurred to me, just as a for funsies thing, because I'm streaming, I would mention that while I am not like a proper video game streamer, like most folks on Twitch, I would mention my two games of the year. One of them is UFO 50, which is a series of 50 small games for a retro console that never existed. So I grew up in the 80s and one way I spent a lot of weekend days was I would bike over to my best friend's house or he to mine and would go to the video store and would rent a Nintendo game or a Sega game And we would figure out, you know, based solely on what we had seen in Nintendo Power Magazine or which cover looked cool. And we would play these kind of inscrutable, weird games. So this came out this last year. It's from, I think the primary developer designer is the guy who made Spelunky, which was a favorite of mine. And it does a wonderful job of capturing the weird vibe of late 80s and early 90s video games. So if you are too young to have enjoyed that era, you'll get a vibe for it. And if you are old enough to have played NES and Sega games, well, like, number one, you probably get to enjoy a colonoscopy at your annual checkup. Number two, man, grab an old friend and sit on the couch and don't read any facts. Don't read anything about this game. Go in blind and you will get to enjoy some of that great, great experience of playing weird, inscrutable games. I really loved it.

01:55:25dr3ig i wonder what's more dating: i grew up in the 80s or reference to yearly colonoscopy
My other game of the year, and I can't pick between the two of them, is Bellatro. Yeah, I know there's like nine ways to pronounce it. I say Bellatro or Ballatro.

...43Yeah, yeah. I figured I could just throw that in of, yep, you know, we're all about that middle age now. So if you played NES games, Or the other one you might get is the increased breast cancer screening, if you've got those. That's not for me, but for all of my female friends who do, yep. So this game is... Yeah, I would fight for it. If you like solitaire games or you like deck builders... It is a wonderful mix of the two. You sort of, you make poker hands, you play a series of hands, of poker hands, and then you update your deck as you go, and you have special powered jokers that do complicated things, and it's super satisfying. My mom likes solitaire games, and I'm thinking of picking it up for her. We'll see. Anyways, fun little interlude there between pull requests and the Online Safety Act. And if you've played any games this last year that you especially loved, I am happy to take recommendations for anything that is not a first-person or third-person game. I mostly can't play those because of motion sickness. So I play a lot of puzzle and strategy games and platformers, and I play basically zero first-person and third-person games. The ones where they have a fixed perspective, like, I don't know, World of Warcraft 3. I could play the heck out of that, but like over-the-shoulder games where you're running around in a space, can't do it. Anyway. hmm if I were more prepared I would have a connection between that early thing I mentioned about win games first don't lose games. and game of the year and then coming back to this. don't lose game.

01:58:25so there is let's see so the thing for uk is they've created this online safety act and i am not gonna explain this whole thing again because just figuring out what the heck was going on in the large took a lot of time on my previous stream but The UK has this online safety act that basically says if you run any kind of online service where users can talk to each other and that very much includes forums. If you have users in the UK, and that is true for lobsters I am sure we have users in the UK. Just by virtue of being an English forum. English language forum to avoid ambiguity there. Well, then the UK believes that this act applies to you and that you have to register with their regulator, Ofcom, and do a staggering amount of paperwork to list off 17 to 50 kinds of harms like What if someone calls you a jerk online? Document what it means to be called a jerk online and when you will moderate, and then it... God, I'm trying not to give a definition that's gonna sprawl here, because it touches on so many moderation and political issues in a very unsophisticated way. This law was written, In response to popular political sentiments about very large websites like Facebook tick tock read it. Probably telegram although that one's not really a social network. No i'm sorry it's not really a messenger it's mostly a social network. and even aside from its political misunderstandings, it just has an enormous amount of paperwork and bureaucracy. And to the point that even trying to get a handle on how much of it they think would apply to lobsters is a daunting task, is like dozens or hundreds of hours of work.

02:01:40And even doing that work, I don't have a lot of confidence in my understanding of the law to be able to say, ah, yes, if we do X, Y, and Z, we will surely be compliant.

02:02:11And the penalties for it are enormous. Like, I think it's 18 million pounds, which What is that? Is something like 22 and a half million dollars plus criminal penalties. And so if the Ofcom regulator shows up and says, we demand that you give us this paperwork and this information And if you don't respond to them on their schedule, that's a crime. That's a like put you in prison kind of crime. That's not great. I'm running a forum where we talk about programming and like debate memory management. Criminal penalties are more than a little bit overkill here.

02:03:34So basically the plan is... I haven't done much since the last stream besides sleep on it and think about it because I have mostly been sick. So I have not yet contacted rights groups.

02:04:02And the law is, and it goes into effect March 16. I think somewhere I wrote May 16 or I wrote something like five months. No, we actually have three. And one of the things to do here is i am going to grab an ip database to geolocate users this one that i just showed here on screen is db-ip.com and weirdly enough that loads in some of my browsers and not all of them so like in this browser it just doesn't load but in the other one that i i brought on which is my personal profile which i mostly keep off stream so i don't put a bunch of personal info up on the screen, is... Yeah, so...

02:05:12It was recommended to me by a friend who's done geolocating stuff before. So off stream here. And he said it has a Ruby API because he uses Ruby, which is great. While I am curious what is wrong with their name server setup, I am not going to fight it. And I'm just going to double check that there's a gem. Yeah, I don't want an API because I don't want this thing in line. They have a download version. Is that called basic API? No, that is also an online thing. Here we go.

02:06:04So the IP to country database is rounded off to 50 euros per year. So that is still in the... lobsters runs for beer money as a hobby kind of budget and if i get this annual thing how often do i get updates it's updated daily

...47Or there's a monthly free IP database. Oh, that might be tempting.

...58All right, let's start with their free one, because it's probably going to use the same CSV and MMDB formats. Great. So to show you what I'm looking at, you can see the URL up here.

02:07:21So we got first, last. I don't care about continent. And I do care about the alpha country code. For technical details, see the following. OK. Where's my note paper?

...54Must include a link back on pages that display or use results from. OK. I mean, I can have our snippet say that. That's great. So I will agree with the licensing terms. But let me grab my scratch file and paste that over there. So on this guy, you're grabbing this.

02:08:31So the goal of this is I'm going to get a copy of this database and I'm really happy to start out with the light version. But if it comes in March to having to block the UK, I will probably buy the annual subscription to their full one for better coverage and then more frequent updates. Because I want to be clear, The goal here is I would like to add, I'm gonna write a post that says, like a meta or an announce post that says, hey, UK users, I really need you to get involved and help. Okay, so we got a date in here. All right, I can either add a time bomb test or something to remind me to come do that. And then, So this documents MMDB, do we have a specification sample data? There's gotta be a Ruby library, right? Oh, I guess we're not popular enough to get mentioned as a Ruby library. So let's go check a Ruby toolbox, right? I really don't wanna write a custom format. Oh, yay. No release for three years. Yeah, but this probably has not changed in ages. So this one, all right, let's look at the one that's at least only four years old without parsing the data stored. I don't understand what that's saying. There's also a, is that the other one? No, there's a different gem that also has not been updated for four years.

02:10:53OK, so with the caveat that I'm not sure what it's saying about we don't parse that, let's try and give this a try. so let me get the what was that file name i just downloaded db all right so we are going to add pure mmdb i'm curious actually before i go do that i should probably Oh, I asked for these to be sorted and they're not. I'll do that now. And then... So I'm tentatively going to do pure MMDB rather than this MaxMind, but I'd like to take a quick glance at them for... Are there more active forks? Are there open issues that are really concerning? So nothing's open. Nothing's been opened for years. Issues reading batches, I don't care about that. Oh, an error a little while ago. All right. And then where's your GitHub?

02:12:41No pull requests, nothing for a while. Zero issues.

...52I wonder if this has been used. This is going to be a really small gem, so I'm not super paranoid about this. Yeah, so config files map. Ages ago, I wrote A was php or it was Pearl and I don't remember. But I used one of these kinds of databases for IP geolocation stuff for a client and I wrote. The only version in that language and I honestly it's long enough I just don't remember if it was pro or php.

02:13:45This could be the same database format. I'm going back, like, more than 15 years.

02:14:09Yeah, I think this is the same. All right, yeah, so there's not a heck of a lot of code. Because I remember even as a junior dev, I figured it out in a day or two. So I feel like this is either going to run or crash immediately. And it's only going to take in this one file. The inputs to it are only going to be, they're not arbitrary user input. Yeah, risks are real low on this. Let's just go ahead and try this.

...49Let's run the Rails console and bring up its docs, because I had that readme here.

...59The one thing I wanted was pure Ruby. I don't want to take on a build step. Dang it, I chopped it off. Excuse me.

02:15:26slightly odd API where you configure it on a global object instead of you say, you know, use this directory and you get back an object that you can query. It did not get loaded. So you definitely required it.

02:16:03All right, extra require step. May have to add that to a startup initializer. Actually, yeah. Yeah, let's play with it in the console for a second first. All right, let's try 1, 2, 7, 0, 0, 1.

...29It's .query.

...36gtfrvz you think it can load .gz?
yeah this gem is not in a working state okay let's try the other one what was the other one called just mmdb oh no it's written in c so this one cited a different gem max mind Let's try that.

02:17:28Let's look at your readme. Ah, yeah. So here's the kind of interface I expected. So let's say db equals max mine. All right. So it's already in space. That's good. And then I got to grab that file name again, don't I? Oh, sorry. GTFRVZ. I reorganized some windows and I didn't realize you were chatting. You know, it probably is that GC thing. Yeah, well, it is for this one.

02:18:11Good catch. Let me get these extra windows the heck off of my screen so that I have my familiar setup. That's better. Let's just see how this goes.

...39So we get a result.

...46I need an example. What if I ask for this one? So this is Google's DNS guy, right? So let's say r equals that. If I say r.country. okay so it's giving back a lot of data and i kind of liked the minimal this also hasn't been touched for years but it showed kind of clear signs of having been used

02:19:46And then what? There's the Cloudflare alternative.

...57And what do you say? I'll see you. sure man does anybody know any sites let's try and find a site that's hosted in the uk real fast right like the offcom site offcom.org.uk so oh look it's an ip that's presumably in the uk

02:20:33Sweden it did warn that the free database was less accurate and what was that other gov.uk yeah let's try gov.uk

02:21:08And let's just go ahead and one-liner that. dpk0 gov.uk might not be in the UK any more either … they used to have an in-house hosting infrastructure but they went to the cloud
Canada. A couple of surprising answers there for two official UK sites. Oh, they went to the cloud? Yeah. So I'm not super shocked by this, but I also just wanted a couple of IP addresses to throw in this thing and see what happens. What happens if I throw in, like, a real bad IP? dpk0 try 213.138.101.13 (a shared server i’m on)
Okay. And what happens if I... Like, that shouldn't be an issue. What happens if I throw in a IPv6 IP? Ah, a shared server. Thanks, dpk. Nice to see you again, by the way. So let's see, yoink. Ah, look at you. Your shared server is in the UK, according to this database. That's promising. And then I would like to know what it's going to do if I give it an IPv6 database, because we do see those.

02:22:32dpk0 2001:41c8:51:10d:feff:ff:fe00:316b
somebody giving me a an example all right sure google gemini i will trust you i just want to see if i get like a parser from this gem or what oh okay i got a real i mean not shocking that google gemini is wrong that's its usual function but all right dpk i will try your other one Thank you. I really appreciate how often you've been useful on these. Oh, great. And we do get a real answer. Cool. So this is a great start. I'm going to just roll with this. So let's have that. And then let's put it in extras. Yeah.

02:23:38What I want to call this, I'll call it Max Mind. We will have a. Trying to think what interface I want. So what I really would like is. Like here in the footer to have something like if.

02:24:19Actually, I want to be below that footer element so I can make something that, because I think this styling forces it off to the right.

...33Let's put it in a div. And so one of the things I did a few years ago is we did a fundraiser for Unicode. And I added a progress bar on our donation And I knew from the moment I added that that people wouldn't want to see it. And so I gave it a distinct class. So let's give this one an ID so that in the announcement post, I can say, hey, if you don't want to see this, you can ad block it. So a couple of things are happening here. My to-do is get database, add footer, write post in the post, add block rule. So we got that. Great. So if I call this MaxMind, and then this shows up in the log, doesn't it? LogRage, what is it called? It's called request.IP, remote IP.

02:26:28I guess that's roughly the API I want, because I don't want to have to track an object and have a lifecycle and everything. We'll just instantiate. So we'll say module MaxMind. And then self dot. dpk0 how are you planning to test that this message actually displays? 😅
okay and we'll have a rescue and we'll just say false i'm just going to throw away the exception and how am i going to test that the message actually displays I get the impression that as soon as I put up this footer, there's going to be a lot of very grumpy people talking about it. And I think I will get lots and lots of feedback that it works and it's ugly. dpk0 heh, heh
And if I don't get people complaining, I will know it doesn't work. But more directly, I don't have... No, I don't have any personal VPN that allows me to do geospoofing. That's just not been something that's interesting or useful to me. So we'll see how that goes.

02:28:20And where was that line?

...53What do they call it? DBIP. All right, we'll just call it DBIP.

02:29:06And then let's grab that URL. Do I still have that URL somewhere? Yes.

...18And I am, yeah, I am not going to actually like write the ansible code to deploy this i'm just going to manually do this because i really like i'll update it in february when they have a new one if we don't have a solution by then and i guess in march but middle of march i'll be replacing it with the non-light one and maybe at that point if it's going to become an indefinite thing i'll add it to the database So this will be dbip.mdb. dr3ig Should probably log the errors though (before returning false)
dpk0 i’m in the UK next week, so i can test that it appears then. (or i can use an SSH tunnel to load from the IP address of that shared server, i guess)
this is going to be different in prod and dev i should log but i don't really have anywhere to log so let me actually just i'll just let it raise that'll force me to fix any bugs I don't love it, but I'm OK if it's a little bit broken. The Mastodon OAuth flow I wrote with very few rescues because I didn't know the whole API, and I didn't know the gem API, and I didn't want to hassle around with it too much. And it's a fairly low traffic thing. This has the reverse where it's fairly high traffic. So if there are any exceptions, we'll see them instantly.

02:31:14Probably can't say tilde slash, can I? It's not going to do expansion.

...32So what I'm thinking is, if I leave this in the lobsters repo, I'm inevitably going to commit it, and I have 50-50 odds that I accidentally push it, which almost certainly would violate their license, because they probably don't want me reproducing it like that. And on top of that, I just don't want to have, what is this, like a 30-meg file, 8-meg file, 7, hanging around in the repo. Well, let's just see if it blows up. And then probably that's going to get refactored. Yep. And then db. So what does it say? It calls a .bound. So we'll say. dpk0 add it to .gitignore?
result equals db.lookup ip and return false unless result is found so we're not going to be default deny and then we want to return whether result.country. Yeah, DPK, you have a good point. I'm just trying to avoid foot gunning myself. And I know if I leave the file in the repo, I'm going to foot gun myself. And we have files that are in gitignore and committed to the repo, like our about page. And it's in gitignore so that hopefully sister sites get fewer infinite conflicts. I don't know. Just trying to minimize. Actually, I say, does Ruby have a home variable? No. Come here.

02:33:49The shell is responsible. We can try env home. All right, so let's see if I get back Home Push CX from this. There we go. That's what I want.

02:34:07Great. What was the field? The ISO code is GB. Is that a known...

...36I expected UK. But I could see it being GB. dpk0 the ISO code is GB
Northern Ireland is not part of Great Britain. UK code, for historic reasons, is GB. dpk0 the TLD is UK for hysterical raisins
According to an AI hallucinated snippet. Alright, that is... United Kingdom, Great Britain, and Northern Ireland. Boy, without touching on the troubles, I believe this is what I want. Because I believe that the ISO code maps to UK, the legal entity. Okay. I'll take it. Yeah, I've seen those Venn diagrams where they explain the difference between the names that are political versus the names that are geographic.

02:35:57What did I call it, DBIP?

02:36:04dpk0 Northern Ireland is also covered by the ISO code GB, to Northern Irish unionists’ chagrin. [oops, that’s possibly the ultimate ‘political topic we shouldn’t get into’]
And so if I say this.countryCode, I need to see it work in the country code. No.

...18Come on, why are you being difficult? Country.ISO code, because I'm not reading correctly. All right. country.iso code equals equals GB.

...34Yes. Well, to take it in a lighter direction, there was that whole Star Trek Next Generation aside about the Irish unification of 2024. I saw a whole bunch of memes go by a couple of days ago that I guess were over in the Mirror Universe timeline if that didn't happen in 24. All right. That's pretty reasonable.

02:37:18dpk0 the reason the ccTLD is UK and not GB is because the UK academic network JANET had its own version of DNS before DNS existed, which used ‘UK’
You know what, this one actually is the user's home directory. So let's just get rid of that. The reason the CCTLT is UK and not GB is because Janet had its own version of DNS which used UK. Oh, interesting. I had no idea. I don't think I've ever heard of Janet. So it sounds like Janet is... contemporary with like ARPANET, so 60s, 70s. God, ARPANET is actually 60s only, right? By 70s, it was internet. I'm showing my, I'm losing my nerd trivia here. All right, so we got that. Let's stand up the Rails server.

02:38:17All right, so if I go look at localhost syntax error, what did I get wrong?

...37What's the typo?

...44dpk0 yeah i’m not entirely clear what kind of transport-level (etc.) protocols they were running at the time. the JANET organization still exists and co-ordinates the internet infrastructure for all UK universities nowadays
Because it's this, right? It's got to be the code I just added. Yes, it is definitely the code I just added.

...58So.

02:39:14Oh, it's the dang. Been writing liquid templates again. Undefined method DB, because this needs to be the instance. Great. All right. So let's try not to commit this. Yeah, let's just say or my kingdom for a result object. Hello. All right. All right, so first things first, they would like credit to their database. So let us provide that so I don't forget. So many clipboards. And then what was the wording on that? Because they had some wording, didn't they? In case of a web application, you must include a link back to dbip.com on pages that display or use results. You may do it by pasting that snippet. All right, fine. If that's all it says, that's all. We will give them their exact. I'm going to put parentheses around it though.

02:40:58No one is going to set this up, none of the sister sites are going to do this, so I can just link directly to our story. that's fine. i'll need the random ID off of it. yeah there's no need to be cutesy and like force one alright so.

02:41:26So that's the basic functionality. So I need to write a post and I need to write a footer.

02:42:22This is really nitpicky language. So there is the temptation to slip into passive voice to say like, this thing just happened. There is also the temptation to slip into active voice and have us as the actor of, I am going to block you unless. And this is maybe little pushy oh thank you for the the janet history huh interesting that it's still running but i want to be specific that it is the uk online safety act that is doing this because they kicked it off and i would not be picking a fight with the a world power

02:43:48I don't want to get into all the detail here.

...56So what am I trying to say? I'm trying to say the OSA is doing this. We need your help.

02:44:14And then I guess

02:45:43That's a reasonable first draft. Okay. And then we can style it. Oh, styling, that's basically fine. I think I would like to put like a colored box of some kind around it. I don't... I'm tempted to just use our flash markup. Is that good enough contrast? That's fine. So now it's not awful. dpk0 why at the bottom of the page and not the top?
If we get to like, I don't know, the last week of February or the March 1st and we don't have any resolution. Yeah, DPK, you're getting at exactly my sentence. dpk0 aha, okay
If we get to March 1st and we don't have a better resolution, I'll move it to the top. But I don't want to be completely obnoxious about it right out of the gate. This is... God, this whole thing sucks. I just... This is like adding one of those cookie notices. Like, I don't want to deliberately make the site suck because of weird UK or EU laws.

02:47:32All right, well, that's a reasonable first pass for a footer.

...41All right, so the hard part here. All right, so oh, man, I don't even have a title for this stream. I guess I'm not being funny. There's been a lot of like, yay, good code. Let's talk about what it means and how Rails works. But there's nothing funny in that. Usually I say silly things when we have bugs.

02:48:16All right, so, post is gonna have something like,

...40That's lousy. Needs a better CTA. That's fine. dpk0 the claim that it will require Lobsters geoblock the UK is false, though i understand the need to communicate the ugency. it should say something like ‘Lobsters will have to block the UK because of the Online Safety Act’, which doesn’t imply that the Act leaves you no other options at all (rather, it’s just that the options it gives you are all impractical, in your estimation)
So let me just not indent. I'm in my scratch file.

...59Hey, folks.

02:49:33All right, so what are our key points? Let me outline this. Our key points here are, what is the law? Why am I not complying in the practical sense? Well, there's two reasons. ideological answer which is new since the last stream is oh come on i'm not in the uk and i would really like to not you know re-litigate the american civil war of 1776 but like we did have a whole war about who regulates events of people whose butts happen to be on this continent or this third of this continent?

02:50:52We'll give the practical answer first.

02:51:25The claim that it will require lobsters to block the UK is false yeah so. That is part of what i'm going to write in the post. So what I was getting at with. Who is the actor in the sentence is. Also, this, why am I not complying it's. As a functional matter. a hobbyist site cannot comply with the Online Safety Act. Even if we had the spare thousand hours to try to invent paperwork for all of the various classifications it creates and processes it requires, which would be a significant ongoing concern,

02:52:26The Ofcom's instructions are dense legalese and I cannot trust that I, a non-lawyer, or any other non-lawyer, can create a valid summary of this law that we could comply with. And I have seen a couple of abbreviations of it. There was even one that was merged into our previous story.

02:53:00but I don't take legal advice from non-lawyers, and that includes myself. And if the, you know, if the dollar amounts here involved were slap on the wrist amounts of a couple hundred dollars, I would feel a lot more fine with, I will read this guy's summary and YOLO. But the amounts are staggering. You know, 22 million US dollars, 18 million pounds. And the inclusion of criminal penalties is a, boy, do I not want to fight extradition to the UK because I misunderstood something on page 500 of this PDF because I don't know UK law and neither did the person who summarized it. Or we added a function to the site that put us into a new category. This thing has so many categorizations of sites and functionalities and rules around them that it's hard to keep up with on an ongoing basis unless you are Facebook size. And then there is the ideological answer of This is not my government. dpk0 just to be slightly provocative: okay, why haven’t you blocked the EU because of GDPR then? the overall calculus there is very similar: very complex law with theoretically huge penalties for non-compliance, and a jurisdiction you’re not in
I am very much subject to US laws and I follow US laws to the best of my ability. But the idea of having a UK regulator step in and say, hey, we have this whole set of rules. I don't want to go down that road. GDPR does not apply to lobsters. is a complex law with theoretically huge penalties in a jurisdiction i'm not in it also has a couple of loopholes that i don't want to get into not even loopholes just exclusions that lobsters does not fall under gdpr is my best understanding of that law i have looked at it if i thought it applied

02:55:28That one is actually a lot easier to comply with on an ongoing basis. So two things, the GDPR is more mature. There's a lot more information about how to, a lot more high quality information about how to comply with it. And frankly, what it asks for to comply with I think we get entirely out of the box. Like even if GDPR applied to lobsters, I think we would be in compliance because we don't send PII anywhere. We don't use cookies in the way it doesn't like. I guess there is some right of deletion stuff I would have to review, but I dpk0 i don’t think it’s correct that Lobsters is exempt from GDPR, but i agree you’re probably nearly in compliance already
like at a ballpark, we're already really close to compliant. And then it also helps that the GDPR has been around for a couple of years and they haven't made a habit out of finding small American forums and crushing them with jackboots. dpk0 like, use of cookies is only to provide functionality explicitly requested (mainly login), no?
And I don't know what to expect out of the UK on that one. I think most likely the UK will not make a habit. Correct. We only have two cookies. There's the lobster trap one that is our session cookie, and you only get that if you fill in the login form. And then there is our tag filtering cookie that's functionality, and that's if you are logged out and you explicitly enable filters, you get a cookie. So both of those are... I've done the cookie compliance for... IndieHackers.com. And so I am actually somewhat familiar with what it takes to do GDPR compliance. dpk0 so your concerns (off the top of my head, ianal etc etc) would be data export, data deletion/right-to-be-forgotten, and then having a privacy policy explaining what you do with data
Having worked with product counsel on it, so many lawyers actually. And then also a third party service that was written to try to be, to help companies manage their compliance with GDPR. So my concerns, oh, of this, yeah, that roughly fits my understanding of GDPR of those are the big things. pushcx https://github.com/lobsters/lob…
And for what it's worth, that is a small motivator for this issue, 1299. where I would like to have user data export. I have done similar things. I have done small versions of this one-off as users have asked, especially if they are polite enough to write the query first, but it should just be site functionality. That would be nice. Data deletion, right to be forgotten. You can already do that by logging out On the settings page, one can delete their account. The logs are time limited. I don't keep logs indefinitely except in case of abuse, which the GDPR I know has an exception for. And then privacy policy, I mean, we have one. It probably does not comport to what the GDPR would like to see out of a privacy policy, but it is directionally accurate. And then... if very, very American. Writing a longer one, you know, I don't have any ideological qualms with it. So yeah, if GDPR applied to lobsters, it is a manageable amount of work, most of which is already done or is in progress to comply with it. UK Online Safety Act, and I do appreciate you asking this in a slightly pointed way.

02:59:58The UK Online Safety Act demands an enormous amount of novel work that does not benefit us in any way like click this button to get a zip file does the for a hobbyist forum every process it wants to see is just staggering overkill so And one example hmm yeah all right let's i'll talk about it it's not too spicy or anything so. The osa has a section. That is written to political concerns around moderation being used as a political tool so to be specific, it is the typically conservative complaint that. And I say conservative from an American perspective, because it's usually the conservative party in America that makes this complaint that says, oh, the moderators of such and such service like Facebook are politically biased against us and are moderating us more strictly or are claiming to be moderating neutrally, but only moderate us. And so it has some stuff around journalism and news sources. And we had an example of this, this night, last night or this morning. There's this guy named Brian Lunduk who calls himself a journalist. He is not associated with an outfit, but he calls his writing Lunduk Journal. And his domain has been banned for ages because he basically posts political rants about businesses and organizations. And they're all, it's all just fucking trolling. And we've never gotten a good discussion out of them. And so after a while, a couple of years of them, I banned the domain because it's just going to be business rants forever. And someone posted a YouTube video he made, and I deleted it because it's just, these businesses have politics that I don't like, and I'm going to baselessly claim that this has gutshot the quality of their operating systems, and then make some other political rants about what it means to be good operating system i mean you could read this title and you know it's going to be but that gets special treatment under the osa because that looks like political moderation of a news source right to use the broad terms of all of these things that guy claims to be a journalist i mean in the american sense yes he is a citizen journalist we have a very expansive version here

03:03:31and so nothing about dealing with that dumb troll is enhanced by us having to spend a dozen hours reading the osa's part about news sources and writing a policy and then rigorously reviewing it and then signing off every moderation action that might have political implications or journalistic implications which is a very broad category in the united states like It's just lighting. I didn't even write a serious mod log message. I just wrote yeesh. Like, that is the appropriate level of sophistication for a hobbyist forum. Not a flowchart. Not let's have the Facebook Supreme Court of Moderation review or whatever they decided to call it.

03:04:32yeesh and move on and get back to topic so there's a very long answer to your question about why am i phrasing this as the uk is requiring it because the uk osa is doing all of this This is not me saying I'm going to pick a fight with the UK law. This is the UK saying it applies everywhere.

03:05:35So that's this section up here.

03:06:02What else do I need to hit? These are all the major topics. What I would like to avoid, and I wrote it in my previous comment, so maybe I can pull language from there, was

...41yeah i wrote the snarky version that didn't work the the snarky version was i don't need programmer playing lawyer implementation interpretations because i can generate those myself and i think if we rabbit hole into that we lose the practicality of no let's let's seriously try and fix this like so here was a thread of relitigating it and i'm trying to keep things pointed towards let's solve it i guess i didn't end up writing a follow-up comment all right

03:08:07And you know dpk i'm a little slow here, so you sent me some info on irc about what it would take for the law to get enacted. And I read it when I was sick and so nothing stuck, so I am now looking at your message off screen here.

...38So you gave me a pointer for someone to reach out to I will do that. there's the note about the date is depending on Parliament approving the proposed rules. Everyone expects that to happen. Okay, all right, thank you so that does inform. this.

03:09:47Trying to get the big summary up front.

03:10:57I'm trying to, maybe I should write the rest of it and come back and write the intro because the intro is going to have to set the stage.

03:11:21There's that comment about donations. I should link there.

03:12:19I don't love this claims. It feels like a weird nitpicky, like, oh, well, he claims he's seven feet tall. Like, laws are self-fulfilling in that way? I don't know.

03:13:25One of my writing habits is I write a post that has all of the asides and parentheticals and footnotes. And then as my first edit pass, I just go through and delete all of those. Because there's always the side things I want to include and mention along the way. But they always undercut the points I actually need to make.

...59Thank you.

03:14:33Back check the. Okay.

03:15:29Thank you.

...59Thank you.

03:17:43All right, criminal penalties.

03:18:24I'm trying to say that there's kind of a stocks first flow thing where there's a huge amount of upfront setup. And then there's every time you do something, you have to document it, that you did it according to the thing. And then also, I think there's an update process. And I'm kind of trying to put too much in one sentence.

03:19:28I guess that's what I'm saying, as they moderate.

...53So penalties are always for noncompliance with the law.

03:20:29And of course...

03:21:17I don't know how to write that better. Come back to it.

03:22:00Keep reaching for these. I'm really frustrated, so I keep reaching for hyperbolic adjectives of, you know, enormous, ruinous, expansive, because this whole thing feels like getting a thousand pound weight dropped on the site. And, So I keep reaching for that kind of vibe as adjectives instead of building it up.

03:23:23Sorry, I would just say it makes everything suck on an ongoing basis.

03:24:51Is it too distracting if I make a Civil War joke? I feel like it's, you know, it's been like 250 years and people aren't going to have strong feelings about it, but

03:25:30dpk0 i think a War of Independence joke risks being perceived as tiresom American patriotism/exceptionalism/etc
Is it Great Chinese Firewall or Great Firewall of China?

...41Yeah, that's a good point. I don't want to be firesome. Great Firewall...

03:26:04I guess it's the kind of joker aside that I would include just so that I can get it off my chest, but it wouldn't make it into a final version.

...41Maybe that's a little flowery, that the UK can build its own great firewall to rival China, but I'm not a mason in its employ.

...58There's such a can of worms with how these things work internationally, but... I don't know. When it comes to the... Especially the politics of speech. My country is certainly capable of shitting its own bed. We don't need the UK to shit our bed as well.

03:27:35We'll think about that one.

...57So, setup is what is this? Why does it matter? What's about to happen? What can you do? Yeah. And then I'll put all of that in the summary too. So, does the UK call it the War of Independence? I don't know why I'm stuck on that.

03:28:25They can't, right? There have been a lot of wars of independence from UK colonies. It would just be non-specific. War of Colony Independence Number 12.

...47I'm risking getting very spicy about politics, excuse me. Hopefully the fact that most of this is a couple centuries old lets me get away with it.

03:29:35dr3ig the American rebellion?
The American Rebellion? That's a pretty good name. Years ago, I was touring in Canada, plain tourist, and I visited the government house of... I think it was New Brunswick. I'm pretty sure. And in any case, I was on an official tour and there was a very nice, she looked like a teenager. So she was probably a college student who was leading this group of 10 or so tourists as we wandered around this fancy mansion. And they were all of these like classic paintings that she would explain and relate to the history of the province. It was a very nice tour. And along the way, we stopped by a portrait of Queen Elizabeth, who at the time was the current Queen of the UK. And she had this whole, the whole thing was very polished. It was very nicely rehearsed. And she introduced, and she said, you know, obviously this is Queen Elizabeth, and I know we have some Americans in the group, because we'd been asking questions as we went. she said one of the questions we always get especially from american tourists is why do we have portraits of the queen and references to the queen and the queen on our money and the way we think about this is that it's like canada has is a kid that has grown up and left its parents house and the uk will always be our parent and we honor that with these references and but we are yes our own independent country now and no longer part of the uk and i i raised my hand and she said you know she kind of called on me and i said so does that analogy does that metaphor make the united states the rebellious teenage child that ran away from home at 15. she kind of paused and smiled and then she said and then this next painting over here is the river whatever and just absolutely ignored that one and wasn't going to touch international politics with a 10-foot ball but i thought it was a cute extension to her metaphor

03:33:13I don't want to get into it. There are other laws in countries that are basically too poor or politically weak to attempt to enforce. And so if some small, fairly despotic country has said, oh, you can't have anything that would defame our ruler. And I'm trying to say this in a very generic and non-joking way. as opposed to caricaturize the countries that have it. But they say, oh, if you have anything that in a very broad sense defames our ruler, which is kind of an all-purpose if you disagree with the ruler in practice, well, then that's a crime. You can't publish that, and you can't publish that anywhere in the world. And some of them occasionally have the resources to go after expats who don't live in their country. But it is almost never the case that they can go after those in rich Western countries. I am being kind of real politic here of what is the actual effect. And so they have written laws that are have a similar scope and a similar breadth to them. And I don't worry about those because as a practical matter, they don't get enforced against like American forum hobbyist owners.

03:35:04And as I commented elsewhere, the, in the, that first LFGSS thread. The UK is wealthy and has excellent diplomatic relations with the US and might even, as a political matter, because the head of Ofcom is a political appointee, want to score political points against American big tech. And the risks are just much, much higher than any of the other over-broad laws that it echoes.

03:36:11And I don't think I want to get into that whole rabbit hole of how this is like those laws that are, in a practical sense, ineffective. Yeah.

03:37:46So you really want this to immediately follow the penalty section.

03:38:26See, if I say Ofcom, I have to define who they are up top. And that is an implementation detail that this has to get into, because that's how the law gets to, yeah.

03:39:18I don't need scare quotes on that.

03:40:21I said this in the previous comment, but I keep coming back to, like, all of these plans are bad, because I just feel real shitty about this whole situation.

03:41:02What is the. yeah. I guess representation like. Some random UK Member of Parliament does not want to hear from an American citizen because i'm not a constituent and so i'm trying to turn that around and say like. You have the. authority of the constituency I guess that's representation right. You have the local knowledge.

03:42:07Thank you.

...58What do we call?

03:43:47I'm grabbing links from the LFGSS post.

...58Because I have my comment just off screen. Because I don't actually care how it's

03:45:20So is this, I think dpk, this is one of your links, verdict.co.uk. Is this the one that explains how it has to be enabled?

...50Oh, man. These quotes are real explicit.

03:46:02I would like to link these early. Yeah. Really? You called it catfish banner? Is it because it floats on the bottom like a catfish or because you're lying about who you are?

...29Oh, my God, what is with your markup Thank you.

...43require parliamentary approval for fully coming into force.

03:47:46tooxx_96 helpo are you a rails dev ?
Hi, Tukes. Welcome. Yes, I'm a Rails dev, and I am working on a Rails site called Lobsters. At the moment, we're not doing code. pushcx https://github.com/lobsters/lob…
The start of this stream was all code, reviewing pull requests. I'll drop you a link to our repo here if you're curious. tooxx_96 oh nice what the app do ?
But at the moment, we're working on a big project for dealing with a complicated law. So it is me writing up an explanation of what's going on here, and then some amount of code to beg people to pay attention and help, basically.

03:48:33If you take a look at the repo, you'll see what the app does. But basically, we're a web form. Looks quite a bit like Reddit or Hacker News.

03:49:11tooxx_96 nice
tooxx_96 what do you think of the state of rails ? especially with rails 8
And since the site is open source, you're welcome to download the code base and check it out. Heck, there are lots of bugs and features that you could add right now if you'd like practice. The state of Rails with Rails 8, so I talked about that in a previous stream. The short version is, I think it's in pretty good shape. And Rails 8 really gets back to pushcx https://push.cx/stream/2024-11-…
A lot of the benefits of the platform where it pulls in. There's the stream. It pulls in a lot of functionality that sites have had to independently reinvent, including us so rails aid is really a nice return to form.

03:50:19tooxx_96 i m learning mainly swift and ios development but in my free time start learning rails
Now, great. tooxx_96 since when have u been coding in rails
Yeah, for a long time, it was real popular to use Rails as backend APIs for mobile apps on iOS. There is a way for Rails where you say, I'm not going to generate a front end, leave all that stuff off. I will just make a JSON API, which usually is for a mobile app. So that's really well supported. I've been using rails since it first came out in what was that late 2004 early 2005. i'd have to check wikipedia. tooxx_96 wow
i'm in Chicago and so is David Heinemeyer Hansen the creator, and so we heard about it real early.

03:51:42Yeah, this code base we're working on right now is, gosh, 12 and a half years old. So we've upgraded from, I think we started in Rails 3 something. tooxx_96 and u still do rails in your 9 to 5 ?
And now we're, as of today, on Rails 1 point, or I'm sorry, 8.0.1. I do not have a nine to five. And I will thank Automod for filtering out someone who says Rails in. I did Ruby at my previous job at Stripe, although Stripe doesn't use Rails. And then I left there almost a year ago now.

03:52:35But Rails has been my 9 to 5 for, gosh, I don't know. I'd have to look at my resume, but something like 10 years professionally. I've also done Python with Django and Python with some older pre-Rails frameworks. Oh, those were so painful, like Twisted and Tornado. I'm forgetting some, but they were so hard to use. And I've also done a bunch of Node.js on the back end. And PHP. tooxx_96 tried django but in the end choosed rails like it better
All the dynamic languages, really.

03:53:29Oh, that's great. Yeah, my usual recommendation for Rails or Django is play with the getting started for both and probably one of them will click for you, assuming that you don't have some library that you really want to use in one.

03:54:58tooxx_96 any advices on how to decode all the magic happening behind as someone that want to understand all what is happening
tooxx_96 i feel that there is a lot of code happening behind the scenes
Yeah, so we've talked about a couple of Rails books. So the, where was it? I'm gonna jump over on the terminal. Yeah, Rails does a lot behind the scenes for you, which is very nice, but it can be hard to follow the execution flow of your program. Like what code runs next? Why does the controller run before this or after that? And we had a big discussion of Good Rails books on a previous stream. I'm trying to remember the name of it. What was that Manning book? Was somebody present who remembers? I guess not.

03:56:00Shoot, so I'm gripping the stream archives there.

...11pushcx https://pragprog.com/titles/rai…
Agile web development, there it is. So this is a real solid book about Rails. I've had a chance to skim it since it came up on the previous stream a couple, maybe a month ago. That's a real nice introduction. You build an app. tooxx_96 thnks a lot
It talks through things. Sam Ruby is just a really well-regarded author in the space.

...57tooxx_96 following gorails tutorials
dr3ig nominative determinism at work there
Yeah, very true, Drake. I'm not familiar with the Go Rails tutorials. I mean, it faintly rings a bell.

03:57:11tooxx_96 with hotwire and kamal i feel it a complete framework from 0 to production
Oh, I've seen this blog. Yes. So I don't have any opinion on their guides and path. tooxx_96 hotwire spark love it
I haven't looked at this stuff. but I have enjoyed their blog. They generally have really clear, correct writing. So very promising. Yeah, Hotwire and Spark are neat. I'm a little tempted to add them to lobsters, but honestly, we keep our pages so small and we generally render fast enough that I don't know that we would get a huge benefit out of that. dr3ig the new and improved rails guide "getting started" is written by the gorails creator
We don't even serve JavaScript to people who aren't logged in.

03:58:05dr3ig chris oliver
Oh, is it? Well, that's real promising. Yeah, where's that?

...19pushcx https://guides.rubyonrails.org/…
tooxx_96 i think hotwire spark will be by default in next release
Yeah, we've talked about this getting started guide on stream and I read it maybe two or three weeks ago while I was sick, but it's a nice introduction to just the framework bottom to top. I think it's a great way of giving non-users an overview. Ah, neat. Yeah, there's always a lot of change in the front end. Lobster, as a Rails app, has an unusually simple front end by philosophical design. But I keep half an eye on that. And I have a test app or two that I play with for these things.

03:59:14tooxx_96 in terms of performance any feedback ? you ve been working in many rails apps how does it performs is it expensive to host ...
Let's find that link.

...30dr3ig https://rubyonrails.org/2024/12…
Where is it? There it is. So jump through that pretty fast, but I want to link an old comment I made about five years ago about our costs are low and we deliberately try and avoid I deliberately try and avoid donations. Because it has a whole bunch of social effects that automatically ship with. I think Rails is great for performance. A lot of performance for these kinds of crud apps that Rails excels at comes at, do you write reasonable queries of your database? An out-of-the-box active record has some really good stuff. And they make it easy to do the right thing. The one big performance thing I would include pushcx https://github.com/charkost/pro…
is a gem called prosopipe i would put this in any new rails app out of the box for performance because the biggest problem i see for performance in rails apps is that they slip into having these one plus n queries where you like select where user id equals one two three and then i want all their comments and if you do that the wrong way in your view it's very easy to end up with selecting comment where id equals one equals two equals three equals four and instead of having one query where you find all the comments for that user you end up with 100 queries if they have 100 comments that's the biggest performance gotcha in rails and that gem prosopite prevents you from making that error And then otherwise, Rails performance is solid. We have a host setup that's ridiculously over-provisioned just because it was cheaper than my time tuning the site or worrying about running out of RAM. tooxx_96 did you gave kamal 2 a trt
tooxx_96 try
And we run on two VPSs that I want to say each cost $20 a month. We could probably run on one VPS that cost $5 a month. It was just easier to not tune some of our more complicated queries. I have not given Kamal 2 a try, but if you look at our pull requests, right now someone is adding Kamal 2 integration. Yeah, they just opened it 12 hours ago, Rahul. So I'm gonna play with that. tooxx_96 nice
Hopefully it'll help. If you go to if you look under the twitch box there's a link to the stream archive and you can see where I talked about come all earlier in this stream. That archive will be up. Probably two or three hours after I finish streaming. tooxx_96 i m not a big js loved is hotwire will help me to avoid writing it ?
Which oh wow i'm already at four hours getting towards the end here. See reasonable draft.

04:02:54So Daphne, if you're still watching and you have an opinion, I've got like a rough first draft here. You've given some really good criticism of my outline, and I would appreciate your thoughts on this post.

04:03:14And I will work on the summary. I don't know if she's still watching, so let's see.

...55And obviously criticism of this draft is not limited to Daphne if anybody else has thoughts i'm very welcome to have them just she's been especially insightful and informative on this event.

04:05:15Yeah, and here's the part where I delete those asides, that parenthetical. I don't know Hotwire to answer your question, Tooks, Talks.

...33I have played with it only a very little bit, and I don't have an opinion, and I don't want to make up an opinion.

04:07:39This squarely targets phrase is kind of, I think of it as a UK-ism, and I'm trying to use a few of those to make it, this post a little more welcoming and friendly to UK users rather than like, let me pull on my flag hat and wave my dick around. It's that belligerence that Daphne was warning against that I don't want to get into. and trying to use familiar terms of phrase.

04:08:40I want to get that link to this verdict site in.

04:09:03Get this URL thing off.

...48I'll link back to my comment here, estimating how much the legal advice would cost, because it is big.

04:10:17I worry sometimes. This is a very modern writing thing, that every hypertext is a distraction from the flow of my rhetoric, where I'm providing a place that's even worse than a parenthetical. You know, let's link off to another page, another document that someone might click on and never come back from. And balancing that against the desire to be comprehensive and even just introduce this thing to people who may not have heard of it is pretty frustrating.

04:14:18is this thing.

...53There's my spicy take, that this law resembles those of tin pot despots.

04:17:15Thank you.

04:18:03Thank you.

04:19:38to say you know one other option here would be if american there's there's such a thick of political process especially with the a new the recent american elections and then the new administration and Congress starting I am trying to I don't know who in America could actually say and this is who both in a legalistic would have the authority to commit and in a practical could plausibly commit to defend American forums against this law

04:20:32I guess it would be the State Department.

...39Because, you know, individual Congress critters could say blah, blah. But they actually wouldn't get involved if there was a court case.

04:22:23Thank you.

04:23:03linked to the wrong thing. Need this anchor.

04:24:20This great firewall. I don't know. It's a cute turn of phrase, the not a Mason in its employ. But I wonder if it's a whole distraction of what blocking the UK amounts to.

04:25:11Thank you.

04:26:32I guess the relevant part is... Yeah, that's better. I don't want to try and recapitulate its complicated description of where it applies. Because it is very much a... If you have the political clout or the money to fight back, it doesn't apply to you.

04:27:13All right. So I've been going about four and a half hours. I have a draft. I have this post.

...26Oh, this whole situation sucks so much.

...59fiestylobster don't stress yourself!
Hello, feisty lobster. Welcome. It is not me stressing myself. It is the UK stressing me.

04:29:14So there's that.

...26I can't even keep track of the Ofcom summary pages. I'm getting to the tail end of the stream here of trying to understand. And they had... So this had some page that linked their PDFs. Let's double check that date, because Daphne pointed out that it was not super clear. Yeah, here we go. March, it starts coming into practice. OK. And then milestones, categorizations.

04:30:41All right, so here's. All right, so here's one of the PDFs, and this one's only 84 pages.

04:31:06This one I already have open.

...19Here we go. Next one, next one, guidance. The quick guide is the one I thought that had the links to all the PDFs. All right, so. That's the page I was already on. This is not the one. had another page that had like a couple of dozen PDFs. Is it?

04:32:26Do you have a table of contents somewhere?

...40Yeah, a lot of it was categorization. That's the same one twice.

04:33:00This is the one I'm thinking of. Yes. No, it had this styling with these pills.

...16Go for evidence.

...25Aha. No, no, this is still not it, dammit. This is people responding to it. There was another one that had this visual style of lots of documents in pills, and it went on and on.

04:34:16This Firefox thing where it loads the tab next and then it jumps it all the way to the end is not actually helpful.

...41That's just the kids section.

04:35:14Codes of practice. And back around to this same page. I don't know if they've reorganized since I looked a couple weeks ago or what. But there was a page that kept linking out to PDFs. And there were like 20 of them that categorized things in different ways. Did we link it out of the lobsters discussion? Did somebody down here link it? Or maybe it showed up on HN.

04:36:31Of course, they have these codes, but they don't link things.

...55Let's talk to tables. I'm kind of skimming since I'm not seeing the visual style I remember. I'm trying to find at least the strap to the end. Do they have like a links? Nope.

04:37:41Where was the...

...49I can't find it out of here. twitchtd hi pushcx
I'm just going to link to one of those top-level pages and hope somebody can find the damn thing. Hi, TwitchTD. Welcome. twitchtd just tuned in, what are you working on
we are dealing with a less exciting part of running an online site. So I'm working on lobsters. There's a link to the GitHub repo and a big hassle is the UK has created this, they call it an online safety act that has a, staggering amount of requirements for sites to comply with and since it's not possible in a practical sense for a hobbyist forum like lobsters to comply and it is not ideologically possible i am trying to explain this law

04:39:11i can't even find the damn guidance about it i guess i'll just link to this yeah all right so i've got this oh i don't have it over in the other browser do i

...54twitchtd why not add a "you must be 18 years or older button if uk ip"?
Double checking my personal browser off screen there. Because it doesn't care about age, actually. Even if people are 18 and up, it applies. This is not like the American law for minors. It is more like a... I don't know, sort of saying... that every site where users can talk to each other is assumed harmful and needs to come up with mitigation practices as if they were a drilling for oil in a children's playground. So let's grab this guy.

04:41:09Where's that top level page?

...30This one.

...41So the regulators...

...55There we go. Never ends with my clipboards.

04:42:20twitchtd this is crazy that US hosted services need to comply with other jurisdictions
already say long in the next sentence so grab this guy all right i really wish there was like a one weird trick to complying but there very definitely is not

...57This fucking cough.

04:43:32twitchtd especially small services run by a small team with no revenue
yeah it's it's very frustrating that they wrote the law in this way that basically we get to regulate the entire internet and i say this is you know i am an american i live in america and just kind of as a accident of history. The majority of these companies and entities are American. And so it feels very familiar that, you know, oh, your country regulates your entities. I mean, that's sort of convenient if you live in the country where most of them are. It's comfortable in a way it's not for other countries. But at the same time, this resulting law is a lot more like the tin pot dictatorships.

04:44:48Is this the one I already went to? I can't even keep track of all these PDFs.

04:45:04doesn't help that these these directories are virtual so there's like this darn categorization thing i can't go up and be like all right give me all the pdfs oh there isn't all the pdfs

04:46:37So even with that, I want to double check one or two more things because I swear I saw

04:47:07Something that just listed. It's just leading me around in circles.

04:48:14twitchtd I just asked google gemini if lobste.rs has to comply: tldr, yes
I could have told you that i've actually looked at the. Online safety act. Because the law itself is online, but then an enormous amount of it is well the regulator will determine it and so then lots of this stuff is off in. Their documents.

...56twitchtd I wonder if the free software foundation has any special fund for this for small opensource platforms.
And in any case, we've already, I guess it's been a couple hours, but on this stream, I've already gotten some nonsense out of Google Gemini just by default because it is placed atop things. FSF. I don't know. They are certainly affected. So, for example, the Free Software Foundation runs bug trackers for their projects. And every bug tracker is a place that two users could talk to each other. So the OSA will apply to it. So I guess I will have to put them on my to do list of places to contact. twitchtd This is crazy that even bug trackers are affected
Lengthy helps if I spell things right. So this is my my first draft here. All right. So I've cleaned up that notice. Yeah, it's well, the law is written as any place that users can talk to each other. twitchtd "the internet"
And then there are some carve outs for e-commerce sites and news sites and a couple of other things but it's very broadly well so it wouldn't apply to my blog because my blog doesn't have comments on it and it wouldn't apply to say even if my blog had comments if people couldn't reply to each other they could only do top-level replies to my blog post that might be enough for it not to apply, but it is very, very broad. And it's basically anywhere that people write. It is a regulation of online speech in the large.

04:51:27twitchtd absolutely insane scope
You know, I feel like there are, you keep saying crazy and insane. I don't think those are especially effective adjectives to use because this is the output of a deliberative political process and a deliberative regulator. And for all of my criticisms of the law, they're not, I think it is ridiculously over broad and I disagree with that decision, but I can't say that it wasn't a deliberate decision on their part, if you see the distinction. twitchtd got it
So I would say it's a an absolutely inappropriate scope or an over broad scope, maybe even an illegal scope. But it doesn't help to try and dismiss it as. product of a defective mental process, right? twitchtd lol
And even if it was correct, it wouldn't help me handle the fact that a bunch of people with power and money are going to try and enforce it. And a lot of this comes down to the practicalities.

04:53:10twitchtd who knows what will happen with it with trump coming into office soon as well
Yeah, I mentioned that just shortly before you came in of thinking about options to avoid geoblocking the UK. And one of the late additions was me thinking through who in the American government could plausibly claim that they would defend US entities against this. And I think it would have to be the State Department. Although my knowledge of American, or I'm sorry, of international relations is limited here. But I specifically mentioned the State Department because, you know, especially with the changing administration and changing Congress, an individual legislator would be kind of talking out their ass. You know, the junior representative from, well, Illinois, just to pick where I am, if they were to say, Ah, we would never let this happen to Peter. Well, like, that guy is not in the loop. Should the UK submit a... God, I don't even know the name of the legal paperwork. Should they try and start extradition proceedings? Because I did not register with the UK regulator that I learned about from Wikipedia last month.

04:55:07What am I trying to say? What are these things? They are kind of success conditions, they are wins, they are outcomes, forces of action. They're all other people doing shit. That's one of the frustrating things is we're very powerless here, especially as an American, like I am not part of a UK constituency.

04:56:13twitchtd could you just block UK user's from commenting or is that not enough to make the OSA happy?
That's a pretty good question. Actually, that's a really good question. Could we just block them from interacting? So the code I've written now, let me bring it up. The code I wrote earlier on stream adds this warning that says, hey, please come participate in the comments on this draft post before March 16. and where is the text of the law so that was on gov.uk do we have a all right so the online safety act actually yoink

04:57:21Too many clipboards.

...29So it was here in, I want to say the definition of a user to users. Oh no. So user to user service was the really general part that said basically anywhere users can talk to other users, but then it was.

...56There's a part in here where they say if the users are in the UK.

04:58:09Yes, so if it has links within the UK see subsections five and six. It has links with the UK if the service has a significant number of United Kingdom users or UK users form one of the target markets for the service. if yeah so this is very general if the service is capable of being used in the united kingdom by individuals does being used mean read or read and write and that's where this kind of thing just immediately drives into the ditch because there isn't specific guidance from the regulator that I have yet seen that defines this, trying to define used in a legal context in a country I don't live in, I mean, I would be making things up if I tried to define it. So I can't answer your question if blocking them from commenting, and presumably also submitting stories and such, would do it.

04:59:33And the definitions of see they don't even define user so that I could know if I want to say there was you know I'm saying they don't define it but as fast as I say that I think somewhere they defined user to mean even visitors.

05:00:00But if I could find that again. Yeah, and these are the various categories.

...30Enforcement powers committees.

...38Communication offenses. Oh yeah.

...46Oh, here we go. Interpretation of final provision. This is the section I was thinking of. A user is a UK user of a service if they are physically in the UK. Ah, yes, here it is there's the specific section, I was thinking of for the purposes of references in this act to a user of a service, it does not matter whether a person is registered to use a service. So my understanding of that which again i'm not a lawyer i'm not a UK lawyer. Is that it applies to visitors. Not just.

05:01:30twitchtd sounds to me like blocking commenting doesn't work around this D:
people who are registered because i would like to do yeah i think that's a really solid idea and i'm glad you came up with it because i am trying to have the absolute minimum effect or minimum negative effect by having to warn and geo-block the uk

05:02:00twitchtd what about just hiding comments then on lobste.rs
I don't even know what percentage of our traffic is from the UK I just assume there is some percentage and if I had to pick a number I would ballpark. Five to 10. The stories are also user to user content and it also regulates the search engine and if we turned off the search engine the stories in the comments what's left like the about page.

...34So let's cite this.

05:03:09twitchtd do you track ips?
twitchtd what about last login ip in the mysql db?
so when you ask track ips i have nginx's server logs by default so those include ip addresses and we have application logs and i've heavily i've mostly replaced the rails logs with this json logging from the log rage gem So each hit generates one line of JavaScript that is timestamp, some info about the URL, it does include IP, and then it includes some performance metrics. What about the last login? I think we have... No, it doesn't look like we have it. yeah so the one place we log an ip address and this is because of issues with sock puppeting is this feature actually isn't even on on production for lobsters when users request invitations their ip address was logged but otherwise we don't log it and those records are transitory they get deleted when people use them either reject or confirm the thing and then yeah the users table doesn't have any kind of like last ip address the the site is pretty privacy oriented like i don't actually want to know more information about visitors than are needed to mostly avoid abuse so like a lot of the stuff that we could do to more proactively prevent things like sock puppeting and some trolls we don't do because i don't want that level of private info on people and some of the provisions of the online safety act this one and then the australian online safety act that's also threatening but is much more vague for the next six months till that regulator writes its rules twitchtd lol
they would require that we like ID check users and they would have to upload their ID to us or some third party service. And I don't, I'm not a nightclub bouncer. I don't want to be checking IDs. Right.

05:06:04The great firewall thing is a good line, but a distraction.

05:08:32I'm trying to avoid litigating all of the concept of free speech, especially in an international context, because the laws are so different and use many of the same terms that this is one of those places where the US and the UK are two countries divided by a common language, as the classic saying goes. And it just quickly descends into madness, even before the fact that almost no one, I mean, at a first guess, no one on lobsters is a practicing UK lawyer. And in a practical sense, like none of them are going to show up in the comments here and start talking. So it's just the blind leading the blind.

05:09:57A little trickish to name check the Treaty of Westphalia. twitchtd btw, I wonder if ycombinator moderated by dang@ would have any insights into how hacker news is going about
right like if i'm not going to get into the civil war i plan to reach out to him I've talked to him previously about stuff, like updating my username on the site, because I used to use my maiden name, and then I just moved over to pushcx. There's no interactive form for that. You just have to email people there. So I've talked to Deng about that and other stuff. I would like to ask about how they're handling this. But Hacker News is owned by some of the richest people in the country, a VC firm that has extensive resources. They measure their dollars with a B. They also have, I presume, lawyers on retainer and lawyers in-house. twitchtd true
And so they could decide that it's reasonable to do things like, well, we're just going to ignore the law until they actually show up because we have someone on retainer to deal with that. Whereas the disaster for lobsters is if someone shows up. twitchtd much different situations
So to that effect, chamlis_ evening. apologies on behalf of the UK I suppose
Let's write some really bad code. What is it? Is it date.current? Time.current. What's the right way to do this? I just looked back at that code that did it. All right, so time.zone.today. So if Time zone today. Oh, I don't want I want the time in the UK.

05:12:39twitchtd isn't uk just UTC?
Time zone math of all the things. All right.

05:13:07Let's ask Rails how to get the time in UTC. Yeah, I don't want to set the time zone.

...32dr3ig doesn't UK still have colonies all around the world?
See, this is all written for if. I'm writing general code, and I want to actually ask the specific time zone. Can I say convert it?

...55Yeah, maybe I'm getting too clever here.

05:14:08I don't even know the time zone that UK laws run on, I guess.

...20Or data now.

...36So that's. dr3ig just use 2024
fine and where my butt is right now it's the sixth that's also fine because this one probably happened in my local time zone i don't know yeah can't do that on a date even though it is a part of it

05:15:07I'm going to write the easy code and come back to it. Just use 2024. I have a self-referenced issue here where These links these texts want to link to the story and the story wants to link to the text.

...53These are what 123 yeah there's six digit alphanumeric. So I could just make up one. UK osa one.

05:16:12That's about the best I got.

05:17:05How do I customize this error message? This one's just the throttled responder. Isn't there a general one?

...35I guess it's not really rack attack. Let me just do it up in the application controller.

05:18:12dr3ig there is a blocklist method
dr3ig is that what you were looking for ?
i'd rather make it a guard clause right let's drop down here where are we i guess i'll alphabetize gotta keep your self-destructive how would you hate writing well organized right there's a block list method i'm not sure what you're thinking of

...54dr3ig https://github.com/rack/rack-at… Rack::Attack.blocklist instead of throttle
Where's the...

05:19:23dr3ig would that be useful
dr3ig yes
you thinking of rack attack api blocklist instead of throttle i think i would rather not tie to the rack attack api like it's nice and it's almost the right thing but it seems weird to have something that's not rate limiting like all the rest of this and i can do it with two lines here in the application controller. So I think I'm going to just do it there. What's that? So render. twitchtd I see you turned on the reverb :)
So I'm going to test this locally. I have Reaver. I hope not. I'm sorry if the audio is getting odd. This is probably the longest stream I've done.

05:20:33All right, let's grab that text.

...51twitchtd i still understand, though it sounds like you're about to sing into a mic :)
I'm sorry it's weird. I'm in the home stretch of the stream here, though, so I'm not going to sweat it too much. Just hope it goes away.

05:21:25Then what? How do I explain what happened in a single string? well at that point i'll have updated to the paid ip can i search for so what i want to do is get yeah wait you had it there i saw it flick by so it looked like The URL was this for a second. All right.

05:23:01And we need some backslashes.

...15dr3ig bye! good luck and get healthy
Thanks, Drake. I've appreciated your contributions, both in the PR and in this discussion here in the stream.

05:24:05So this is to Daphne's point earlier, like two hours ago, that it was a little bit incorrect to phrase it that way as the act requires that we block. I will say it as the risks the act require that we block.

...38UK, UK, UK.

...59chamlis_ is it even possible to block UK SMTP traffic like this?
It's not SMTP, it's HTTP, and oh yes, it is mostly possible. And I say mostly because the caveat is Number one, IP databases aren't perfectly accurate. They're good, but you know, I don't know, call it like, especially for the West, call it like 98, 99% is my rough guess. But then the second thing is there are VPNs and people already do use VPNs to get around these kinds of geo blocks. So Shamless, you're joining Kind of late. Let me show you the draft post I've written. chamlis_ right, I'm wondering if UK folks being able to use the SMTP interface to Lobsters is an issue
All right, so here's... Actually, hold on. Let me back up. Here's the footer that's going to appear when I deploy this tomorrow morning. Because I would like to sleep on this. Oh. Oh. Fuck. You're right. That's a really good question. It hadn't occurred to me. I even mentioned mailing list mode on stream when we were reviewing pull requests, because one of them touched it. chamlis_ this whole thing sucks I hated that thought as I soon as I had it
twitchtd wait, doesn't that mean all email services are affected by OSA?
Yeah, so it says, well, actually, I think this is nitpicky, but I think service blocks email, or it explicitly excludes email.

05:26:47Yeah, see, like, again, we're getting into like blind leading the blind, because we're trying to read this, but there was something about email, wasn't there? No, so that's search. That's also search. That's also search. I don't know if I'm two out of two.

05:27:19See, they had this one section. There are a couple of things that say of schedule one. Can I just?

...35A user to user service is exempt if emails are the only user generated content enabled by the service.

...57I think it has a similar for like texting. Yeah, so this is the part I'm thinking of these three paragraphs. Is there a way to get? I know there's a way to get up to the section here it is. So we can see it in a little more context.

05:28:25Services only offering. So my read on this bit about live oral one-to-one communication is them saying they're not affecting telephones. And then don't get your hopes up about this provider content thing. It's only e-commerce and journalism.

05:29:26Trying to mentally build up the cross-references.

...47twitchtd sell lobste.rs swag on site, get revenue + recategorize as ecommerce site with news page (jkjkjk)
So it's not that.

...58You know, for a while there were print-on-demand stickers available. And then that provider stopped doing print-on-demand. And we just made them available at cost. If you can find another sticker, folks, that'll do at cost print-on-demand, I'd love to turn that back on. But otherwise, I just give people away stickers in person when I meet them. Yeah, see search. Ah, yes. Our own government is exempt.

05:30:47twitchtd rules for thee, but not for me
And other governments are exempt. Unless they're education? I don't know. chamlis_ declare independence?
yeah i'm trying to avoid political snark but there's lots of that in american laws especially regarding email declare independence oh if lobsters was a micronation yeah i'll add that as one of my bullet points for getting out of this is if we can get un recognition as an independent nation think my landlord would be annoyed if my office was declared a sovereign nation so here shameless just to show you here's the draft post that I've written to put up along with that footer

05:32:01And I'll just let you read for a minute while I think about this. Let me know when to scroll down. So I've got the controller.

...37chamlis_ I've read that screen, thanks
chamlis_ maybe I should do the research on this and call my MP
twitchtd chamlis_ yes please
ah thanks and then here's the tail of it well that is exactly what i'm asking you to do yes please oh look i even have the cursor on the line please come us with this better plan because you have the local knowledge and the political representation it's Probably not effective if I call some random member of parliament and say, hello, I am your constituent from Chicago. What do I want to say? Not eliminate the risk, but

05:33:43chamlis_ I'll look into that for sure
that would sufficiently mitigate the risk. I would really appreciate the help. That's why I'm doing all of this for the last several hours of getting an IP database and adding it to the site, which This is, I will make a small American political statement, but it feels real shitty to say people in this constituency don't get to be here. This is not the kind of thing I want to write code to enforce. In the same way that I sure never wanted to block a browser like I had to block Brave. How do we halt the chain?

05:34:49chamlis_ could always link to some VPNs+Tor on that page if you wanna be cheeky
Why can I not remember this? We have the moderator check somewhere, right? I can steal code from that. Require logged in moderator. chamlis_ though the lobsters audience probably don't need to be told
That returns true. Otherwise, redirect slash. Yeah, they don't halt the render chain. Why doesn't this? Oh, this is status 451.

05:35:34Isn't it halting? I don't want to write this code, but if I have to write it, I want it to actually work. Not throw 500s.

...52twitchtd I wonder if this is like gdpr where it added cookie bars to all sites but the smaller forums didn't bother and no one got affected afaik
so if i can find if i can figure out this i'm gonna wind down the stream you know shamless i considered it but i don't actually want to be cheeky because even though i know and all readers of the site know that that's an option you know i say all but like damn near all know that chamlis_ "your honour, I was just being cheeky"
twitchtd honooor
vpns exist hell we have people who have contributed to wire guard who comment on the site in the very unfortunate event that yeah i don't even know how to pronounce honor with a unit as an american but in the very unfortunate event that Ofcom targeted lobsters, I would like to be able to say with a straight face, I did the best I could to make sure that your law didn't apply. And I see that as one part of a multi-layered defense where I don't think the law, under my very, very limited understanding of international law, I don't believe it can apply. But also, I'm doing what I can and not being cute about it to say, no, we don't have UK users.

05:37:30Yeah, I don't think you're hearing reverb. twitchtd reverb is gone btw
I think it's just my voice going out because I've been talking for hours since this flew. Why isn't this halting? What if I stick a raise in here?

...49chamlis_ has any central collaborative effort on this formed? I remember you talking about organising with other sites before
chamlis_ ahh, sorry to hear that
okay so this isn't even what else did i break i reorganized those i added the gem there's a before action wait did i so i talked about it and then i came down with the flu And so I have talked to one person who runs forums in the UK and they were, it was totally off their radar and they don't have an opinion on it, but are looking into it. God, my voice is going out here. And so I haven't been able to follow up with other rights organizations like the EFF and the ACLU. All right, so it is this.

05:38:59I hate that I had to leave this a couple of weeks due to being down with the flu. We have such a short timeline. What if I just say return true? Then you're fine. What if I say that? No method. So this is haltering the render chain, but it's not... Then it's going on to the. Oh, it's because I said render text, it's trying to use the. I said. There we go. All right, and then let's set the content type. How do I do So anyways, long story short there, Shamlus, if you want to find an organization, the best guess that Daphne found, DBK, she found something called the ORG in the UK. And I think that stands for Online Resource Group or Online Rights Group.

05:40:37Specify.

...45chamlis_ s/risks of/risks of the/ ?
Aha. Render body. chamlis_ found the ORG, will have a look in the morning
I just want the link to work. Almost certainly that's a typo. Syntax error. What did I fuck up? Oh, I added a comma. Now it's not. Thanks. If all will be text plain.

05:41:34Just tell me how to set the content type.

...43It's just going around in circles.

...56I don't want to do their whole format block. Content underscore type. Let's try that. I should have just tried that.

05:42:15And then the browser should be forgiving enough that even though I don't have the. Head text, there we go. OK, that's about as good as that's going to get. I can at least check this dumb. Good.

...55all right so what was that about risks of the thank you good catch risks oh and it's down here too because i was copying that all right i think that's it

05:43:36Shameless. I've tried to write this with a little bit of UK turns of phrase. When you read this footer warning, or when you read that post, and I can put it back up, does it seem like familiar language? Basically, is there anything in here that reads as so American it's weird and clunky to your ear?

05:44:20twitchtd btw, wouldn't that lobste.rs link in the warning not work
chamlis_ not that I saw, but I've been reading a majority-american internet for many years
yeah so twitch the funny to call you twitch good well you know as long as nothing leapt out at you the the link that's in the final block message i made it a link to archive.org and i am just assuming that at some point That page will get archived, because all of our pages do. And then that will work, so people at least can read that as a tombstone. The one that's on the bottom here in the footer, this one will go live when I deploy tomorrow, and I will deploy the code and post the story at the same time, so there isn't a dead link. All right. I think that's all I got. chamlis_ did dpk find the ORG were specifically doing something for this?
chamlis_ otherwise I'll email them and ask
wrong tab sorry to blank the stream for a second there so that has been a very long lobsters office hours as we have worked through a whole bunch of wonderful pull requests and then a very unfortunate state of world affairs yeah dpk she found a link it's probably here in my browser

05:45:56Is it you?

05:46:12chamlis_ they're openrightsgroup I think
I swear they 1213.

...21pushcx https://www.openrightsgroup.org…
Here it goes. Oh, it's the open rights group. I totally got that name wrong. So they had this page. Yeah, thank you. This page is the one that. Starts talking about it. And it's a little out of date. It's about. It refers to Ofcom being in the process of writing this regulatory rules. Ugh, wrong link.

05:47:34chamlis_ if I get in touch do you mind me using Lobsters as an example?
One of the things that is driven home to me is how I need to unify my Linux clipboards. Driven home to me by the process of making all of these typos. When it's just me, I stop seeing them. Yeah. But the fact that I constantly get the wrong one on stream because of that little extra bit of... Ah, there we go. Fifth try is the charm. Shamless, yes. You can certainly use lobsters as an example. And you can link to... pushcx https://lobste.rs/s/ffd4xt/lfgs…
I mean, any of this stuff, right? In the... lfgss thread i left a couple of big comments lfgss actually might be an even better example for you to use because they're a forum that's in the uk but if you want to emphasize the fact that it's reaching over to the us then yeah you're happy to use us and you can link to even these stream archives i'll have this one up in a couple of hours this has been such a long stream it's going to take a while to post but before your tomorrow morning it'll have posted.

05:49:05Let's see if breaking the site broke the build. Yep. Oh, this is this is my database stuff. That's actually probably fine.

...25Let me make sure off stream that I didn't

...39All right, I goofed my database data. chamlis_ thanks
Yeah, I'm done. My voice is shot. chamlis_ hope you get well soon!
I'll fix this off stream before I push the code. twitchtd ok thanks for your time and work on lobste.rs
Thanks for hanging out, everybody. Really appreciated the feedback on the draft. Thank you very much for your help on the site. twitchtd bye
That's about all I got. See you all in the morning. Take care.